15c15
< RCSID("$OpenBSD: ssh-keygen.c,v 1.102 2002/11/26 00:45:03 wcobb Exp $");
---
> RCSID("$OpenBSD: ssh-keygen.c,v 1.108 2003/08/14 16:08:58 markus Exp $");
29a30
> #include "moduli.h"
33a35,37
> #ifdef DNS
> #include "dns.h"
> #endif
72a77
> int print_generic = 0;
165a171,174
> if (k->type == KEY_RSA1) {
> fprintf(stderr, "version 1 keys are not supported\n");
> exit(1);
> }
418c427
< log("loading key done");
---
> logit("loading key done");
618a628
> #ifdef DNS
619a630,660
> * Print the SSHFP RR.
> */
> static void
> do_print_resource_record(struct passwd *pw, char *hostname)
> {
> Key *public;
> char *comment = NULL;
> struct stat st;
>
> if (!have_identity)
> ask_filename(pw, "Enter file in which the key is");
> if (stat(identity_file, &st) < 0) {
> perror(identity_file);
> exit(1);
> }
> public = key_load_public(identity_file, &comment);
> if (public != NULL) {
> export_dns_rr(hostname, public, stdout, print_generic);
> key_free(public);
> xfree(comment);
> exit(0);
> }
> if (comment)
> xfree(comment);
>
> printf("failed to read v2 public key from %s.\n", identity_file);
> exit(1);
> }
> #endif /* DNS */
>
> /*
724a766
> fprintf(stderr, " -g Use generic DNS resource record format.\n");
734a777,779
> #ifdef DNS
> fprintf(stderr, " -r hostname Print DNS resource record.\n");
> #endif /* DNS */
739a785,787
> fprintf(stderr, " -G file Generate candidates for DH-GEX moduli\n");
> fprintf(stderr, " -T file Screen candidates for DH-GEX moduli\n");
>
750c798,799
< char *reader_id = NULL;
---
> char out_file[MAXPATHLEN], *reader_id = NULL;
> char *resource_record_hostname = NULL;
754c803,806
< int opt, type, fd, download = 0;
---
> int opt, type, fd, download = 0, memory = 0;
> int generator_wanted = 0, trials = 100;
> int do_gen_candidates = 0, do_screen_candidates = 0;
> BIGNUM *start = NULL;
760c812
< __progname = get_progname(av[0]);
---
> __progname = ssh_get_progname(av[0]);
762a815,816
> log_init(av[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
>
777c831,832
< while ((opt = getopt(ac, av, "deiqpclBRxXyb:f:t:U:D:P:N:C:")) != -1) {
---
> while ((opt = getopt(ac, av,
> "degiqpclBRxXyb:f:t:U:D:P:N:C:r:g:T:G:M:S:a:W:")) != -1) {
801a857,859
> case 'g':
> print_generic = 1;
> break;
841a900,935
> case 'r':
> resource_record_hostname = optarg;
> break;
> case 'W':
> generator_wanted = atoi(optarg);
> if (generator_wanted < 1)
> fatal("Desired generator has bad value.");
> break;
> case 'a':
> trials = atoi(optarg);
> if (trials < TRIAL_MINIMUM) {
> fatal("Minimum primality trials is %d",
> TRIAL_MINIMUM);
> }
> break;
> case 'M':
> memory = atoi(optarg);
> if (memory != 0 &&
> (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) {
> fatal("Invalid memory amount (min %ld, max %ld)",
> LARGE_MINIMUM, LARGE_MAXIMUM);
> }
> break;
> case 'G':
> do_gen_candidates = 1;
> strlcpy(out_file, optarg, sizeof(out_file));
> break;
> case 'T':
> do_screen_candidates = 1;
> strlcpy(out_file, optarg, sizeof(out_file));
> break;
> case 'S':
> /* XXX - also compare length against bits */
> if (BN_hex2bn(&start, optarg) == 0)
> fatal("Invalid start point.");
> break;
866a961,967
> if (resource_record_hostname != NULL) {
> #ifdef DNS
> do_print_resource_record(pw, resource_record_hostname);
> #else /* DNS */
> fatal("no DNS support.");
> #endif /* DNS */
> }
877a979,1014
> if (do_gen_candidates) {
> FILE *out = fopen(out_file, "w");
>
> if (out == NULL) {
> error("Couldn't open modulus candidate file \"%s\": %s",
> out_file, strerror(errno));
> return (1);
> }
> if (gen_candidates(out, memory, bits, start) != 0)
> fatal("modulus candidate generation failed\n");
>
> return (0);
> }
>
> if (do_screen_candidates) {
> FILE *in;
> FILE *out = fopen(out_file, "w");
>
> if (have_identity && strcmp(identity_file, "-") != 0) {
> if ((in = fopen(identity_file, "r")) == NULL) {
> fatal("Couldn't open modulus candidate "
> "file \"%s\": %s", identity_file,
> strerror(errno));
> }
> } else
> in = stdin;
>
> if (out == NULL) {
> fatal("Couldn't open moduli file \"%s\": %s",
> out_file, strerror(errno));
> }
> if (prime_test(in, out, trials, generator_wanted) != 0)
> fatal("modulus screening failed\n");
> return (0);
> }
>
< RCSID("$OpenBSD: ssh-keygen.c,v 1.102 2002/11/26 00:45:03 wcobb Exp $");
---
> RCSID("$OpenBSD: ssh-keygen.c,v 1.108 2003/08/14 16:08:58 markus Exp $");
29a30
> #include "moduli.h"
33a35,37
> #ifdef DNS
> #include "dns.h"
> #endif
72a77
> int print_generic = 0;
165a171,174
> if (k->type == KEY_RSA1) {
> fprintf(stderr, "version 1 keys are not supported\n");
> exit(1);
> }
418c427
< log("loading key done");
---
> logit("loading key done");
618a628
> #ifdef DNS
619a630,660
> * Print the SSHFP RR.
