summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2001-07-04 03:50:02 +0000
committerBen Lindstrom <mouring@eviladmin.org>2001-07-04 03:50:02 +0000
commit036a6b28c9ef5a237e2fbd7d73ca94af3d24e897 (patch)
tree3968210d82563cc98a092737e5028319e4833d07
parentd94580c708175649f4e433451ac096425d3b81e2 (diff)
- markus@cvs.openbsd.org 2001/06/26 04:59:59
[authfd.c authfd.h ssh-add.c] initial support for smartcards in the agent
Diffstat
-rw-r--r--ChangeLog5
-rw-r--r--authfd.c21
-rw-r--r--authfd.h10
-rw-r--r--ssh-add.c52
4 files changed, 83 insertions, 5 deletions
diff --git a/ChangeLog b/ChangeLog
index 39f871269..1a1ef34c5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -22,6 +22,9 @@
22 - markus@cvs.openbsd.org 2001/06/26 04:07:06 22 - markus@cvs.openbsd.org 2001/06/26 04:07:06
23 [ssh-agent.1 ssh-agent.c] 23 [ssh-agent.1 ssh-agent.c]
24 add debug flag 24 add debug flag
25 - markus@cvs.openbsd.org 2001/06/26 04:59:59
26 [authfd.c authfd.h ssh-add.c]
27 initial support for smartcards in the agent
25 28
2620010629 2920010629
27 - (bal) Removed net_aton() since we don't use it any more 30 - (bal) Removed net_aton() since we don't use it any more
@@ -5849,4 +5852,4 @@
5849 - Wrote replacements for strlcpy and mkdtemp 5852 - Wrote replacements for strlcpy and mkdtemp
5850 - Released 1.0pre1 5853 - Released 1.0pre1
5851 5854
5852$Id: ChangeLog,v 1.1350 2001/07/04 03:48:02 mouring Exp $ 5855$Id: ChangeLog,v 1.1351 2001/07/04 03:50:02 mouring Exp $
diff --git a/authfd.c b/authfd.c
index dfa33a978..b3c0d9d87 100644
--- a/authfd.c
+++ b/authfd.c
@@ -35,7 +35,7 @@
35 */ 35 */
36 36
37#include "includes.h" 37#include "includes.h"
38RCSID("$OpenBSD: authfd.c,v 1.41 2001/06/23 15:12:17 itojun Exp $"); 38RCSID("$OpenBSD: authfd.c,v 1.42 2001/06/26 04:59:59 markus Exp $");
39 39
40#include <openssl/evp.h> 40#include <openssl/evp.h>
41 41
@@ -534,6 +534,25 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key)
534 return decode_reply(type); 534 return decode_reply(type);
535} 535}
536 536
537int
538ssh_update_card(AuthenticationConnection *auth, int add, int reader_id)
539{
540 Buffer msg;
541 int type;
542
543 buffer_init(&msg);
544 buffer_put_char(&msg, add ? SSH_AGENTC_ADD_SMARTCARD_KEY :
545 SSH_AGENTC_REMOVE_SMARTCARD_KEY);
546 buffer_put_int(&msg, reader_id);
547 if (ssh_request_reply(auth, &msg, &msg) == 0) {
548 buffer_free(&msg);
549 return 0;
550 }
551 type = buffer_get_char(&msg);
552 buffer_free(&msg);
553 return decode_reply(type);
554}
555
537/* 556/*
538 * Removes all identities from the agent. This call is not meant to be used 557 * Removes all identities from the agent. This call is not meant to be used
539 * by normal applications. 558 * by normal applications.
diff --git a/authfd.h b/authfd.h
index 29d1847b5..04439fd07 100644
--- a/authfd.h
+++ b/authfd.h
@@ -11,7 +11,7 @@
11 * called by a name other than "ssh" or "Secure Shell". 11 * called by a name other than "ssh" or "Secure Shell".
12 */ 12 */
13 13
14/* RCSID("$OpenBSD: authfd.h,v 1.16 2000/12/20 19:37:21 markus Exp $"); */ 14/* RCSID("$OpenBSD: authfd.h,v 1.17 2001/06/26 04:59:59 markus Exp $"); */
15 15
16#ifndef AUTHFD_H 16#ifndef AUTHFD_H
17#define AUTHFD_H 17#define AUTHFD_H
@@ -38,6 +38,10 @@
38#define SSH2_AGENTC_REMOVE_IDENTITY 18 38#define SSH2_AGENTC_REMOVE_IDENTITY 18
39#define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19 39#define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19
40 40
41/* smartcard */
42#define SSH_AGENTC_ADD_SMARTCARD_KEY 20
43#define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21
44
41/* additional error code for ssh.com's ssh-agent2 */ 45/* additional error code for ssh.com's ssh-agent2 */
42#define SSH_COM_AGENT2_FAILURE 102 46#define SSH_COM_AGENT2_FAILURE 102
43 47
@@ -133,6 +137,8 @@ int ssh_remove_identity(AuthenticationConnection *auth, Key *key);
133 * meant to be used by normal applications. This returns true if the 137 * meant to be used by normal applications. This returns true if the
134 * operation was successful. 138 * operation was successful.
