tyler.durden/Win32-OpenSSH
1
0
Fork 0
mirror of https://github.com/PowerShell/Win32-OpenSSH.git synced 2025-07-25 23:14:54 +02:00
Code Issues Packages Projects Releases Wiki Activity

just fix bug for windows with aid of #ifdef approach and keep the old code intact

Browse Source
This commit is contained in:
lupo1977 2018-02-07 22:51:09 +01:00
parent 5c34676927
commit 521a370765
1 changed files with 323 additions and 284 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

119
ssh-keygen.c
View File

@ -221,7 +221,8 @@ type_bits_valid(int type, const char *name, u_int32_t *bitsp)
*bitsp = sshkey_curve_nid_to_bits(nid); *bitsp = sshkey_curve_nid_to_bits(nid);
if (*bitsp == 0) if (*bitsp == 0)
*bitsp = DEFAULT_BITS_ECDSA; *bitsp = DEFAULT_BITS_ECDSA;
} else }
else
#endif #endif
*bitsp = DEFAULT_BITS; *bitsp = DEFAULT_BITS;
} }
@ -488,9 +489,11 @@ do_convert_private_ssh2_from_blob(u_char *blob, u_int blen)
if (strstr(type, "dsa")) { if (strstr(type, "dsa")) {
ktype = KEY_DSA; ktype = KEY_DSA;
} else if (strstr(type, "rsa")) { }
else if (strstr(type, "rsa")) {
ktype = KEY_RSA; ktype = KEY_RSA;
} else { }
else {
sshbuf_free(b); sshbuf_free(b);
free(type); free(type);
return NULL; return NULL;
@ -736,7 +739,8 @@ do_convert_from(struct passwd *pw)
ok = 1; ok = 1;
if (ok) if (ok)
fprintf(stdout, "\n"); fprintf(stdout, "\n");
} else { }
else {
switch (k->type) { switch (k->type) {
case KEY_DSA: case KEY_DSA:
ok = PEM_write_DSAPrivateKey(stdout, k->dsa, NULL, ok = PEM_write_DSAPrivateKey(stdout, k->dsa, NULL,
@ -814,7 +818,8 @@ do_download(struct passwd *pw)
printf("%s\n", ra); printf("%s\n", ra);
free(ra); free(ra);
free(fp); free(fp);
} else { }
else {
(void)sshkey_write(keys[i], stdout); /* XXX check */ (void)sshkey_write(keys[i], stdout); /* XXX check */
fprintf(stdout, "\n"); fprintf(stdout, "\n");
} }
@ -905,7 +910,8 @@ do_fingerprint(struct passwd *pw)
if (strcmp(identity_file, "-") == 0) { if (strcmp(identity_file, "-") == 0) {
f = stdin; f = stdin;
path = "(stdin)"; path = "(stdin)";
} else if ((f = fopen(path, "r")) == NULL) }
else if ((f = fopen(path, "r")) == NULL)
fatal("%s: %s: %s", __progname, path, strerror(errno)); fatal("%s: %s: %s", __progname, path, strerror(errno));
while (read_keyfile_line(f, path, line, sizeof(line), &lnum) == 0) { while (read_keyfile_line(f, path, line, sizeof(line), &lnum) == 0) {
@ -1017,7 +1023,8 @@ do_gen_all_hostkeys(struct passwd *pw)
if (stat(prv_file, &st) == 0) { if (stat(prv_file, &st) == 0) {
if (st.st_size != 0) if (st.st_size != 0)
goto next; goto next;
} else if (errno != ENOENT) { }
else if (errno != ENOENT) {
error("Could not stat %s: %s", key_types[i].path, error("Could not stat %s: %s", key_types[i].path,
strerror(errno)); strerror(errno));
goto failnext; goto failnext;
@ -1202,7 +1209,8 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
if (l->marker != MRK_NONE) { if (l->marker != MRK_NONE) {
/* Don't remove CA and revocation lines */ /* Don't remove CA and revocation lines */
fprintf(ctx->out, "%s\n", l->line); fprintf(ctx->out, "%s\n", l->line);
} else { }
else {
/* /*
* Hostname matches and has no CA/revoke * Hostname matches and has no CA/revoke
