diff options
Diffstat (limited to 'ssh-keysign.c')
-rw-r--r-- | ssh-keysign.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/ssh-keysign.c b/ssh-keysign.c index 6bde8ad17..d95bb7d9d 100644 --- a/ssh-keysign.c +++ b/ssh-keysign.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keysign.c,v 1.39 2013/12/06 13:39:49 markus Exp $ */ | 1 | /* $OpenBSD: ssh-keysign.c,v 1.42 2014/04/29 18:01:49 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2002 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2002 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -155,7 +155,7 @@ main(int argc, char **argv) | |||
155 | struct passwd *pw; | 155 | struct passwd *pw; |
156 | int key_fd[NUM_KEYTYPES], i, found, version = 2, fd; | 156 | int key_fd[NUM_KEYTYPES], i, found, version = 2, fd; |
157 | u_char *signature, *data; | 157 | u_char *signature, *data; |
158 | char *host; | 158 | char *host, *fp; |
159 | u_int slen, dlen; | 159 | u_int slen, dlen; |
160 | u_int32_t rnd[256]; | 160 | u_int32_t rnd[256]; |
161 | 161 | ||
@@ -201,8 +201,7 @@ main(int argc, char **argv) | |||
201 | fatal("could not open any host key"); | 201 | fatal("could not open any host key"); |
202 | 202 | ||
203 | OpenSSL_add_all_algorithms(); | 203 | OpenSSL_add_all_algorithms(); |
204 | for (i = 0; i < 256; i++) | 204 | arc4random_buf(rnd, sizeof(rnd)); |
205 | rnd[i] = arc4random(); | ||
206 | RAND_seed(rnd, sizeof(rnd)); | 205 | RAND_seed(rnd, sizeof(rnd)); |
207 | 206 | ||
208 | found = 0; | 207 | found = 0; |
@@ -210,8 +209,11 @@ main(int argc, char **argv) | |||
210 | keys[i] = NULL; | 209 | keys[i] = NULL; |
211 | if (key_fd[i] == -1) | 210 | if (key_fd[i] == -1) |
212 | continue; | 211 | continue; |
212 | #ifdef WITH_OPENSSL | ||
213 | /* XXX wrong api */ | ||
213 | keys[i] = key_load_private_pem(key_fd[i], KEY_UNSPEC, | 214 | keys[i] = key_load_private_pem(key_fd[i], KEY_UNSPEC, |
214 | NULL, NULL); | 215 | NULL, NULL); |
216 | #endif | ||
215 | close(key_fd[i]); | 217 | close(key_fd[i]); |
216 | if (keys[i] != NULL) | 218 | if (keys[i] != NULL) |
217 | found = 1; | 219 | found = 1; |
@@ -243,8 +245,11 @@ main(int argc, char **argv) | |||
243 | break; | 245 | break; |
244 | } | 246 | } |
245 | } | 247 | } |
246 | if (!found) | 248 | if (!found) { |
247 | fatal("no matching hostkey found"); | 249 | fp = key_fingerprint(key, SSH_FP_MD5, SSH_FP_HEX); |
250 | fatal("no matching hostkey found for key %s %s", | ||
251 | key_type(key), fp); | ||
252 | } | ||
248 | 253 | ||
249 | if (key_sign(keys[i], &signature, &slen, data, dlen) != 0) | 254 | if (key_sign(keys[i], &signature, &slen, data, dlen) != 0) |
250 | fatal("key_sign failed"); | 255 | fatal("key_sign failed"); |