summaryrefslogtreecommitdiff
path: root/ssh-agent.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2017-04-30 23:29:10 +0000
committerDamien Miller <djm@mindrot.org>2017-05-01 10:05:07 +1000
commitf4a6a88ddb6dba6d2f7bfb9e2c9879fcc9633043 (patch)
tree1829ba41c2272c7e2fc7cb89de68d47dae9e90ee /ssh-agent.c
parent930e8d2827853bc2e196c20c3e000263cc87fb75 (diff)
upstream commit
flense SSHv1 support from ssh-agent, considerably simplifying it ok markus Upstream-ID: 71d772cdcefcb29f76e01252e8361e6fc2dfc365
Diffstat (limited to 'ssh-agent.c')
-rw-r--r--ssh-agent.c252
1 files changed, 90 insertions, 162 deletions
diff --git a/ssh-agent.c b/ssh-agent.c
index cc3bffad8..2ef8367b9 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-agent.c,v 1.220 2017/04/30 23:18:44 djm Exp $ */ 1/* $OpenBSD: ssh-agent.c,v 1.221 2017/04/30 23:29:10 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -118,13 +118,13 @@ typedef struct identity {
118 u_int confirm; 118 u_int confirm;
119} Identity; 119} Identity;
120 120
121typedef struct { 121struct idtable {
122 int nentries; 122 int nentries;
123 TAILQ_HEAD(idqueue, identity) idlist; 123 TAILQ_HEAD(idqueue, identity) idlist;
124} Idtab; 124};
125 125
126/* private key table, one per protocol version */ 126/* private key table */
127Idtab idtable[3]; 127struct idtable *idtab;
128 128
129int max_fd = 0; 129int max_fd = 0;
130 130
@@ -171,21 +171,9 @@ close_socket(SocketEntry *e)
171static void 171static void
172idtab_init(void) 172idtab_init(void)
173{ 173{
174 int i; 174 idtab = xcalloc(1, sizeof(*idtab));
175 175 TAILQ_INIT(&idtab->idlist);
176 for (i = 0; i <=2; i++) { 176 idtab->nentries = 0;
177 TAILQ_INIT(&idtable[i].idlist);
178 idtable[i].nentries = 0;
179 }
180}
181
182/* return private key table for requested protocol version */
183static Idtab *
184idtab_lookup(int version)
185{
186 if (version < 1 || version > 2)
187 fatal("internal error, bad protocol version %d", version);
188 return &idtable[version];
189} 177}
190 178
191static void 179static void
@@ -199,12 +187,11 @@ free_identity(Identity *id)
199 187
200/* return matching private key for given public key */ 188/* return matching private key for given public key */
201static Identity * 189static Identity *
202lookup_identity(struct sshkey *key, int version) 190lookup_identity(struct sshkey *key)
203{ 191{
204 Identity *id; 192 Identity *id;
205 193
206 Idtab *tab = idtab_lookup(version); 194 TAILQ_FOREACH(id, &idtab->idlist, next) {
207 TAILQ_FOREACH(id, &tab->idlist, next) {
208 if (sshkey_equal(key, id->key)) 195 if (sshkey_equal(key, id->key))
209 return (id); 196 return (id);
210 } 197 }
@@ -241,34 +228,24 @@ send_status(SocketEntry *e, int success)
241 228
242/* send list of supported public keys to 'client' */ 229/* send list of supported public keys to 'client' */
243static void 230static void
244process_request_identities(SocketEntry *e, int version) 231process_request_identities(SocketEntry *e)
245{ 232{
246 Idtab *tab = idtab_lookup(version);
247 Identity *id; 233 Identity *id;
248 struct sshbuf *msg; 234 struct sshbuf *msg;
249 int r; 235 int r;
250 u_char *blob;
251 size_t blen;
252 236
253 if ((msg = sshbuf_new()) == NULL) 237 if ((msg = sshbuf_new()) == NULL)
254 fatal("%s: sshbuf_new failed", __func__); 238 fatal("%s: sshbuf_new failed", __func__);
255 if ((r = sshbuf_put_u8(msg, (version == 1) ? 239 if ((r = sshbuf_put_u8(msg, SSH2_AGENT_IDENTITIES_ANSWER)) != 0 ||
256 SSH_AGENT_RSA_IDENTITIES_ANSWER : 240 (r = sshbuf_put_u32(msg, idtab->nentries)) != 0)
257 SSH2_AGENT_IDENTITIES_ANSWER)) != 0 ||
258 (r = sshbuf_put_u32(msg, tab->nentries)) != 0)
259 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 241 fatal("%s: buffer error: %s", __func__, ssh_err(r));
260 TAILQ_FOREACH(id, &tab->idlist, next) { 242 TAILQ_FOREACH(id, &idtab->idlist, next) {
261 if ((r = sshkey_to_blob(id->key, &blob, &blen)) != 0) { 243 if ((r = sshkey_puts(id->key, msg)) != 0 ||
262 error("%s: sshkey_to_blob: %s", __func__, 244 (r = sshbuf_put_cstring(msg, id->comment)) != 0) {
