4 files changed, 95 insertions, 81 deletions
diff --git a/ChangeLog b/ChangeLog
index 3a7b120a0..21d6358a4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -15,7 +15,14 @@
      [channels.c clientloop.c]
      SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@
      [hope this time my ISP stays alive during commit]
+    - [OVERVIEW README] typos; green@freebsd
+    - [ssh-keygen.c]
+      replace xstrdup+strcat with strlcat+fixed buffer, fixes OF (bad me)
+      exit if writing the key fails (no infinit loop)
+      print usage() everytime we get bad options
+    - [ssh-keygen.c] overflow, djm@mindrot.org
+    - [sshd.c] fix sigchld race; cjc5@po.cwru.edu
+      
 19991120
 - Merged more Solaris support from Marc G. Fournier 
   <marc.fournier@acadiau.ca>
diff --git a/OVERVIEW b/OVERVIEW
index a8b67e4e2..7f34ac45b 100644
--- a/OVERVIEW
+++ b/OVERVIEW
@@ -1,4 +1,4 @@
-This document is inteded for those who wish to read the ssh source
+This document is intended for those who wish to read the ssh source
 code.  This tries to give an overview of the structure of the code.
      
 Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 21b61b44b..596da76fb 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -14,7 +14,7 @@ Identity and host key generation and maintenance.
 */
 #include "includes.h"
-RCSID("$Id: ssh-keygen.c,v 1.6 1999/11/20 06:02:56 damien Exp $");
+RCSID("$Id: ssh-keygen.c,v 1.7 1999/11/21 07:31:57 damien Exp $");
 #include "rsa.h"
 #include "ssh.h"
@@ -50,8 +50,9 @@ int quiet = 0;
 /* Flag indicating that we just want to see the key fingerprint */
 int print_fingerprint = 0;
-/* This is set to the identity file name if given on the command line. */
+/* The identity file name, given on the command line or entered by the user. */
-char *identity_file = NULL;
+char identity_file[1024];
+int have_identity = 0;
 /* This is set to the passphrase if given on the command line. */
 char *identity_passphrase = NULL;
@@ -62,51 +63,46 @@ char *identity_new_passphrase = NULL;
 /* This is set to the new comment if given on the command line. */
 char *identity_comment = NULL;
-/* Perform changing a passphrase.  The argument is the passwd structure
+/* argv0 */
-   for the current user. */
+extern char *__progname;
-char *
+void
-get_filename(struct passwd *pw, const char *prompt)
+ask_filename(struct passwd *pw, const char *prompt)
 {
-  char buf[1024], default_file[1024];
+  char buf[1024];
+  snprintf(identity_file, sizeof(identity_file), "%s/%s",
-  /* Read key file name. */
+           pw->pw_dir, SSH_CLIENT_IDENTITY);
-  if (identity_file != NULL) {
+  printf("%s (%s): ", prompt, identity_file);
-    return xstrdup(identity_file);
+  fflush(stdout);
-  } else {
+  if (fgets(buf, sizeof(buf), stdin) == NULL)
-    snprintf(default_file, sizeof default_file, "%s/%s",
+    exit(1);
-             pw->pw_dir, SSH_CLIENT_IDENTITY);
+  if (strchr(buf, '\n'))
-    printf("%s (%s): ", prompt, default_file);
+    *strchr(buf, '\n') = 0;
-    fflush(stdout);
+  if (strcmp(buf, "") != 0)
-    if (fgets(buf, sizeof(buf), stdin) == NULL)
+    strlcpy(identity_file, buf, sizeof(identity_file));
-      exit(1);
+  have_identity = 1;
-    if (strchr(buf, '\n'))
-      *strchr(buf, '\n') = 0;
-    if (strcmp(buf, "") == 0)
-      return xstrdup(default_file);
-  }
-  return xstrdup(buf);
 }
 void
 do_fingerprint(struct passwd *pw)
 {
-  char *file, *comment;
+  char *comment;
  RSA *public_key;
  struct stat st;
-  file = get_filename(pw, "Enter file in which the key is");
+  if (!have_identity)
-  if (stat(file, &st) < 0)
+    ask_filename(pw, "Enter file in which the key is");
+  if (stat(identity_file, &st) < 0)
    {
-      perror(file);
+      perror(identity_file);
      exit(1);
    }
  public_key = RSA_new();
-  if (!load_public_key(file, public_key, &comment)) {
+  if (!load_public_key(identity_file, public_key, &comment)) {
    char *cp, line[1024];
    BIGNUM *e, *n;
    int dummy, invalid = 0;
-    FILE *f = fopen(file, "r");
+    FILE *f = fopen(identity_file, "r");
    n = BN_new();
    e = BN_new();
    if (f && fgets(line, sizeof(line), f)) {
@@ -123,7 +119,7 @@ do_fingerprint(struct passwd *pw)
      invalid = 1;
    }
    if (invalid) {
-      printf("%s is not a valid key file.\n", file);
+      printf("%s is not a valid key file.\n", identity_file);
      BN_free(e);
      BN_free(n);
      exit(1);
@@ -137,29 +133,32 @@ do_fingerprint(struct passwd *pw)
