upstream: move sig_process_opts() to before sig_sign(); no
functional code change OpenBSD-Commit-ID: da02d61f5464f72b4e8b299f83e93c3b657932f9
This commit is contained in:
djm@openbsd.org
Damien Miller
parent
37a14249ec
commit
141a14ec9b
77
ssh-keygen.c
77
ssh-keygen.c
|
|
@ -1,4 +1,4 @@
|
|||
/* $OpenBSD: ssh-keygen.c,v 1.442 2021/11/28 07:14:29 djm Exp $ */
|
||||
/* $OpenBSD: ssh-keygen.c,v 1.443 2022/01/05 04:27:01 djm Exp $ */
|
||||
/*
|
||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||
|
|
@ -2602,6 +2602,44 @@ sign_one(struct sshkey *signkey, const char *filename, int fd,
|
|||
return r;
|
||||
}
|
||||
|
||||
static int
|
||||
sig_process_opts(char * const *opts, size_t nopts, uint64_t *verify_timep,
|
||||
int *print_pubkey)
|
||||
{
|
||||
size_t i;
|
||||
time_t now;
|
||||
|
||||
if (verify_timep != NULL)
|
||||
*verify_timep = 0;
|
||||
if (print_pubkey != NULL)
|
||||
*print_pubkey = 0;
|
||||
for (i = 0; i < nopts; i++) {
|
||||
if (verify_timep &&
|
||||
strncasecmp(opts[i], "verify-time=", 12) == 0) {
|
||||
if (parse_absolute_time(opts[i] + 12,
|
||||
verify_timep) != 0 || *verify_timep == 0) {
|
||||
error("Invalid \"verify-time\" option");
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
}
|
||||
} else if (print_pubkey &&
|
||||
strcasecmp(opts[i], "print-pubkey") == 0) {
|
||||
*print_pubkey = 1;
|
||||
} else {
|
||||
error("Invalid option \"%s\"", opts[i]);
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
}
|
||||
}
|
||||
if (verify_timep && *verify_timep == 0) {
|
||||
if ((now = time(NULL)) < 0) {
|
||||
error("Time is before epoch");
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
}
|
||||
*verify_timep = (uint64_t)now;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
static int
|
||||
sig_sign(const char *keypath, const char *sig_namespace, int argc, char **argv)
|
||||
{
|
||||
|
|
@ -2673,43 +2711,6 @@ done:
|
|||
return ret;
|
||||
}
|
||||
|
||||
static int
|
||||
sig_process_opts(char * const *opts, size_t nopts, uint64_t *verify_timep,
|
||||
int *print_pubkey)
|
||||
{
|
||||
size_t i;
|
||||
time_t now;
|
||||
|
||||
if (verify_timep != NULL)
|
||||
*verify_timep = 0;
|
||||
if (print_pubkey != NULL)
|
||||
*print_pubkey = 0;
|
||||
for (i = 0; i < nopts; i++) {
|
||||
if (verify_timep &&
|
||||
strncasecmp(opts[i], "verify-time=", 12) == 0) {
|
||||
if (parse_absolute_time(opts[i] + 12,
|
||||
verify_timep) != 0 || *verify_timep == 0) {
|
||||
error("Invalid \"verify-time\" option");
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
}
|
||||
} else if (print_pubkey &&
|
||||
strcasecmp(opts[i], "print-pubkey") == 0) {
|
||||
*print_pubkey = 1;
|
||||
} else {
|
||||
error("Invalid option \"%s\"", opts[i]);
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
}
|
||||
}
|
||||
if (verify_timep && *verify_timep == 0) {
|
||||
if ((now = time(NULL)) < 0) {
|
||||
error("Time is before epoch");
|
||||
return SSH_ERR_INVALID_ARGUMENT;
|
||||
}
|
||||
*verify_timep = (uint64_t)now;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
static int
|
||||
sig_verify(const char *signature, const char *sig_namespace,
|
||||
const char *principal, const char *allowed_keys, const char *revoked_keys,
|
||||
|
|
|
|||
Loading…
Reference in New Issue