diff options
author | Damien Miller <djm@mindrot.org> | 2012-07-06 13:44:19 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2012-07-06 13:44:19 +1000 |
commit | dfceafe8b11a4a1f9890a37e0cd88b01eb9cc30c (patch) | |
tree | a017648b59e06bd4405c04b143780b5b10bbc6af | |
parent | 77eab7b0240683eea307332e1df3ff8920baf012 (diff) |
- dtucker@cvs.openbsd.org 2012/07/06 00:41:59
[moduli.c ssh-keygen.1 ssh-keygen.c]
Add options to specify starting line number and number of lines to process
when screening moduli candidates. This allows processing of different
parts of a candidate moduli file in parallel. man page help jmc@, ok djm@
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | moduli.c | 18 | ||||
-rw-r--r-- | ssh-keygen.1 | 18 | ||||
-rw-r--r-- | ssh-keygen.c | 22 |
4 files changed, 50 insertions, 14 deletions
@@ -5,6 +5,12 @@ | |||
5 | - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no | 5 | - (djm) [configure.ac] Recursively expand $(bindir) to ensure it has no |
6 | unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT | 6 | unexpanded $(prefix) embedded. bz#2007 patch from nix-corp AT |
7 | esperi.org.uk; ok dtucker@ | 7 | esperi.org.uk; ok dtucker@ |
8 | - (djm) OpenBSD CVS Sync | ||
9 | - dtucker@cvs.openbsd.org 2012/07/06 00:41:59 | ||
10 | [moduli.c ssh-keygen.1 ssh-keygen.c] | ||
11 | Add options to specify starting line number and number of lines to process | ||
12 | when screening moduli candidates. This allows processing of different | ||
13 | parts of a candidate moduli file in parallel. man page help jmc@, ok djm@ | ||
8 | 14 | ||
9 | 20120704 | 15 | 20120704 |
10 | - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for | 16 | - (dtucker) [configure.ac openbsd-compat/bsd-misc.h] Add setlinebuf for |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: moduli.c,v 1.25 2011/10/19 00:06:10 djm Exp $ */ | 1 | /* $OpenBSD: moduli.c,v 1.26 2012/07/06 00:41:59 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> | 3 | * Copyright 1994 Phil Karn <karn@qualcomm.com> |
4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> | 4 | * Copyright 1996-1998, 2003 William Allen Simpson <wsimpson@greendragon.com> |
@@ -140,7 +140,8 @@ static u_int32_t largebits, largememory; /* megabytes */ | |||
140 | static BIGNUM *largebase; | 140 | static BIGNUM *largebase; |
141 | 141 | ||
142 | int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *); | 142 | int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *); |
143 | int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *); | 143 | int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *, unsigned long, |
144 | unsigned long); | ||
144 | 145 | ||
145 | /* | 146 | /* |
146 | * print moduli out in consistent form, | 147 | * print moduli out in consistent form, |
@@ -495,14 +496,14 @@ read_checkpoint(char *cpfile) | |||
495 | */ | 496 | */ |
496 | int | 497 | int |
497 | prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | 498 | prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, |
498 | char *checkpoint_file) | 499 | char *checkpoint_file, unsigned long start_lineno, unsigned long num_lines) |
499 | { | 500 | { |
500 | BIGNUM *q, *p, *a; | 501 | BIGNUM *q, *p, *a; |
501 | BN_CTX *ctx; | 502 | BN_CTX *ctx; |
502 | char *cp, *lp; | 503 | char *cp, *lp; |
503 | u_int32_t count_in = 0, count_out = 0, count_possible = 0; | 504 | u_int32_t count_in = 0, count_out = 0, count_possible = 0; |
504 | u_int32_t generator_known, in_tests, in_tries, in_type, in_size; | 505 | u_int32_t generator_known, in_tests, in_tries, in_type, in_size; |
505 | unsigned long last_processed = 0; | 506 | unsigned long last_processed = 0, end_lineno; |
506 | time_t time_start, time_stop; | 507 | time_t time_start, time_stop; |
507 | int res; | 508 | int res; |
508 | 509 | ||
@@ -525,10 +526,17 @@ prime_test(FILE *in, FILE *out, u_int32_t trials, u_int32_t generator_wanted, | |||