  exit(0);
 }
+/* Perform changing a passphrase.  The argument is the passwd structure
+   for the current user. */
 void
 do_change_passphrase(struct passwd *pw)
 {
-  char *file, *comment;
+  char *comment;
  char *old_passphrase, *passphrase1, *passphrase2;
  struct stat st;
  RSA *private_key;
-  file = get_filename(pw, "Enter file in which the key is");
+  if (!have_identity)
+    ask_filename(pw, "Enter file in which the key is");
  /* Check if the file exists. */
-  if (stat(file, &st) < 0)
+  if (stat(identity_file, &st) < 0)
    {
-      perror(file);
+      perror(identity_file);
      exit(1);
    }
  
  /* Try to load the public key from the file the verify that it is
     readable and of the proper format. */
  public_key = RSA_new();
-  if (!load_public_key(file, public_key, NULL))
+  if (!load_public_key(identity_file, public_key, NULL))
    {
-      printf("%s is not a valid key file.\n", file);
+      printf("%s is not a valid key file.\n", identity_file);
      exit(1);
    }
  /* Clear the public key since we are just about to load the whole file. */
@@ -167,14 +166,14 @@ do_change_passphrase(struct passwd *pw)
  /* Try to load the file with empty passphrase. */
  private_key = RSA_new();
-  if (!load_private_key(file, "", private_key, &comment)) {
+  if (!load_private_key(identity_file, "", private_key, &comment)) {
    /* Read passphrase from the user. */
    if (identity_passphrase)
      old_passphrase = xstrdup(identity_passphrase);
    else
      old_passphrase = read_passphrase("Enter old passphrase: ", 1);
    /* Try to load using the passphrase. */
-    if (!load_private_key(file, old_passphrase, private_key, &comment))
+    if (!load_private_key(identity_file, old_passphrase, private_key, &comment))
      {
        memset(old_passphrase, 0, strlen(old_passphrase));
        xfree(old_passphrase);
@@ -215,10 +214,10 @@ do_change_passphrase(struct passwd *pw)
    }
  /* Save the file using the new passphrase. */
-  if (!save_private_key(file, passphrase1, private_key, comment))
+  if (!save_private_key(identity_file, passphrase1, private_key, comment))
    {
      printf("Saving the key failed: %s: %s.\n",
-             file, strerror(errno));
+             identity_file, strerror(errno));
      memset(passphrase1, 0, strlen(passphrase1));
      xfree(passphrase1);
      RSA_free(private_key);
@@ -240,33 +239,34 @@ do_change_passphrase(struct passwd *pw)
 void
 do_change_comment(struct passwd *pw)
 {
-  char new_comment[1024], *file, *comment;
+  char new_comment[1024], *comment;
  RSA *private_key;
  char *passphrase;
  struct stat st;
  FILE *f;
  char *tmpbuf;
-  file = get_filename(pw, "Enter file in which the key is");
+  if (!have_identity)
+    ask_filename(pw, "Enter file in which the key is");
  /* Check if the file exists. */
-  if (stat(file, &st) < 0)
+  if (stat(identity_file, &st) < 0)
    {
-      perror(file);
+      perror(identity_file);
      exit(1);
    }
  
  /* Try to load the public key from the file the verify that it is
     readable and of the proper format. */
  public_key = RSA_new();
-  if (!load_public_key(file, public_key, NULL))
+  if (!load_public_key(identity_file, public_key, NULL))
    {
-      printf("%s is not a valid key file.\n", file);
+      printf("%s is not a valid key file.\n", identity_file);
      exit(1);
    }
  private_key = RSA_new();
  /* Try to load the file with empty passphrase. */
-  if (load_private_key(file, "", private_key, &comment))
+  if (load_private_key(identity_file, "", private_key, &comment))
    passphrase = xstrdup("");
  else
    {
@@ -279,7 +279,7 @@ do_change_comment(struct passwd *pw)
        else
          passphrase = read_passphrase("Enter passphrase: ", 1);
      /* Try to load using the passphrase. */
-      if (!load_private_key(file, passphrase, private_key, &comment))
+      if (!load_private_key(identity_file, passphrase, private_key, &comment))
        {
          memset(passphrase, 0, strlen(passphrase));
          xfree(passphrase);
@@ -310,10 +310,10 @@ do_change_comment(struct passwd *pw)
    }
      
  /* Save the file using the new passphrase. */
-  if (!save_private_key(file, passphrase, private_key, new_comment))
+  if (!save_private_key(identity_file, passphrase, private_key, new_comment))
    {
      printf("Saving the key failed: %s: %s.\n",
-             file, strerror(errno));
