summaryrefslogtreecommitdiff
path: root/ssh-keygen.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2005-05-26 12:16:18 +1000
committerDamien Miller <djm@mindrot.org>2005-05-26 12:16:18 +1000
commitb089fb5fe15a6b1936262a33417265f8cb9b0afb (patch)
tree9a6ae5b4cdf37720c128fe981ea6d9c3a12a7da9 /ssh-keygen.c
parentdfec2941acfdcadb81adb149f452f0eece26625d (diff)
- avsm@cvs.openbsd.org 2005/05/23 22:44:01
[moduli.c ssh-keygen.c] - removes signed/unsigned comparisons in moduli generation - use strtonum instead of atoi where its easier - check some strlcpy overflow and fatal instead of truncate
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r--ssh-keygen.c46
1 files changed, 30 insertions, 16 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 6f0713dab..bee431242 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
12 */ 12 */
13 13
14#include "includes.h" 14#include "includes.h"
15RCSID("$OpenBSD: ssh-keygen.c,v 1.123 2005/04/05 13:45:31 otto Exp $"); 15RCSID("$OpenBSD: ssh-keygen.c,v 1.124 2005/05/23 22:44:01 avsm Exp $");
16 16
17#include <openssl/evp.h> 17#include <openssl/evp.h>
18#include <openssl/pem.h> 18#include <openssl/pem.h>
@@ -36,7 +36,7 @@ RCSID("$OpenBSD: ssh-keygen.c,v 1.123 2005/04/05 13:45:31 otto Exp $");
36#include "dns.h" 36#include "dns.h"
37 37
38/* Number of bits in the RSA/DSA key. This value can be changed on the command line. */ 38/* Number of bits in the RSA/DSA key. This value can be changed on the command line. */
39int bits = 1024; 39u_int32_t bits = 1024;
40 40
41/* 41/*
42 * Flag indicating that we just want to change the passphrase. This can be 42 * Flag indicating that we just want to change the passphrase. This can be
@@ -90,7 +90,7 @@ extern char *__progname;
90char hostname[MAXHOSTNAMELEN]; 90char hostname[MAXHOSTNAMELEN];
91 91
92/* moduli.c */ 92/* moduli.c */
93int gen_candidates(FILE *, int, int, BIGNUM *); 93int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *);
94int prime_test(FILE *, FILE *, u_int32_t, u_int32_t); 94int prime_test(FILE *, FILE *, u_int32_t, u_int32_t);
95 95
96static void 96static void
@@ -1007,8 +1007,8 @@ main(int ac, char **av)
1007 Key *private, *public; 1007 Key *private, *public;
1008 struct passwd *pw; 1008 struct passwd *pw;
1009 struct stat st; 1009 struct stat st;
1010 int opt, type, fd, download = 0, memory = 0; 1010 int opt, type, fd, download = 0;
1011 int generator_wanted = 0, trials = 100; 1011 uint32_t memory = 0, generator_wanted = 0, trials = 100;
1012 int do_gen_candidates = 0, do_screen_candidates = 0; 1012 int do_gen_candidates = 0, do_screen_candidates = 0;
1013 int log_level = SYSLOG_LEVEL_INFO; 1013 int log_level = SYSLOG_LEVEL_INFO;
1014 BIGNUM *start = NULL; 1014 BIGNUM *start = NULL;
@@ -1016,6 +1016,7 @@ main(int ac, char **av)
1016 1016
1017 extern int optind; 1017 extern int optind;
1018 extern char *optarg; 1018 extern char *optarg;
1019 const char *errstr;
1019 1020
1020 __progname = ssh_get_progname(av[0]); 1021 __progname = ssh_get_progname(av[0]);
1021 1022
@@ -1040,9 +1041,9 @@ main(int ac, char **av)
1040 "degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:")) != -1) { 1041 "degiqpclBHvxXyF:b:f:t:U:D:P:N:C:r:g:R:T:G:M:S:a:W:")) != -1) {
1041 switch (opt) { 1042 switch (opt) {
1042 case 'b': 1043 case 'b':
1043 bits = atoi(optarg); 1044 bits = strtonum(optarg, 512, 32768, &errstr);
1044 if (bits < 512 || bits > 32768) { 1045 if (errstr) {
1045 printf("Bits has bad value.\n"); 1046 printf("Bits has bad value %s (%s)\n", optarg, errstr);
1046 exit(1); 1047 exit(1);
1047 } 1048 }
1048 break; 1049 break;
@@ -1070,7 +1071,9 @@ main(int ac, char **av)
1070 change_comment = 1; 1071 change_comment = 1;
1071 break; 1072 break;
1072 case 'f': 1073 case 'f':
1073 strlcpy(identity_file, optarg, sizeof(identity_file)); 1074 if (strlcpy(identity_file, optarg, sizeof(identity_file)) >=
1075 sizeof(identity_file))
1076 fatal("Identity filename too long");
1074 have_identity = 1; 1077 have_identity = 1;
1075 break; 1078 break;
1076 case 'g': 1079 case 'g':
@@ -1125,23 +1128,34 @@ main(int ac, char **av)
1125 rr_hostname = optarg; 1128 rr_hostname = optarg;
1126 break; 1129 break;
1127 case 'W': 1130 case 'W':
1128 generator_wanted = atoi(optarg); 1131 generator_wanted = strtonum(optarg, 1, UINT_MAX, &errstr);
1129 if (generator_wanted < 1) 1132 if (errstr)
1130 fatal("Desired generator has bad value."); 1133 fatal("Desired generator has bad value: %s (%s)",
1134 optarg, errstr);
1131 break; 1135 break;
1132 case 'a': 1136 case 'a':
1133 trials = atoi(optarg); 1137 trials = strtonum(optarg, 1, UINT_MAX, &errstr);
1138 if (errstr)
1139 fatal("Invalid number of trials: %s (%s)",
1140 optarg, errstr);
1134 break; 1141 break;
1135 case 'M': 1142 case 'M':
1136 memory = atoi(optarg); 1143 memory = strtonum(optarg, 1, UINT_MAX, &errstr);
1144 if (errstr) {
1145 fatal("Memory limit is %s: %s", errstr, optarg);
1146 }
1137 break; 1147 break;
1138 case 'G': 1148 case 'G':
1139 do_gen_candidates = 1; 1149 do_gen_candidates = 1;
1140 strlcpy(out_file, optarg, sizeof(out_file)); 1150 if (strlcpy(out_file, optarg, sizeof(out_file)) >=
1151 sizeof(out_file))
1152 fatal("Output filename too long");
1141 break; 1153 break;
1142 case 'T': 1154 case 'T':
1143 do_screen_candidates = 1; 1155 do_screen_candidates = 1;
1144 strlcpy(out_file, optarg, sizeof(out_file)); 1156 if (strlcpy(out_file, optarg, sizeof(out_file)) >=
1157 sizeof(out_file))
1158 fatal("Output filename too long");
1145 break; 1159 break;
1146 case 'S': 1160 case 'S':
1147 /* XXX - also compare length against bits */ 1161 /* XXX - also compare length against bits */
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-18 01:53:08 +0000