diff options
| author | Colin Watson <cjwatson@debian.org> | 2013-05-07 11:47:26 +0100 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2013-05-07 11:47:26 +0100 |
| commit | 2ea3f720daeb1ca9f765365fce3a9546961fe624 (patch) | |
| tree | c4fb7d1f51fa51e7677232de806aae150e29e2ac /ssh-add.c | |
| parent | f5efcd3450bbf8261915e0c4a6f851229dddaa79 (diff) | |
| parent | ecebda56da46a03dafff923d91c382f31faa9eec (diff) | |
* New upstream release (http://www.openssh.com/txt/release-6.2).
- Add support for multiple required authentication in SSH protocol 2 via
an AuthenticationMethods option (closes: #195716).
- Fix Sophie Germain formula in moduli(5) (closes: #698612).
- Update ssh-copy-id to Phil Hands' greatly revised version (closes:
#99785, #322228, #620428; LP: #518883, #835901, #1074798).
Diffstat (limited to 'ssh-add.c')
| -rw-r--r-- | ssh-add.c | 39 |
1 files changed, 32 insertions, 7 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-add.c,v 1.103 2011/10/18 23:37:42 djm Exp $ */ | 1 | /* $OpenBSD: ssh-add.c,v 1.105 2012/12/05 15:42:52 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -96,10 +96,10 @@ clear_pass(void) | |||
| 96 | } | 96 | } |
| 97 | 97 | ||
| 98 | static int | 98 | static int |
| 99 | delete_file(AuthenticationConnection *ac, const char *filename) | 99 | delete_file(AuthenticationConnection *ac, const char *filename, int key_only) |
| 100 | { | 100 | { |
| 101 | Key *public; | 101 | Key *public = NULL, *cert = NULL; |
| 102 | char *comment = NULL; | 102 | char *certpath = NULL, *comment = NULL; |
| 103 | int ret = -1; | 103 | int ret = -1; |
| 104 | 104 | ||
| 105 | public = key_load_public(filename, &comment); | 105 | public = key_load_public(filename, &comment); |
| @@ -113,8 +113,33 @@ delete_file(AuthenticationConnection *ac, const char *filename) | |||
| 113 | } else | 113 | } else |
| 114 | fprintf(stderr, "Could not remove identity: %s\n", filename); | 114 | fprintf(stderr, "Could not remove identity: %s\n", filename); |
| 115 | 115 | ||
| 116 | key_free(public); | 116 | if (key_only) |
| 117 | xfree(comment); | 117 | goto out; |
| 118 | |||
| 119 | /* Now try to delete the corresponding certificate too */ | ||
| 120 | free(comment); | ||
| 121 | comment = NULL; | ||
| 122 | xasprintf(&certpath, "%s-cert.pub", filename); | ||
| 123 | if ((cert = key_load_public(certpath, &comment)) == NULL) | ||
| 124 | goto out; | ||
| 125 | if (!key_equal_public(cert, public)) | ||
| 126 | fatal("Certificate %s does not match private key %s", | ||
| 127 | certpath, filename); | ||
| 128 | |||
| 129 | if (ssh_remove_identity(ac, cert)) { | ||
| 130 | fprintf(stderr, "Identity removed: %s (%s)\n", certpath, | ||
| 131 | comment); | ||
| 132 | ret = 0; | ||
| 133 | } else | ||
| 134 | fprintf(stderr, "Could not remove identity: %s\n", certpath); | ||
| 135 | |||
| 136 | out: | ||
| 137 | if (cert != NULL) | ||
| 138 | key_free(cert); | ||
| 139 | if (public != NULL) | ||
| 140 | key_free(public); | ||
| 141 | free(certpath); | ||
| 142 | free(comment); | ||
| 118 | 143 | ||
| 119 | return ret; | 144 | return ret; |
| 120 | } | 145 | } |
| @@ -362,7 +387,7 @@ static int | |||
| 362 | do_file(AuthenticationConnection *ac, int deleting, int key_only, char *file) | 387 | do_file(AuthenticationConnection *ac, int deleting, int key_only, char *file) |
| 363 | { | 388 | { |
| 364 | if (deleting) { | 389 | if (deleting) { |
| 365 | if (delete_file(ac, file) == -1) | 390 | if (delete_file(ac, file, key_only) == -1) |
| 366 | return -1; | 391 | return -1; |
| 367 | } else { | 392 | } else { |
| 368 | if (add_file(ac, file, key_only) == -1) | 393 | if (add_file(ac, file, key_only) == -1) |