+             identity_file, strerror(errno));
      memset(passphrase, 0, strlen(passphrase));
      xfree(passphrase);
      RSA_free(private_key);
@@ -328,11 +328,11 @@ do_change_comment(struct passwd *pw)
  /* Save the public key in text format in a file with the same name but
     .pub appended. */
-  strcat(file, ".pub");
+  strlcat(identity_file, ".pub", sizeof(identity_file));
-  f = fopen(file, "w");
+  f = fopen(identity_file, "w");
  if (!f)
    {
-      printf("Could not save your public key in %s\n", file);
+      printf("Could not save your public key in %s\n", identity_file);
      exit(1);
    }
  fprintf(f, "%d ", BN_num_bits(public_key->n));
@@ -350,6 +350,14 @@ do_change_comment(struct passwd *pw)
  exit(0);
 }
+void
+usage(void)
+{
+  printf("ssh-keygen version %s\n", SSH_VERSION);
+  printf("Usage: %s [-b bits] [-p] [-c] [-f file] [-P pass] [-N new-pass] [-C comment]\n", __progname);
+  exit(1);
+}
 /* Main program for key management. */
 int
@@ -357,7 +365,7 @@ main(int ac, char **av)
 {
  char buf[16384], buf2[1024], *passphrase1, *passphrase2;
  struct passwd *pw;
-  char *file, *tmpbuf;
+  char *tmpbuf;
  int opt;
  struct stat st;
  FILE *f;
@@ -416,7 +424,8 @@ main(int ac, char **av)
          break;
        case 'f':
-          identity_file = optarg;
+          strlcpy(identity_file, optarg, sizeof(identity_file));
+          have_identity = 1;
          break;
          
        case 'P':
@@ -437,20 +446,18 @@ main(int ac, char **av)
        case '?':
        default:
-          printf("ssh-keygen version %s\n", SSH_VERSION);
+          usage();
-          printf("Usage: %s [-b bits] [-p] [-c] [-f file] [-P pass] [-N new-pass] [-C comment]\n", av[0]);
-          exit(1);
        }
    }
  if (optind < ac)
    {
      printf("Too many arguments.\n");
-      exit(1);
+      usage();
    }
  if (change_passphrase && change_comment)
    {
      printf("Can only have one of -p and -c.\n");
-      exit(1);
+      usage();
    }
  if (print_fingerprint)
@@ -476,14 +483,13 @@ main(int ac, char **av)
  public_key = RSA_new();
  rsa_generate_key(private_key, public_key, bits);
- ask_file_again:
+  if (!have_identity)
+    ask_filename(pw, "Enter file in which to save the key");
-  file = get_filename(pw, "Enter file in which to save the key");
  /* If the file aready exists, ask the user to confirm. */
-  if (stat(file, &st) >= 0)
+  if (stat(identity_file, &st) >= 0)
    {
-      printf("%s already exists.\n", file);
+      printf("%s already exists.\n", identity_file);
      printf("Overwrite (y/n)? ");
      fflush(stdout);
      if (fgets(buf2, sizeof(buf2), stdin) == NULL)
@@ -536,14 +542,13 @@ main(int ac, char **av)
    }
  /* Save the key with the given passphrase and comment. */
-  if (!save_private_key(file, passphrase1, private_key, buf2))
+  if (!save_private_key(identity_file, passphrase1, private_key, buf2))
    {
      printf("Saving the key failed: %s: %s.\n",
-             file, strerror(errno));
+             identity_file, strerror(errno));
      memset(passphrase1, 0, strlen(passphrase1));
      xfree(passphrase1);
-      xfree(file);
+      exit(1);
-      goto ask_file_again;
    }
  /* Clear the passphrase. */
  memset(passphrase1, 0, strlen(passphrase1));
@@ -554,7 +559,7 @@ main(int ac, char **av)
  arc4random_stir();
  if (!quiet)
-    printf("Your identification has been saved in %s.\n", file);
+    printf("Your identification has been saved in %s.\n", identity_file);
  /* Display the public key on the screen. */
  if (!quiet) {
@@ -570,12 +575,11 @@ main(int ac, char **av)
  /* Save the public key in text format in a file with the same name but
     .pub appended. */
-  file = xrealloc(file, strlen(file) + 5);
+  strlcat(identity_file, ".pub", sizeof(identity_file));
-  strcat(file, ".pub");
+  f = fopen(identity_file, "w");
-  f = fopen(file, "w");
  if (!f)
    {
-      printf("Could not save your public key in %s\n", file);
+      printf("Could not save your public key in %s\n", identity_file);
      exit(1);
    }
  fprintf(f, "%d ", BN_num_bits(public_key->n));
@@ -588,7 +592,7 @@ main(int ac, char **av)
  fclose(f);
  if (!quiet)
-    printf("Your public key has been saved in %s\n", file);
+    printf("Your public key has been saved in %s\n", identity_file);
  
  exit(0);
 }
diff --git a/sshd.c b/sshd.c
index ad51dacd4..5d8fa6dbe 100644
--- a/sshd.c
+++ b/sshd.c
@@ -18,7 +18,7 @@ agent connections.
