|
Lines 972-978
do_gen_all_hostkeys(struct passwd *pw)
Link Here
|
| 972 |
} |
972 |
} |
| 973 |
|
973 |
|
| 974 |
static void |
974 |
static void |
| 975 |
printhost(FILE *f, const char *name, Key *public, int ca, int hash) |
975 |
printhost(FILE *f, const char *name, Key *public, int ca, int revoked, int hash) |
| 976 |
{ |
976 |
{ |
| 977 |
if (print_fingerprint) { |
977 |
if (print_fingerprint) { |
| 978 |
enum fp_rep rep; |
978 |
enum fp_rep rep; |
|
Lines 992-998
printhost(FILE *f, const char *name, Key *public, int ca, int hash)
Link Here
|
| 992 |
} else { |
992 |
} else { |
| 993 |
if (hash && (name = host_hash(name, NULL, 0)) == NULL) |
993 |
if (hash && (name = host_hash(name, NULL, 0)) == NULL) |
| 994 |
fatal("hash_host failed"); |
994 |
fatal("hash_host failed"); |
| 995 |
fprintf(f, "%s%s%s ", ca ? CA_MARKER : "", ca ? " " : "", name); |
995 |
fprintf(f, "%s%s%s ", ca ? CA_MARKER " " : "", |
|
|
996 |
revoked ? REVOKE_MARKER " " : "" , name); |
| 996 |
if (!key_write(public, f)) |
997 |
if (!key_write(public, f)) |
| 997 |
fatal("key_write failed"); |
998 |
fatal("key_write failed"); |
| 998 |
fprintf(f, "\n"); |
999 |
fprintf(f, "\n"); |
|
Lines 1007-1013
do_known_hosts(struct passwd *pw, const char *name)
Link Here
|
| 1007 |
char *cp, *cp2, *kp, *kp2; |
1008 |
char *cp, *cp2, *kp, *kp2; |
| 1008 |
char line[16*1024], tmp[MAXPATHLEN], old[MAXPATHLEN]; |
1009 |
char line[16*1024], tmp[MAXPATHLEN], old[MAXPATHLEN]; |
| 1009 |
int c, skip = 0, inplace = 0, num = 0, invalid = 0, has_unhashed = 0; |
1010 |
int c, skip = 0, inplace = 0, num = 0, invalid = 0, has_unhashed = 0; |
| 1010 |
int ca; |
1011 |
int ca, revoked; |
| 1011 |
int found_key = 0; |
1012 |
int found_key = 0; |
| 1012 |
|
1013 |
|
| 1013 |
if (!have_identity) { |
1014 |
if (!have_identity) { |
|
Lines 1021-1026
do_known_hosts(struct passwd *pw, const char *name)
Link Here
|
| 1021 |
if ((in = fopen(identity_file, "r")) == NULL) |
1022 |
if ((in = fopen(identity_file, "r")) == NULL) |
| 1022 |
fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); |
1023 |
fatal("%s: %s: %s", __progname, identity_file, strerror(errno)); |
| 1023 |
|
1024 |
|
|
|
1025 |
/* XXX this code is a mess; refactor -djm */ |
| 1024 |
/* |
1026 |
/* |
| 1025 |
* Find hosts goes to stdout, hash and deletions happen in-place |
1027 |
* Find hosts goes to stdout, hash and deletions happen in-place |
| 1026 |
* A corner case is ssh-keygen -HF foo, which should go to stdout |
1028 |
* A corner case is ssh-keygen -HF foo, which should go to stdout |
|
Lines 1064-1070
do_known_hosts(struct passwd *pw, const char *name)
Link Here
|
| 1064 |
fprintf(out, "%s\n", cp); |
1066 |
