server and client, or peers. The key is generated from the @code{/dev/urandom}
device and it's printed to standard output.
-The first argument of the command is the key number, which will be specified
-with the @code{key} option of the @code{server} or @code{peer} directives in
-the configuration file. The second and third arguments are optional. They
-specify the hash function (by default SHA1 or MD5 if SHA1 is not available) and
-the number of bits the key should have between 80 and 4096 bits (by default 160
-bits).
+The command has three optional arguments. The first argument is the key number
+(by default 1), which will be specified with the @code{key} option of the
+@code{server} or @code{peer} directives in the configuration file. The second
+argument is the hash function (by default SHA1 or MD5 if SHA1 is not available)
+and the third argument is the number of bits the key should have, between 80
+and 4096 bits (by default 160 bits).
An example is
"dns -4|-6|-46\0Resolve hostnames only to IPv4/IPv6/both addresses\0"
"timeout <milliseconds>\0Set initial response timeout\0"
"retries <retries>\0Set maximum number of retries\0"
- "keygen <id> [<type> [<bits>]]\0Generate key for key file\0"
+ "keygen [<id> [<type> [<bits>]]]\0Generate key for key file\0"
"exit|quit\0Leave the program\0"
"help\0Generate this help\0"
"\0";
{
char hash_name[17];
unsigned char key[512];
- unsigned int i, length, id, bits = 160;
+ unsigned int i, length, id = 1, bits = 160;
#ifdef FEAT_SECHASH
snprintf(hash_name, sizeof (hash_name), "SHA1");
snprintf(hash_name, sizeof (hash_name), "MD5");
#endif
- if (sscanf(line, "%u %16s %d", &id, hash_name, &bits) < 1) {
- LOG(LOGS_ERR, LOGF_Client, "Invalid syntax for keygen command");
- return 0;
- }
+ sscanf(line, "%u %16s %d", &id, hash_name, &bits);
length = CLAMP(10, (bits + 7) / 8, sizeof (key));
if (HSH_GetHashId(hash_name) < 0) {
projects / thirdparty / chrony.git / commitdiff
