diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2014-12-21 22:27:55 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2014-12-22 09:32:29 +1100 |
| commit | 56d1c83cdd1ac76f1c6bd41e01e80dad834f3994 (patch) | |
| tree | 700a872e702c686c1815bb1049eb93e88079b598 /ssh-agent.c | |
| parent | 058f839fe15c51be8b3a844a76ab9a8db550be4f (diff) | |
upstream commit
Add FingerprintHash option to control algorithm used for
key fingerprints. Default changes from MD5 to SHA256 and format from hex to
base64.
Feedback and ok naddy@ markus@
Diffstat (limited to 'ssh-agent.c')
| -rw-r--r-- | ssh-agent.c | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/ssh-agent.c b/ssh-agent.c index 9c11d48d1..c2dc1fa0c 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-agent.c,v 1.191 2014/11/18 20:54:28 krw Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.192 2014/12/21 22:27:56 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -142,6 +142,8 @@ extern char *__progname; | |||
| 142 | /* Default lifetime in seconds (0 == forever) */ | 142 | /* Default lifetime in seconds (0 == forever) */ |
| 143 | static long lifetime = 0; | 143 | static long lifetime = 0; |
| 144 | 144 | ||
| 145 | static int fingerprint_hash = SSH_FP_HASH_DEFAULT; | ||
| 146 | |||
| 145 | static void | 147 | static void |
| 146 | close_socket(SocketEntry *e) | 148 | close_socket(SocketEntry *e) |
| 147 | { | 149 | { |
| @@ -203,7 +205,7 @@ confirm_key(Identity *id) | |||
| 203 | char *p; | 205 | char *p; |
| 204 | int ret = -1; | 206 | int ret = -1; |
| 205 | 207 | ||
| 206 | p = key_fingerprint(id->key, SSH_FP_MD5, SSH_FP_HEX); | 208 | p = key_fingerprint(id->key, fingerprint_hash, SSH_FP_DEFAULT); |
| 207 | if (ask_permission("Allow use of key %s?\nKey fingerprint %s.", | 209 | if (ask_permission("Allow use of key %s?\nKey fingerprint %s.", |
| 208 | id->comment, p)) | 210 | id->comment, p)) |
| 209 | ret = 0; | 211 | ret = 0; |
| @@ -1026,7 +1028,7 @@ usage(void) | |||
| 1026 | { | 1028 | { |
| 1027 | fprintf(stderr, | 1029 | fprintf(stderr, |
| 1028 | "usage: ssh-agent [-c | -s] [-d] [-a bind_address] [-t life]\n" | 1030 | "usage: ssh-agent [-c | -s] [-d] [-a bind_address] [-t life]\n" |
| 1029 | " [command [arg ...]]\n" | 1031 | " [-E fingerprint_hash] [command [arg ...]]\n" |
| 1030 | " ssh-agent [-c | -s] -k\n"); | 1032 | " ssh-agent [-c | -s] -k\n"); |
| 1031 | exit(1); | 1033 | exit(1); |
| 1032 | } | 1034 | } |
| @@ -1069,8 +1071,13 @@ main(int ac, char **av) | |||
| 1069 | __progname = ssh_get_progname(av[0]); | 1071 | __progname = ssh_get_progname(av[0]); |
| 1070 | seed_rng(); | 1072 | seed_rng(); |
| 1071 | 1073 | ||
| 1072 | while ((ch = getopt(ac, av, "cdksa:t:")) != -1) { | 1074 | while ((ch = getopt(ac, av, "cdksE:a:t:")) != -1) { |
| 1073 | switch (ch) { | 1075 | switch (ch) { |
| 1076 | case 'E': | ||
| 1077 | fingerprint_hash = ssh_digest_alg_by_name(optarg); | ||
| 1078 | if (fingerprint_hash == -1) | ||
| 1079 | fatal("Invalid hash algorithm \"%s\"", optarg); | ||
| 1080 | break; | ||
| 1074 | case 'c': | 1081 | case 'c': |
| 1075 | if (s_flag) | 1082 | if (s_flag) |
| 1076 | usage(); | 1083 | usage(); |