diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2020-01-25 00:03:36 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2020-01-25 11:35:55 +1100 |
| commit | 89a8d4525e8edd9958ed3df60cf683551142eae0 (patch) | |
| tree | 5251d0355691f30dca76d17724dd0d2123285e6e /ssh-agent.c | |
| parent | a8c05c640873621681ab64d2e47a314592d5efa2 (diff) | |
upstream: expose PKCS#11 key labels/X.509 subjects as comments
Extract the key label or X.509 subject string when PKCS#11 keys
are retrieved from the token and plumb this through to places where
it may be used as a comment.
based on https://github.com/openssh/openssh-portable/pull/138
by Danielle Church
feedback and ok markus@
OpenBSD-Commit-ID: cae1fda10d9e10971dea29520916e27cfec7ca35
Diffstat (limited to 'ssh-agent.c')
| -rw-r--r-- | ssh-agent.c | 19 |
1 files changed, 13 insertions, 6 deletions
diff --git a/ssh-agent.c b/ssh-agent.c index dd5d21d5a..6092f19dc 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-agent.c,v 1.252 2020/01/23 07:10:22 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.253 2020/01/25 00:03:36 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -633,6 +633,7 @@ static void | |||
| 633 | process_add_smartcard_key(SocketEntry *e) | 633 | process_add_smartcard_key(SocketEntry *e) |
| 634 | { | 634 | { |
| 635 | char *provider = NULL, *pin = NULL, canonical_provider[PATH_MAX]; | 635 | char *provider = NULL, *pin = NULL, canonical_provider[PATH_MAX]; |
| 636 | char **comments = NULL; | ||
| 636 | int r, i, count = 0, success = 0, confirm = 0; | 637 | int r, i, count = 0, success = 0, confirm = 0; |
| 637 | u_int seconds; | 638 | u_int seconds; |
| 638 | time_t death = 0; | 639 | time_t death = 0; |
| @@ -682,28 +683,34 @@ process_add_smartcard_key(SocketEntry *e) | |||
| 682 | if (lifetime && !death) | 683 | if (lifetime && !death) |
| 683 | death = monotime() + lifetime; | 684 | death = monotime() + lifetime; |
| 684 | 685 | ||
| 685 | count = pkcs11_add_provider(canonical_provider, pin, &keys); | 686 | count = pkcs11_add_provider(canonical_provider, pin, &keys, &comments); |
| 686 | for (i = 0; i < count; i++) { | 687 | for (i = 0; i < count; i++) { |
| 687 | k = keys[i]; | 688 | k = keys[i]; |
| 688 | if (lookup_identity(k) == NULL) { | 689 | if (lookup_identity(k) == NULL) { |
| 689 | id = xcalloc(1, sizeof(Identity)); | 690 | id = xcalloc(1, sizeof(Identity)); |
| 690 | id->key = k; | 691 | id->key = k; |
| 692 | keys[i] = NULL; /* transferred */ | ||
| 691 | id->provider = xstrdup(canonical_provider); | 693 | id->provider = xstrdup(canonical_provider); |
| 692 | id->comment = xstrdup(canonical_provider); /* XXX */ | 694 | if (*comments[i] != '\0') { |
| 695 | id->comment = comments[i]; | ||
| 696 | comments[i] = NULL; /* transferred */ | ||
| 697 | } else { | ||
| 698 | id->comment = xstrdup(canonical_provider); | ||
| 699 | } | ||
| 693 | id->death = death; | 700 | id->death = death; |
| 694 | id->confirm = confirm; | 701 | id->confirm = confirm; |
| 695 | TAILQ_INSERT_TAIL(&idtab->idlist, id, next); | 702 | TAILQ_INSERT_TAIL(&idtab->idlist, id, next); |
| 696 | idtab->nentries++; | 703 | idtab->nentries++; |
| 697 | success = 1; | 704 | success = 1; |
| 698 | } else { | ||
| 699 | sshkey_free(k); | ||
| 700 | } | 705 | } |
| 701 | keys[i] = NULL; | 706 | sshkey_free(keys[i]); |
| 707 | free(comments[i]); | ||
| 702 | } | 708 | } |
| 703 | send: | 709 | send: |
| 704 | free(pin); | 710 | free(pin); |
| 705 | free(provider); | 711 | free(provider); |
| 706 | free(keys); | 712 | free(keys); |
| 713 | free(comments); | ||
| 707 | send_status(e, success); | 714 | send_status(e, success); |
| 708 | } | 715 | } |
| 709 | 716 | ||