summaryrefslogtreecommitdiff
path: root/ssh-keygen.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2016-08-06 10:49:59 +0100
committerColin Watson <cjwatson@debian.org>2016-08-07 12:18:58 +0100
commit477bb7636238c106f8cd7c868a8c0c5eabcfb3db (patch)
tree601176af2ecf358c36b766776a86845ad7a3cd6f /ssh-keygen.c
parent747fac2de0d889183f67f6900194c0462c558544 (diff)
parent4c914ccd85bbf391c4dc61b85e3c178fef465e3f (diff)
New upstream release (7.3p1).
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r--ssh-keygen.c18
1 files changed, 12 insertions, 6 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 478520123..0bd5fc93a 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.288 2016/02/15 09:47:49 dtucker Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.290 2016/05/02 09:36:42 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -883,7 +883,7 @@ do_fingerprint(struct passwd *pw)
883 char *comment = NULL, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES]; 883 char *comment = NULL, *cp, *ep, line[SSH_MAX_PUBKEY_BYTES];
884 int i, invalid = 1; 884 int i, invalid = 1;
885 const char *path; 885 const char *path;
886 long int lnum = 0; 886 u_long lnum = 0;
887 887
888 if (!have_identity) 888 if (!have_identity)
889 ask_filename(pw, "Enter file in which the key is"); 889 ask_filename(pw, "Enter file in which the key is");
@@ -946,7 +946,7 @@ do_fingerprint(struct passwd *pw)
946 } 946 }
947 /* Retry after parsing leading hostname/key options */ 947 /* Retry after parsing leading hostname/key options */
948 if (public == NULL && (public = try_read_key(&cp)) == NULL) { 948 if (public == NULL && (public = try_read_key(&cp)) == NULL) {
949 debug("%s:%ld: not a public key", path, lnum); 949 debug("%s:%lu: not a public key", path, lnum);
950 continue; 950 continue;
951 } 951 }
952 952
@@ -1599,6 +1599,12 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
1599 ca = load_identity(tmp); 1599 ca = load_identity(tmp);
1600 free(tmp); 1600 free(tmp);
1601 1601
1602 if (key_type_name != NULL &&
1603 sshkey_type_from_name(key_type_name) != ca->type) {
1604 fatal("CA key type %s doesn't match specified %s",
1605 sshkey_ssh_name(ca), key_type_name);
1606 }
1607
1602 for (i = 0; i < argc; i++) { 1608 for (i = 0; i < argc; i++) {
1603 /* Split list of principals */ 1609 /* Split list of principals */
1604 n = 0; 1610 n = 0;
@@ -1640,8 +1646,8 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
1640 &public->cert->signature_key)) != 0) 1646 &public->cert->signature_key)) != 0)
1641 fatal("key_from_private (ca key): %s", ssh_err(r)); 1647 fatal("key_from_private (ca key): %s", ssh_err(r));
1642 1648
1643 if (sshkey_certify(public, ca) != 0) 1649 if ((r = sshkey_certify(public, ca, key_type_name)) != 0)
1644 fatal("Couldn't not certify key %s", tmp); 1650 fatal("Couldn't certify key %s: %s", tmp, ssh_err(r));
1645 1651
1646 if ((cp = strrchr(tmp, '.')) != NULL && strcmp(cp, ".pub") == 0) 1652 if ((cp = strrchr(tmp, '.')) != NULL && strcmp(cp, ".pub") == 0)
1647 *cp = '\0'; 1653 *cp = '\0';
@@ -1920,7 +1926,7 @@ do_show_cert(struct passwd *pw)
1920 FILE *f; 1926 FILE *f;
1921 char *cp, line[SSH_MAX_PUBKEY_BYTES]; 1927 char *cp, line[SSH_MAX_PUBKEY_BYTES];
1922 const char *path; 1928 const char *path;
1923 long int lnum = 0; 1929 u_long lnum = 0;
1924 1930
1925 if (!have_identity) 1931 if (!have_identity)
1926 ask_filename(pw, "Enter file in which the key is"); 1932 ask_filename(pw, "Enter file in which the key is");
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-11 09:10:20 +0000