diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2019-11-15 02:38:07 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-11-15 13:41:40 +1100 |
| commit | 45ffa369886e37930776d7c15dd8b973242d6ecc (patch) | |
| tree | bf989b32cf357830e56f0dc72fb9d0a1432d5097 /ssh-agent.c | |
| parent | 49dc9fa928d77807c53bdc2898db7fb515fe5eb3 (diff) | |
upstream: show the "please touch your security key" notifier when
using the (default) build-in security key support.
OpenBSD-Commit-ID: 4707643aaa7124501d14e92d1364b20f312a6428
Diffstat (limited to 'ssh-agent.c')
| -rw-r--r-- | ssh-agent.c | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/ssh-agent.c b/ssh-agent.c index 4b6c44e90..97d084230 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh-agent.c,v 1.243 2019/11/14 21:27:30 djm Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.244 2019/11/15 02:38:07 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -87,6 +87,7 @@ | |||
| 87 | #include "ssherr.h" | 87 | #include "ssherr.h" |
| 88 | #include "match.h" | 88 | #include "match.h" |
| 89 | #include "msg.h" | 89 | #include "msg.h" |
| 90 | #include "ssherr.h" | ||
| 90 | #include "pathnames.h" | 91 | #include "pathnames.h" |
| 91 | #include "ssh-pkcs11.h" | 92 | #include "ssh-pkcs11.h" |
| 92 | #include "ssh-sk.h" | 93 | #include "ssh-sk.h" |
| @@ -299,10 +300,22 @@ provider_sign(const char *provider, struct sshkey *key, | |||
| 299 | *sigp = NULL; | 300 | *sigp = NULL; |
| 300 | *lenp = 0; | 301 | *lenp = 0; |
| 301 | 302 | ||
| 303 | if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT, | ||
| 304 | SSH_FP_DEFAULT)) == NULL) | ||
| 305 | fatal("%s: sshkey_fingerprint failed", __func__); | ||
| 306 | notifier = notify_start(0, | ||
| 307 | "Confirm user presence for key %s %s", sshkey_type(key), fp); | ||
| 308 | |||
| 302 | #ifdef ENABLE_SK_INTERNAL | 309 | #ifdef ENABLE_SK_INTERNAL |
| 303 | if (strcasecmp(provider, "internal") == 0) { | 310 | if (strcasecmp(provider, "internal") == 0) { |
| 304 | return sshsk_sign(provider, key, sigp, lenp, | 311 | r = sshsk_sign(provider, key, sigp, lenp, |
| 305 | data, datalen, compat); | 312 | data, datalen, compat); |
| 313 | if (r != 0) { | ||
| 314 | error("%s: sshsk_sign internal: %s", | ||
| 315 | __func__, ssh_err(r)); | ||
| 316 | } | ||
| 317 | notify_complete(notifier); | ||
| 318 | return r; | ||
| 306 | } | 319 | } |
| 307 | #endif | 320 | #endif |
| 308 | 321 | ||
| @@ -352,17 +365,10 @@ provider_sign(const char *provider, struct sshkey *key, | |||
| 352 | error("%s: send: %s", __func__, ssh_err(r)); | 365 | error("%s: send: %s", __func__, ssh_err(r)); |
| 353 | goto out; | 366 | goto out; |
| 354 | } | 367 | } |
| 355 | if ((fp = sshkey_fingerprint(key, SSH_FP_HASH_DEFAULT, | ||
| 356 | SSH_FP_DEFAULT)) == NULL) | ||
| 357 | fatal("%s: sshkey_fingerprint failed", __func__); | ||
| 358 | notifier = notify_start(0, | ||
| 359 | "Confirm user presence for key %s %s", sshkey_type(key), fp); | ||
| 360 | if ((r = ssh_msg_recv(pair[0], resp)) != 0) { | 368 | if ((r = ssh_msg_recv(pair[0], resp)) != 0) { |
| 361 | error("%s: receive: %s", __func__, ssh_err(r)); | 369 | error("%s: receive: %s", __func__, ssh_err(r)); |
| 362 | goto out; | 370 | goto out; |
| 363 | } | 371 | } |
| 364 | notify_complete(notifier); | ||
| 365 | notifier = NULL; | ||
| 366 | if ((r = sshbuf_get_u8(resp, &version)) != 0) { | 372 | if ((r = sshbuf_get_u8(resp, &version)) != 0) { |
| 367 | error("%s: parse version: %s", __func__, ssh_err(r)); | 373 | error("%s: parse version: %s", __func__, ssh_err(r)); |
| 368 | goto out; | 374 | goto out; |