- djm@cvs.openbsd.org 2010/01/30 02:54:53

[openssh.git] / ssh-keygen.c

diff --git a/ssh-keygen.c b/ssh-keygen.c
index a45499177dcae7c6a7e5508992515f93acbf693a..7f5185f8e4b70a04bf37f2168ea0ec630f832765 100644 (file)
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.172 2008/11/07 00:42:12 stevesk Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.176 2010/01/11 10:51:07 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -135,7 +135,7 @@ ask_filename(struct passwd *pw, const char *prompt)
                        name = _PATH_SSH_CLIENT_ID_RSA;
                        break;
                default:
-                       fprintf(stderr, "bad key type");
+                       fprintf(stderr, "bad key type\n");
                        exit(1);
                        break;
                }
@@ -181,6 +181,7 @@ do_convert_to_ssh2(struct passwd *pw)
        Key *k;
        u_int len;
        u_char *blob;
+       char comment[61];
        struct stat st;
 
        if (!have_identity)
@@ -203,11 +204,14 @@ do_convert_to_ssh2(struct passwd *pw)
                fprintf(stderr, "key_to_blob failed\n");
                exit(1);
        }
-       fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN);
-       fprintf(stdout,
-           "Comment: \"%u-bit %s, converted from OpenSSH by %s@%s\"\n",
+       /* Comment + surrounds must fit into 72 chars (RFC 4716 sec 3.3) */
+       snprintf(comment, sizeof(comment),
+           "%u-bit %s, converted by %s@%s from OpenSSH",
            key_size(k), key_type(k),
            pw->pw_name, hostname);
+
+       fprintf(stdout, "%s\n", SSH_COM_PUBLIC_BEGIN);
+       fprintf(stdout, "Comment: \"%s\"\n", comment);
        dump_base64(stdout, blob, len);
        fprintf(stdout, "%s\n", SSH_COM_PUBLIC_END);
        key_free(k);
@@ -421,7 +425,7 @@ do_convert_from_ssh2(struct passwd *pw)
                 PEM_write_RSAPrivateKey(stdout, k->rsa, NULL, NULL, 0, NULL, NULL)) :
            key_write(k, stdout);
        if (!ok) {
-               fprintf(stderr, "key write failed");
+               fprintf(stderr, "key write failed\n");
                exit(1);
        }
        key_free(k);
@@ -524,7 +528,7 @@ do_fingerprint(struct passwd *pw)
        public = key_load_public(identity_file, &comment);
        if (public != NULL) {
                fp = key_fingerprint(public, fptype, rep);
-               ra = key_fingerprint(public, fptype, SSH_FP_RANDOMART);
+               ra = key_fingerprint(public, SSH_FP_MD5, SSH_FP_RANDOMART);
                printf("%u %s %s (%s)\n", key_size(public), fp, comment,
                    key_type(public));
                if (log_level >= SYSLOG_LEVEL_VERBOSE)
@@ -589,7 +593,7 @@ do_fingerprint(struct passwd *pw)
                        }
                        comment = *cp ? cp : comment;
                        fp = key_fingerprint(public, fptype, rep);
-                       ra = key_fingerprint(public, fptype, SSH_FP_RANDOMART);
+                       ra = key_fingerprint(public, SSH_FP_MD5, SSH_FP_RANDOMART);
                        printf("%u %s %s (%s)\n", key_size(public), fp,
                            comment ? comment : "no comment", key_type(public));
                        if (log_level >= SYSLOG_LEVEL_VERBOSE)
@@ -619,7 +623,7 @@ print_host(FILE *f, const char *name, Key *public, int hash)
                fptype = print_bubblebabble ? SSH_FP_SHA1 : SSH_FP_MD5;
                rep =    print_bubblebabble ? SSH_FP_BUBBLEBABBLE : SSH_FP_HEX;
                fp = key_fingerprint(public, fptype, rep);
-               ra = key_fingerprint(public, fptype, SSH_FP_RANDOMART);
+               ra = key_fingerprint(public, SSH_FP_MD5, SSH_FP_RANDOMART);
                printf("%u %s %s (%s)\n", key_size(public), fp, name,
                    key_type(public));
                if (log_level >= SYSLOG_LEVEL_VERBOSE)
@@ -1015,11 +1019,11 @@ do_change_comment(struct passwd *pw)
        }
        f = fdopen(fd, "w");
        if (f == NULL) {
-               printf("fdopen %s failed", identity_file);
+               printf("fdopen %s failed\n", identity_file);
                exit(1);
        }
        if (!key_write(public, f))
-               fprintf(stderr, "write key failed");
+               fprintf(stderr, "write key failed\n");
        key_free(public);
        fprintf(f, " %s\n", new_comment);
        fclose(f);
@@ -1366,7 +1370,7 @@ main(int argc, char **argv)
                printf("Generating public/private %s key pair.\n", key_type_name);
        private = key_generate(type, bits);
        if (private == NULL) {
-               fprintf(stderr, "key_generate failed");
+               fprintf(stderr, "key_generate failed\n");
                exit(1);
        }
        public  = key_from_private(private);
@@ -1456,11 +1460,11 @@ passphrase_again:
        }
        f = fdopen(fd, "w");
        if (f == NULL) {
-               printf("fdopen %s failed", identity_file);
+               printf("fdopen %s failed\n", identity_file);
                exit(1);
        }
        if (!key_write(public, f))
-               fprintf(stderr, "write key failed");
+               fprintf(stderr, "write key failed\n");
        fprintf(f, " %s\n", comment);
        fclose(f);