> */
> static void
> do_print_resource_record(struct passwd *pw, char *hostname)
> {
> Key *public;
> char *comment = NULL;
> struct stat st;
>
> if (!have_identity)
> ask_filename(pw, "Enter file in which the key is");
> if (stat(identity_file, &st) < 0) {
> perror(identity_file);
> exit(1);
> }
> public = key_load_public(identity_file, &comment);
> if (public != NULL) {
> export_dns_rr(hostname, public, stdout, print_generic);
> key_free(public);
> xfree(comment);
> exit(0);
> }
> if (comment)
> xfree(comment);
>
> printf("failed to read v2 public key from %s.\n", identity_file);
> exit(1);
> }
> #endif /* DNS */
>
> /*
724a766
> fprintf(stderr, " -g Use generic DNS resource record format.\n");
734a777,779
> #ifdef DNS
> fprintf(stderr, " -r hostname Print DNS resource record.\n");
> #endif /* DNS */
739a785,787
> fprintf(stderr, " -G file Generate candidates for DH-GEX moduli\n");
> fprintf(stderr, " -T file Screen candidates for DH-GEX moduli\n");
>
750c798,799
< char *reader_id = NULL;
---
> char out_file[MAXPATHLEN], *reader_id = NULL;
> char *resource_record_hostname = NULL;
754c803,806
< int opt, type, fd, download = 0;
---
> int opt, type, fd, download = 0, memory = 0;
> int generator_wanted = 0, trials = 100;
> int do_gen_candidates = 0, do_screen_candidates = 0;
> BIGNUM *start = NULL;
760c812
< __progname = get_progname(av[0]);
---
> __progname = ssh_get_progname(av[0]);
762a815,816
> log_init(av[0], SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_USER, 1);
>
777c831,832
< while ((opt = getopt(ac, av, "deiqpclBRxXyb:f:t:U:D:P:N:C:")) != -1) {
---
> while ((opt = getopt(ac, av,
> "degiqpclBRxXyb:f:t:U:D:P:N:C:r:g:T:G:M:S:a:W:")) != -1) {
801a857,859
> case 'g':
> print_generic = 1;
> break;
841a900,935
> case 'r':
> resource_record_hostname = optarg;
> break;
> case 'W':
> generator_wanted = atoi(optarg);
> if (generator_wanted < 1)
> fatal("Desired generator has bad value.");
> break;
> case 'a':
> trials = atoi(optarg);
> if (trials < TRIAL_MINIMUM) {
> fatal("Minimum primality trials is %d",
> TRIAL_MINIMUM);
> }
> break;
> case 'M':
> memory = atoi(optarg);
> if (memory != 0 &&
> (memory < LARGE_MINIMUM || memory > LARGE_MAXIMUM)) {
> fatal("Invalid memory amount (min %ld, max %ld)",
> LARGE_MINIMUM, LARGE_MAXIMUM);
> }
> break;
> case 'G':
> do_gen_candidates = 1;
> strlcpy(out_file, optarg, sizeof(out_file));
> break;
> case 'T':
> do_screen_candidates = 1;
> strlcpy(out_file, optarg, sizeof(out_file));
> break;
> case 'S':
> /* XXX - also compare length against bits */
> if (BN_hex2bn(&start, optarg) == 0)
> fatal("Invalid start point.");
> break;
866a961,967
> if (resource_record_hostname != NULL) {
> #ifdef DNS
> do_print_resource_record(pw, resource_record_hostname);
> #else /* DNS */
> fatal("no DNS support.");
> #endif /* DNS */
> }
877a979,1014
> if (do_gen_candidates) {
> FILE *out = fopen(out_file, "w");
>
> if (out == NULL) {
> error("Couldn't open modulus candidate file \"%s\": %s",
> out_file, strerror(errno));
> return (1);
> }
> if (gen_candidates(out, memory, bits, start) != 0)
> fatal("modulus candidate generation failed\n");
>
> return (0);
> }
>
> if (do_screen_candidates) {
> FILE *in;
> FILE *out = fopen(out_file, "w");
>
> if (have_identity && strcmp(identity_file, "-") != 0) {
> if ((in = fopen(identity_file, "r")) == NULL) {
> fatal("Couldn't open modulus candidate "
> "file \"%s\": %s", identity_file,
> strerror(errno));
> }
> } else
> in = stdin;
>
> if (out == NULL) {
> fatal("Couldn't open moduli file \"%s\": %s",
> out_file, strerror(errno));
> }
> if (prime_test(in, out, trials, generator_wanted) != 0)
> fatal("modulus screening failed\n");
> return (0);
> }
>