* marker, delete it by *not* writing the * marker, delete it by *not* writing the
@ -1214,7 +1222,8 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
ctx->host, l->linenum); ctx->host, l->linenum);
} }
return 0; return 0;
} else if (find_host) { }
else if (find_host) {
ctx->found_key = 1; ctx->found_key = 1;
if (!quiet) { if (!quiet) {
printf("# Host %s found: line %lu %s\n", printf("# Host %s found: line %lu %s\n",
@ -1229,11 +1238,13 @@ known_hosts_find_delete(struct hostkey_foreach_line *l, void *_ctx)
mprintf("%s %s %s %s\n", ctx->host, mprintf("%s %s %s %s\n", ctx->host,
sshkey_type(l->key), fp, l->comment); sshkey_type(l->key), fp, l->comment);
free(fp); free(fp);
} else }
else
fprintf(ctx->out, "%s\n", l->line); fprintf(ctx->out, "%s\n", l->line);
return 0; return 0;
} }
} else if (delete_host) { }
else if (delete_host) {
/* Retain non-matching hosts when deleting */ /* Retain non-matching hosts when deleting */
if (l->status == HKF_STATUS_INVALID) { if (l->status == HKF_STATUS_INVALID) {
ctx->invalid = 1; ctx->invalid = 1;
@ -1312,11 +1323,13 @@ do_known_hosts(struct passwd *pw, const char *name)
unlink(tmp); unlink(tmp);
} }
exit(1); exit(1);
} else if (delete_host && !ctx.found_key) { }
else if (delete_host && !ctx.found_key) {
logit("Host %s not found in %s", name, identity_file); logit("Host %s not found in %s", name, identity_file);
if (inplace) if (inplace)
unlink(tmp); unlink(tmp);
} else if (inplace) { }
else if (inplace) {
/* Backup existing file */ /* Backup existing file */
if (unlink(old) == -1 && errno != ENOENT) if (unlink(old) == -1 && errno != ENOENT)
fatal("unlink %.100s: %s", old, strerror(errno)); fatal("unlink %.100s: %s", old, strerror(errno));
@ -1377,7 +1390,8 @@ do_change_passphrase(struct passwd *pw)
free(old_passphrase); free(old_passphrase);
if (r != 0) if (r != 0)
goto badkey; goto badkey;
} else if (r != 0) { }
else if (r != 0) {
badkey: badkey:
fatal("Failed to load key %s: %s", identity_file, ssh_err(r)); fatal("Failed to load key %s: %s", identity_file, ssh_err(r));
} }
@ -1388,7 +1402,8 @@ do_change_passphrase(struct passwd *pw)
if (identity_new_passphrase) { if (identity_new_passphrase) {
passphrase1 = xstrdup(identity_new_passphrase); passphrase1 = xstrdup(identity_new_passphrase);
passphrase2 = NULL; passphrase2 = NULL;
} else { }
else {
passphrase1 = passphrase1 =
read_passphrase("Enter new passphrase (empty for no " read_passphrase("Enter new passphrase (empty for no "
"passphrase): ", RP_ALLOW_STDIN); "passphrase): ", RP_ALLOW_STDIN);
@ -1512,7 +1527,8 @@ do_change_comment(struct passwd *pw)
if (identity_comment) { if (identity_comment) {
strlcpy(new_comment, identity_comment, sizeof(new_comment)); strlcpy(new_comment, identity_comment, sizeof(new_comment));
} else { }
else {
printf("Enter new comment: "); printf("Enter new comment: ");
fflush(stdout); fflush(stdout);
if (!fgets(new_comment, sizeof(new_comment), stdin)) { if (!fgets(new_comment, sizeof(new_comment), stdin)) {
@ -1541,18 +1557,21 @@ do_change_comment(struct passwd *pw)
sshkey_free(private); sshkey_free(private);
