diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2020-04-03 02:26:56 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2020-04-03 13:33:25 +1100 |
| commit | 6ec7457171468da2bbd908b8cd63d298b0e049ea (patch) | |
| tree | c61f384cbaa6cadb2c0b9de7632ef986f016e489 /ssh-keygen.c | |
| parent | af628b8a6c3ef403644d83d205c80ff188c97f0c (diff) | |
upstream: give ssh-keygen the ability to dump the contents of a
binary key revocation list: ssh-keygen -lQf /path bz#3132; ok dtucker
OpenBSD-Commit-ID: b76afc4e3b74ab735dbde4e5f0cfa1f02356033b
Diffstat (limited to 'ssh-keygen.c')
| -rw-r--r-- | ssh-keygen.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index 0fa141cff..802fd25c2 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-keygen.c,v 1.404 2020/03/13 03:17:07 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.405 2020/04/03 02:26:56 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -2439,7 +2439,7 @@ do_gen_krl(struct passwd *pw, int updating, const char *ca_key_path, | |||
| 2439 | } | 2439 | } |
| 2440 | 2440 | ||
| 2441 | static void | 2441 | static void |
| 2442 | do_check_krl(struct passwd *pw, int argc, char **argv) | 2442 | do_check_krl(struct passwd *pw, int print_krl, int argc, char **argv) |
| 2443 | { | 2443 | { |
| 2444 | int i, r, ret = 0; | 2444 | int i, r, ret = 0; |
| 2445 | char *comment; | 2445 | char *comment; |
| @@ -2449,6 +2449,8 @@ do_check_krl(struct passwd *pw, int argc, char **argv) | |||
| 2449 | if (*identity_file == '\0') | 2449 | if (*identity_file == '\0') |
| 2450 | fatal("KRL checking requires an input file"); | 2450 | fatal("KRL checking requires an input file"); |
| 2451 | load_krl(identity_file, &krl); | 2451 | load_krl(identity_file, &krl); |
| 2452 | if (print_krl) | ||
| 2453 | krl_dump(krl, stdout); | ||
| 2452 | for (i = 0; i < argc; i++) { | 2454 | for (i = 0; i < argc; i++) { |
| 2453 | if ((r = sshkey_load_public(argv[i], &k, &comment)) != 0) | 2455 | if ((r = sshkey_load_public(argv[i], &k, &comment)) != 0) |
| 2454 | fatal("Cannot load public key %s: %s", | 2456 | fatal("Cannot load public key %s: %s", |
| @@ -3086,7 +3088,7 @@ usage(void) | |||
| 3086 | " ssh-keygen -A [-f prefix_path]\n" | 3088 | " ssh-keygen -A [-f prefix_path]\n" |
| 3087 | " ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]\n" | 3089 | " ssh-keygen -k -f krl_file [-u] [-s ca_public] [-z version_number]\n" |
| 3088 | " file ...\n" | 3090 | " file ...\n" |
| 3089 | " ssh-keygen -Q -f krl_file file ...\n" | 3091 | " ssh-keygen -Q [-l] -f krl_file [file ...]\n" |
| 3090 | " ssh-keygen -Y find-principals -s signature_file -f allowed_signers_file\n" | 3092 | " ssh-keygen -Y find-principals -s signature_file -f allowed_signers_file\n" |
| 3091 | " ssh-keygen -Y check-novalidate -n namespace -s signature_file\n" | 3093 | " ssh-keygen -Y check-novalidate -n namespace -s signature_file\n" |
| 3092 | " ssh-keygen -Y sign -f key_file -n namespace file ...\n" | 3094 | " ssh-keygen -Y sign -f key_file -n namespace file ...\n" |
| @@ -3441,7 +3443,7 @@ main(int argc, char **argv) | |||
| 3441 | return (0); | 3443 | return (0); |
| 3442 | } | 3444 | } |
| 3443 | if (check_krl) { | 3445 | if (check_krl) { |
| 3444 | do_check_krl(pw, argc, argv); | 3446 | do_check_krl(pw, print_fingerprint, argc, argv); |
| 3445 | return (0); | 3447 | return (0); |
| 3446 | } | 3448 | } |
| 3447 | if (ca_key_path != NULL) { | 3449 | if (ca_key_path != NULL) { |