 */
 #include "includes.h"
-RCSID("$Id: sshd.c,v 1.26 1999/11/21 02:23:53 damien Exp $");
+RCSID("$Id: sshd.c,v 1.27 1999/11/21 07:31:57 damien Exp $");
 #include "xmalloc.h"
 #include "rsa.h"
@@ -316,7 +316,10 @@ void main_sigchld_handler(int sig)
 {
  int save_errno = errno;
  int status;
-  wait(&status);
+  while (waitpid(-1, &status, WNOHANG) > 0)
+        ;
  signal(SIGCHLD, main_sigchld_handler);
  errno = save_errno;
 }

diff --git a/ChangeLog b/ChangeLog index 3a7b120a0..21d6358a4 100644 --- a/ChangeLog +++ b/ChangeLog
@@ -15,7 +15,14 @@
15	[channels.c clientloop.c]	15	[channels.c clientloop.c]
16	SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@	16	SSH_CMSG_MAX_PACKET_SIZE, some clients use this, some need this, niels@
17	[hope this time my ISP stays alive during commit]	17	[hope this time my ISP stays alive during commit]
18		18	- [OVERVIEW README] typos; green@freebsd
		19	- [ssh-keygen.c]
		20	replace xstrdup+strcat with strlcat+fixed buffer, fixes OF (bad me)
		21	exit if writing the key fails (no infinit loop)
		22	print usage() everytime we get bad options
		23	- [ssh-keygen.c] overflow, djm@mindrot.org
		24	- [sshd.c] fix sigchld race; cjc5@po.cwru.edu
		25
19	19991120	26	19991120
20	- Merged more Solaris support from Marc G. Fournier	27	- Merged more Solaris support from Marc G. Fournier
21	<marc.fournier@acadiau.ca>	28	<marc.fournier@acadiau.ca>


diff --git a/OVERVIEW b/OVERVIEW index a8b67e4e2..7f34ac45b 100644 --- a/OVERVIEW +++ b/OVERVIEW
@@ -1,4 +1,4 @@
1	This document is inteded for those who wish to read the ssh source	1	This document is intended for those who wish to read the ssh source
2	code. This tries to give an overview of the structure of the code.	2	code. This tries to give an overview of the structure of the code.
3		3
4	Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>	4	Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>


diff --git a/ssh-keygen.c b/ssh-keygen.c index 21b61b44b..596da76fb 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c
@@ -14,7 +14,7 @@ Identity and host key generation and maintenance.
14	*/	14	*/
15		15
16	#include "includes.h"	16	#include "includes.h"
17	RCSID("$Id: ssh-keygen.c,v 1.6 1999/11/20 06:02:56 damien Exp $");	17	RCSID("$Id: ssh-keygen.c,v 1.7 1999/11/21 07:31:57 damien Exp $");
18		18
19	#include "rsa.h"	19	#include "rsa.h"
20	#include "ssh.h"	20	#include "ssh.h"
@@ -50,8 +50,9 @@ int quiet = 0;
50	/* Flag indicating that we just want to see the key fingerprint */	50	/* Flag indicating that we just want to see the key fingerprint */
51	int print_fingerprint = 0;	51	int print_fingerprint = 0;
52		52
53	/* This is set to the identity file name if given on the command line. */	53	/* The identity file name, given on the command line or entered by the user. */
54	char *identity_file = NULL;	54	char identity_file[1024];
		55	int have_identity = 0;
55		56
56	/* This is set to the passphrase if given on the command line. */	57	/* This is set to the passphrase if given on the command line. */
57	char *identity_passphrase = NULL;	58	char *identity_passphrase = NULL;
@@ -62,51 +63,46 @@ char *identity_new_passphrase = NULL;
62	/* This is set to the new comment if given on the command line. */	63	/* This is set to the new comment if given on the command line. */
63	char *identity_comment = NULL;	64	char *identity_comment = NULL;
64		65
65	/* Perform changing a passphrase. The argument is the passwd structure	66	/* argv0 */
66	for the current user. */	67	extern char *__progname;
67		68
68	char *	69	void
69	get_filename(struct passwd pw, const char prompt)	70	ask_filename(struct passwd pw, const char prompt)
70	{	71	{
71	char buf[1024], default_file[1024];	72	char buf[1024];
72		73	snprintf(identity_file, sizeof(identity_file), "%s/%s",
73	/* Read key file name. */	74	pw->pw_dir, SSH_CLIENT_IDENTITY);