245 error("%s: put key/comment: %s", __func__,
263 ssh_err(r)); 246 ssh_err(r));
264 continue; 247 continue;
265 } 248 }
266 if ((r = sshbuf_put_string(msg, blob, blen)) != 0)
267 fatal("%s: buffer error: %s",
268 __func__, ssh_err(r));
269 free(blob);
270 if ((r = sshbuf_put_cstring(msg, id->comment)) != 0)
271 fatal("%s: buffer error: %s", __func__, ssh_err(r));
272 } 249 }
273 if ((r = sshbuf_put_stringb(e->output, msg)) != 0) 250 if ((r = sshbuf_put_stringb(e->output, msg)) != 0)
274 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 251 fatal("%s: buffer error: %s", __func__, ssh_err(r));
@@ -292,27 +269,24 @@ agent_decode_alg(struct sshkey *key, u_int flags)
292static void 269static void
293process_sign_request2(SocketEntry *e) 270process_sign_request2(SocketEntry *e)
294{ 271{
295 u_char *blob, *data, *signature = NULL; 272 const u_char *data;
296 size_t blen, dlen, slen = 0; 273 u_char *signature = NULL;
274 size_t dlen, slen = 0;
297 u_int compat = 0, flags; 275 u_int compat = 0, flags;
298 int r, ok = -1; 276 int r, ok = -1;
299 struct sshbuf *msg; 277 struct sshbuf *msg;
300 struct sshkey *key; 278 struct sshkey *key = NULL;
301 struct identity *id; 279 struct identity *id;
302 280
303 if ((msg = sshbuf_new()) == NULL) 281 if ((msg = sshbuf_new()) == NULL)
304 fatal("%s: sshbuf_new failed", __func__); 282 fatal("%s: sshbuf_new failed", __func__);
305 if ((r = sshbuf_get_string(e->request, &blob, &blen)) != 0 || 283 if ((r = sshkey_froms(e->request, &key)) != 0 ||
306 (r = sshbuf_get_string(e->request, &data, &dlen)) != 0 || 284 (r = sshbuf_get_string_direct(e->request, &data, &dlen)) != 0 ||
307 (r = sshbuf_get_u32(e->request, &flags)) != 0) 285 (r = sshbuf_get_u32(e->request, &flags)) != 0)
308 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 286 fatal("%s: buffer error: %s", __func__, ssh_err(r));
309 if (flags & SSH_AGENT_OLD_SIGNATURE) 287 if (flags & SSH_AGENT_OLD_SIGNATURE)
310 compat = SSH_BUG_SIGBLOB; 288 compat = SSH_BUG_SIGBLOB;
311 if ((r = sshkey_from_blob(blob, blen, &key)) != 0) { 289 if ((id = lookup_identity(key)) == NULL) {
312 error("%s: cannot parse key blob: %s", __func__, ssh_err(r));
313 goto send;
314 }
315 if ((id = lookup_identity(key, 2)) == NULL) {
316 verbose("%s: %s key not found", __func__, sshkey_type(key)); 290 verbose("%s: %s key not found", __func__, sshkey_type(key));
317 goto send; 291 goto send;
318 } 292 }
@@ -340,70 +314,52 @@ process_sign_request2(SocketEntry *e)
340 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 314 fatal("%s: buffer error: %s", __func__, ssh_err(r));
341 315
342 sshbuf_free(msg); 316 sshbuf_free(msg);
343 free(data);
344 free(blob);
345 free(signature); 317 free(signature);
346} 318}
347 319
348/* shared */ 320/* shared */
349static void 321static void
350process_remove_identity(SocketEntry *e, int version) 322process_remove_identity(SocketEntry *e)
351{ 323{
352 size_t blen;
353 int r, success = 0; 324 int r, success = 0;
354 struct sshkey *key = NULL; 325 struct sshkey *key = NULL;
355 u_char *blob; 326 Identity *id;
356 327
357 switch (version) { 328 if ((r = sshkey_froms(e->request, &key)) != 0) {
358 case 2: 329 error("%s: get key: %s", __func__, ssh_err(r));
359 if ((r = sshbuf_get_string(e->request, &blob, &blen)) != 0) 330 goto done;
360 fatal("%s: buffer error: %s", __func__, ssh_err(r));
361 if ((r = sshkey_from_blob(blob, blen, &key)) != 0)
362 error("%s: sshkey_from_blob failed: %s",
363 __func__, ssh_err(r));
364 free(blob);
365 break;
366 } 331 }
367 if (key != NULL) { 332 if ((id = lookup_identity(key)) == NULL) {
368 Identity *id = lookup_identity(key, version); 333 debug("%s: key not found", __func__);
369 if (id != NULL) { 334 goto done;
370 /*
371 * We have this key. Free the old key. Since we
372 * don't want to leave empty slots in the middle of
373 * the array, we actually free the key there and move
374 * all the entries between the empty slot and the end
375 * of the array.
