summaryrefslogtreecommitdiff
path: root/ssh-vulnkey.c
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2008-05-25 18:16:31 +0000
committerColin Watson <cjwatson@debian.org>2008-05-25 18:16:31 +0000
commit56c12903717deaf5eecd4c1b772de1eeb6ec4499 (patch)
treee6629641077d9435946bc56bcd4c37abefab2310 /ssh-vulnkey.c
parent3cb1ca47f373573cf3cd87af30d96284a3d38bf7 (diff)
Make ssh-vulnkey report the file name and line number for each key
(thanks, Heiko Schlittermann and Christopher Perry; closes: #481398).
Diffstat (limited to 'ssh-vulnkey.c')
-rw-r--r--ssh-vulnkey.c27
1 files changed, 17 insertions, 10 deletions
diff --git a/ssh-vulnkey.c b/ssh-vulnkey.c
index f13eb1619..3c7985448 100644
--- a/ssh-vulnkey.c
+++ b/ssh-vulnkey.c
@@ -73,18 +73,21 @@ usage(void)
73} 73}
74 74
75void 75void
76describe_key(const char *msg, const Key *key, const char *comment) 76describe_key(const char *filename, u_long linenum, const char *msg,
77 const Key *key, const char *comment)
77{ 78{
78 char *fp; 79 char *fp;
79 80
80 fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); 81 fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
81 if (!quiet) 82 if (!quiet)
82 printf("%s: %u %s %s\n", msg, key_size(key), fp, comment); 83 printf("%s:%lu: %s: %u %s %s\n", filename, linenum, msg,
84 key_size(key), fp, comment);
83 xfree(fp); 85 xfree(fp);
84} 86}
85 87
86int 88int
87do_key(const Key *key, const char *comment) 89do_key(const char *filename, u_long linenum,
90 const Key *key, const char *comment)
88{ 91{
89 Key *public; 92 Key *public;
90 char *blacklist_file; 93 char *blacklist_file;
@@ -97,13 +100,15 @@ do_key(const Key *key, const char *comment)
97 100
98 blacklist_file = blacklist_filename(public); 101 blacklist_file = blacklist_filename(public);
99 if (stat(blacklist_file, &st) < 0) 102 if (stat(blacklist_file, &st) < 0)
100 describe_key("Unknown (no blacklist information)", 103 describe_key(filename, linenum,
101 key, comment); 104 "Unknown (no blacklist information)", key, comment);
102 else if (blacklisted_key(public)) { 105 else if (blacklisted_key(public)) {
103 describe_key("COMPROMISED", key, comment); 106 describe_key(filename, linenum,
107 "COMPROMISED", key, comment);
104 ret = 0; 108 ret = 0;
105 } else 109 } else
106 describe_key("Not blacklisted", key, comment); 110 describe_key(filename, linenum,
111 "Not blacklisted", key, comment);
107 xfree(blacklist_file); 112 xfree(blacklist_file);
108 113
109 key_free(public); 114 key_free(public);
@@ -193,7 +198,8 @@ do_filename(const char *filename, int quiet_open)
193 if (key_read(key, &cp) == 1) { 198 if (key_read(key, &cp) == 1) {
194 while (*cp == ' ' || *cp == '\t') 199 while (*cp == ' ' || *cp == '\t')
195 cp++; 200 cp++;
196 if (!do_key(key, *cp ? cp : filename)) 201 if (!do_key(filename, linenum,
202 key, *cp ? cp : filename))
197 ret = 0; 203 ret = 0;
198 found = 1; 204 found = 1;
199 } else { 205 } else {
@@ -202,7 +208,8 @@ do_filename(const char *filename, int quiet_open)
202 if (key_read(key, &cp) == 1) { 208 if (key_read(key, &cp) == 1) {
203 while (*cp == ' ' || *cp == '\t') 209 while (*cp == ' ' || *cp == '\t')
204 cp++; 210 cp++;
205 if (!do_key(key, *cp ? cp : filename)) 211 if (!do_key(filename, linenum,
212 key, *cp ? cp : filename))
206 ret = 0; 213 ret = 0;
207 found = 1; 214 found = 1;
208 } 215 }
@@ -215,7 +222,7 @@ do_filename(const char *filename, int quiet_open)
215 if (!found && filename) { 222 if (!found && filename) {
216 key = key_load_public(filename, &comment); 223 key = key_load_public(filename, &comment);
217 if (key) { 224 if (key) {
218 if (!do_key(key, comment)) 225 if (!do_key(filename, 1, key, comment))
219 ret = 0; 226 ret = 0;
220 found = 1; 227 found = 1;
221 } 228 }