74	if (identity_file != NULL) {	75	printf("%s (%s): ", prompt, identity_file);
75	return xstrdup(identity_file);	76	fflush(stdout);
76	} else {	77	if (fgets(buf, sizeof(buf), stdin) == NULL)
77	snprintf(default_file, sizeof default_file, "%s/%s",	78	exit(1);
78	pw->pw_dir, SSH_CLIENT_IDENTITY);	79	if (strchr(buf, '\n'))
79	printf("%s (%s): ", prompt, default_file);	80	*strchr(buf, '\n') = 0;
80	fflush(stdout);	81	if (strcmp(buf, "") != 0)
81	if (fgets(buf, sizeof(buf), stdin) == NULL)	82	strlcpy(identity_file, buf, sizeof(identity_file));
82	exit(1);	83	have_identity = 1;
83	if (strchr(buf, '\n'))
84	*strchr(buf, '\n') = 0;
85	if (strcmp(buf, "") == 0)
86	return xstrdup(default_file);
87	}
88	return xstrdup(buf);
89	}	84	}
90		85
91	void	86	void
92	do_fingerprint(struct passwd *pw)	87	do_fingerprint(struct passwd *pw)
93	{	88	{
94	char file, comment;	89	char *comment;
95	RSA *public_key;	90	RSA *public_key;
96	struct stat st;	91	struct stat st;
97		92
98	file = get_filename(pw, "Enter file in which the key is");	93	if (!have_identity)
99	if (stat(file, &st) < 0)	94	ask_filename(pw, "Enter file in which the key is");
		95	if (stat(identity_file, &st) < 0)
100	{	96	{
101	perror(file);	97	perror(identity_file);
102	exit(1);	98	exit(1);
103	}	99	}
104	public_key = RSA_new();	100	public_key = RSA_new();
105	if (!load_public_key(file, public_key, &comment)) {	101	if (!load_public_key(identity_file, public_key, &comment)) {
106	char *cp, line[1024];	102	char *cp, line[1024];
107	BIGNUM e, n;	103	BIGNUM e, n;
108	int dummy, invalid = 0;	104	int dummy, invalid = 0;
109	FILE *f = fopen(file, "r");	105	FILE *f = fopen(identity_file, "r");
110	n = BN_new();	106	n = BN_new();
111	e = BN_new();	107	e = BN_new();
112	if (f && fgets(line, sizeof(line), f)) {	108	if (f && fgets(line, sizeof(line), f)) {
@@ -123,7 +119,7 @@ do_fingerprint(struct passwd *pw)
123	invalid = 1;	119	invalid = 1;
124	}	120	}
125	if (invalid) {	121	if (invalid) {
126	printf("%s is not a valid key file.\n", file);	122	printf("%s is not a valid key file.\n", identity_file);
127	BN_free(e);	123	BN_free(e);
128	BN_free(n);	124	BN_free(n);
129	exit(1);	125	exit(1);
@@ -137,29 +133,32 @@ do_fingerprint(struct passwd *pw)
137	exit(0);	133	exit(0);
138	}	134	}
139		135
		136	/* Perform changing a passphrase. The argument is the passwd structure
		137	for the current user. */
140		138
141	void	139	void
142	do_change_passphrase(struct passwd *pw)	140	do_change_passphrase(struct passwd *pw)
143	{	141	{
144	char file, comment;	142	char *comment;
145	char old_passphrase, passphrase1, *passphrase2;	143	char old_passphrase, passphrase1, *passphrase2;
146	struct stat st;	144	struct stat st;
147	RSA *private_key;	145	RSA *private_key;
148		146
149	file = get_filename(pw, "Enter file in which the key is");	147	if (!have_identity)
		148	ask_filename(pw, "Enter file in which the key is");
150	/* Check if the file exists. */	149	/* Check if the file exists. */
151	if (stat(file, &st) < 0)	150	if (stat(identity_file, &st) < 0)
152	{	151	{
153	perror(file);	152	perror(identity_file);
154	exit(1);	153	exit(1);
155	}	154	}
156		155
157	/* Try to load the public key from the file the verify that it is	156	/* Try to load the public key from the file the verify that it is
158	readable and of the proper format. */	157	readable and of the proper format. */
159	public_key = RSA_new();	158	public_key = RSA_new();
160	if (!load_public_key(file, public_key, NULL))	159	if (!load_public_key(identity_file, public_key, NULL))
161	{	160	{
162	printf("%s is not a valid key file.\n", file);	161	printf("%s is not a valid key file.\n", identity_file);
163	exit(1);	162	exit(1);
164	}	163	}
165	/* Clear the public key since we are just about to load the whole file. */	164	/* Clear the public key since we are just about to load the whole file. */
