diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-19 20:33:07 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-04-19 20:33:07 +0000 |
| commit | 5eb97b6f3d878e6b40cfa73a18bacc293ea6b1ad (patch) | |
| tree | 44f6ee7e020d9ac349256c6d4538734b4162bc5a /ssh-add.c | |
| parent | f73e05eca801c3a3488caa3b6bf1585ab7e2c13a (diff) | |
- markus@cvs.openbsd.org 2001/04/18 21:57:42
[readpass.c ssh-add.c]
call askpass from ssh, too, based on work by roth@feep.net, ok deraadt
Diffstat (limited to 'ssh-add.c')
| -rw-r--r-- | ssh-add.c | 70 |
1 files changed, 7 insertions, 63 deletions
| @@ -35,7 +35,7 @@ | |||
| 35 | */ | 35 | */ |
| 36 | 36 | ||
| 37 | #include "includes.h" | 37 | #include "includes.h" |
| 38 | RCSID("$OpenBSD: ssh-add.c,v 1.35 2001/04/14 16:27:57 markus Exp $"); | 38 | RCSID("$OpenBSD: ssh-add.c,v 1.36 2001/04/18 21:57:42 markus Exp $"); |
| 39 | 39 | ||
| 40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
| 41 | 41 | ||
| @@ -103,66 +103,18 @@ delete_all(AuthenticationConnection *ac) | |||
| 103 | fprintf(stderr, "Failed to remove all identities.\n"); | 103 | fprintf(stderr, "Failed to remove all identities.\n"); |
| 104 | } | 104 | } |
| 105 | 105 | ||
| 106 | char * | ||
| 107 | ssh_askpass(char *askpass, char *msg) | ||
| 108 | { | ||
| 109 | pid_t pid; | ||
| 110 | size_t len; | ||
| 111 | char *nl, *pass; | ||
| 112 | int p[2], status; | ||
| 113 | char buf[1024]; | ||
| 114 | |||
| 115 | if (fflush(stdout) != 0) | ||
| 116 | error("ssh_askpass: fflush: %s", strerror(errno)); | ||
| 117 | if (askpass == NULL) | ||
| 118 | fatal("internal error: askpass undefined"); | ||
| 119 | if (pipe(p) < 0) | ||
| 120 | fatal("ssh_askpass: pipe: %s", strerror(errno)); | ||
| 121 | if ((pid = fork()) < 0) | ||
| 122 | fatal("ssh_askpass: fork: %s", strerror(errno)); | ||
| 123 | if (pid == 0) { | ||
| 124 | close(p[0]); | ||
| 125 | if (dup2(p[1], STDOUT_FILENO) < 0) | ||
| 126 | fatal("ssh_askpass: dup2: %s", strerror(errno)); | ||
| 127 | execlp(askpass, askpass, msg, (char *) 0); | ||
| 128 | fatal("ssh_askpass: exec(%s): %s", askpass, strerror(errno)); | ||
| 129 | } | ||
| 130 | close(p[1]); | ||
| 131 | len = read(p[0], buf, sizeof buf); | ||
| 132 | close(p[0]); | ||
| 133 | while (waitpid(pid, &status, 0) < 0) | ||
| 134 | if (errno != EINTR) | ||
| 135 | break; | ||
| 136 | if (len <= 1) | ||
| 137 | return xstrdup(""); | ||
| 138 | nl = strchr(buf, '\n'); | ||
| 139 | if (nl) | ||
| 140 | *nl = '\0'; | ||
| 141 | pass = xstrdup(buf); | ||
| 142 | memset(buf, 0, sizeof(buf)); | ||
| 143 | return pass; | ||
| 144 | } | ||
| 145 | |||
| 146 | void | 106 | void |
| 147 | add_file(AuthenticationConnection *ac, const char *filename) | 107 | add_file(AuthenticationConnection *ac, const char *filename) |
| 148 | { | 108 | { |
| 149 | struct stat st; | 109 | struct stat st; |
| 150 | Key *private; | 110 | Key *private; |
| 151 | char *comment = NULL, *askpass = NULL; | 111 | char *comment = NULL; |
| 152 | char buf[1024], msg[1024]; | 112 | char msg[1024]; |
| 153 | int interactive = isatty(STDIN_FILENO); | ||
| 154 | 113 | ||
| 155 | if (stat(filename, &st) < 0) { | 114 | if (stat(filename, &st) < 0) { |
| 156 | perror(filename); | 115 | perror(filename); |
| 157 | exit(1); | 116 | exit(1); |
| 158 | } | 117 | } |
| 159 | if (!interactive && getenv("DISPLAY")) { | ||
| 160 | if (getenv(SSH_ASKPASS_ENV)) | ||
| 161 | askpass = getenv(SSH_ASKPASS_ENV); | ||
| 162 | else | ||
| 163 | askpass = _PATH_SSH_ASKPASS_DEFAULT; | ||
| 164 | } | ||
| 165 | |||
| 166 | /* At first, try empty passphrase */ | 118 | /* At first, try empty passphrase */ |
| 167 | private = key_load_private(filename, "", &comment); | 119 | private = key_load_private(filename, "", &comment); |
| 168 | if (comment == NULL) | 120 | if (comment == NULL) |
| @@ -174,18 +126,10 @@ add_file(AuthenticationConnection *ac, const char *filename) | |||
| 174 | /* clear passphrase since it did not work */ | 126 | /* clear passphrase since it did not work */ |
| 175 | clear_pass(); | 127 | clear_pass(); |
| 176 | printf("Need passphrase for %.200s\n", filename); | 128 | printf("Need passphrase for %.200s\n", filename); |
| 177 | if (!interactive && askpass == NULL) { | 129 | snprintf(msg, sizeof msg, "Enter passphrase for %.200s ", |
| 178 | xfree(comment); | 130 | comment); |
| 179 | return; | ||
| 180 | } | ||
| 181 | snprintf(msg, sizeof msg, "Enter passphrase for %.200s", comment); | ||
| 182 | for (;;) { | 131 | for (;;) { |
| 183 | if (interactive) { | 132 | pass = read_passphrase(msg, 1); |
| 184 | snprintf(buf, sizeof buf, "%s: ", msg); | ||
| 185 | pass = read_passphrase(buf, 1); | ||
| 186 | } else { | ||
| 187 | pass = ssh_askpass(askpass, msg); | ||
| 188 | } | ||
| 189 | if (strcmp(pass, "") == 0) { | 133 | if (strcmp(pass, "") == 0) { |
| 190 | clear_pass(); | 134 | clear_pass(); |
| 191 | xfree(comment); | 135 | xfree(comment); |
| @@ -195,7 +139,7 @@ add_file(AuthenticationConnection *ac, const char *filename) | |||
| 195 | if (private != NULL) | 139 | if (private != NULL) |
| 196 | break; | 140 | break; |
| 197 | clear_pass(); | 141 | clear_pass(); |
| 198 | strlcpy(msg, "Bad passphrase, try again", sizeof msg); | 142 | strlcpy(msg, "Bad passphrase, try again ", sizeof msg); |
| 199 | } | 143 | } |
| 200 | } | 144 | } |
| 201 | if (ssh_add_identity(ac, private, comment)) | 145 | if (ssh_add_identity(ac, private, comment)) |