-/* $OpenBSD: ssh-keygen.c,v 1.280 2015/11/18 08:37:28 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.281 2015/11/19 01:08:55 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
exit(0);
}
-static const char *
-fmt_validity(u_int64_t valid_from, u_int64_t valid_to)
-{
- char from[32], to[32];
- static char ret[64];
- time_t tt;
- struct tm *tm;
-
- *from = *to = '\0';
- if (valid_from == 0 && valid_to == 0xffffffffffffffffULL)
- return "forever";
-
- if (valid_from != 0) {
- /* XXX revisit INT_MAX in 2038 :) */
- tt = valid_from > INT_MAX ? INT_MAX : valid_from;
- tm = localtime(&tt);
- strftime(from, sizeof(from), "%Y-%m-%dT%H:%M:%S", tm);
- }
- if (valid_to != 0xffffffffffffffffULL) {
- /* XXX revisit INT_MAX in 2038 :) */
- tt = valid_to > INT_MAX ? INT_MAX : valid_to;
- tm = localtime(&tt);
- strftime(to, sizeof(to), "%Y-%m-%dT%H:%M:%S", tm);
- }
-
- if (valid_from == 0) {
- snprintf(ret, sizeof(ret), "before %s", to);
- return ret;
- }
- if (valid_to == 0xffffffffffffffffULL) {
- snprintf(ret, sizeof(ret), "after %s", from);
- return ret;
- }
-
- snprintf(ret, sizeof(ret), "from %s to %s", from, to);
- return ret;
-}
-
static void
add_flag_option(struct sshbuf *c, const char *name)
{
int r, i, fd;
u_int n;
struct sshkey *ca, *public;
- char *otmp, *tmp, *cp, *out, *comment, **plist = NULL;
+ char valid[64], *otmp, *tmp, *cp, *out, *comment, **plist = NULL;
FILE *f;
#ifdef ENABLE_PKCS11
fclose(f);
if (!quiet) {
+ sshkey_format_cert_validity(public->cert,
+ valid, sizeof(valid));
logit("Signed %s key %s: id \"%s\" serial %llu%s%s "
"valid %s", sshkey_cert_type(public),
out, public->cert->key_id,
(unsigned long long)public->cert->serial,
cert_principals != NULL ? " for " : "",
cert_principals != NULL ? cert_principals : "",
- fmt_validity(cert_valid_from, cert_valid_to));
+ valid);
}
sshkey_free(public);
static void
print_cert(struct sshkey *key)
{
- char *key_fp, *ca_fp;
+ char valid[64], *key_fp, *ca_fp;
u_int i;
key_fp = sshkey_fingerprint(key, fingerprint_hash, SSH_FP_DEFAULT);
fingerprint_hash, SSH_FP_DEFAULT);
if (key_fp == NULL || ca_fp == NULL)
fatal("%s: sshkey_fingerprint fail", __func__);
+ sshkey_format_cert_validity(key->cert, valid, sizeof(valid));
printf(" Type: %s %s certificate\n", sshkey_ssh_name(key),
sshkey_cert_type(key));
sshkey_type(key->cert->signature_key), ca_fp);
printf(" Key ID: \"%s\"\n", key->cert->key_id);
printf(" Serial: %llu\n", (unsigned long long)key->cert->serial);
- printf(" Valid: %s\n",
- fmt_validity(key->cert->valid_after, key->cert->valid_before));
+ printf(" Valid: %s\n", valid);
printf(" Principals: ");
if (key->cert->nprincipals == 0)
printf("(none)\n");
-/* $OpenBSD: sshkey.c,v 1.26 2015/11/16 23:47:52 millert Exp $ */
+/* $OpenBSD: sshkey.c,v 1.27 2015/11/19 01:08:55 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Alexander von Gernler. All rights reserved.
return 0;
}
+size_t
+sshkey_format_cert_validity(const struct sshkey_cert *cert, char *s, size_t l)
+{
+ char from[32], to[32], ret[64];
+ time_t tt;
+ struct tm *tm;
+
+ *from = *to = '\0';
+ if (cert->valid_after == 0 &&
+ cert->valid_before == 0xffffffffffffffffULL)
+ return strlcpy(s, "forever", l);
+
+ if (cert->valid_after != 0) {
+ /* XXX revisit INT_MAX in 2038 :) */
+ tt = cert->valid_after > INT_MAX ?
+ INT_MAX : cert->valid_after;
+ tm = localtime(&tt);
+ strftime(from, sizeof(from), "%Y-%m-%dT%H:%M:%S", tm);
+ }
+ if (cert->valid_before != 0xffffffffffffffffULL) {
+ /* XXX revisit INT_MAX in 2038 :) */
+ tt = cert->valid_before > INT_MAX ?
+ INT_MAX : cert->valid_before;
+ tm = localtime(&tt);
+ strftime(to, sizeof(to), "%Y-%m-%dT%H:%M:%S", tm);
+ }
+
+ if (cert->valid_after == 0)
+ snprintf(ret, sizeof(ret), "before %s", to);
+ else if (cert->valid_before == 0xffffffffffffffffULL)
+ snprintf(ret, sizeof(ret), "after %s", from);
+ else
+ snprintf(ret, sizeof(ret), "from %s to %s", from, to);
+
+ return strlcpy(s, ret, l);
+}
+
int
sshkey_private_serialize(const struct sshkey *key, struct sshbuf *b)
{
-/* $OpenBSD: sshkey.h,v 1.10 2015/09/13 14:39:16 tim Exp $ */
+/* $OpenBSD: sshkey.h,v 1.11 2015/11/19 01:08:55 djm Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
int sshkey_cert_copy(const struct sshkey *, struct sshkey *);
int sshkey_cert_check_authority(const struct sshkey *, int, int,
const char *, const char **);
+size_t sshkey_format_cert_validity(const struct sshkey_cert *,
+ char *, size_t) __attribute__((__bounded__(__string__, 2, 3)));
int sshkey_ecdsa_nid_from_name(const char *);
int sshkey_curve_name_to_nid(const char *);
projects / thirdparty / openssh-portable.git / commitdiff
