diff options
author | Colin Watson <cjwatson@debian.org> | 2008-05-25 18:16:31 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2008-05-25 18:16:31 +0000 |
commit | 56c12903717deaf5eecd4c1b772de1eeb6ec4499 (patch) | |
tree | e6629641077d9435946bc56bcd4c37abefab2310 /ssh-vulnkey.c | |
parent | 3cb1ca47f373573cf3cd87af30d96284a3d38bf7 (diff) |
Make ssh-vulnkey report the file name and line number for each key
(thanks, Heiko Schlittermann and Christopher Perry; closes: #481398).
Diffstat (limited to 'ssh-vulnkey.c')
-rw-r--r-- | ssh-vulnkey.c | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/ssh-vulnkey.c b/ssh-vulnkey.c index f13eb1619..3c7985448 100644 --- a/ssh-vulnkey.c +++ b/ssh-vulnkey.c | |||
@@ -73,18 +73,21 @@ usage(void) | |||
73 | } | 73 | } |
74 | 74 | ||
75 | void | 75 | void |
76 | describe_key(const char *msg, const Key *key, const char *comment) | 76 | describe_key(const char *filename, u_long linenum, const char *msg, |
77 | const Key *key, const char *comment) | ||
77 | { | 78 | { |
78 | char *fp; | 79 | char *fp; |
79 | 80 | ||
80 | fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); | 81 | fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); |
81 | if (!quiet) | 82 | if (!quiet) |
82 | printf("%s: %u %s %s\n", msg, key_size(key), fp, comment); | 83 | printf("%s:%lu: %s: %u %s %s\n", filename, linenum, msg, |
84 | key_size(key), fp, comment); | ||
83 | xfree(fp); | 85 | xfree(fp); |
84 | } | 86 | } |
85 | 87 | ||
86 | int | 88 | int |
87 | do_key(const Key *key, const char *comment) | 89 | do_key(const char *filename, u_long linenum, |
90 | const Key *key, const char *comment) | ||
88 | { | 91 | { |
89 | Key *public; | 92 | Key *public; |
90 | char *blacklist_file; | 93 | char *blacklist_file; |
@@ -97,13 +100,15 @@ do_key(const Key *key, const char *comment) | |||
97 | 100 | ||
98 | blacklist_file = blacklist_filename(public); | 101 | blacklist_file = blacklist_filename(public); |
99 | if (stat(blacklist_file, &st) < 0) | 102 | if (stat(blacklist_file, &st) < 0) |
100 | describe_key("Unknown (no blacklist information)", | 103 | describe_key(filename, linenum, |
101 | key, comment); | 104 | "Unknown (no blacklist information)", key, comment); |
102 | else if (blacklisted_key(public)) { | 105 | else if (blacklisted_key(public)) { |
103 | describe_key("COMPROMISED", key, comment); | 106 | describe_key(filename, linenum, |
107 | "COMPROMISED", key, comment); | ||
104 | ret = 0; | 108 | ret = 0; |
105 | } else | 109 | } else |
106 | describe_key("Not blacklisted", key, comment); | 110 | describe_key(filename, linenum, |
111 | "Not blacklisted", key, comment); | ||
107 | xfree(blacklist_file); | 112 | xfree(blacklist_file); |
108 | 113 | ||
109 | key_free(public); | 114 | key_free(public); |
@@ -193,7 +198,8 @@ do_filename(const char *filename, int quiet_open) | |||
193 | if (key_read(key, &cp) == 1) { | 198 | if (key_read(key, &cp) == 1) { |
194 | while (*cp == ' ' || *cp == '\t') | 199 | while (*cp == ' ' || *cp == '\t') |
195 | cp++; | 200 | cp++; |
196 | if (!do_key(key, *cp ? cp : filename)) | 201 | if (!do_key(filename, linenum, |
202 | key, *cp ? cp : filename)) | ||
197 | ret = 0; | 203 | ret = 0; |
198 | found = 1; | 204 | found = 1; |
199 | } else { | 205 | } else { |
@@ -202,7 +208,8 @@ do_filename(const char *filename, int quiet_open) | |||
202 | if (key_read(key, &cp) == 1) { | 208 | if (key_read(key, &cp) == 1) { |
203 | while (*cp == ' ' || *cp == '\t') | 209 | while (*cp == ' ' || *cp == '\t') |
204 | cp++; | 210 | cp++; |
205 | if (!do_key(key, *cp ? cp : filename)) | 211 | if (!do_key(filename, linenum, |
212 | key, *cp ? cp : filename)) | ||
206 | ret = 0; | 213 | ret = 0; |
207 | found = 1; | 214 | found = 1; |
208 | } | 215 | } |
@@ -215,7 +222,7 @@ do_filename(const char *filename, int quiet_open) | |||
215 | if (!found && filename) { | 222 | if (!found && filename) { |
216 | key = key_load_public(filename, &comment); | 223 | key = key_load_public(filename, &comment); |
217 | if (key) { | 224 | if (key) { |
218 | if (!do_key(key, comment)) | 225 | if (!do_key(filename, 1, key, comment)) |
219 | ret = 0; | 226 | ret = 0; |
220 | found = 1; | 227 | found = 1; |
221 | } | 228 | } |