diff options
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r-- | ssh-keygen.c | 55 |
1 files changed, 18 insertions, 37 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index 6f2d426b8..2b674676d 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -7,7 +7,7 @@ | |||
7 | */ | 7 | */ |
8 | 8 | ||
9 | #include "includes.h" | 9 | #include "includes.h" |
10 | RCSID("$Id: ssh-keygen.c,v 1.9 1999/11/24 13:26:23 damien Exp $"); | 10 | RCSID("$Id: ssh-keygen.c,v 1.10 1999/11/25 00:54:59 damien Exp $"); |
11 | 11 | ||
12 | #include "rsa.h" | 12 | #include "rsa.h" |
13 | #include "ssh.h" | 13 | #include "ssh.h" |
@@ -20,16 +20,19 @@ RSA *private_key; | |||
20 | /* Generated public key. */ | 20 | /* Generated public key. */ |
21 | RSA *public_key; | 21 | RSA *public_key; |
22 | 22 | ||
23 | /* Number of bits in the RSA key. This value can be changed on the command | 23 | /* Number of bits in the RSA key. This value can be changed on the command line. */ |
24 | line. */ | ||
25 | int bits = 1024; | 24 | int bits = 1024; |
26 | 25 | ||
27 | /* Flag indicating that we just want to change the passphrase. This can be | 26 | /* |
28 | set on the command line. */ | 27 | * Flag indicating that we just want to change the passphrase. This can be |
28 | * set on the command line. | ||
29 | */ | ||
29 | int change_passphrase = 0; | 30 | int change_passphrase = 0; |
30 | 31 | ||
31 | /* Flag indicating that we just want to change the comment. This can be set | 32 | /* |
32 | on the command line. */ | 33 | * Flag indicating that we just want to change the comment. This can be set |
34 | * on the command line. | ||
35 | */ | ||
33 | int change_comment = 0; | 36 | int change_comment = 0; |
34 | 37 | ||
35 | int quiet = 0; | 38 | int quiet = 0; |
@@ -136,13 +139,10 @@ do_change_passphrase(struct passwd *pw) | |||
136 | 139 | ||
137 | if (!have_identity) | 140 | if (!have_identity) |
138 | ask_filename(pw, "Enter file in which the key is"); | 141 | ask_filename(pw, "Enter file in which the key is"); |
139 | /* Check if the file exists. */ | ||
140 | if (stat(identity_file, &st) < 0) { | 142 | if (stat(identity_file, &st) < 0) { |
141 | perror(identity_file); | 143 | perror(identity_file); |
142 | exit(1); | 144 | exit(1); |
143 | } | 145 | } |
144 | /* Try to load the public key from the file the verify that it is | ||
145 | readable and of the proper format. */ | ||
146 | public_key = RSA_new(); | 146 | public_key = RSA_new(); |
147 | if (!load_public_key(identity_file, public_key, NULL)) { | 147 | if (!load_public_key(identity_file, public_key, NULL)) { |
148 | printf("%s is not a valid key file.\n", identity_file); | 148 | printf("%s is not a valid key file.\n", identity_file); |
@@ -154,19 +154,16 @@ do_change_passphrase(struct passwd *pw) | |||
154 | /* Try to load the file with empty passphrase. */ | 154 | /* Try to load the file with empty passphrase. */ |
155 | private_key = RSA_new(); | 155 | private_key = RSA_new(); |
156 | if (!load_private_key(identity_file, "", private_key, &comment)) { | 156 | if (!load_private_key(identity_file, "", private_key, &comment)) { |
157 | /* Read passphrase from the user. */ | ||
158 | if (identity_passphrase) | 157 | if (identity_passphrase) |
159 | old_passphrase = xstrdup(identity_passphrase); | 158 | old_passphrase = xstrdup(identity_passphrase); |
160 | else | 159 | else |
161 | old_passphrase = read_passphrase("Enter old passphrase: ", 1); | 160 | old_passphrase = read_passphrase("Enter old passphrase: ", 1); |
162 | /* Try to load using the passphrase. */ | ||
