Mercurial > dropbear
annotate gensignkey.h @ 1885:5d8dbb6fdab7
Fix SSH_PUBKEYINFO, limit characters, add tests
We fix a bad_bufptr() failure from a previous commit. We now limit
the allowed characters to those that will definitely be safe
in a shell. Some scripts/programs may use arbitrary environment
variables without escaping correctly - that could be a problem
in a restricted environment.
The current allowed set is a-z A-Z 0-9 .,_-+@
This also adds a test for SSH_PUBKEYINFO, by default it only runs
under github actions (or "act -j build").
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Wed, 16 Mar 2022 17:17:23 +0800 |
parents | 4f8eb331174f |
children |
rev | line source |
---|---|
1036
deed0571cacc
DROPBEAR_ prefix for include guards to avoid collisions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents:
846
diff
changeset
|
1 #ifndef DROPBEAR_GENSIGNKEY_H |
deed0571cacc
DROPBEAR_ prefix for include guards to avoid collisions
Thorsten Horstmann <thorsten.horstmann@web.de>
parents:
846
diff
changeset
|
2 #define DROPBEAR_GENSIGNKEY_H |
846
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
3 |
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
4 #include "signkey.h" |
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
5 |
1329
185c14fa504d
Use atomic key generation in all cases
Matt Johnston <matt@ucc.asn.au>
parents:
1036
diff
changeset
|
6 int signkey_generate(enum signkey_type type, int bits, const char* filename, int skip_exist); |
1438
4f8eb331174f
add configuration option for default RSA size.
Matt Johnston <matt@ucc.asn.au>
parents:
1329
diff
changeset
|
7 int signkey_generate_get_bits(enum signkey_type keytype, int bits); |
846
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
8 |
b298bb438625
refactor key generation, make it generate as required.
Matt Johnston <matt@ucc.asn.au>
parents:
diff
changeset
|
9 #endif |