- djm@cvs.openbsd.org 2013/12/19 00:10:30

     [ssh-add.c]
     skip requesting smartcard PIN when removing keys from agent; bz#2187
     patch from jay AT slushpupie.com; ok dtucker

2 files changed, 14 insertions, 6 deletions

diff --git a/ChangeLog b/ChangeLog
index b8108d92f..32ec354e8 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,11 @@
 20131229
  - (djm) [loginrec.c] Check for username truncation when looking up lastlog
    entries
+ - (djm) OpenBSD CVS Sync
+   - djm@cvs.openbsd.org 2013/12/19 00:10:30
+     [ssh-add.c]
+     skip requesting smartcard PIN when removing keys from agent; bz#2187
+     patch from jay AT slushpupie.com; ok dtucker
 
 20131221
  - (dtucker) [regress/keytype.sh] Actually test ecdsa key types.
diff --git a/ssh-add.c b/ssh-add.c
index 896584482..63ce72083 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.107 2013/12/15 18:17:26 pascal Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.108 2013/12/19 00:10:30 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -293,14 +293,17 @@ add_file(AuthenticationConnection *ac, const char *filename, int key_only)
 static int
 update_card(AuthenticationConnection *ac, int add, const char *id)
 {
-        char *pin;
+        char *pin = NULL;
         int ret = -1;
 
-        pin = read_passphrase("Enter passphrase for PKCS#11: ", RP_ALLOW_STDIN);
-        if (pin == NULL)
-                return -1;
+        if (add) {
+                if ((pin = read_passphrase("Enter passphrase for PKCS#11: ",
+                    RP_ALLOW_STDIN)) == NULL)
+                        return -1;
+        }
 
-        if (ssh_update_card(ac, add, id, pin, lifetime, confirm)) {
+        if (ssh_update_card(ac, add, id, pin == NULL ? "" : pin,
+            lifetime, confirm)) {
                 fprintf(stderr, "Card %s: %s\n",
                     add ? "added" : "removed", id);
                 ret = 0;