strlcat(identity_file, ".pub", sizeof(identity_file)); strlcat(identity_file, ".pub", sizeof(identity_file));
if ((fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644)) == -1) fd = open(identity_file, O_WRONLY | O_CREAT | O_TRUNC, 0644);
fatal("Could not save your public key in %s: %s", if (fd == -1)
identity_file, strerror(errno)); fatal("Could not save your public key in %s", identity_file);
#ifdef WINDOWS #ifdef WINDOWS
/* Windows POSIX adpater does not support fdopen() on open(file)*/ /* Windows POSIX adpater does not support fdopen() on open(file)*/
close(fd); close(fd);
if ((f = fopen(identity_file, "w")) == NULL) if ((f = fopen(identity_file, "w")) == NULL)
fatal("fopen %s failed: %s", identity_file, strerror(errno)); fatal("fopen %s failed: %s", identity_file, strerror(errno));
#else /* !WINDOWS */ #else /* !WINDOWS */
if ((f = fdopen(fd, "w")) == NULL) f = fdopen(fd, "w");
if (f == NULL)
fatal("fdopen %s failed: %s", identity_file, strerror(errno)); fatal("fdopen %s failed: %s", identity_file, strerror(errno));
#endif /* !WINDOWS */ #endif /* !WINDOWS */
if ((r = sshkey_write(public, f)) != 0) if ((r = sshkey_write(public, f)) != 0)
fatal("write key failed: %s", ssh_err(r)); fatal("write key failed: %s", ssh_err(r));
sshkey_free(public); sshkey_free(public);
@ -1697,7 +1716,8 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
/* If a PKCS#11 token was specified then try to use it */ /* If a PKCS#11 token was specified then try to use it */
if ((ca = load_pkcs11_key(tmp)) == NULL) if ((ca = load_pkcs11_key(tmp)) == NULL)
fatal("No PKCS#11 key matching %s found", ca_key_path); fatal("No PKCS#11 key matching %s found", ca_key_path);
} else if (prefer_agent) { }
else if (prefer_agent) {
/* /*
* Agent signature requested. Try to use agent after making * Agent signature requested. Try to use agent after making
* sure the public key specified is actually present in the * sure the public key specified is actually present in the
@ -1722,7 +1742,8 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
fatal("CA key %s not found in agent", tmp); fatal("CA key %s not found in agent", tmp);
ssh_free_identitylist(agent_ids); ssh_free_identitylist(agent_ids);
ca->flags |= SSHKEY_FLAG_EXT; ca->flags |= SSHKEY_FLAG_EXT;
} else { }
else {
/* CA key is assumed to be a private key on the filesystem */ /* CA key is assumed to be a private key on the filesystem */
ca = load_identity(tmp); ca = load_identity(tmp);
} }
@ -1780,7 +1801,8 @@ do_ca_sign(struct passwd *pw, int argc, char **argv)
key_type_name, agent_signer, &agent_fd)) != 0) key_type_name, agent_signer, &agent_fd)) != 0)
fatal("Couldn't certify key %s via agent: %s", fatal("Couldn't certify key %s via agent: %s",
tmp, ssh_err(r)); tmp, ssh_err(r));
} else { }
else {
if ((sshkey_certify(public, ca, key_type_name)) != 0) if ((sshkey_certify(public, ca, key_type_name)) != 0)
fatal("Couldn't certify key %s: %s", fatal("Couldn't certify key %s: %s",
tmp, ssh_err(r)); tmp, ssh_err(r));
@ -1963,7 +1985,8 @@ add_cert_option(char *opt)
if (certflags_command != NULL) if (certflags_command != NULL)