163 | if (!load_private_key(identity_file, old_passphrase, private_key, &comment)) { | 161 | if (!load_private_key(identity_file, old_passphrase, private_key, &comment)) { |
164 | memset(old_passphrase, 0, strlen(old_passphrase)); | 162 | memset(old_passphrase, 0, strlen(old_passphrase)); |
165 | xfree(old_passphrase); | 163 | xfree(old_passphrase); |
166 | printf("Bad passphrase.\n"); | 164 | printf("Bad passphrase.\n"); |
167 | exit(1); | 165 | exit(1); |
168 | } | 166 | } |
169 | /* Destroy the passphrase. */ | ||
170 | memset(old_passphrase, 0, strlen(old_passphrase)); | 167 | memset(old_passphrase, 0, strlen(old_passphrase)); |
171 | xfree(old_passphrase); | 168 | xfree(old_passphrase); |
172 | } | 169 | } |
@@ -230,24 +227,24 @@ do_change_comment(struct passwd *pw) | |||
230 | 227 | ||
231 | if (!have_identity) | 228 | if (!have_identity) |
232 | ask_filename(pw, "Enter file in which the key is"); | 229 | ask_filename(pw, "Enter file in which the key is"); |
233 | /* Check if the file exists. */ | ||
234 | if (stat(identity_file, &st) < 0) { | 230 | if (stat(identity_file, &st) < 0) { |
235 | perror(identity_file); | 231 | perror(identity_file); |
236 | exit(1); | 232 | exit(1); |
237 | } | 233 | } |
238 | /* Try to load the public key from the file the verify that it is | 234 | /* |
239 | readable and of the proper format. */ | 235 | * Try to load the public key from the file the verify that it is |
236 | * readable and of the proper format. | ||
237 | */ | ||
240 | public_key = RSA_new(); | 238 | public_key = RSA_new(); |
241 | if (!load_public_key(identity_file, public_key, NULL)) { | 239 | if (!load_public_key(identity_file, public_key, NULL)) { |
242 | printf("%s is not a valid key file.\n", identity_file); | 240 | printf("%s is not a valid key file.\n", identity_file); |
243 | exit(1); | 241 | exit(1); |
244 | } | 242 | } |
245 | private_key = RSA_new(); | 243 | private_key = RSA_new(); |
246 | /* Try to load the file with empty passphrase. */ | 244 | |
247 | if (load_private_key(identity_file, "", private_key, &comment)) | 245 | if (load_private_key(identity_file, "", private_key, &comment)) |
248 | passphrase = xstrdup(""); | 246 | passphrase = xstrdup(""); |
249 | else { | 247 | else { |
250 | /* Read passphrase from the user. */ | ||
251 | if (identity_passphrase) | 248 | if (identity_passphrase) |
252 | passphrase = xstrdup(identity_passphrase); | 249 | passphrase = xstrdup(identity_passphrase); |
253 | else if (identity_new_passphrase) | 250 | else if (identity_new_passphrase) |
@@ -274,7 +271,6 @@ do_change_comment(struct passwd *pw) | |||
274 | RSA_free(private_key); | 271 | RSA_free(private_key); |
275 | exit(1); | 272 | exit(1); |
276 | } | 273 | } |
277 | /* Remove terminating newline from comment. */ | ||
278 | if (strchr(new_comment, '\n')) | 274 | if (strchr(new_comment, '\n')) |
279 | *strchr(new_comment, '\n') = 0; | 275 | *strchr(new_comment, '\n') = 0; |
280 | } | 276 | } |
@@ -289,13 +285,10 @@ do_change_comment(struct passwd *pw) | |||
289 | xfree(comment); | 285 | xfree(comment); |
290 | exit(1); | 286 | exit(1); |
291 | } | 287 | } |
292 | /* Destroy the passphrase and the private key in memory. */ | ||
293 | memset(passphrase, 0, strlen(passphrase)); | 288 | memset(passphrase, 0, strlen(passphrase)); |
294 | xfree(passphrase); | 289 | xfree(passphrase); |
295 | RSA_free(private_key); | 290 | RSA_free(private_key); |
296 | 291 | ||
297 | /* Save the public key in text format in a file with the same name | ||
