diff options
| author | jcs@openbsd.org <jcs@openbsd.org> | 2015-11-15 22:26:49 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2015-11-16 11:31:39 +1100 |
| commit | f361df474c49a097bfcf16d1b7b5c36fcd844b4b (patch) | |
| tree | 493beb15e73f9b57f42244e8c927bdf75480188f /readconf.c | |
| parent | d87063d9baf5479b6e813d47dfb694a97df6f6f5 (diff) | |
upstream commit
Add an AddKeysToAgent client option which can be set to
'yes', 'no', 'ask', or 'confirm', and defaults to 'no'. When enabled, a
private key that is used during authentication will be added to ssh-agent if
it is running (with confirmation enabled if set to 'confirm').
Initial version from Joachim Schipper many years ago.
ok markus@
Upstream-ID: a680db2248e8064ec55f8be72d539458c987d5f4
Diffstat (limited to 'readconf.c')
| -rw-r--r-- | readconf.c | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/readconf.c b/readconf.c index c062433ce..0a380913f 100644 --- a/readconf.c +++ b/readconf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: readconf.c,v 1.245 2015/10/27 08:54:52 djm Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.246 2015/11/15 22:26:49 jcs Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -135,7 +135,7 @@ typedef enum { | |||
| 135 | oPasswordAuthentication, oRSAAuthentication, | 135 | oPasswordAuthentication, oRSAAuthentication, |
| 136 | oChallengeResponseAuthentication, oXAuthLocation, | 136 | oChallengeResponseAuthentication, oXAuthLocation, |
| 137 | oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, | 137 | oIdentityFile, oHostName, oPort, oCipher, oRemoteForward, oLocalForward, |
| 138 | oCertificateFile, | 138 | oCertificateFile, oAddKeysToAgent, |
| 139 | oUser, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, | 139 | oUser, oEscapeChar, oRhostsRSAAuthentication, oProxyCommand, |
| 140 | oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, | 140 | oGlobalKnownHostsFile, oUserKnownHostsFile, oConnectionAttempts, |
| 141 | oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, | 141 | oBatchMode, oCheckHostIP, oStrictHostKeyChecking, oCompression, |
| @@ -204,6 +204,7 @@ static struct { | |||
| 204 | { "identityfile2", oIdentityFile }, /* obsolete */ | 204 | { "identityfile2", oIdentityFile }, /* obsolete */ |
| 205 | { "identitiesonly", oIdentitiesOnly }, | 205 | { "identitiesonly", oIdentitiesOnly }, |
| 206 | { "certificatefile", oCertificateFile }, | 206 | { "certificatefile", oCertificateFile }, |
| 207 | { "addkeystoagent", oAddKeysToAgent }, | ||
| 207 | { "hostname", oHostName }, | 208 | { "hostname", oHostName }, |
| 208 | { "hostkeyalias", oHostKeyAlias }, | 209 | { "hostkeyalias", oHostKeyAlias }, |
| 209 | { "proxycommand", oProxyCommand }, | 210 | { "proxycommand", oProxyCommand }, |
| @@ -712,6 +713,15 @@ static const struct multistate multistate_yesnoask[] = { | |||
| 712 | { "ask", 2 }, | 713 | { "ask", 2 }, |
| 713 | { NULL, -1 } | 714 | { NULL, -1 } |
| 714 | }; | 715 | }; |
| 716 | static const struct multistate multistate_yesnoaskconfirm[] = { | ||
| 717 | { "true", 1 }, | ||
| 718 | { "false", 0 }, | ||
| 719 | { "yes", 1 }, | ||
| 720 | { "no", 0 }, | ||
| 721 | { "ask", 2 }, | ||
| 722 | { "confirm", 3 }, | ||
| 723 | { NULL, -1 } | ||
| 724 | }; | ||
| 715 | static const struct multistate multistate_addressfamily[] = { | 725 | static const struct multistate multistate_addressfamily[] = { |
| 716 | { "inet", AF_INET }, | 726 | { "inet", AF_INET }, |
| 717 | { "inet6", AF_INET6 }, | 727 | { "inet6", AF_INET6 }, |
| @@ -1533,6 +1543,11 @@ parse_keytypes: | |||
| 1533 | charptr = &options->pubkey_key_types; | 1543 | charptr = &options->pubkey_key_types; |
| 1534 | goto parse_keytypes; | 1544 | goto parse_keytypes; |
| 1535 | 1545 | ||
| 1546 | case oAddKeysToAgent: | ||
| 1547 | intptr = &options->add_keys_to_agent; | ||
| 1548 | multistate_ptr = multistate_yesnoaskconfirm; | ||
| 1549 | goto parse_multistate; | ||
| 1550 | |||
| 1536 | case oDeprecated: | 1551 | case oDeprecated: |
| 1537 | debug("%s line %d: Deprecated option \"%s\"", | 1552 | debug("%s line %d: Deprecated option \"%s\"", |
| 1538 | filename, linenum, keyword); | 1553 | filename, linenum, keyword); |
| @@ -1699,6 +1714,7 @@ initialize_options(Options * options) | |||
| 1699 | options->local_command = NULL; | 1714 | options->local_command = NULL; |
| 1700 | options->permit_local_command = -1; | 1715 | options->permit_local_command = -1; |
| 1701 | options->use_roaming = -1; | 1716 | options->use_roaming = -1; |
| 1717 | options->add_keys_to_agent = -1; | ||
| 1702 | options->visual_host_key = -1; | 1718 | options->visual_host_key = -1; |
| 1703 | options->ip_qos_interactive = -1; | 1719 | options->ip_qos_interactive = -1; |
| 1704 | options->ip_qos_bulk = -1; | 1720 | options->ip_qos_bulk = -1; |
| @@ -1803,6 +1819,8 @@ fill_default_options(Options * options) | |||
| 1803 | /* options->hostkeyalgorithms, default set in myproposals.h */ | 1819 | /* options->hostkeyalgorithms, default set in myproposals.h */ |
| 1804 | if (options->protocol == SSH_PROTO_UNKNOWN) | 1820 | if (options->protocol == SSH_PROTO_UNKNOWN) |
| 1805 | options->protocol = SSH_PROTO_2; | 1821 | options->protocol = SSH_PROTO_2; |
| 1822 | if (options->add_keys_to_agent == -1) | ||
| 1823 | options->add_keys_to_agent = 0; | ||
| 1806 | if (options->num_identity_files == 0) { | 1824 | if (options->num_identity_files == 0) { |
| 1807 | if (options->protocol & SSH_PROTO_1) { | 1825 | if (options->protocol & SSH_PROTO_1) { |
| 1808 | add_identity_file(options, "~/", | 1826 | add_identity_file(options, "~/", |