From: Charles McGarvey Date: Fri, 1 Dec 2017 03:37:08 +0000 (-0700) Subject: add support for ssh-keygen without -E flag X-Git-Url: https://git.dogcows.com/gitweb?p=chaz%2Fgroupsecret;a=commitdiff_plain;h=ac76dab2d994d3de86fb59c1ffac0a01bcebbac8 add support for ssh-keygen without -E flag The -E flag was added for OpenSSH 6.7. --- diff --git a/lib/App/GroupSecret/Crypt.pm b/lib/App/GroupSecret/Crypt.pm index e64fa40..2024218 100644 --- a/lib/App/GroupSecret/Crypt.pm +++ b/lib/App/GroupSecret/Crypt.pm @@ -9,6 +9,8 @@ our $VERSION = '9999.999'; # VERSION use Exporter qw(import); use File::Temp; use IPC::Open2; +use IPC::Open3; +use Symbol qw(gensym); use namespace::clean -except => [qw(import)]; our @EXPORT_OK = qw( @@ -88,21 +90,37 @@ Get the fingerprint of an OpenSSH private or public key. sub read_openssh_key_fingerprint { my $filepath = shift or _usage(q{read_openssh_key_fingerprint($filepath)}); + # try with the -E flag first my @cmd = ($SSH_KEYGEN, qw{-l -E md5 -f}, $filepath); my $out; - my $pid = open2($out, undef, @cmd); + my $err = gensym; + my $pid = open3(undef, $out, $err, @cmd); waitpid($pid, 0); my $status = $?; my $exit_code = $status >> 8; - _croak 'Failed to read SSH2 key fingerprint' if $exit_code != 0; + if ($exit_code != 0) { + my $error_str = do { local $/; <$err> }; + _croak 'Failed to read SSH2 key fingerprint' if $error_str !~ /unknown option -- E/s; + + @cmd = ($SSH_KEYGEN, qw{-l -f}, $filepath); + + undef $out; + $pid = open2($out, undef, @cmd); + + waitpid($pid, 0); + $status = $?; + + $exit_code = $status >> 8; + _croak 'Failed to read SSH2 key fingerprint' if $exit_code != 0; + } my $line = do { local $/; <$out> }; chomp $line; - my ($bits, $fingerprint, $comment, $type) = $line =~ m!^(\d+) MD5:([^ ]+) (.*) \(([^\)]+)\)$!; + my ($bits, $fingerprint, $comment, $type) = $line =~ m!^(\d+) (?:MD5:)?([^ ]+) (.*) \(([^\)]+)\)$!; $fingerprint =~ s/://g;