- dtucker@cvs.openbsd.org 2013/02/17 23:16:57

     [readconf.c ssh.c readconf.h sshconnect2.c]
     Keep track of which IndentityFile options were manually supplied and which
     were default options, and don't warn if the latter are missing.
     ok markus@

5 files changed, 45 insertions, 35 deletions

diff --git a/ChangeLog b/ChangeLog
index 9668465b5..abcc11ad4 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+20130404
+ - (dtucker) OpenBSD CVS Sync
+   - dtucker@cvs.openbsd.org 2013/02/17 23:16:57
+     [readconf.c ssh.c readconf.h sshconnect2.c]
+     Keep track of which IndentityFile options were manually supplied and which
+     were default options, and don't warn if the latter are missing.
+     ok markus@
+
 20130401
  - (dtucker) [openbsd-compat/bsd-cygwin_util.{c,h}] Don't include windows.h
    to avoid conflicting definitions of __int64, adding the required bits.
diff --git a/readconf.c b/readconf.c
index 097bb0515..6f978f828 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.194 2011/09/23 07:45:05 markus Exp $ */
+/* $OpenBSD: readconf.c,v 1.195 2013/02/17 23:16:57 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -326,6 +326,26 @@ clear_forwardings(Options *options)
         options->tun_open = SSH_TUNMODE_NO;
 }
 
+void
+add_identity_file(Options *options, const char *dir, const char *filename,
+    int userprovided)
+{
+        char *path;
+
+        if (options->num_identity_files >= SSH_MAX_IDENTITY_FILES)
+                fatal("Too many identity files specified (max %d)",
+                    SSH_MAX_IDENTITY_FILES);
+
+        if (dir == NULL) /* no dir, filename is absolute */
+                path = xstrdup(filename);
+        else
+                (void)xasprintf(&path, "%.100s%.100s", dir, filename);
+
+        options->identity_file_userprovided[options->num_identity_files] =
+            userprovided;
+        options->identity_files[options->num_identity_files++] = path;
+}
+
 /*
  * Returns the number of the token pointed to by cp or oBadOption.
  */
@@ -586,9 +606,7 @@ parse_yesnoask:
                         if (*intptr >= SSH_MAX_IDENTITY_FILES)
                                 fatal("%.200s line %d: Too many identity files specified (max %d).",
                                     filename, linenum, SSH_MAX_IDENTITY_FILES);
-                        charptr = &options->identity_files[*intptr];
-                        *charptr = xstrdup(arg);
-                        *intptr = *intptr + 1;
+                        add_identity_file(options, NULL, arg, 1);
                 }
                 break;
 
@@ -1280,30 +1298,17 @@ fill_default_options(Options * options)
                 options->protocol = SSH_PROTO_2;
         if (options->num_identity_files == 0) {
                 if (options->protocol & SSH_PROTO_1) {
-                        len = 2 + strlen(_PATH_SSH_CLIENT_IDENTITY) + 1;
-                        options->identity_files[options->num_identity_files] =
-                            xmalloc(len);
-                        snprintf(options->identity_files[options->num_identity_files++],
-                            len, "~/%.100s", _PATH_SSH_CLIENT_IDENTITY);
+                        add_identity_file(options, "~/",
+                            _PATH_SSH_CLIENT_IDENTITY, 0);
                 }
                 if (options->protocol & SSH_PROTO_2) {
-                        len = 2 + strlen(_PATH_SSH_CLIENT_ID_RSA) + 1;
-                        options->identity_files[options->num_identity_files] =
-                            xmalloc(len);
-                        snprintf(options->identity_files[options->num_identity_files++],
-                            len, "~/%.100s", _PATH_SSH_CLIENT_ID_RSA);
-
-                        len = 2 + strlen(_PATH_SSH_CLIENT_ID_DSA) + 1;
-                        options->identity_files[options->num_identity_files] =
-                            xmalloc(len);
-                        snprintf(options->identity_files[options->num_identity_files++],
-                            len, "~/%.100s", _PATH_SSH_CLIENT_ID_DSA);
+                        add_identity_file(options, "~/",
+                            _PATH_SSH_CLIENT_ID_RSA, 0);
+                        add_identity_file(options, "~/",
+                            _PATH_SSH_CLIENT_ID_DSA, 0);
 #ifdef OPENSSL_HAS_ECC
-                        len = 2 + strlen(_PATH_SSH_CLIENT_ID_ECDSA) + 1;
-                        options->identity_files[options->num_identity_files] =
-                            xmalloc(len);
-                        snprintf(options->identity_files[options->num_identity_files++],
-                            len, "~/%.100s", _PATH_SSH_CLIENT_ID_ECDSA);
+                        add_identity_file(options, "~/",
+                            _PATH_SSH_CLIENT_ID_ECDSA, 0);
 #endif
                 }
         }
diff --git a/readconf.h b/readconf.h
index be30ee0e1..35f596626 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.91 2011/09/23 07:45:05 markus Exp $ */
+/* $OpenBSD: readconf.h,v 1.92 2013/02/17 23:16:57 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -96,6 +96,7 @@ typedef struct {
 
         int     num_identity_files;     /* Number of files for RSA/DSA identities. */
         char   *identity_files[SSH_MAX_IDENTITY_FILES];
+        int    identity_file_userprovided[SSH_MAX_IDENTITY_FILES];
         Key    *identity_keys[SSH_MAX_IDENTITY_FILES];
 
         /* Local TCP/IP forward requests. */
@@ -158,5 +159,6 @@ process_config_line(Options *, const char *, char *, const char *, int, int *);
 
 void     add_local_forward(Options *, const Forward *);
 void     add_remote_forward(Options *, const Forward *);
+void     add_identity_file(Options *, const char *, const char *, int);
 
 #endif                          /* READCONF_H */
diff --git a/ssh.c b/ssh.c
index 3f61eb028..8a7aea09f 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.370 2012/07/06 01:47:38 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.371 2013/02/17 23:16:57 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -405,12 +405,7 @@ main(int ac, char **av)
                                     strerror(errno));
                                 break;
                         }
-                        if (options.num_identity_files >=
-                            SSH_MAX_IDENTITY_FILES)
-                                fatal("Too many identity files specified "
-                                    "(max %d)", SSH_MAX_IDENTITY_FILES);
-                        options.identity_files[options.num_identity_files++] =
-                            xstrdup(optarg);
+                        add_identity_file(&options, NULL, optarg, 1);
                         break;
                 case 'I':
 #ifdef ENABLE_PKCS11
diff --git a/sshconnect2.c b/sshconnect2.c
index d6af0b940..58015c0d3 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.191 2013/02/15 00:21:01 dtucker Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.192 2013/02/17 23:16:57 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
@@ -1384,7 +1384,7 @@ pubkey_prepare(Authctxt *authctxt)
                 id = xcalloc(1, sizeof(*id));
                 id->key = key;
                 id->filename = xstrdup(options.identity_files[i]);
-                id->userprovided = 1;
+                id->userprovided = options.identity_file_userprovided[i];
                 TAILQ_INSERT_TAIL(&files, id, next);
         }
         /* Prefer PKCS11 keys that are explicitly listed */