diff options
author | djm@openbsd.org <djm@openbsd.org> | 2020-01-06 02:00:46 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2020-01-06 13:12:46 +1100 |
commit | c312ca077cd2a6c15545cd6b4d34ee2f69289174 (patch) | |
tree | b8dd974c55dd0de351dfcbfc4f33fddb935a1c12 /ssh-add.c | |
parent | 2ab335712d084d9ccaf3f53afc3fa9535329da87 (diff) |
upstream: Extends the SK API to accept a set of key/value options
for all operations. These are intended to future-proof the API a little by
making it easier to specify additional fields for without having to change
the API version for each.
At present, only two options are defined: one to explicitly specify
the device for an operation (rather than accepting the middleware's
autoselection) and another to specify the FIDO2 username that may
be used when generating a resident key. These new options may be
invoked at key generation time via ssh-keygen -O
This also implements a suggestion from Markus to avoid "int" in favour
of uint32_t for the algorithm argument in the API, to make implementation
of ssh-sk-client/helper a little easier.
feedback, fixes and ok markus@
OpenBSD-Commit-ID: 973ce11704609022ab36abbdeb6bc23c8001eabc
Diffstat (limited to 'ssh-add.c')
-rw-r--r-- | ssh-add.c | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-add.c,v 1.148 2019/12/30 09:22:49 djm Exp $ */ | 1 | /* $OpenBSD: ssh-add.c,v 1.149 2020/01/06 02:00:46 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -549,7 +549,8 @@ load_resident_keys(int agent_fd, const char *skprovider, int qflag) | |||
549 | char *fp; | 549 | char *fp; |
550 | 550 | ||
551 | pass = read_passphrase("Enter PIN for security key: ", RP_ALLOW_STDIN); | 551 | pass = read_passphrase("Enter PIN for security key: ", RP_ALLOW_STDIN); |
552 | if ((r = sshsk_load_resident(skprovider, pass, &keys, &nkeys)) != 0) { | 552 | if ((r = sshsk_load_resident(skprovider, NULL, pass, |
553 | &keys, &nkeys)) != 0) { | ||
553 | error("Unable to load resident keys: %s", ssh_err(r)); | 554 | error("Unable to load resident keys: %s", ssh_err(r)); |
554 | return r; | 555 | return r; |
555 | } | 556 | } |