diff options
author | Darren Tucker <dtucker@zip.com.au> | 2010-01-12 19:41:57 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2010-01-12 19:41:57 +1100 |
commit | d04758dc4c001104933ce3e2088ac46d461ec1f1 (patch) | |
tree | 7d70fff202b0f415f74fd17815abc3e682a0bfd6 | |
parent | d4c86b13254d7c84b27b7cb8d32dcc7036ca3788 (diff) |
- djm@cvs.openbsd.org 2010/01/11 10:51:07
[ssh-keygen.c]
when converting keys, truncate key comments at 72 chars as per RFC4716;
bz#1630 reported by tj AT castaglia.org; ok markus@
-rw-r--r-- | ChangeLog | 4 | ||||
-rw-r--r-- | ssh-keygen.c | 12 |
2 files changed, 12 insertions, 4 deletions
@@ -11,6 +11,10 @@ | |||
11 | Do not prompt for a passphrase if we fail to open a keyfile, and log the | 11 | Do not prompt for a passphrase if we fail to open a keyfile, and log the |
12 | reason the open failed to debug. | 12 | reason the open failed to debug. |
13 | bz #1693, found by tj AT castaglia org, ok djm@ | 13 | bz #1693, found by tj AT castaglia org, ok djm@ |
14 | - djm@cvs.openbsd.org 2010/01/11 10:51:07 | ||
15 | [ssh-keygen.c] | ||
16 | when converting keys, truncate key comments at 72 chars as per RFC4716; | ||
17 | bz#1630 reported by tj AT castaglia.org; ok markus@ | ||
14 | 18 | ||
15 | 20100110 | 19 | 20100110 |
16 | - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] | 20 | - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 4f90ac5c1..7f5185f8e 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.175 2009/08/27 17:33:49 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.176 2010/01/11 10:51:07 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -181,6 +181,7 @@ do_convert_to_ssh2(struct passwd *pw) | |||
181 | Key *k; | 181 | Key *k; |
182 | u_int len; | 182 | u_int len; |
183 | u_char *blob; | 183 | u_char *blob; |
184 | char comment[61]; | ||
184 | struct stat st; | 185 | struct stat st; |
185 | 186 | ||
186 | if (!have_identity) | 187 | if (!have_identity) |
@@ -203,11 +204,14 @@ do_convert_to_ssh2(struct passwd *pw) | |||
203 | fprintf(stderr, "key_to_blob failed\n"); | 204 | fprintf(stderr, "key_to_blob failed\n"); |
204 | exit(1); | 205 | exit(1); |
205 | } | 206 | } |
206 | fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN); | 207 | /* Comment + surrounds must fit into 72 chars (RFC 4716 sec 3.3) */ |
207 | fprintf(stdout, | 208 | snprintf(comment, sizeof(comment), |
208 | "Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n", | 209 | "%u-bit %s, converted by %s@%s from OpenSSH", |
209 | key_size(k), key_type(k), | 210 | key_size(k), key_type(k), |
210 | pw->pw_name, hostname); | 211 | pw->pw_name, hostname); |
212 | |||
213 | fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN); | ||
214 | fprintf(stdout, "Comment: \"%s\"\n", comment); | ||
211 | dump_base64(stdout, blob, len); | 215 | dump_base64(stdout, blob, len); |
212 | fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END); | 216 | fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END); |
213 | key_free(k); | 217 | key_free(k); |