@@ -167,14 +166,14 @@ do_change_passphrase(struct passwd *pw)
167		166
168	/* Try to load the file with empty passphrase. */	167	/* Try to load the file with empty passphrase. */
169	private_key = RSA_new();	168	private_key = RSA_new();
170	if (!load_private_key(file, "", private_key, &comment)) {	169	if (!load_private_key(identity_file, "", private_key, &comment)) {
171	/* Read passphrase from the user. */	170	/* Read passphrase from the user. */
172	if (identity_passphrase)	171	if (identity_passphrase)
173	old_passphrase = xstrdup(identity_passphrase);	172	old_passphrase = xstrdup(identity_passphrase);
174	else	173	else
175	old_passphrase = read_passphrase("Enter old passphrase: ", 1);	174	old_passphrase = read_passphrase("Enter old passphrase: ", 1);
176	/* Try to load using the passphrase. */	175	/* Try to load using the passphrase. */
177	if (!load_private_key(file, old_passphrase, private_key, &comment))	176	if (!load_private_key(identity_file, old_passphrase, private_key, &comment))
178	{	177	{
179	memset(old_passphrase, 0, strlen(old_passphrase));	178	memset(old_passphrase, 0, strlen(old_passphrase));
180	xfree(old_passphrase);	179	xfree(old_passphrase);
@@ -215,10 +214,10 @@ do_change_passphrase(struct passwd *pw)
215	}	214	}
216		215
217	/* Save the file using the new passphrase. */	216	/* Save the file using the new passphrase. */
218	if (!save_private_key(file, passphrase1, private_key, comment))	217	if (!save_private_key(identity_file, passphrase1, private_key, comment))
219	{	218	{
220	printf("Saving the key failed: %s: %s.\n",	219	printf("Saving the key failed: %s: %s.\n",
221	file, strerror(errno));	220	identity_file, strerror(errno));
222	memset(passphrase1, 0, strlen(passphrase1));	221	memset(passphrase1, 0, strlen(passphrase1));
223	xfree(passphrase1);	222	xfree(passphrase1);
224	RSA_free(private_key);	223	RSA_free(private_key);
@@ -240,33 +239,34 @@ do_change_passphrase(struct passwd *pw)
240	void	239	void
241	do_change_comment(struct passwd *pw)	240	do_change_comment(struct passwd *pw)
242	{	241	{
243	char new_comment[1024], file, comment;	242	char new_comment[1024], *comment;
244	RSA *private_key;	243	RSA *private_key;
245	char *passphrase;	244	char *passphrase;
246	struct stat st;	245	struct stat st;
247	FILE *f;	246	FILE *f;
248	char *tmpbuf;	247	char *tmpbuf;
249		248
250	file = get_filename(pw, "Enter file in which the key is");	249	if (!have_identity)
		250	ask_filename(pw, "Enter file in which the key is");
251	/* Check if the file exists. */	251	/* Check if the file exists. */
252	if (stat(file, &st) < 0)	252	if (stat(identity_file, &st) < 0)
253	{	253	{
254	perror(file);	254	perror(identity_file);
255	exit(1);	255	exit(1);
256	}	256	}
257		257
258	/* Try to load the public key from the file the verify that it is	258	/* Try to load the public key from the file the verify that it is
259	readable and of the proper format. */	259	readable and of the proper format. */
260	public_key = RSA_new();	260	public_key = RSA_new();
261	if (!load_public_key(file, public_key, NULL))	261	if (!load_public_key(identity_file, public_key, NULL))
262	{	262	{
263	printf("%s is not a valid key file.\n", file);	263	printf("%s is not a valid key file.\n", identity_file);
264	exit(1);	264	exit(1);
265	}	265	}
266		266
267	private_key = RSA_new();	267	private_key = RSA_new();
268	/* Try to load the file with empty passphrase. */	268	/* Try to load the file with empty passphrase. */
269	if (load_private_key(file, "", private_key, &comment))	269	if (load_private_key(identity_file, "", private_key, &comment))
270	passphrase = xstrdup("");	270	passphrase = xstrdup("");
271	else	271	else
272	{	272	{
@@ -279,7 +279,7 @@ do_change_comment(struct passwd *pw)
279	else	279	else
280	passphrase = read_passphrase("Enter passphrase: ", 1);	280	passphrase = read_passphrase("Enter passphrase: ", 1);