525 | 526 | ||
526 | if (checkpoint_file != NULL) | 527 | if (checkpoint_file != NULL) |
527 | last_processed = read_checkpoint(checkpoint_file); | 528 | last_processed = read_checkpoint(checkpoint_file); |
529 | if (start_lineno > last_processed) | ||
530 | last_processed = start_lineno; | ||
531 | if (num_lines == 0) | ||
532 | end_lineno = ULONG_MAX; | ||
533 | else | ||
534 | end_lineno = last_processed + num_lines; | ||
535 | debug2("process line %lu to line %lu", last_processed, end_lineno); | ||
528 | 536 | ||
529 | res = 0; | 537 | res = 0; |
530 | lp = xmalloc(QLINESIZE + 1); | 538 | lp = xmalloc(QLINESIZE + 1); |
531 | while (fgets(lp, QLINESIZE + 1, in) != NULL) { | 539 | while (fgets(lp, QLINESIZE + 1, in) != NULL && count_in < end_lineno) { |
532 | count_in++; | 540 | count_in++; |
533 | if (checkpoint_file != NULL) { | 541 | if (checkpoint_file != NULL) { |
534 | if (count_in <= last_processed) { | 542 | if (count_in <= last_processed) { |
diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 41da2077b..03f927edf 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-keygen.1,v 1.108 2011/10/16 11:02:46 dtucker Exp $ | 1 | .\" $OpenBSD: ssh-keygen.1,v 1.109 2012/07/06 00:41:59 dtucker Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -35,7 +35,7 @@ | |||
35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 35 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 36 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
37 | .\" | 37 | .\" |
38 | .Dd $Mdocdate: October 16 2011 $ | 38 | .Dd $Mdocdate: July 6 2012 $ |
39 | .Dt SSH-KEYGEN 1 | 39 | .Dt SSH-KEYGEN 1 |
40 | .Os | 40 | .Os |
41 | .Sh NAME | 41 | .Sh NAME |
@@ -104,6 +104,8 @@ | |||
104 | .Fl f Ar input_file | 104 | .Fl f Ar input_file |
105 | .Op Fl v | 105 | .Op Fl v |
106 | .Op Fl a Ar num_trials | 106 | .Op Fl a Ar num_trials |
107 | .Op Fl J Ar num_lines | ||
108 | .Op Fl j Ar start_line | ||
107 | .Op Fl K Ar checkpt | 109 | .Op Fl K Ar checkpt |
108 | .Op Fl W Ar generator | 110 | .Op Fl W Ar generator |
109 | .Nm ssh-keygen | 111 | .Nm ssh-keygen |
@@ -297,6 +299,16 @@ in the format specified by the | |||
297 | .Fl m | 299 | .Fl m |
298 | option and print an OpenSSH compatible private | 300 | option and print an OpenSSH compatible private |
299 | (or public) key to stdout. | 301 | (or public) key to stdout. |
302 | .It Fl J Ar num_lines | ||
303 | Exit after screening the specified number of lines | ||
304 | while performing DH candidate screening using the | ||
305 | .Fl T | ||
306 | option. | ||
307 | .It Fl j Ar start_line | ||
308 | Start screening at the specified line number | ||
309 | while performing DH candidate screening using the | ||
310 | .Fl T | ||
311 | option. | ||
300 | .It Fl K Ar checkpt | 312 | .It Fl K Ar checkpt |
301 | Write the last line processed to the file | 313 | Write the last line processed to the file |
302 | .Ar checkpt | 314 | .Ar checkpt |
@@ -518,7 +530,7 @@ This may be overridden using the | |||
518 | .Fl S | 530 | .Fl S |
519 | option, which specifies a different start point (in hex). | 531 | option, which specifies a different start point (in hex). |
520 | .Pp | 532 | .Pp |
521 | Once a set of candidates have been generated, they must be tested for | 533 | Once a set of candidates have been generated, they must be screened for |
522 | suitability. | 534 | suitability. |
523 | This may be performed using the | 535 | This may be performed using the |
524 | .Fl T | 536 | .Fl T |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 9407321d5..57679ee43 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.214 2012/05/23 03:28:28 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.215 2012/07/06 00:41:59 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -154,7 +154,8 @@ char hostname[MAXHOSTNAMELEN]; | |||
154 | 154 | ||
155 | /* moduli.c */ | 155 | /* moduli.c */ |