fprintf(out, "%s\n", cp); |
| 1065 |
continue; |
1067 |
continue; |
| 1066 |
} |
1068 |
} |
| 1067 |
/* Check whether this is a CA key */ |
1069 |
/* Check whether this is a CA key or revocation marker */ |
| 1068 |
if (strncasecmp(cp, CA_MARKER, sizeof(CA_MARKER) - 1) == 0 && |
1070 |
if (strncasecmp(cp, CA_MARKER, sizeof(CA_MARKER) - 1) == 0 && |
| 1069 |
(cp[sizeof(CA_MARKER) - 1] == ' ' || |
1071 |
(cp[sizeof(CA_MARKER) - 1] == ' ' || |
| 1070 |
cp[sizeof(CA_MARKER) - 1] == '\t')) { |
1072 |
cp[sizeof(CA_MARKER) - 1] == '\t')) { |
|
Lines 1072-1077
do_known_hosts(struct passwd *pw, const char *name)
Link Here
|
| 1072 |
cp += sizeof(CA_MARKER); |
1074 |
cp += sizeof(CA_MARKER); |
| 1073 |
} else |
1075 |
} else |
| 1074 |
ca = 0; |
1076 |
ca = 0; |
|
|
1077 |
if (strncasecmp(cp, REVOKE_MARKER, |
| 1078 |
sizeof(REVOKE_MARKER) - 1) == 0 && |
| 1079 |
(cp[sizeof(REVOKE_MARKER) - 1] == ' ' || |
| 1080 |
cp[sizeof(REVOKE_MARKER) - 1] == '\t')) { |
| 1081 |
revoked = 1; |
| 1082 |
cp += sizeof(REVOKE_MARKER); |
| 1083 |
} else |
| 1084 |
revoked = 0; |
| 1075 |
|
1085 |
|
| 1076 |
/* Find the end of the host name portion. */ |
1086 |
/* Find the end of the host name portion. */ |
| 1077 |
for (kp = cp; *kp && *kp != ' ' && *kp != '\t'; kp++) |
1087 |
for (kp = cp; *kp && *kp != ' ' && *kp != '\t'; kp++) |
|
Lines 1115-1134
do_known_hosts(struct passwd *pw, const char *name)
Link Here
|
| 1115 |
printf("# Host %s found: " |
1125 |
printf("# Host %s found: " |
| 1116 |
"line %d type %s%s\n", name, |
1126 |
"line %d type %s%s\n", name, |
| 1117 |
num, key_type(pub), |
1127 |
num, key_type(pub), |
| 1118 |
ca ? " (CA key)" : ""); |
1128 |
ca ? " (CA key)" : |
| 1119 |
printhost(out, cp, pub, ca, 0); |
1129 |
revoked? " (revoked)" : ""); |
|
|
1130 |
printhost(out, cp, pub, ca, revoked, 0); |
| 1120 |
found_key = 1; |
1131 |
found_key = 1; |
| 1121 |
} |
1132 |
} |
| 1122 |
if (delete_host) { |
1133 |
if (delete_host) { |
| 1123 |
if (!c && !ca) |
1134 |
if (!c || ca || revoked) { |
| 1124 |
printhost(out, cp, pub, ca, 0); |
1135 |
printhost(out, cp, pub, |
| 1125 |
else |
1136 |
ca, revoked, 0); |
|
|
1137 |
} else { |
| 1126 |
printf("# Host %s found: " |
1138 |
printf("# Host %s found: " |
| 1127 |
"line %d type %s\n", name, |
1139 |
"line %d type %s\n", name, |
| 1128 |
num, key_type(pub)); |
1140 |
num, key_type(pub)); |
|
|
1141 |
} |
| 1129 |
} |
1142 |
} |
| 1130 |
} else if (hash_hosts) |
1143 |
} else if (hash_hosts) |
| 1131 |
printhost(out, cp, pub, ca, 0); |
1144 |
printhost(out, cp, pub, ca, revoked, 0); |
| 1132 |
} else { |
1145 |
} else { |
| 1133 |
if (find_host || delete_host) { |
1146 |
if (find_host || delete_host) { |