298 | but .pub appended. */ | ||
299 | strlcat(identity_file, ".pub", sizeof(identity_file)); | 292 | strlcat(identity_file, ".pub", sizeof(identity_file)); |
300 | f = fopen(identity_file, "w"); | 293 | f = fopen(identity_file, "w"); |
301 | if (!f) { | 294 | if (!f) { |
@@ -343,21 +336,18 @@ main(int ac, char **av) | |||
343 | 336 | ||
344 | /* check if RSA support exists */ | 337 | /* check if RSA support exists */ |
345 | if (rsa_alive() == 0) { | 338 | if (rsa_alive() == 0) { |
346 | extern char *__progname; | ||
347 | |||
348 | fprintf(stderr, | 339 | fprintf(stderr, |
349 | "%s: no RSA support in libssl and libcrypto. See ssl(8).\n", | 340 | "%s: no RSA support in libssl and libcrypto. See ssl(8).\n", |
350 | __progname); | 341 | __progname); |
351 | exit(1); | 342 | exit(1); |
352 | } | 343 | } |
353 | /* Get user\'s passwd structure. We need this for the home | 344 | /* we need this for the home * directory. */ |
354 | directory. */ | ||
355 | pw = getpwuid(getuid()); | 345 | pw = getpwuid(getuid()); |
356 | if (!pw) { | 346 | if (!pw) { |
357 | printf("You don't exist, go away!\n"); | 347 | printf("You don't exist, go away!\n"); |
358 | exit(1); | 348 | exit(1); |
359 | } | 349 | } |
360 | /* Parse command line arguments. */ | 350 | |
361 | while ((opt = getopt(ac, av, "qpclb:f:P:N:C:")) != EOF) { | 351 | while ((opt = getopt(ac, av, "qpclb:f:P:N:C:")) != EOF) { |
362 | switch (opt) { | 352 | switch (opt) { |
363 | case 'b': | 353 | case 'b': |
@@ -416,14 +406,8 @@ main(int ac, char **av) | |||
416 | } | 406 | } |
417 | if (print_fingerprint) | 407 | if (print_fingerprint) |
418 | do_fingerprint(pw); | 408 | do_fingerprint(pw); |
419 | |||
420 | /* If the user requested to change the passphrase, do it now. | ||
421 | This function never returns. */ | ||
422 | if (change_passphrase) | 409 | if (change_passphrase) |
423 | do_change_passphrase(pw); | 410 | do_change_passphrase(pw); |
424 | |||
425 | /* If the user requested to change the comment, do it now. This | ||
426 | function never returns. */ | ||
427 | if (change_comment) | 411 | if (change_comment) |
428 | do_change_comment(pw); | 412 | do_change_comment(pw); |
429 | 413 | ||
@@ -484,11 +468,10 @@ passphrase_again: | |||
484 | xfree(passphrase2); | 468 | xfree(passphrase2); |
485 | } | 469 | } |
486 | 470 | ||
487 | /* Create default commend field for the passphrase. The user can | ||
488 | later edit this field. */ | ||
489 | if (identity_comment) { | 471 | if (identity_comment) { |
490 | strlcpy(comment, identity_comment, sizeof(comment)); | 472 | strlcpy(comment, identity_comment, sizeof(comment)); |
491 | } else { | 473 | } else { |
474 | /* Create default commend field for the passphrase. */ | ||
492 | if (gethostname(hostname, sizeof(hostname)) < 0) { | 475 | if (gethostname(hostname, sizeof(hostname)) < 0) { |
493 | perror("gethostname"); | 476 | perror("gethostname"); |
494 | exit(1); | 477 | exit(1); |
@@ -515,8 +498,6 @@ passphrase_again: | |||
515 | if (!quiet) | 498 | if (!quiet) |
516 | printf("Your identification has been saved in %s.\n", identity_file); | 499 | printf("Your identification has been saved in %s.\n", identity_file); |
517 | 500 | ||
518 | /* Save the public key in text format in a file with the same name | ||
519 | but .pub appended. */ | ||
520 | strlcat(identity_file, ".pub", sizeof(identity_file)); | 501 | strlcat(identity_file, ".pub", sizeof(identity_file)); |
521 | f = fopen(identity_file, "w"); | 502 | f = fopen(identity_file, "w"); |
522 | if (!f) { | 503 | if (!f) { |