mirror of
https://git.tartarus.org/simon/putty.git
synced 2025-01-10 01:48:00 +00:00
cgtest: update OpenSSH fingerprinting mechanism.
We can only get fingerprints compatible with our own system by passing the '-E md5' option to ssh-keygen. Also, we must strip the "MD5:" prefix from the hash component of the returned fingerprint. Since that hash appears in the middle of the string we were previously extracting, I've reworked the whole cleanup_fp function to use the new ptrlen_get_word, which makes it easy to extract two words from the string and then strip a prefix off the second one.
This commit is contained in:
parent
d159a6efac
commit
8c710dddc5
24
cmdgen.c
24
cmdgen.c
@ -1214,19 +1214,21 @@ void filecmp(char *file1, char *file2, char *fmt, ...)
|
||||
|
||||
char *cleanup_fp(char *s)
|
||||
{
|
||||
char *p;
|
||||
ptrlen pl = ptrlen_from_asciz(s);
|
||||
static const char separators[] = " \n\t";
|
||||
|
||||
if (!strncmp(s, "ssh-", 4)) {
|
||||
s += strcspn(s, " \n\t");
|
||||
s += strspn(s, " \n\t");
|
||||
}
|
||||
/* Skip initial key type word if we find one */
|
||||
if (ptrlen_startswith(pl, PTRLEN_LITERAL("ssh-"), NULL))
|
||||
ptrlen_get_word(&pl, separators);
|
||||
|
||||
p = s;
|
||||
s += strcspn(s, " \n\t");
|
||||
s += strspn(s, " \n\t");
|
||||
s += strcspn(s, " \n\t");
|
||||
/* Expect two words giving the key length and the hash */
|
||||
ptrlen bits = ptrlen_get_word(&pl, separators);
|
||||
ptrlen hash = ptrlen_get_word(&pl, separators);
|
||||
|
||||
return dupprintf("%.*s", (int)(s - p), p);
|
||||
/* Strip "MD5:" prefix if it's present, and do nothing if it isn't */
|
||||
ptrlen_startswith(hash, PTRLEN_LITERAL("MD5:"), &hash);
|
||||
|
||||
return dupprintf("%.*s %.*s", PTRLEN_PRINTF(bits), PTRLEN_PRINTF(hash));
|
||||
}
|
||||
|
||||
char *get_fp(char *filename)
|
||||
@ -1316,7 +1318,7 @@ int main(int argc, char **argv)
|
||||
{
|
||||
char *cmdbuf;
|
||||
fp = NULL;
|
||||
cmdbuf = dupprintf("ssh-keygen -l -f '%s' > '%s'",
|
||||
cmdbuf = dupprintf("ssh-keygen -E md5 -l -f '%s' > '%s'",
|
||||
pubfilename, tmpfilename1);
|
||||
if (system(cmdbuf) ||
|
||||
(fp = get_fp(tmpfilename1)) == NULL) {
|
||||
|
Loading…
Reference in New Issue
Block a user