diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2010-01-12 19:41:57 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2010-01-12 19:41:57 +1100 |
| commit | d04758dc4c001104933ce3e2088ac46d461ec1f1 (patch) | |
| tree | 7d70fff202b0f415f74fd17815abc3e682a0bfd6 | |
| parent | d4c86b13254d7c84b27b7cb8d32dcc7036ca3788 (diff) | |
- djm@cvs.openbsd.org 2010/01/11 10:51:07
[ssh-keygen.c]
when converting keys, truncate key comments at 72 chars as per RFC4716;
bz#1630 reported by tj AT castaglia.org; ok markus@
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | ssh-keygen.c | 12 |
2 files changed, 12 insertions, 4 deletions
| @@ -11,6 +11,10 @@ | |||
| 11 | Do not prompt for a passphrase if we fail to open a keyfile, and log the | 11 | Do not prompt for a passphrase if we fail to open a keyfile, and log the |
| 12 | reason the open failed to debug. | 12 | reason the open failed to debug. |
| 13 | bz #1693, found by tj AT castaglia org, ok djm@ | 13 | bz #1693, found by tj AT castaglia org, ok djm@ |
| 14 | - djm@cvs.openbsd.org 2010/01/11 10:51:07 | ||
| 15 | [ssh-keygen.c] | ||
| 16 | when converting keys, truncate key comments at 72 chars as per RFC4716; | ||
| 17 | bz#1630 reported by tj AT castaglia.org; ok markus@ | ||
| 14 | 18 | ||
| 15 | 20100110 | 19 | 20100110 |
| 16 | - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] | 20 | - (dtucker) [configure.ac misc.c readconf.c servconf.c ssh-keyscan.c] |
diff --git a/ssh-keygen.c b/ssh-keygen.c index 4f90ac5c1..7f5185f8e 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-keygen.c,v 1.175 2009/08/27 17:33:49 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.176 2010/01/11 10:51:07 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -181,6 +181,7 @@ do_convert_to_ssh2(struct passwd *pw) | |||
| 181 | Key *k; | 181 | Key *k; |
| 182 | u_int len; | 182 | u_int len; |
| 183 | u_char *blob; | 183 | u_char *blob; |
| 184 | char comment[61]; | ||
| 184 | struct stat st; | 185 | struct stat st; |
| 185 | 186 | ||
| 186 | if (!have_identity) | 187 | if (!have_identity) |
| @@ -203,11 +204,14 @@ do_convert_to_ssh2(struct passwd *pw) | |||
| 203 | fprintf(stderr, "key_to_blob failed\n"); | 204 | fprintf(stderr, "key_to_blob failed\n"); |
| 204 | exit(1); | 205 | exit(1); |
| 205 | } | 206 | } |
| 206 | fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN); | 207 | /* Comment + surrounds must fit into 72 chars (RFC 4716 sec 3.3) */ |
| 207 | fprintf(stdout, | 208 | snprintf(comment, sizeof(comment), |
| 208 | "Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n", | 209 | "%u-bit %s, converted by %s@%s from OpenSSH", |
| 209 | key_size(k), key_type(k), | 210 | key_size(k), key_type(k), |
| 210 | pw->pw_name, hostname); | 211 | pw->pw_name, hostname); |
| 212 | |||
| 213 | fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN); | ||
| 214 | fprintf(stdout, "Comment: \"%s\"\n", comment); | ||
| 211 | dump_base64(stdout, blob, len); | 215 | dump_base64(stdout, blob, len); |
| 212 | fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END); | 216 | fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END); |
| 213 | key_free(k); | 217 | key_free(k); |