fatal("force-command already specified"); fatal("force-command already specified");
certflags_command = xstrdup(val); certflags_command = xstrdup(val);
} else if (strncasecmp(opt, "source-address=", 15) == 0) { }
else if (strncasecmp(opt, "source-address=", 15) == 0) {
val = opt + 15; val = opt + 15;
if (*val == '\0') if (*val == '\0')
fatal("Empty source-address option"); fatal("Empty source-address option");
@ -1972,7 +1995,8 @@ add_cert_option(char *opt)
if (addr_match_cidr_list(NULL, val) != 0) if (addr_match_cidr_list(NULL, val) != 0)
fatal("Invalid source-address list"); fatal("Invalid source-address list");
certflags_src_addr = xstrdup(val); certflags_src_addr = xstrdup(val);
} else if (strncasecmp(opt, "extension:", 10) == 0 || }
else if (strncasecmp(opt, "extension:", 10) == 0 ||
(iscrit = (strncasecmp(opt, "critical:", 9) == 0))) { (iscrit = (strncasecmp(opt, "critical:", 9) == 0))) {
val = xstrdup(strchr(opt, ':') + 1); val = xstrdup(strchr(opt, ':') + 1);
if ((cp = strchr(val, '=')) != NULL) if ((cp = strchr(val, '=')) != NULL)
@ -1984,7 +2008,8 @@ add_cert_option(char *opt)
NULL : xstrdup(cp); NULL : xstrdup(cp);
cert_userext[ncert_userext].crit = iscrit; cert_userext[ncert_userext].crit = iscrit;
ncert_userext++; ncert_userext++;
} else }
else
fatal("Unsupported certificate option \"%s\"", opt); fatal("Unsupported certificate option \"%s\"", opt);
} }
@ -2019,7 +2044,8 @@ show_options(struct sshbuf *optbuf, int in_critical)
__func__, ssh_err(r)); __func__, ssh_err(r));
printf(" %s\n", arg); printf(" %s\n", arg);
free(arg); free(arg);
} else { }
else {
printf(" UNKNOWN OPTION (len %zu)\n", printf(" UNKNOWN OPTION (len %zu)\n",
sshbuf_len(option)); sshbuf_len(option));
sshbuf_reset(option); sshbuf_reset(option);
@ -2099,7 +2125,8 @@ do_show_cert(struct passwd *pw)
f = stdin; f = stdin;
path = "(stdin)"; path = "(stdin)";
is_stdin = 1; is_stdin = 1;
} else if ((f = fopen(identity_file, "r")) == NULL) }
else if ((f = fopen(identity_file, "r")) == NULL)
fatal("fopen %s: %s", identity_file, strerror(errno)); fatal("fopen %s: %s", identity_file, strerror(errno));
while (read_keyfile_line(f, path, line, sizeof(line), &lnum) == 0) { while (read_keyfile_line(f, path, line, sizeof(line), &lnum) == 0) {
@ -2168,7 +2195,8 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
krl_spec = stdin; krl_spec = stdin;
free(path); free(path);
path = xstrdup("(standard input)"); path = xstrdup("(standard input)");
} else if ((krl_spec = fopen(path, "r")) == NULL) }
else if ((krl_spec = fopen(path, "r")) == NULL)
fatal("fopen %s: %s", path, strerror(errno)); fatal("fopen %s: %s", path, strerror(errno));
if (!quiet) if (!quiet)
@ -2187,7 +2215,8 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
/* Remember the start of a span of whitespace */ /* Remember the start of a span of whitespace */
if (r == -1) if (r == -1)
r = i; r = i;
} else }
else
r = -1; r = -1;
} }
if (r != -1) if (r != -1)
@ -2231,7 +2260,8 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
fatal("%s: revoke serial failed", fatal("%s: revoke serial failed",
__func__); __func__);
} }
} else if (strncasecmp(cp, "id:", 3) == 0) { }
