summaryrefslogtreecommitdiff
path: root/ssh-keysign.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssh-keysign.c')
-rw-r--r--ssh-keysign.c17
1 files changed, 11 insertions, 6 deletions
diff --git a/ssh-keysign.c b/ssh-keysign.c
index 6bde8ad17..d95bb7d9d 100644
--- a/ssh-keysign.c
+++ b/ssh-keysign.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-keysign.c,v 1.39 2013/12/06 13:39:49 markus Exp $ */ 1/* $OpenBSD: ssh-keysign.c,v 1.42 2014/04/29 18:01:49 markus Exp $ */
2/* 2/*
3 * Copyright (c) 2002 Markus Friedl. All rights reserved. 3 * Copyright (c) 2002 Markus Friedl. All rights reserved.
4 * 4 *
@@ -155,7 +155,7 @@ main(int argc, char **argv)
155 struct passwd *pw; 155 struct passwd *pw;
156 int key_fd[NUM_KEYTYPES], i, found, version = 2, fd; 156 int key_fd[NUM_KEYTYPES], i, found, version = 2, fd;
157 u_char *signature, *data; 157 u_char *signature, *data;
158 char *host; 158 char *host, *fp;
159 u_int slen, dlen; 159 u_int slen, dlen;
160 u_int32_t rnd[256]; 160 u_int32_t rnd[256];
161 161
@@ -201,8 +201,7 @@ main(int argc, char **argv)
201 fatal("could not open any host key"); 201 fatal("could not open any host key");
202 202
203 OpenSSL_add_all_algorithms(); 203 OpenSSL_add_all_algorithms();
204 for (i = 0; i < 256; i++) 204 arc4random_buf(rnd, sizeof(rnd));
205 rnd[i] = arc4random();
206 RAND_seed(rnd, sizeof(rnd)); 205 RAND_seed(rnd, sizeof(rnd));
207 206
208 found = 0; 207 found = 0;
@@ -210,8 +209,11 @@ main(int argc, char **argv)
210 keys[i] = NULL; 209 keys[i] = NULL;
211 if (key_fd[i] == -1) 210 if (key_fd[i] == -1)
212 continue; 211 continue;
212#ifdef WITH_OPENSSL
213/* XXX wrong api */
213 keys[i] = key_load_private_pem(key_fd[i], KEY_UNSPEC, 214 keys[i] = key_load_private_pem(key_fd[i], KEY_UNSPEC,
214 NULL, NULL); 215 NULL, NULL);
216#endif
215 close(key_fd[i]); 217 close(key_fd[i]);
216 if (keys[i] != NULL) 218 if (keys[i] != NULL)
217 found = 1; 219 found = 1;
@@ -243,8 +245,11 @@ main(int argc, char **argv)
243 break; 245 break;
244 } 246 }
245 } 247 }
246 if (!found) 248 if (!found) {
247 fatal("no matching hostkey found"); 249 fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX);
250 fatal("no matching hostkey found for key %s %s",
251 key_type(key), fp);
252 }
248 253
249 if (key_sign(keys[i], &signature, &slen, data, dlen) != 0) 254 if (key_sign(keys[i], &signature, &slen, data, dlen) != 0)
250 fatal("key_sign failed"); 255 fatal("key_sign failed");