135 */ 139 */
136int ssh_remove_all_identities(AuthenticationConnection *auth, int version); 140int ssh_remove_all_identities(AuthenticationConnection *auth, int version);
141
142int ssh_update_card(AuthenticationConnection *auth, int add, int reader_id);
137 143
138#endif /* AUTHFD_H */ 144#endif /* AUTHFD_H */
diff --git a/ssh-add.c b/ssh-add.c
index d6a55446d..dad8beb4c 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -35,7 +35,7 @@
35 */ 35 */
36 36
37#include "includes.h" 37#include "includes.h"
38RCSID("$OpenBSD: ssh-add.c,v 1.41 2001/06/25 08:25:40 markus Exp $"); 38RCSID("$OpenBSD: ssh-add.c,v 1.42 2001/06/26 04:59:59 markus Exp $");
39 39
40#include <openssl/evp.h> 40#include <openssl/evp.h>
41 41
@@ -150,6 +150,17 @@ add_file(AuthenticationConnection *ac, const char *filename)
150} 150}
151 151
152static void 152static void
153update_card(AuthenticationConnection *ac, int add, int id)
154{
155 if (ssh_update_card(ac, add, id))
156 fprintf(stderr, "Card %s: %d\n",
157 add ? "added" : "removed", id);
158 else
159 fprintf(stderr, "Could not %s card: %d\n",
160 add ? "add" : "remove", id);
161}
162
163static void
153list_identities(AuthenticationConnection *ac, int do_fp) 164list_identities(AuthenticationConnection *ac, int do_fp)
154{ 165{
155 Key *key; 166 Key *key;
@@ -181,6 +192,18 @@ list_identities(AuthenticationConnection *ac, int do_fp)
181 printf("The agent has no identities.\n"); 192 printf("The agent has no identities.\n");
182} 193}
183 194
195static void
196usage(void)
197{
198 printf("Usage: ssh-add [options]\n");
199 printf(" -l, -L : list identities\n");
200 printf(" -d : delete identity\n");
201 printf(" -D : delete all identities\n");
202 printf(" -s reader_num : add key in the smartcard in reader_num.\n");
203 printf(" -e reader_num : remove key in the smartcard in reader_num.\n");
204 exit (1);
205}
206
184int 207int
185main(int argc, char **argv) 208main(int argc, char **argv)
186{ 209{
@@ -190,6 +213,8 @@ main(int argc, char **argv)
190 int no_files = 1; 213 int no_files = 1;
191 int i; 214 int i;
192 int deleting = 0; 215 int deleting = 0;
216 int sc_mode = 0;
217 int sc_reader_num = 0;
193 218
194 __progname = get_progname(argv[0]); 219 __progname = get_progname(argv[0]);
195 init_rng(); 220 init_rng();
@@ -220,12 +245,37 @@ main(int argc, char **argv)
220 no_files = 0; 245 no_files = 0;
221 continue; 246 continue;
222 } 247 }
248 if (strcmp(argv[i], "-s") == 0) {
249 sc_mode = 1;
250 deleting = 0;
251 i++;
252 if (i >= argc)
253 usage();
254 sc_reader_num = atoi(argv[i]);
255 continue;
256 }
257 if (strcmp(argv[i], "-e") == 0) {
258 sc_mode = 1;
259 deleting = 1;
260 i++;
261 if (i >= argc)
262 usage();
263 sc_reader_num = atoi(argv[i]);
264 continue;
265 }
266 if (sc_mode == 1)
267 update_card(ac, !deleting, sc_reader_num);
223 no_files = 0; 268 no_files = 0;
224 if (deleting) 269 if (deleting)
225 delete_file(ac, argv[i]); 270 delete_file(ac, argv[i]);
226 else 271 else
227 add_file(ac, argv[i]); 272 add_file(ac, argv[i]);
228 } 273 }
274 if (sc_mode == 1) {
275 update_card(ac, !deleting, sc_reader_num);
276 ssh_close_authentication_connection(ac);
277 exit(0);
278 }
229 if (no_files) { 279 if (no_files) {
230 pw = getpwuid(getuid()); 280 pw = getpwuid(getuid());
231 if (!pw) { 281 if (!pw) {
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 08:47:52 +0000