281	/* Try to load using the passphrase. */	281	/* Try to load using the passphrase. */
282	if (!load_private_key(file, passphrase, private_key, &comment))	282	if (!load_private_key(identity_file, passphrase, private_key, &comment))
283	{	283	{
284	memset(passphrase, 0, strlen(passphrase));	284	memset(passphrase, 0, strlen(passphrase));
285	xfree(passphrase);	285	xfree(passphrase);
@@ -310,10 +310,10 @@ do_change_comment(struct passwd *pw)
310	}	310	}
311		311
312	/* Save the file using the new passphrase. */	312	/* Save the file using the new passphrase. */
313	if (!save_private_key(file, passphrase, private_key, new_comment))	313	if (!save_private_key(identity_file, passphrase, private_key, new_comment))
314	{	314	{
315	printf("Saving the key failed: %s: %s.\n",	315	printf("Saving the key failed: %s: %s.\n",
316	file, strerror(errno));	316	identity_file, strerror(errno));
317	memset(passphrase, 0, strlen(passphrase));	317	memset(passphrase, 0, strlen(passphrase));
318	xfree(passphrase);	318	xfree(passphrase);
319	RSA_free(private_key);	319	RSA_free(private_key);
@@ -328,11 +328,11 @@ do_change_comment(struct passwd *pw)
328		328
329	/* Save the public key in text format in a file with the same name but	329	/* Save the public key in text format in a file with the same name but
330	.pub appended. */	330	.pub appended. */
331	strcat(file, ".pub");	331	strlcat(identity_file, ".pub", sizeof(identity_file));
332	f = fopen(file, "w");	332	f = fopen(identity_file, "w");
333	if (!f)	333	if (!f)
334	{	334	{
335	printf("Could not save your public key in %s\n", file);	335	printf("Could not save your public key in %s\n", identity_file);
336	exit(1);	336	exit(1);
337	}	337	}
338	fprintf(f, "%d ", BN_num_bits(public_key->n));	338	fprintf(f, "%d ", BN_num_bits(public_key->n));
@@ -350,6 +350,14 @@ do_change_comment(struct passwd *pw)
350	exit(0);	350	exit(0);
351	}	351	}
352		352
		353	void
		354	usage(void)
		355	{
		356	printf("ssh-keygen version %s\n", SSH_VERSION);
		357	printf("Usage: %s [-b bits] [-p] [-c] [-f file] [-P pass] [-N new-pass] [-C comment]\n", __progname);
		358	exit(1);
		359	}
		360
353	/* Main program for key management. */	361	/* Main program for key management. */
354		362
355	int	363	int
@@ -357,7 +365,7 @@ main(int ac, char **av)
357	{	365	{
358	char buf[16384], buf2[1024], passphrase1, passphrase2;	366	char buf[16384], buf2[1024], passphrase1, passphrase2;
359	struct passwd *pw;	367	struct passwd *pw;
360	char file, tmpbuf;	368	char *tmpbuf;
361	int opt;	369	int opt;
362	struct stat st;	370	struct stat st;
363	FILE *f;	371	FILE *f;
@@ -416,7 +424,8 @@ main(int ac, char **av)
416	break;	424	break;
417		425
418	case 'f':	426	case 'f':
419	identity_file = optarg;	427	strlcpy(identity_file, optarg, sizeof(identity_file));
		428	have_identity = 1;
420	break;	429	break;
421		430
422	case 'P':	431	case 'P':
@@ -437,20 +446,18 @@ main(int ac, char **av)
437		446
438	case '?':	447	case '?':
439	default:	448	default:
440	printf("ssh-keygen version %s\n", SSH_VERSION);	449	usage();
441	printf("Usage: %s [-b bits] [-p] [-c] [-f file] [-P pass] [-N new-pass] [-C comment]\n", av[0]);
442	exit(1);
443	}	450	}
444	}	451	}
445	if (optind < ac)	452	if (optind < ac)
446	{	453	{
447	printf("Too many arguments.\n");	454	printf("Too many arguments.\n");
448	exit(1);	455	usage();
449	}	456	}
450	if (change_passphrase && change_comment)	457	if (change_passphrase && change_comment)
451	{	458	{
452	printf("Can only have one of -p and -c.\n");	459	printf("Can only have one of -p and -c.\n");
453	exit(1);	460	usage();
454	}	461	}
455		462
456	if (print_fingerprint)	463	if (print_fingerprint)
@@ -476,14 +483,13 @@ main(int ac, char **av)
476	public_key = RSA_new();	483	public_key = RSA_new();
477	rsa_generate_key(private_key, public_key, bits);	484	rsa_generate_key(private_key, public_key, bits);
