summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog3
-rw-r--r--ssh-keygen.c20
2 files changed, 13 insertions, 10 deletions
diff --git a/ChangeLog b/ChangeLog
index 695f4ed22..56bbe8062 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -43,6 +43,9 @@
43 print ipqos friendly string for sshd -T; ok markus 43 print ipqos friendly string for sshd -T; ok markus
44 # sshd -Tf sshd_config|grep ipqos 44 # sshd -Tf sshd_config|grep ipqos
45 ipqos lowdelay throughput 45 ipqos lowdelay throughput
46 - djm@cvs.openbsd.org 2011/04/12 04:23:50
47 [ssh-keygen.c]
48 fix -Wshadow
46 49
4720110221 5020110221
48 - (dtucker) [contrib/cygwin/ssh-host-config] From Corinna: revamp of the 51 - (dtucker) [contrib/cygwin/ssh-host-config] From Corinna: revamp of the
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 90cffa055..b52fc39cf 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keygen.c,v 1.208 2011/03/24 22:14:54 stevesk Exp $ */ 1/* $OpenBSD: ssh-keygen.c,v 1.209 2011/04/12 04:23:50 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -160,7 +160,7 @@ int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *);
160int prime_test(FILE *, FILE *, u_int32_t, u_int32_t); 160int prime_test(FILE *, FILE *, u_int32_t, u_int32_t);
161 161
162static void 162static void
163type_bits_valid(int type, u_int32_t *bits) 163type_bits_valid(int type, u_int32_t *bitsp)
164{ 164{
165 u_int maxbits; 165 u_int maxbits;
166 166
@@ -168,25 +168,25 @@ type_bits_valid(int type, u_int32_t *bits)
168 fprintf(stderr, "unknown key type %s\n", key_type_name); 168 fprintf(stderr, "unknown key type %s\n", key_type_name);
169 exit(1); 169 exit(1);
170 } 170 }
171 if (*bits == 0) { 171 if (*bitsp == 0) {
172 if (type == KEY_DSA) 172 if (type == KEY_DSA)
173 *bits = DEFAULT_BITS_DSA; 173 *bitsp = DEFAULT_BITS_DSA;
174 else if (type == KEY_ECDSA) 174 else if (type == KEY_ECDSA)
175 *bits = DEFAULT_BITS_ECDSA; 175 *bitsp = DEFAULT_BITS_ECDSA;
176 else 176 else
177 *bits = DEFAULT_BITS; 177 *bitsp = DEFAULT_BITS;
178 } 178 }
179 maxbits = (type == KEY_DSA) ? 179 maxbits = (type == KEY_DSA) ?
180 OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS; 180 OPENSSL_DSA_MAX_MODULUS_BITS : OPENSSL_RSA_MAX_MODULUS_BITS;
181 if (*bits > maxbits) { 181 if (*bitsp > maxbits) {
182 fprintf(stderr, "key bits exceeds maximum %d\n", maxbits); 182 fprintf(stderr, "key bits exceeds maximum %d\n", maxbits);
183 exit(1); 183 exit(1);
184 } 184 }
185 if (type == KEY_DSA && *bits != 1024) 185 if (type == KEY_DSA && *bitsp != 1024)
186 fatal("DSA keys must be 1024 bits"); 186 fatal("DSA keys must be 1024 bits");
187 else if (type != KEY_ECDSA && *bits < 768) 187 else if (type != KEY_ECDSA && *bitsp < 768)
188 fatal("Key must at least be 768 bits"); 188 fatal("Key must at least be 768 bits");
189 else if (type == KEY_ECDSA && key_ecdsa_bits_to_nid(*bits) == -1) 189 else if (type == KEY_ECDSA && key_ecdsa_bits_to_nid(*bitsp) == -1)
190 fatal("Invalid ECDSA key length - valid lengths are " 190 fatal("Invalid ECDSA key length - valid lengths are "
191 "256, 384 or 521 bits"); 191 "256, 384 or 521 bits");
192} 192}