diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-09-03 08:29:15 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-09-03 18:39:31 +1000 |
commit | 06af3583f46e2c327fdd44d8a95b8b4e8dfd8db5 (patch) | |
tree | c74d33447527f6ed3c095143c1eb9952df92c8fc | |
parent | 2ab5a8464870cc4b29ddbe849bbbc255729437bf (diff) |
upstream: authfd: add function to check if key is in agent
This commit adds a helper function which allows the caller to
check if a given public key is present in ssh-agent.
work by Sebastian Kinne; ok markus@
OpenBSD-Commit-ID: d43c5826353e1fdc1af71eb42961b30782c7bd13
-rw-r--r-- | authfd.c | 28 | ||||
-rw-r--r-- | authfd.h | 3 |
2 files changed, 29 insertions, 2 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfd.c,v 1.116 2019/09/03 08:28:30 djm Exp $ */ | 1 | /* $OpenBSD: authfd.c,v 1.117 2019/09/03 08:29:15 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -318,6 +318,32 @@ ssh_free_identitylist(struct ssh_identitylist *idl) | |||
318 | } | 318 | } |
319 | 319 | ||
320 | /* | 320 | /* |
321 | * Check if the ssh agent has a given key. | ||
322 | * Returns 0 if found, or a negative SSH_ERR_* error code on failure. | ||
323 | */ | ||
324 | int | ||
325 | ssh_agent_has_key(int sock, struct sshkey *key) | ||
326 | { | ||
327 | int r, ret = SSH_ERR_KEY_NOT_FOUND; | ||
328 | size_t i; | ||
329 | struct ssh_identitylist *idlist = NULL; | ||
330 | |||
331 | if ((r = ssh_fetch_identitylist(sock, &idlist)) < 0) { | ||
332 | return r; | ||
333 | } | ||
334 | |||
335 | for (i = 0; i < idlist->nkeys; i++) { | ||
336 | if (sshkey_equal_public(idlist->keys[i], key)) { | ||
337 | ret = 0; | ||
338 | break; | ||
339 | } | ||
340 | } | ||
341 | |||
342 | ssh_free_identitylist(idlist); | ||
343 | return ret; | ||
344 | } | ||
345 | |||
346 | /* | ||
321 | * Sends a challenge (typically from a server via ssh(1)) to the agent, | 347 | * Sends a challenge (typically from a server via ssh(1)) to the agent, |
322 | * and waits for a response from the agent. | 348 | * and waits for a response from the agent. |
323 | * Returns true (non-zero) if the agent gave the correct answer, zero | 349 | * Returns true (non-zero) if the agent gave the correct answer, zero |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfd.h,v 1.45 2019/06/21 04:21:04 djm Exp $ */ | 1 | /* $OpenBSD: authfd.h,v 1.46 2019/09/03 08:29:15 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -31,6 +31,7 @@ int ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp); | |||
31 | void ssh_free_identitylist(struct ssh_identitylist *idl); | 31 | void ssh_free_identitylist(struct ssh_identitylist *idl); |
32 | int ssh_add_identity_constrained(int sock, struct sshkey *key, | 32 | int ssh_add_identity_constrained(int sock, struct sshkey *key, |
33 | const char *comment, u_int life, u_int confirm, u_int maxsign); | 33 | const char *comment, u_int life, u_int confirm, u_int maxsign); |
34 | int ssh_agent_has_key(int sock, struct sshkey *key); | ||
34 | int ssh_remove_identity(int sock, struct sshkey *key); | 35 | int ssh_remove_identity(int sock, struct sshkey *key); |
35 | int ssh_update_card(int sock, int add, const char *reader_id, | 36 | int ssh_update_card(int sock, int add, const char *reader_id, |
36 | const char *pin, u_int life, u_int confirm); | 37 | const char *pin, u_int life, u_int confirm); |