X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=cmdgen.c;h=d6c1f72115ac3080b17e7750aa1ee15350637e08;hb=a3d14d77f566a41fc61dfdc5c2e0e384c9e6ae8b;hp=ac56ab3e58c48f922adc5290b4a8a2a9b9c057b0;hpb=3e40566bb053f8f438e220ede4a1da34cf386592;p=PuTTY.git

diff --git a/cmdgen.c b/cmdgen.c
index ac56ab3e..d6c1f721 100644
--- a/cmdgen.c
+++ b/cmdgen.c
@@ -129,7 +129,9 @@ void sk_cleanup(void)
 
 void showversion(void)
 {
-    printf("puttygen: %s\n", ver);
+    char *buildinfo_text = buildinfo("\n");
+    printf("puttygen: %s\n%s", ver, buildinfo_text);
+    sfree(buildinfo_text);
 }
 
 void usage(int standalone)
@@ -223,6 +225,8 @@ static char *readpassphrase(const char *filename)
     return line;
 }
 
+#define DEFAULT_RSADSA_BITS 2048
+
 int main(int argc, char **argv)
 {
     char *infile = NULL;
@@ -500,7 +504,7 @@ int main(int argc, char **argv)
             bits = 256;
             break;
           default:
-            bits = 2048;
+            bits = DEFAULT_RSADSA_BITS;
             break;
         }
     }
@@ -515,6 +519,19 @@ int main(int argc, char **argv)
         errs = TRUE;
     }
 
+    if (keytype == RSA2 || keytype == RSA1 || keytype == DSA) {
+        if (bits < 256) {
+            fprintf(stderr, "puttygen: cannot generate %s keys shorter than"
+                    " 256 bits\n", (keytype == DSA ? "DSA" : "RSA"));
+            errs = TRUE;
+        } else if (bits < DEFAULT_RSADSA_BITS) {
+            fprintf(stderr, "puttygen: warning: %s keys shorter than"
+                    " %d bits are probably not secure\n",
+                    (keytype == DSA ? "DSA" : "RSA"), DEFAULT_RSADSA_BITS);
+            /* but this is just a warning, so proceed anyway */
+        }
+    }
+
     if (errs)
 	return 1;