X-Git-Url: http://andersk.mit.edu/gitweb/openssh.git/blobdiff_plain/fda04d7d7e5544d24e3bb0bc25c8f04a342136d2..3c460edeb2bc3d753aec1836d1e2c1cd479c0d5b:/ssh-keygen.c

diff --git a/ssh-keygen.c b/ssh-keygen.c
index dbc51473..7ed62a30 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-keygen.c,v 1.108 2003/08/14 16:08:58 markus Exp $");
+RCSID("$OpenBSD: ssh-keygen.c,v 1.118 2004/12/23 17:38:07 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/pem.h>
@@ -26,15 +26,12 @@ RCSID("$OpenBSD: ssh-keygen.c,v 1.108 2003/08/14 16:08:58 markus Exp $");
 #include "bufaux.h"
 #include "pathnames.h"
 #include "log.h"
-#include "readpass.h"
-#include "moduli.h"
+#include "misc.h"
 
 #ifdef SMARTCARD
 #include "scard.h"
 #endif
-#ifdef DNS
 #include "dns.h"
-#endif
 
 /* Number of bits in the RSA/DSA key.  This value can be changed on the command line. */
 int bits = 1024;
@@ -79,14 +76,14 @@ int print_generic = 0;
 char *key_type_name = NULL;
 
 /* argv0 */
-#ifdef HAVE___PROGNAME
 extern char *__progname;
-#else
-char *__progname;
-#endif
 
 char hostname[MAXHOSTNAMELEN];
 
+/* moduli.c */
+int gen_candidates(FILE *, int, int, BIGNUM *);
+int prime_test(FILE *, FILE *, u_int32_t, u_int32_t);
+
 static void
 ask_filename(struct passwd *pw, const char *prompt)
 {
@@ -191,8 +188,8 @@ do_convert_to_ssh2(struct passwd *pw)
 static void
 buffer_get_bignum_bits(Buffer *b, BIGNUM *value)
 {
-	int bits = buffer_get_int(b);
-	int bytes = (bits + 7) / 8;
+	u_int bignum_bits = buffer_get_int(b);
+	u_int bytes = (bignum_bits + 7) / 8;
 
 	if (buffer_len(b) < bytes)
 		fatal("buffer_get_bignum_bits: input buffer too small: "
@@ -242,6 +239,7 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
 	} else if (strstr(type, "rsa")) {
 		ktype = KEY_RSA;
 	} else {
+		buffer_free(&b);
 		xfree(type);
 		return NULL;
 	}
@@ -625,12 +623,11 @@ do_change_passphrase(struct passwd *pw)
 	exit(0);
 }
 
-#ifdef DNS
 /*
  * Print the SSHFP RR.
  */
 static void
-do_print_resource_record(struct passwd *pw, char *hostname)
+do_print_resource_record(struct passwd *pw, char *hname)
 {
 	Key *public;
 	char *comment = NULL;
@@ -644,7 +641,7 @@ do_print_resource_record(struct passwd *pw, char *hostname)
 	}
 	public = key_load_public(identity_file, &comment);
 	if (public != NULL) {
-		export_dns_rr(hostname, public, stdout, print_generic);
+		export_dns_rr(hname, public, stdout, print_generic);
 		key_free(public);
 		xfree(comment);
 		exit(0);
@@ -655,7 +652,6 @@ do_print_resource_record(struct passwd *pw, char *hostname)
 	printf("failed to read v2 public key from %s.\n", identity_file);
 	exit(1);
 }
-#endif /* DNS */
 
