diff options
Diffstat (limited to 'ssh-keygen.c')
| -rw-r--r-- | ssh-keygen.c | 18 |
1 files changed, 14 insertions, 4 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index 4b6218b10..5fcd3a159 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-keygen.c,v 1.210 2011/04/18 00:46:05 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.212 2011/10/16 15:02:41 jmc Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -154,7 +154,7 @@ char hostname[MAXHOSTNAMELEN]; | |||
| 154 | 154 | ||
| 155 | /* moduli.c */ | 155 | /* moduli.c */ |
| 156 | int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *); | 156 | int gen_candidates(FILE *, u_int32_t, u_int32_t, BIGNUM *); |
| 157 | int prime_test(FILE *, FILE *, u_int32_t, u_int32_t); | 157 | int prime_test(FILE *, FILE *, u_int32_t, u_int32_t, char *); |
| 158 | 158 | ||
| 159 | static void | 159 | static void |
| 160 | type_bits_valid(int type, u_int32_t *bitsp) | 160 | type_bits_valid(int type, u_int32_t *bitsp) |
| @@ -857,7 +857,9 @@ do_gen_all_hostkeys(struct passwd *pw) | |||
| 857 | { "rsa1", "RSA1", _PATH_HOST_KEY_FILE }, | 857 | { "rsa1", "RSA1", _PATH_HOST_KEY_FILE }, |
| 858 | { "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE }, | 858 | { "rsa", "RSA" ,_PATH_HOST_RSA_KEY_FILE }, |
| 859 | { "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE }, | 859 | { "dsa", "DSA", _PATH_HOST_DSA_KEY_FILE }, |
| 860 | #ifdef OPENSSL_HAS_ECC | ||
| 860 | { "ecdsa", "ECDSA",_PATH_HOST_ECDSA_KEY_FILE }, | 861 | { "ecdsa", "ECDSA",_PATH_HOST_ECDSA_KEY_FILE }, |
| 862 | #endif | ||
| 861 | { NULL, NULL, NULL } | 863 | { NULL, NULL, NULL } |
| 862 | }; | 864 | }; |
| 863 | 865 | ||
| @@ -1884,6 +1886,7 @@ usage(void) | |||
| 1884 | fprintf(stderr, " -h Generate host certificate instead of a user certificate.\n"); | 1886 | fprintf(stderr, " -h Generate host certificate instead of a user certificate.\n"); |
| 1885 | fprintf(stderr, " -I key_id Key identifier to include in certificate.\n"); | 1887 | fprintf(stderr, " -I key_id Key identifier to include in certificate.\n"); |
| 1886 | fprintf(stderr, " -i Import foreign format to OpenSSH key file.\n"); | 1888 | fprintf(stderr, " -i Import foreign format to OpenSSH key file.\n"); |
| 1889 | fprintf(stderr, " -K checkpt Write checkpoints to this file.\n"); | ||
| 1887 | fprintf(stderr, " -L Print the contents of a certificate.\n"); | 1890 | fprintf(stderr, " -L Print the contents of a certificate.\n"); |
| 1888 | fprintf(stderr, " -l Show fingerprint of key file.\n"); | 1891 | fprintf(stderr, " -l Show fingerprint of key file.\n"); |
| 1889 | fprintf(stderr, " -M memory Amount of memory (MB) to use for generating DH-GEX moduli.\n"); | 1892 | fprintf(stderr, " -M memory Amount of memory (MB) to use for generating DH-GEX moduli.\n"); |
| @@ -1916,6 +1919,7 @@ int | |||
| 1916 | main(int argc, char **argv) | 1919 | main(int argc, char **argv) |
| 1917 | { | 1920 | { |
| 1918 | char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2; | 1921 | char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2; |
| 1922 | char *checkpoint = NULL; | ||
| 1919 | char out_file[MAXPATHLEN], *rr_hostname = NULL; | 1923 | char out_file[MAXPATHLEN], *rr_hostname = NULL; |
| 1920 | Key *private, *public; | 1924 | Key *private, *public; |
| 1921 | struct passwd *pw; | 1925 | struct passwd *pw; |
| @@ -1952,7 +1956,7 @@ main(int argc, char **argv) | |||
| 1952 | exit(1); | 1956 | exit(1); |
| 1953 | } | 1957 | } |
| 1954 | 1958 | ||
| 1955 | while ((opt = getopt(argc, argv, "AegiqpclBHLhvxXyF:b:f:t:D:I:P:m:N:n:" | 1959 | while ((opt = getopt(argc, argv, "AegiqpclBHLhvxXyF:b:f:t:D:I:K:P:m:N:n:" |
| 1956 | "O:C:r:g:R:T:G:M:S:s:a:V:W:z:")) != -1) { | 1960 | "O:C:r:g:R:T:G:M:S:s:a:V:W:z:")) != -1) { |
| 1957 | switch (opt) { | 1961 | switch (opt) { |
| 1958 | case 'A': | 1962 | case 'A': |
| @@ -2103,6 +2107,11 @@ main(int argc, char **argv) | |||
| 2103 | sizeof(out_file)) | 2107 | sizeof(out_file)) |
| 2104 | fatal("Output filename too long"); | 2108 | fatal("Output filename too long"); |
| 2105 | break; | 2109 | break; |
| 2110 | case 'K': | ||
| 2111 | if (strlen(optarg) >= MAXPATHLEN) | ||
| 2112 | fatal("Checkpoint filename too long"); | ||
| 2113 | checkpoint = xstrdup(optarg); | ||
| 2114 | break; | ||
| 2106 | case 'S': | 2115 | case 'S': |
| 2107 | /* XXX - also compare length against bits */ | 2116 | /* XXX - also compare length against bits */ |
| 2108 | if (BN_hex2bn(&start, optarg) == 0) | 2117 | if (BN_hex2bn(&start, optarg) == 0) |
| @@ -2225,7 +2234,8 @@ main(int argc, char **argv) | |||
| 2225 | fatal("Couldn't open moduli file \"%s\": %s", | 2234 | fatal("Couldn't open moduli file \"%s\": %s", |
| 2226 | out_file, strerror(errno)); | 2235 | out_file, strerror(errno)); |
| 2227 | } | 2236 | } |
| 2228 | if (prime_test(in, out, trials, generator_wanted) != 0) | 2237 | if (prime_test(in, out, trials, generator_wanted, checkpoint) |
| 2238 | != 0) | ||
| 2229 | fatal("modulus screening failed"); | 2239 | fatal("modulus screening failed"); |
| 2230 | return (0); | 2240 | return (0); |
| 2231 | } | 2241 | } |