summaryrefslogtreecommitdiff
path: root/ssh-keygen.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r--ssh-keygen.c55
1 files changed, 53 insertions, 2 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c
index 1d08c7cec..f3ea4f1fd 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
12 */ 12 */
13 13
14#include "includes.h" 14#include "includes.h"
15RCSID("$OpenBSD: ssh-keygen.c,v 1.104 2003/05/11 16:56:48 markus Exp $"); 15RCSID("$OpenBSD: ssh-keygen.c,v 1.105 2003/05/14 18:16:20 jakob Exp $");
16 16
17#include <openssl/evp.h> 17#include <openssl/evp.h>
18#include <openssl/pem.h> 18#include <openssl/pem.h>
@@ -70,6 +70,7 @@ char *identity_comment = NULL;
70int convert_to_ssh2 = 0; 70int convert_to_ssh2 = 0;
71int convert_from_ssh2 = 0; 71int convert_from_ssh2 = 0;
72int print_public = 0; 72int print_public = 0;
73int print_generic = 0;
73 74
74char *key_type_name = NULL; 75char *key_type_name = NULL;
75 76
@@ -620,6 +621,38 @@ do_change_passphrase(struct passwd *pw)
620 exit(0); 621 exit(0);
621} 622}
622 623
624#ifdef DNS
625/*
626 * Print the SSHFP RR.
627 */
628static void
629do_print_resource_record(struct passwd *pw, char *hostname)
630{
631 Key *public;
632 char *comment = NULL;
633 struct stat st;
634
635 if (!have_identity)
636 ask_filename(pw, "Enter file in which the key is");
637 if (stat(identity_file, &st) < 0) {
638 perror(identity_file);
639 exit(1);
640 }
641 public = key_load_public(identity_file, &comment);
642 if (public != NULL) {
643 export_dns_rr(hostname, public, stdout, print_generic);
644 key_free(public);
645 xfree(comment);
646 exit(0);
647 }
648 if (comment)
649 xfree(comment);
650
651 printf("failed to read v2 public key from %s.\n", identity_file);
652 exit(1);
653}
654#endif /* DNS */
655
623/* 656/*
624 * Change the comment of a private key file. 657 * Change the comment of a private key file.
625 */ 658 */
@@ -726,6 +759,7 @@ usage(void)
726 fprintf(stderr, " -c Change comment in private and public key files.\n"); 759 fprintf(stderr, " -c Change comment in private and public key files.\n");
727 fprintf(stderr, " -e Convert OpenSSH to IETF SECSH key file.\n"); 760 fprintf(stderr, " -e Convert OpenSSH to IETF SECSH key file.\n");
728 fprintf(stderr, " -f filename Filename of the key file.\n"); 761 fprintf(stderr, " -f filename Filename of the key file.\n");
762 fprintf(stderr, " -g Use generic DNS resource record format.\n");
729 fprintf(stderr, " -i Convert IETF SECSH to OpenSSH key file.\n"); 763 fprintf(stderr, " -i Convert IETF SECSH to OpenSSH key file.\n");
730 fprintf(stderr, " -l Show fingerprint of key file.\n"); 764 fprintf(stderr, " -l Show fingerprint of key file.\n");
731 fprintf(stderr, " -p Change passphrase of private key file.\n"); 765 fprintf(stderr, " -p Change passphrase of private key file.\n");
@@ -736,6 +770,9 @@ usage(void)
736 fprintf(stderr, " -C comment Provide new comment.\n"); 770 fprintf(stderr, " -C comment Provide new comment.\n");
737 fprintf(stderr, " -N phrase Provide new passphrase.\n"); 771 fprintf(stderr, " -N phrase Provide new passphrase.\n");
738 fprintf(stderr, " -P phrase Provide old passphrase.\n"); 772 fprintf(stderr, " -P phrase Provide old passphrase.\n");
773#ifdef DNS
774 fprintf(stderr, " -r hostname Print DNS resource record.\n");
775#endif /* DNS */
739#ifdef SMARTCARD 776#ifdef SMARTCARD
740 fprintf(stderr, " -D reader Download public key from smartcard.\n"); 777 fprintf(stderr, " -D reader Download public key from smartcard.\n");
741 fprintf(stderr, " -U reader Upload private key to smartcard.\n"); 778 fprintf(stderr, " -U reader Upload private key to smartcard.\n");
@@ -752,6 +789,7 @@ main(int ac, char **av)
752{ 789{
753 char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2; 790 char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2;
754 char *reader_id = NULL; 791 char *reader_id = NULL;
792 char *resource_record_hostname = NULL;
755 Key *private, *public; 793 Key *private, *public;
756 struct passwd *pw; 794 struct passwd *pw;
757 struct stat st; 795 struct stat st;
@@ -778,7 +816,7 @@ main(int ac, char **av)
778 exit(1); 816 exit(1);
779 } 817 }
780 818
781 while ((opt = getopt(ac, av, "deiqpclBRxXyb:f:t:U:D:P:N:C:")) != -1) { 819 while ((opt = getopt(ac, av, "degiqpclBRxXyb:f:t:U:D:P:N:C:r:")) != -1) {
782 switch (opt) { 820 switch (opt) {
783 case 'b': 821 case 'b':
784 bits = atoi(optarg); 822 bits = atoi(optarg);
@@ -803,6 +841,9 @@ main(int ac, char **av)
803 strlcpy(identity_file, optarg, sizeof(identity_file)); 841 strlcpy(identity_file, optarg, sizeof(identity_file));
804 have_identity = 1; 842 have_identity = 1;
805 break; 843 break;
844 case 'g':
845 print_generic = 1;
846 break;
806 case 'P': 847 case 'P':
807 identity_passphrase = optarg; 848 identity_passphrase = optarg;
808 break; 849 break;
@@ -843,6 +884,9 @@ main(int ac, char **av)
843 case 'U': 884 case 'U':
844 reader_id = optarg; 885 reader_id = optarg;
845 break; 886 break;
887 case 'r':
888 resource_record_hostname = optarg;
889 break;
846 case '?': 890 case '?':
847 default: 891 default:
848 usage(); 892 usage();
@@ -868,6 +912,13 @@ main(int ac, char **av)
868 do_convert_from_ssh2(pw); 912 do_convert_from_ssh2(pw);
869 if (print_public) 913 if (print_public)
870 do_print_public(pw); 914 do_print_public(pw);
915 if (resource_record_hostname != NULL) {
916#ifdef DNS
917 do_print_resource_record(pw, resource_record_hostname);
918#else /* DNS */
919 fatal("no DNS support.");
920#endif /* DNS */
921 }
871 if (reader_id != NULL) { 922 if (reader_id != NULL) {
872#ifdef SMARTCARD 923#ifdef SMARTCARD
873 if (download) 924 if (download)
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-11 12:30:55 +0000