478		485
479	ask_file_again:	486	if (!have_identity)
480		487	ask_filename(pw, "Enter file in which to save the key");
481	file = get_filename(pw, "Enter file in which to save the key");
482		488
483	/* If the file aready exists, ask the user to confirm. */	489	/* If the file aready exists, ask the user to confirm. */
484	if (stat(file, &st) >= 0)	490	if (stat(identity_file, &st) >= 0)
485	{	491	{
486	printf("%s already exists.\n", file);	492	printf("%s already exists.\n", identity_file);
487	printf("Overwrite (y/n)? ");	493	printf("Overwrite (y/n)? ");
488	fflush(stdout);	494	fflush(stdout);
489	if (fgets(buf2, sizeof(buf2), stdin) == NULL)	495	if (fgets(buf2, sizeof(buf2), stdin) == NULL)
@@ -536,14 +542,13 @@ main(int ac, char **av)
536	}	542	}
537		543
538	/* Save the key with the given passphrase and comment. */	544	/* Save the key with the given passphrase and comment. */
539	if (!save_private_key(file, passphrase1, private_key, buf2))	545	if (!save_private_key(identity_file, passphrase1, private_key, buf2))
540	{	546	{
541	printf("Saving the key failed: %s: %s.\n",	547	printf("Saving the key failed: %s: %s.\n",
542	file, strerror(errno));	548	identity_file, strerror(errno));
543	memset(passphrase1, 0, strlen(passphrase1));	549	memset(passphrase1, 0, strlen(passphrase1));
544	xfree(passphrase1);	550	xfree(passphrase1);
545	xfree(file);	551	exit(1);
546	goto ask_file_again;
547	}	552	}
548	/* Clear the passphrase. */	553	/* Clear the passphrase. */
549	memset(passphrase1, 0, strlen(passphrase1));	554	memset(passphrase1, 0, strlen(passphrase1));
@@ -554,7 +559,7 @@ main(int ac, char **av)
554	arc4random_stir();	559	arc4random_stir();
555		560
556	if (!quiet)	561	if (!quiet)
557	printf("Your identification has been saved in %s.\n", file);	562	printf("Your identification has been saved in %s.\n", identity_file);
558		563
559	/* Display the public key on the screen. */	564	/* Display the public key on the screen. */
560	if (!quiet) {	565	if (!quiet) {
@@ -570,12 +575,11 @@ main(int ac, char **av)
570		575
571	/* Save the public key in text format in a file with the same name but	576	/* Save the public key in text format in a file with the same name but
572	.pub appended. */	577	.pub appended. */
573	file = xrealloc(file, strlen(file) + 5);	578	strlcat(identity_file, ".pub", sizeof(identity_file));
574	strcat(file, ".pub");	579	f = fopen(identity_file, "w");
575	f = fopen(file, "w");
576	if (!f)	580	if (!f)
577	{	581	{
578	printf("Could not save your public key in %s\n", file);	582	printf("Could not save your public key in %s\n", identity_file);
579	exit(1);	583	exit(1);
580	}	584	}
581	fprintf(f, "%d ", BN_num_bits(public_key->n));	585	fprintf(f, "%d ", BN_num_bits(public_key->n));
@@ -588,7 +592,7 @@ main(int ac, char **av)
588	fclose(f);	592	fclose(f);
589		593
590	if (!quiet)	594	if (!quiet)
591	printf("Your public key has been saved in %s\n", file);	595	printf("Your public key has been saved in %s\n", identity_file);
592		596
593	exit(0);	597	exit(0);
594	}	598	}


diff --git a/sshd.c b/sshd.c index ad51dacd4..5d8fa6dbe 100644 --- a/sshd.c +++ b/sshd.c
@@ -18,7 +18,7 @@ agent connections.
18	*/	18	*/
19		19
20	#include "includes.h"	20	#include "includes.h"
21	RCSID("$Id: sshd.c,v 1.26 1999/11/21 02:23:53 damien Exp $");	21	RCSID("$Id: sshd.c,v 1.27 1999/11/21 07:31:57 damien Exp $");
22		22
23	#include "xmalloc.h"	23	#include "xmalloc.h"
24	#include "rsa.h"	24	#include "rsa.h"
@@ -316,7 +316,10 @@ void main_sigchld_handler(int sig)
316	{	316	{
317	int save_errno = errno;	317	int save_errno = errno;
318	int status;	318	int status;
319	wait(&status);	319
		320	while (waitpid(-1, &status, WNOHANG) > 0)
		321	;
		322
320	signal(SIGCHLD, main_sigchld_handler);	323	signal(SIGCHLD, main_sigchld_handler);
321	errno = save_errno;	324	errno = save_errno;
322	}	325	}