| 1134 |
c = (match_hostname(name, cp, |
1147 |
c = (match_hostname(name, cp, |
|
Lines 1139-1176
do_known_hosts(struct passwd *pw, const char *name)
Link Here
|
| 1139 |
"line %d type %s%s\n", name, |
1152 |
"line %d type %s%s\n", name, |
| 1140 |
num, key_type(pub), |
1153 |
num, key_type(pub), |
| 1141 |
ca ? " (CA key)" : ""); |
1154 |
ca ? " (CA key)" : ""); |
| 1142 |
printhost(out, name, pub, |
1155 |
printhost(out, name, pub, ca, revoked, |
| 1143 |
ca, hash_hosts && !ca); |
1156 |
hash_hosts && !(ca || revoked)); |
| 1144 |
found_key = 1; |
1157 |
found_key = 1; |
| 1145 |
} |
1158 |
} |
| 1146 |
if (delete_host) { |
1159 |
if (delete_host) { |
| 1147 |
if (!c && !ca) |
1160 |
if (!c || ca || revoked) { |
| 1148 |
printhost(out, cp, pub, ca, 0); |
1161 |
printhost(out, cp, pub, |
| 1149 |
else |
1162 |
ca, revoked, 0); |
|
|
1163 |
} else { |
| 1150 |
printf("# Host %s found: " |
1164 |
printf("# Host %s found: " |
| 1151 |
"line %d type %s\n", name, |
1165 |
"line %d type %s\n", name, |
| 1152 |
num, key_type(pub)); |
1166 |
num, key_type(pub)); |
|
|
1167 |
} |
| 1153 |
} |
1168 |
} |
|
|
1169 |
} else if (hash_hosts && (ca || revoked)) { |
| 1170 |
/* Don't hash CA and revoked keys' hostnames */ |
| 1171 |
printhost(out, cp, pub, ca, revoked, 0); |
| 1172 |
has_unhashed = 1; |
| 1154 |
} else if (hash_hosts) { |
1173 |
} else if (hash_hosts) { |
|
|
1174 |
/* Hash each hostname separately */ |
| 1155 |
for (cp2 = strsep(&cp, ","); |
1175 |
for (cp2 = strsep(&cp, ","); |
| 1156 |
cp2 != NULL && *cp2 != '\0'; |
1176 |
cp2 != NULL && *cp2 != '\0'; |
| 1157 |
cp2 = strsep(&cp, ",")) { |
1177 |
cp2 = strsep(&cp, ",")) { |
| 1158 |
if (ca) { |
1178 |
if (strcspn(cp2, "*?!") != |
| 1159 |
fprintf(stderr, "Warning: " |
|
|
| 1160 |
"ignoring CA key for host: " |
| 1161 |
"%.64s\n", cp2); |
| 1162 |
printhost(out, cp2, pub, ca, 0); |
| 1163 |
} else if (strcspn(cp2, "*?!") != |
| 1164 |
strlen(cp2)) { |
1179 |
strlen(cp2)) { |
| 1165 |
fprintf(stderr, "Warning: " |
1180 |
fprintf(stderr, "Warning: " |
| 1166 |
"ignoring host name with " |
1181 |
"ignoring host name with " |
| 1167 |
"metacharacters: %.64s\n", |
1182 |
"metacharacters: %.64s\n", |
| 1168 |
cp2); |
1183 |
cp2); |
| 1169 |
printhost(out, cp2, pub, ca, 0); |
1184 |
printhost(out, cp2, pub, ca, |
| 1170 |
} else |
1185 |
revoked, 0); |
| 1171 |
printhost(out, cp2, pub, ca, 1); |
1186 |
has_unhashed = 1; |
|
|
1187 |
} else { |
| 1188 |
printhost(out, cp2, pub, ca, |
| 1189 |
revoked, 1); |
| 1190 |
} |
| 1172 |
} |
1191 |
} |
| 1173 |
has_unhashed = 1; |
|
|
| 1174 |
} |
1192 |
} |
| 1175 |
} |
1193 |
} |
| 1176 |
key_free(pub); |
1194 |
key_free(pub); |