client: generate key 1 by default in keygen command
This commit is contained in:
Miroslav Lichvar
parent
aad42ceaec
commit
e0ae2b4bb5
2 changed files with 9 additions and 12 deletions
|
|
@ -3820,12 +3820,12 @@ key file (@pxref{keyfile directive}) to allow NTP authentication between
|
||||||
server and client, or peers. The key is generated from the @code{/dev/urandom}
|
server and client, or peers. The key is generated from the @code{/dev/urandom}
|
||||||
device and it's printed to standard output.
|
device and it's printed to standard output.
|
||||||
|
|
||||||
The first argument of the command is the key number, which will be specified
|
The command has three optional arguments. The first argument is the key number
|
||||||
with the @code{key} option of the @code{server} or @code{peer} directives in
|
(by default 1), which will be specified with the @code{key} option of the
|
||||||
the configuration file. The second and third arguments are optional. They
|
@code{server} or @code{peer} directives in the configuration file. The second
|
||||||
specify the hash function (by default SHA1 or MD5 if SHA1 is not available) and
|
argument is the hash function (by default SHA1 or MD5 if SHA1 is not available)
|
||||||
the number of bits the key should have between 80 and 4096 bits (by default 160
|
and the third argument is the number of bits the key should have, between 80
|
||||||
bits).
|
and 4096 bits (by default 160 bits).
|
||||||
|
|
||||||
An example is
|
An example is
|
||||||
|
|
||||||
|
|
|
||||||
9
client.c
9
client.c
|
|
@ -1256,7 +1256,7 @@ give_help(void)
|
||||||
"dns -4|-6|-46\0Resolve hostnames only to IPv4/IPv6/both addresses\0"
|
"dns -4|-6|-46\0Resolve hostnames only to IPv4/IPv6/both addresses\0"
|
||||||
"timeout <milliseconds>\0Set initial response timeout\0"
|
"timeout <milliseconds>\0Set initial response timeout\0"
|
||||||
"retries <retries>\0Set maximum number of retries\0"
|
"retries <retries>\0Set maximum number of retries\0"
|
||||||
"keygen <id> [<type> [<bits>]]\0Generate key for key file\0"
|
"keygen [<id> [<type> [<bits>]]]\0Generate key for key file\0"
|
||||||
"exit|quit\0Leave the program\0"
|
"exit|quit\0Leave the program\0"
|
||||||
"help\0Generate this help\0"
|
"help\0Generate this help\0"
|
||||||
"\0";
|
"\0";
|
||||||
|
|
@ -2443,7 +2443,7 @@ process_cmd_keygen(char *line)
|
||||||
{
|
{
|
||||||
char hash_name[17];
|
char hash_name[17];
|
||||||
unsigned char key[512];
|
unsigned char key[512];
|
||||||
unsigned int i, length, id, bits = 160;
|
unsigned int i, length, id = 1, bits = 160;
|
||||||
|
|
||||||
#ifdef FEAT_SECHASH
|
#ifdef FEAT_SECHASH
|
||||||
snprintf(hash_name, sizeof (hash_name), "SHA1");
|
snprintf(hash_name, sizeof (hash_name), "SHA1");
|
||||||
|
|
@ -2451,10 +2451,7 @@ process_cmd_keygen(char *line)
|
||||||
snprintf(hash_name, sizeof (hash_name), "MD5");
|
snprintf(hash_name, sizeof (hash_name), "MD5");
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (sscanf(line, "%u %16s %d", &id, hash_name, &bits) < 1) {
|
sscanf(line, "%u %16s %d", &id, hash_name, &bits);
|
||||||
LOG(LOGS_ERR, LOGF_Client, "Invalid syntax for keygen command");
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
length = CLAMP(10, (bits + 7) / 8, sizeof (key));
|
length = CLAMP(10, (bits + 7) / 8, sizeof (key));
|
||||||
if (HSH_GetHashId(hash_name) < 0) {
|
if (HSH_GetHashId(hash_name) < 0) {
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue