1 files changed, 9 insertions, 8 deletions

diff --git a/ssh-keygen.c b/ssh-keygen.c
index cfb5f1151661..027c6db6bd4a 100644
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.427 2020/12/20 23:36:51 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.429 2021/04/03 06:18:41 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2009,7 +2009,7 @@ add_cert_option(char *opt)
 			fatal("Invalid source-address list");
 		certflags_src_addr = xstrdup(val);
 	} else if (strncasecmp(opt, "extension:", 10) == 0 ||
-		   (iscrit = (strncasecmp(opt, "critical:", 9) == 0))) {
+		    (iscrit = (strncasecmp(opt, "critical:", 9) == 0))) {
 		val = xstrdup(strchr(opt, ':') + 1);
 		if ((cp = strchr(val, '=')) != NULL)
 			*cp++ = '\0';
@@ -2729,12 +2729,12 @@ done:
 				fatal_f("sshkey_fingerprint failed");
 			if (principal == NULL) {
 				printf("Good \"%s\" signature with %s key %s\n",
-				       sig_namespace, sshkey_type(sign_key), fp);
+				    sig_namespace, sshkey_type(sign_key), fp);
 
 			} else {
 				printf("Good \"%s\" signature for %s with %s key %s\n",
-				       sig_namespace, principal,
-				       sshkey_type(sign_key), fp);
+				    sig_namespace, principal,
+				    sshkey_type(sign_key), fp);
 			}
 		} else {
 			printf("Could not verify signature.\n");
@@ -3154,6 +3154,7 @@ main(int argc, char **argv)
 	pw = getpwuid(getuid());
 	if (!pw)
 		fatal("No user exists for uid %lu", (u_long)getuid());
+	pw = pwcopy(pw);
 	if (gethostname(hostname, sizeof(hostname)) == -1)
 		fatal("gethostname: %s", strerror(errno));
 
@@ -3370,12 +3371,12 @@ main(int argc, char **argv)
 		if (strncmp(sign_op, "find-principals", 15) == 0) {
 			if (ca_key_path == NULL) {
 				error("Too few arguments for find-principals:"
-				      "missing signature file");
+				    "missing signature file");
 				exit(1);
 			}
 			if (!have_identity) {
 				error("Too few arguments for find-principals:"
-				      "missing allowed keys file");
+				    "missing allowed keys file");
 				exit(1);
 			}
 			return sig_find_principals(ca_key_path, identity_file);
@@ -3396,7 +3397,7 @@ main(int argc, char **argv)
 		} else if (strncmp(sign_op, "check-novalidate", 16) == 0) {
 			if (ca_key_path == NULL) {
 				error("Too few arguments for check-novalidate: "
-				      "missing signature file");
+				    "missing signature file");
 				exit(1);
 			}
 			return sig_verify(ca_key_path, cert_principals,