diff options
author | Damien Miller <djm@mindrot.org> | 2014-07-02 15:28:02 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-07-02 15:28:02 +1000 |
commit | 8668706d0f52654fe64c0ca41a96113aeab8d2b8 (patch) | |
tree | 73e78e1ea3d39206e39870bbe0af17d6c430fb51 /ssh-add.c | |
parent | 2cd7929250cf9e9f658d70dcd452f529ba08c942 (diff) |
- djm@cvs.openbsd.org 2014/06/24 01:13:21
[Makefile.in auth-bsdauth.c auth-chall.c auth-options.c auth-rsa.c
[auth2-none.c auth2-pubkey.c authfile.c authfile.h cipher-3des1.c
[cipher-chachapoly.c cipher-chachapoly.h cipher.c cipher.h
[digest-libc.c digest-openssl.c digest.h dns.c entropy.c hmac.h
[hostfile.c key.c key.h krl.c monitor.c packet.c rsa.c rsa.h
[ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c
[ssh-keygen.c ssh-pkcs11-client.c ssh-pkcs11-helper.c ssh-pkcs11.c
[ssh-rsa.c sshbuf-misc.c sshbuf.h sshconnect.c sshconnect1.c
[sshconnect2.c sshd.c sshkey.c sshkey.h
[openbsd-compat/openssl-compat.c openbsd-compat/openssl-compat.h]
New key API: refactor key-related functions to be more library-like,
existing API is offered as a set of wrappers.
with and ok markus@
Thanks also to Ben Hawkes, David Tomaschik, Ivan Fratric, Matthew
Dempsky and Ron Bowes for a detailed review a few months ago.
NB. This commit also removes portable OpenSSH support for OpenSSL
<0.9.8e.
Diffstat (limited to 'ssh-add.c')
-rw-r--r-- | ssh-add.c | 24 |
1 files changed, 17 insertions, 7 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-add.c,v 1.109 2014/02/02 03:44:31 djm Exp $ */ | 1 | /* $OpenBSD: ssh-add.c,v 1.110 2014/06/24 01:13:21 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -62,6 +62,7 @@ | |||
62 | #include "authfile.h" | 62 | #include "authfile.h" |
63 | #include "pathnames.h" | 63 | #include "pathnames.h" |
64 | #include "misc.h" | 64 | #include "misc.h" |
65 | #include "ssherr.h" | ||
65 | 66 | ||
66 | /* argv0 */ | 67 | /* argv0 */ |
67 | extern char *__progname; | 68 | extern char *__progname; |
@@ -170,7 +171,7 @@ add_file(AuthenticationConnection *ac, const char *filename, int key_only) | |||
170 | Key *private, *cert; | 171 | Key *private, *cert; |
171 | char *comment = NULL; | 172 | char *comment = NULL; |
172 | char msg[1024], *certpath = NULL; | 173 | char msg[1024], *certpath = NULL; |
173 | int fd, perms_ok, ret = -1; | 174 | int r, fd, perms_ok, ret = -1; |
174 | Buffer keyblob; | 175 | Buffer keyblob; |
175 | 176 | ||
176 | if (strcmp(filename, "-") == 0) { | 177 | if (strcmp(filename, "-") == 0) { |
@@ -201,12 +202,18 @@ add_file(AuthenticationConnection *ac, const char *filename, int key_only) | |||
201 | close(fd); | 202 | close(fd); |
202 | 203 | ||
203 | /* At first, try empty passphrase */ | 204 | /* At first, try empty passphrase */ |
204 | private = key_parse_private(&keyblob, filename, "", &comment); | 205 | if ((r = sshkey_parse_private_fileblob(&keyblob, filename, "", |
206 | &private, &comment)) != 0 && r != SSH_ERR_KEY_WRONG_PASSPHRASE) | ||
207 | fatal("Cannot parse %s: %s", filename, ssh_err(r)); | ||
205 | if (comment == NULL) | 208 | if (comment == NULL) |
206 | comment = xstrdup(filename); | 209 | comment = xstrdup(filename); |
207 | /* try last */ | 210 | /* try last */ |
208 | if (private == NULL && pass != NULL) | 211 | if (private == NULL && pass != NULL) { |
209 | private = key_parse_private(&keyblob, filename, pass, NULL); | 212 | if ((r = sshkey_parse_private_fileblob(&keyblob, filename, pass, |
213 | &private, &comment)) != 0 && | ||
214 | r != SSH_ERR_KEY_WRONG_PASSPHRASE) | ||
215 | fatal("Cannot parse %s: %s", filename, ssh_err(r)); | ||
216 | } | ||
210 | if (private == NULL) { | 217 | if (private == NULL) { |
211 | /* clear passphrase since it did not work */ | 218 | /* clear passphrase since it did not work */ |
212 | clear_pass(); | 219 | clear_pass(); |
@@ -220,8 +227,11 @@ add_file(AuthenticationConnection *ac, const char *filename, int key_only) | |||
220 | buffer_free(&keyblob); | 227 | buffer_free(&keyblob); |
221 | return -1; | 228 | return -1; |
222 | } | 229 | } |
223 | private = key_parse_private(&keyblob, filename, pass, | 230 | if ((r = sshkey_parse_private_fileblob(&keyblob, |
224 | &comment); | 231 | filename, pass, &private, &comment)) != 0 && |
232 | r != SSH_ERR_KEY_WRONG_PASSPHRASE) | ||
233 | fatal("Cannot parse %s: %s", | ||
234 | filename, ssh_err(r)); | ||
225 | if (private != NULL) | 235 | if (private != NULL) |
226 | break; | 236 | break; |
227 | clear_pass(); | 237 | clear_pass(); |