diff options
author | Damien Miller <djm@mindrot.org> | 2003-06-11 22:06:33 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2003-06-11 22:06:33 +1000 |
commit | d94f20d28e9e966576302cd951776401c2856df6 (patch) | |
tree | 028352e13c131c8500f0826088cc3c4bb3a3c00a /authfd.c | |
parent | 0e1b937f1362866765c09c11d3f4066f108ff910 (diff) |
- djm@cvs.openbsd.org 2003/06/11 11:18:38
[authfd.c authfd.h ssh-add.c ssh-agent.c]
make agent constraints (lifetime, confirm) work with smartcard keys;
ok markus@
Diffstat (limited to 'authfd.c')
-rw-r--r-- | authfd.c | 27 |
1 files changed, 22 insertions, 5 deletions
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: authfd.c,v 1.59 2003/04/08 20:21:28 itojun Exp $"); | 38 | RCSID("$OpenBSD: authfd.c,v 1.60 2003/06/11 11:18:38 djm Exp $"); |
39 | 39 | ||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | 41 | ||
@@ -589,16 +589,33 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key) | |||
589 | } | 589 | } |
590 | 590 | ||
591 | int | 591 | int |
592 | ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id, const char *pin) | 592 | ssh_update_card(AuthenticationConnection *auth, int add, |
593 | const char *reader_id, const char *pin, u_int life, u_int confirm) | ||
593 | { | 594 | { |
594 | Buffer msg; | 595 | Buffer msg; |
595 | int type; | 596 | int type, constrained = (life || confirm); |
597 | |||
598 | if (add) { | ||
599 | type = constrained ? | ||
600 | SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED : | ||
601 | SSH_AGENTC_ADD_SMARTCARD_KEY; | ||
602 | } else | ||
603 | type = SSH_AGENTC_REMOVE_SMARTCARD_KEY; | ||
596 | 604 | ||
597 | buffer_init(&msg); | 605 | buffer_init(&msg); |
598 | buffer_put_char(&msg, add ? SSH_AGENTC_ADD_SMARTCARD_KEY : | 606 | buffer_put_char(&msg, type); |
599 | SSH_AGENTC_REMOVE_SMARTCARD_KEY); | ||
600 | buffer_put_cstring(&msg, reader_id); | 607 | buffer_put_cstring(&msg, reader_id); |
601 | buffer_put_cstring(&msg, pin); | 608 | buffer_put_cstring(&msg, pin); |
609 | |||
610 | if (constrained) { | ||
611 | if (life != 0) { | ||
612 | buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_LIFETIME); | ||
613 | buffer_put_int(&msg, life); | ||
614 | } | ||
615 | if (confirm != 0) | ||
616 | buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_CONFIRM); | ||
617 | } | ||
618 | |||
602 | if (ssh_request_reply(auth, &msg, &msg) == 0) { | 619 | if (ssh_request_reply(auth, &msg, &msg) == 0) { |
603 | buffer_free(&msg); | 620 | buffer_free(&msg); |
604 | return 0; | 621 | return 0; |