 /*
  * Change the comment of a private key file.
@@ -774,9 +770,7 @@ usage(void)
 	fprintf(stderr, "  -C comment  Provide new comment.\n");
 	fprintf(stderr, "  -N phrase   Provide new passphrase.\n");
 	fprintf(stderr, "  -P phrase   Provide old passphrase.\n");
-#ifdef DNS
 	fprintf(stderr, "  -r hostname Print DNS resource record.\n");
-#endif /* DNS */
 #ifdef SMARTCARD
 	fprintf(stderr, "  -D reader   Download public key from smartcard.\n");
 	fprintf(stderr, "  -U reader   Upload private key to smartcard.\n");
@@ -795,7 +789,7 @@ int
 main(int ac, char **av)
 {
 	char dotsshdir[MAXPATHLEN], comment[1024], *passphrase1, *passphrase2;
-	char out_file[PATH_MAX], *reader_id = NULL;
+	char out_file[MAXPATHLEN], *reader_id = NULL;
 	char *resource_record_hostname = NULL;
 	Key *private, *public;
 	struct passwd *pw;
@@ -803,6 +797,7 @@ main(int ac, char **av)
 	int opt, type, fd, download = 0, memory = 0;
 	int generator_wanted = 0, trials = 100;
 	int do_gen_candidates = 0, do_screen_candidates = 0;
+	int log_level = SYSLOG_LEVEL_INFO;
 	BIGNUM *start = NULL;
 	FILE *f;
 
@@ -829,7 +824,7 @@ main(int ac, char **av)
 	}
 
 	while ((opt = getopt(ac, av,
-	    "degiqpclBRxXyb:f:t:U:D:P:N:C:r:g:T:G:M:S:a:W:")) != -1) {
+	    "degiqpclBRvxXyb:f:t:U:D:P:N:C:r:g:T:G:M:S:a:W:")) != -1) {
 		switch (opt) {
 		case 'b':
 			bits = atoi(optarg);
@@ -897,6 +892,15 @@ main(int ac, char **av)
 		case 'U':
 			reader_id = optarg;
 			break;
+		case 'v':
+			if (log_level == SYSLOG_LEVEL_INFO)
+				log_level = SYSLOG_LEVEL_DEBUG1;
+			else {
+				if (log_level >= SYSLOG_LEVEL_DEBUG1 &&
+				    log_level < SYSLOG_LEVEL_DEBUG3)
+					log_level++;
+			}
+			break;
 		case 'r':
 			resource_record_hostname = optarg;
 			break;
@@ -907,18 +911,9 @@ main(int ac, char **av)
 			break;
 		case 'a':
 			trials = atoi(optarg);
-			if (trials < TRIAL_MINIMUM) {
-				fatal("Minimum primality trials is %d", 
-				    TRIAL_MINIMUM);
-			}
 			break;
 		case 'M':
 			memory = atoi(optarg);
-			if (memory != 0 && 
-			   (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) {
-				fatal("Invalid memory amount (min %ld, max %ld)",
-				    LARGE_MINIMUM, LARGE_MAXIMUM);
-			}
 			break;
 		case 'G':
 			do_gen_candidates = 1;
@@ -938,6 +933,10 @@ main(int ac, char **av)
 			usage();
 		}
 	}
+
+	/* reinit */
+	log_init(av[0], log_level, SYSLOG_FACILITY_USER, 1);
+
 	if (optind < ac) {
 		printf("Too many arguments.\n");
 		usage();
@@ -959,11 +958,7 @@ main(int ac, char **av)
 	if (print_public)
 		do_print_public(pw);
 	if (resource_record_hostname != NULL) {
-#ifdef DNS
 		do_print_resource_record(pw, resource_record_hostname);
-#else /* DNS */
-		fatal("no DNS support.");
-#endif /* DNS */
 	}
 	if (reader_id != NULL) {
 #ifdef SMARTCARD
@@ -978,7 +973,7 @@ main(int ac, char **av)
 
 	if (do_gen_candidates) {
 		FILE *out = fopen(out_file, "w");
-		
+
 		if (out == NULL) {
 			error("Couldn't open modulus candidate file \"%s\": %s",
 			    out_file, strerror(errno));
@@ -997,7 +992,7 @@ main(int ac, char **av)
 		if (have_identity && strcmp(identity_file, "-") != 0) {
 			if ((in = fopen(identity_file, "r")) == NULL) {
 				fatal("Couldn't open modulus candidate "
-				    "file \"%s\": %s", identity_file, 
+				    "file \"%s\": %s", identity_file,
 				    strerror(errno));
 			}
 		} else