diff options
| author | Damien Miller <djm@mindrot.org> | 2011-10-18 16:06:33 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2011-10-18 16:06:33 +1100 |
| commit | 8f4279e4ab6fdc3245fe9c80e363a2f5bdf01d4f (patch) | |
| tree | 2578eb44c9e6cdd8adf226921ece9caff8227ea4 /ssh-add.c | |
| parent | c51a5ab2c6f7ea4ae42e70d1d00bdf57c28f8c36 (diff) | |
- djm@cvs.openbsd.org 2011/10/18 05:00:48
[ssh-add.1 ssh-add.c]
new "ssh-add -k" option to load plain keys (skipping certificates);
"looks ok" markus@
Diffstat (limited to 'ssh-add.c')
| -rw-r--r-- | ssh-add.c | 27 |
1 files changed, 17 insertions, 10 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-add.c,v 1.101 2011/05/04 21:15:29 djm Exp $ */ | 1 | /* $OpenBSD: ssh-add.c,v 1.102 2011/10/18 05:00:48 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -139,11 +139,11 @@ delete_all(AuthenticationConnection *ac) | |||
| 139 | } | 139 | } |
| 140 | 140 | ||
| 141 | static int | 141 | static int |
| 142 | add_file(AuthenticationConnection *ac, const char *filename) | 142 | add_file(AuthenticationConnection *ac, const char *filename, int key_only) |
| 143 | { | 143 | { |
| 144 | Key *private, *cert; | 144 | Key *private, *cert; |
| 145 | char *comment = NULL; | 145 | char *comment = NULL; |
| 146 | char msg[1024], *certpath; | 146 | char msg[1024], *certpath = NULL; |
| 147 | int fd, perms_ok, ret = -1; | 147 | int fd, perms_ok, ret = -1; |
| 148 | Buffer keyblob; | 148 | Buffer keyblob; |
| 149 | 149 | ||
| @@ -219,6 +219,9 @@ add_file(AuthenticationConnection *ac, const char *filename) | |||
| 219 | fprintf(stderr, "Could not add identity: %s\n", filename); | 219 | fprintf(stderr, "Could not add identity: %s\n", filename); |
| 220 | } | 220 | } |
| 221 | 221 | ||
| 222 | /* Skip trying to load the cert if requested */ | ||
| 223 | if (key_only) | ||
| 224 | goto out; | ||
| 222 | 225 | ||
| 223 | /* Now try to add the certificate flavour too */ | 226 | /* Now try to add the certificate flavour too */ |
| 224 | xasprintf(&certpath, "%s-cert.pub", filename); | 227 | xasprintf(&certpath, "%s-cert.pub", filename); |
| @@ -253,7 +256,8 @@ add_file(AuthenticationConnection *ac, const char *filename) | |||
| 253 | if (confirm != 0) | 256 | if (confirm != 0) |
| 254 | fprintf(stderr, "The user must confirm each use of the key\n"); | 257 | fprintf(stderr, "The user must confirm each use of the key\n"); |
| 255 | out: | 258 | out: |
| 256 | xfree(certpath); | 259 | if (certpath != NULL) |
| 260 | xfree(certpath); | ||
| 257 | xfree(comment); | 261 | xfree(comment); |
| 258 | key_free(private); | 262 | key_free(private); |
| 259 | 263 | ||
| @@ -347,13 +351,13 @@ lock_agent(AuthenticationConnection *ac, int lock) | |||
| 347 | } | 351 | } |
| 348 | 352 | ||
| 349 | static int | 353 | static int |
| 350 | do_file(AuthenticationConnection *ac, int deleting, char *file) | 354 | do_file(AuthenticationConnection *ac, int deleting, int key_only, char *file) |
| 351 | { | 355 | { |
| 352 | if (deleting) { | 356 | if (deleting) { |
| 353 | if (delete_file(ac, file) == -1) | 357 | if (delete_file(ac, file) == -1) |
| 354 | return -1; | 358 | return -1; |
| 355 | } else { | 359 | } else { |
| 356 | if (add_file(ac, file) == -1) | 360 | if (add_file(ac, file, key_only) == -1) |
| 357 | return -1; | 361 | return -1; |
| 358 | } | 362 | } |
| 359 | return 0; | 363 | return 0; |
| @@ -383,7 +387,7 @@ main(int argc, char **argv) | |||
| 383 | extern int optind; | 387 | extern int optind; |
| 384 | AuthenticationConnection *ac = NULL; | 388 | AuthenticationConnection *ac = NULL; |
| 385 | char *pkcs11provider = NULL; | 389 | char *pkcs11provider = NULL; |
| 386 | int i, ch, deleting = 0, ret = 0; | 390 | int i, ch, deleting = 0, ret = 0, key_only = 0; |
| 387 | 391 | ||
| 388 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ | 392 | /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
| 389 | sanitise_stdfd(); | 393 | sanitise_stdfd(); |
| @@ -400,8 +404,11 @@ main(int argc, char **argv) | |||
| 400 | "Could not open a connection to your authentication agent.\n"); | 404 | "Could not open a connection to your authentication agent.\n"); |
| 401 | exit(2); | 405 | exit(2); |
| 402 | } | 406 | } |
| 403 | while ((ch = getopt(argc, argv, "lLcdDxXe:s:t:")) != -1) { | 407 | while ((ch = getopt(argc, argv, "klLcdDxXe:s:t:")) != -1) { |
| 404 | switch (ch) { | 408 | switch (ch) { |
| 409 | case 'k': | ||
| 410 | key_only = 1; | ||
| 411 | break; | ||
| 405 | case 'l': | 412 | case 'l': |
| 406 | case 'L': | 413 | case 'L': |
| 407 | if (list_identities(ac, ch == 'l' ? 1 : 0) == -1) | 414 | if (list_identities(ac, ch == 'l' ? 1 : 0) == -1) |
| @@ -467,7 +474,7 @@ main(int argc, char **argv) | |||
| 467 | default_files[i]); | 474 | default_files[i]); |
| 468 | if (stat(buf, &st) < 0) | 475 | if (stat(buf, &st) < 0) |
| 469 | continue; | 476 | continue; |
| 470 | if (do_file(ac, deleting, buf) == -1) | 477 | if (do_file(ac, deleting, key_only, buf) == -1) |
| 471 | ret = 1; | 478 | ret = 1; |
| 472 | else | 479 | else |
| 473 | count++; | 480 | count++; |
| @@ -476,7 +483,7 @@ main(int argc, char **argv) | |||
| 476 | ret = 1; | 483 | ret = 1; |
| 477 | } else { | 484 | } else { |
| 478 | for (i = 0; i < argc; i++) { | 485 | for (i = 0; i < argc; i++) { |
| 479 | if (do_file(ac, deleting, argv[i]) == -1) | 486 | if (do_file(ac, deleting, key_only, argv[i]) == -1) |
| 480 | ret = 1; | 487 | ret = 1; |
| 481 | } | 488 | } |
| 482 | } | 489 | } |