376 */
377 Idtab *tab = idtab_lookup(version);
378 if (tab->nentries < 1)
379 fatal("process_remove_identity: "
380 "internal error: tab->nentries %d",
381 tab->nentries);
382 TAILQ_REMOVE(&tab->idlist, id, next);
383 free_identity(id);
384 tab->nentries--;
385 success = 1;
386 }
387 sshkey_free(key);
388 } 335 }
336 /* We have this key, free it. */
337 if (idtab->nentries < 1)
338 fatal("%s: internal error: nentries %d",
339 __func__, idtab->nentries);
340 TAILQ_REMOVE(&idtab->idlist, id, next);
341 free_identity(id);
342 idtab->nentries--;
343 sshkey_free(key);
344 success = 1;
345 done:
389 send_status(e, success); 346 send_status(e, success);
390} 347}
391 348
392static void 349static void
393process_remove_all_identities(SocketEntry *e, int version) 350process_remove_all_identities(SocketEntry *e)
394{ 351{
395 Idtab *tab = idtab_lookup(version);
396 Identity *id; 352 Identity *id;
397 353
398 /* Loop over all identities and clear the keys. */ 354 /* Loop over all identities and clear the keys. */
399 for (id = TAILQ_FIRST(&tab->idlist); id; 355 for (id = TAILQ_FIRST(&idtab->idlist); id;
400 id = TAILQ_FIRST(&tab->idlist)) { 356 id = TAILQ_FIRST(&idtab->idlist)) {
401 TAILQ_REMOVE(&tab->idlist, id, next); 357 TAILQ_REMOVE(&idtab->idlist, id, next);
402 free_identity(id); 358 free_identity(id);
403 } 359 }
404 360
405 /* Mark that there are no identities. */ 361 /* Mark that there are no identities. */
406 tab->nentries = 0; 362 idtab->nentries = 0;
407 363
408 /* Send success. */ 364 /* Send success. */
409 send_status(e, 1); 365 send_status(e, 1);
@@ -415,24 +371,19 @@ reaper(void)
415{ 371{
416 time_t deadline = 0, now = monotime(); 372 time_t deadline = 0, now = monotime();
417 Identity *id, *nxt; 373 Identity *id, *nxt;
418 int version; 374
419 Idtab *tab; 375 for (id = TAILQ_FIRST(&idtab->idlist); id; id = nxt) {
420 376 nxt = TAILQ_NEXT(id, next);
421 for (version = 1; version < 3; version++) { 377 if (id->death == 0)
422 tab = idtab_lookup(version); 378 continue;
423 for (id = TAILQ_FIRST(&tab->idlist); id; id = nxt) { 379 if (now >= id->death) {
424 nxt = TAILQ_NEXT(id, next); 380 debug("expiring key '%s'", id->comment);
425 if (id->death == 0) 381 TAILQ_REMOVE(&idtab->idlist, id, next);
426 continue; 382 free_identity(id);
427 if (now >= id->death) { 383 idtab->nentries--;
428 debug("expiring key '%s'", id->comment); 384 } else
429 TAILQ_REMOVE(&tab->idlist, id, next); 385 deadline = (deadline == 0) ? id->death :
430 free_identity(id); 386 MINIMUM(deadline, id->death);
431 tab->nentries--;
432 } else
433 deadline = (deadline == 0) ? id->death :
434 MINIMUM(deadline, id->death);
435 }
436 } 387 }
437 if (deadline == 0 || deadline <= now) 388 if (deadline == 0 || deadline <= now)
438 return 0; 389 return 0;
@@ -440,15 +391,9 @@ reaper(void)
440 return (deadline - now); 391 return (deadline - now);
441} 392}
442 393
443/*
444 * XXX this and the corresponding serialisation function probably belongs
445 * in key.c
446 */
447
448static void 394static void
