- deraadt@cvs.openbsd.org 2001/03/09 03:14:39

     [ssh-keygen.c]
     create *.pub files with umask 0644, so that you can mv them to
     authorized_keys

2 files changed, 28 insertions, 13 deletions

diff --git a/ChangeLog b/ChangeLog
index f7e526980..9627fe518 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+20010310
+ - OpenBSD CVS Sync
+   - deraadt@cvs.openbsd.org 2001/03/09 03:14:39
+     [ssh-keygen.c]
+     create *.pub files with umask 0644, so that you can mv them to 
+     authorized_keys
+
 20010309
  - OpenBSD CVS Sync
    - stevesk@cvs.openbsd.org 2001/03/08 18:47:12
@@ -4457,4 +4464,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.930 2001/03/09 00:12:22 mouring Exp $
+$Id: ChangeLog,v 1.931 2001/03/09 18:19:24 mouring Exp $
diff --git a/ssh-keygen.c b/ssh-keygen.c
index e5e34cb2f..dbb46ac90 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.45 2001/02/22 08:03:51 deraadt Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.46 2001/03/09 03:14:39 deraadt Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@@ -512,12 +512,11 @@ do_change_passphrase(struct passwd *pw)
 void
 do_change_comment(struct passwd *pw)
 {
-        char new_comment[1024], *comment;
-        Key *private;
-        Key *public;
-        char *passphrase;
+        char new_comment[1024], *comment, *passphrase;
+        Key *private, *public;
         struct stat st;
         FILE *f;
+        int fd;
 
         if (!have_identity)
                 ask_filename(pw, "Enter file in which the key is");
@@ -585,11 +584,16 @@ do_change_comment(struct passwd *pw)
         key_free(private);
 
         strlcat(identity_file, ".pub", sizeof(identity_file));
-        f = fopen(identity_file, "w");
-        if (!f) {
+        fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
+        if (fd == -1) {
                 printf("Could not save your public key in %s\n", identity_file);
                 exit(1);
         }
+        f = fdopen(fd, "w");
+        if (f == NULL) {
+                printf("fdopen %s failed", identity_file);
+                exit(1);
+        }
         if (!key_write(public, f))
                 fprintf(stderr, "write key failed");
         key_free(public);
@@ -617,12 +621,11 @@ int
 main(int ac, char **av)
 {
         char dotsshdir[16 * 1024], comment[1024], *passphrase1, *passphrase2;
+        Key *private, *public;
         struct passwd *pw;
-        int opt, type;
+        int opt, type, fd;
         struct stat st;
         FILE *f;
-        Key *private;
-        Key *public;
 
         extern int optind;
         extern char *optarg;
@@ -827,11 +830,16 @@ passphrase_again:
                 printf("Your identification has been saved in %s.\n", identity_file);
 
         strlcat(identity_file, ".pub", sizeof(identity_file));
-        f = fopen(identity_file, "w");
-        if (!f) {
+        fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
+        if (fd == -1) {
                 printf("Could not save your public key in %s\n", identity_file);
                 exit(1);
         }
+        f = fdopen(fd, "w");
+        if (f == NULL) {
+                printf("fdopen %s failed", identity_file);
+                exit(1);
+        }
         if (!key_write(public, f))
                 fprintf(stderr, "write key failed");
         fprintf(f, " %s\n", comment);