else if (strncasecmp(cp, "id:", 3) == 0) {
if (ca == NULL && !wild_ca) { if (ca == NULL && !wild_ca) {
fatal("revoking certificates by key ID " fatal("revoking certificates by key ID "
"requires specification of a CA key"); "requires specification of a CA key");
@ -2240,16 +2270,19 @@ update_krl_from_file(struct passwd *pw, const char *file, int wild_ca,
cp = cp + strspn(cp, " \t"); cp = cp + strspn(cp, " \t");
if (ssh_krl_revoke_cert_by_key_id(krl, ca, cp) != 0) if (ssh_krl_revoke_cert_by_key_id(krl, ca, cp) != 0)
fatal("%s: revoke key ID failed", __func__); fatal("%s: revoke key ID failed", __func__);
} else { }
else {
if (strncasecmp(cp, "key:", 4) == 0) { if (strncasecmp(cp, "key:", 4) == 0) {
cp += 4; cp += 4;
cp = cp + strspn(cp, " \t"); cp = cp + strspn(cp, " \t");
was_explicit_key = 1; was_explicit_key = 1;
} else if (strncasecmp(cp, "sha1:", 5) == 0) { }
else if (strncasecmp(cp, "sha1:", 5) == 0) {
cp += 5; cp += 5;
cp = cp + strspn(cp, " \t"); cp = cp + strspn(cp, " \t");
was_sha1 = 1; was_sha1 = 1;
} else { }
else {
/* /*
* Just try to process the line as a key. * Just try to process the line as a key.
* Parsing will fail if it isn't. * Parsing will fail if it isn't.
@ -2674,7 +2707,8 @@ main(int argc, char **argv)
error("Too few arguments."); error("Too few arguments.");
usage(); usage();
} }
} else if (argc > 0 && !gen_krl && !check_krl) { }
else if (argc > 0 && !gen_krl && !check_krl) {
error("Too many arguments."); error("Too many arguments.");
usage(); usage();
} }
@ -2728,7 +2762,8 @@ main(int argc, char **argv)
if (n == 0) if (n == 0)
fatal("%s: %s", identity_file, strerror(errno)); fatal("%s: %s", identity_file, strerror(errno));
exit(0); exit(0);
} else { }
else {
n += do_print_resource_record(pw, n += do_print_resource_record(pw,
_PATH_HOST_RSA_KEY_FILE, rr_hostname); _PATH_HOST_RSA_KEY_FILE, rr_hostname);
@ -2771,7 +2806,8 @@ main(int argc, char **argv)
"file \"%s\": %s", identity_file, "file \"%s\": %s", identity_file,
strerror(errno)); strerror(errno));
} }
} else }
else
in = stdin; in = stdin;
if (out == NULL) { if (out == NULL) {
@ -2816,10 +2852,12 @@ main(int argc, char **argv)
if (errno != ENOENT) { if (errno != ENOENT) {
error("Could not stat %s: %s", dotsshdir, error("Could not stat %s: %s", dotsshdir,
strerror(errno)); strerror(errno));
} else if (mkdir(dotsshdir, 0700) < 0) { }
else if (mkdir(dotsshdir, 0700) < 0) {
error("Could not create directory '%s': %s", error("Could not create directory '%s': %s",
dotsshdir, strerror(errno)); dotsshdir, strerror(errno));
} else if (!quiet) }
else if (!quiet)
printf("Created directory '%s'.\n", dotsshdir); printf("Created directory '%s'.\n", dotsshdir);
} }
} }
@ -2865,7 +2903,8 @@ passphrase_again:
if (identity_comment) { if (identity_comment) {
strlcpy(comment, identity_comment, sizeof(comment)); strlcpy(comment, identity_comment, sizeof(comment));
} else { }
else {
/* Create default comment field for the passphrase. */ /* Create default comment field for the passphrase. */
snprintf(comment, sizeof comment, "%s@%s", pw->pw_name, hostname); snprintf(comment, sizeof comment, "%s@%s", pw->pw_name, hostname);
} }