156 | int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *); | 156 | int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *); |
157 | int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *); | 157 | int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *, unsigned long, |
158 | unsigned long); | ||
158 | 159 | ||
159 | static void | 160 | static void |
160 | type_bits_valid(int type, u_int32_t *bitsp) | 161 | type_bits_valid(int type, u_int32_t *bitsp) |
@@ -1888,6 +1889,8 @@ usage(void) | |||
1888 | fprintf(stderr, " -h Generate host certificate instead of a user certificate.\n"); | 1889 | fprintf(stderr, " -h Generate host certificate instead of a user certificate.\n"); |
1889 | fprintf(stderr, " -I key_id Key identifier to include in certificate.\n"); | 1890 | fprintf(stderr, " -I key_id Key identifier to include in certificate.\n"); |
1890 | fprintf(stderr, " -i Import foreign format to OpenSSH key file.\n"); | 1891 | fprintf(stderr, " -i Import foreign format to OpenSSH key file.\n"); |
1892 | fprintf(stderr, " -J number Screen this number of moduli lines\n"); | ||
1893 | fprintf(stderr, " -j number Start screening moduli at specified line.\n"); | ||
1891 | fprintf(stderr, " -K checkpt Write checkpoints to this file.\n"); | 1894 | fprintf(stderr, " -K checkpt Write checkpoints to this file.\n"); |
1892 | fprintf(stderr, " -L Print the contents of a certificate.\n"); | 1895 | fprintf(stderr, " -L Print the contents of a certificate.\n"); |
1893 | fprintf(stderr, " -l Show fingerprint of key file.\n"); | 1896 | fprintf(stderr, " -l Show fingerprint of key file.\n"); |
@@ -1930,6 +1933,7 @@ main(int argc, char **argv) | |||
1930 | u_int32_t memory = 0, generator_wanted = 0, trials = 100; | 1933 | u_int32_t memory = 0, generator_wanted = 0, trials = 100; |
1931 | int do_gen_candidates = 0, do_screen_candidates = 0; | 1934 | int do_gen_candidates = 0, do_screen_candidates = 0; |
1932 | int gen_all_hostkeys = 0; | 1935 | int gen_all_hostkeys = 0; |
1936 | unsigned long start_lineno = 0, lines_to_process = 0; | ||
1933 | BIGNUM *start = NULL; | 1937 | BIGNUM *start = NULL; |
1934 | FILE *f; | 1938 | FILE *f; |
1935 | const char *errstr; | 1939 | const char *errstr; |
@@ -1958,8 +1962,8 @@ main(int argc, char **argv) | |||
1958 | exit(1); | 1962 | exit(1); |
1959 | } | 1963 | } |
1960 | 1964 | ||
1961 | while ((opt = getopt(argc, argv, "AegiqpclBHLhvxXyF:b:f:t:D:I:K:P:m:N:n:" | 1965 | while ((opt = getopt(argc, argv, "AegiqpclBHLhvxXyF:b:f:t:D:I:J:j:K:P:" |
1962 | "O:C:r:g:R:T:G:M:S:s:a:V:W:z:")) != -1) { | 1966 | "m:N:n:O:C:r:g:R:T:G:M:S:s:a:V:W:z")) != -1) { |
1963 | switch (opt) { | 1967 | switch (opt) { |
1964 | case 'A': | 1968 | case 'A': |
1965 | gen_all_hostkeys = 1; | 1969 | gen_all_hostkeys = 1; |
@@ -1980,6 +1984,12 @@ main(int argc, char **argv) | |||
1980 | case 'I': | 1984 | case 'I': |
1981 | cert_key_id = optarg; | 1985 | cert_key_id = optarg; |
1982 | break; | 1986 | break; |
1987 | case 'J': | ||
1988 | lines_to_process = strtoul(optarg, NULL, 10); | ||
1989 | break; | ||
1990 | case 'j': | ||
1991 | start_lineno = strtoul(optarg, NULL, 10); | ||
1992 | break; | ||
1983 | case 'R': | 1993 | case 'R': |
1984 | delete_host = 1; | 1994 | delete_host = 1; |
1985 | rr_hostname = optarg; | 1995 | rr_hostname = optarg; |
@@ -2238,8 +2248,8 @@ main(int argc, char **argv) | |||
2238 | fatal("Couldn't open moduli file \"%s\": %s", | 2248 | fatal("Couldn't open moduli file \"%s\": %s", |
2239 | out_file, strerror(errno)); | 2249 | out_file, strerror(errno)); |
2240 | } | 2250 | } |
2241 | if (prime_test(in, out, trials, generator_wanted, checkpoint) | 2251 | if (prime_test(in, out, trials, generator_wanted, checkpoint, |
2242 | != 0) | 2252 | start_lineno, lines_to_process) != 0) |
2243 | fatal("modulus screening failed"); | 2253 | fatal("modulus screening failed"); |
2244 | return (0); | 2254 | return (0); |
2245 | } | 2255 | } |