449process_add_identity(SocketEntry *e, int version) 395process_add_identity(SocketEntry *e)
450{ 396{
451 Idtab *tab = idtab_lookup(version);
452 Identity *id; 397 Identity *id;
453 int success = 0, confirm = 0; 398 int success = 0, confirm = 0;
454 u_int seconds; 399 u_int seconds;
@@ -458,12 +403,8 @@ process_add_identity(SocketEntry *e, int version)
458 u_char ctype; 403 u_char ctype;
459 int r = SSH_ERR_INTERNAL_ERROR; 404 int r = SSH_ERR_INTERNAL_ERROR;
460 405
461 switch (version) { 406 if ((r = sshkey_private_deserialize(e->request, &k)) != 0 ||
462 case 2: 407 k == NULL ||
463 r = sshkey_private_deserialize(e->request, &k);
464 break;
465 }
466 if (r != 0 || k == NULL ||
467 (r = sshbuf_get_cstring(e->request, &comment, NULL)) != 0) { 408 (r = sshbuf_get_cstring(e->request, &comment, NULL)) != 0) {
468 error("%s: decode private key: %s", __func__, ssh_err(r)); 409 error("%s: decode private key: %s", __func__, ssh_err(r));
469 goto err; 410 goto err;
@@ -499,12 +440,12 @@ process_add_identity(SocketEntry *e, int version)
499 success = 1; 440 success = 1;
500 if (lifetime && !death) 441 if (lifetime && !death)
501 death = monotime() + lifetime; 442 death = monotime() + lifetime;
502 if ((id = lookup_identity(k, version)) == NULL) { 443 if ((id = lookup_identity(k)) == NULL) {
503 id = xcalloc(1, sizeof(Identity)); 444 id = xcalloc(1, sizeof(Identity));
504 id->key = k; 445 id->key = k;
505 TAILQ_INSERT_TAIL(&tab->idlist, id, next); 446 TAILQ_INSERT_TAIL(&idtab->idlist, id, next);
506 /* Increment the number of identities. */ 447 /* Increment the number of identities. */
507 tab->nentries++; 448 idtab->nentries++;
508 } else { 449 } else {
509 sshkey_free(k); 450 sshkey_free(k);
510 free(id->comment); 451 free(id->comment);
@@ -565,17 +506,14 @@ process_lock_agent(SocketEntry *e, int lock)
565} 506}
566 507
567static void 508static void
568no_identities(SocketEntry *e, u_int type) 509no_identities(SocketEntry *e)
569{ 510{
570 struct sshbuf *msg; 511 struct sshbuf *msg;
571 int r; 512 int r;
572 513
573 if ((msg = sshbuf_new()) == NULL) 514 if ((msg = sshbuf_new()) == NULL)
574 fatal("%s: sshbuf_new failed", __func__); 515 fatal("%s: sshbuf_new failed", __func__);
575 if ((r = sshbuf_put_u8(msg, 516 if ((r = sshbuf_put_u8(msg, SSH2_AGENT_IDENTITIES_ANSWER)) != 0 ||
576 (type == SSH_AGENTC_REQUEST_RSA_IDENTITIES) ?
577 SSH_AGENT_RSA_IDENTITIES_ANSWER :
578 SSH2_AGENT_IDENTITIES_ANSWER)) != 0 ||
579 (r = sshbuf_put_u32(msg, 0)) != 0 || 517 (r = sshbuf_put_u32(msg, 0)) != 0 ||
580 (r = sshbuf_put_stringb(e->output, msg)) != 0) 518 (r = sshbuf_put_stringb(e->output, msg)) != 0)
581 fatal("%s: buffer error: %s", __func__, ssh_err(r)); 519 fatal("%s: buffer error: %s", __func__, ssh_err(r));
@@ -587,13 +525,12 @@ static void
587process_add_smartcard_key(SocketEntry *e) 525process_add_smartcard_key(SocketEntry *e)
588{ 526{
589 char *provider = NULL, *pin, canonical_provider[PATH_MAX]; 527 char *provider = NULL, *pin, canonical_provider[PATH_MAX];
590 int r, i, version, count = 0, success = 0, confirm = 0; 528 int r, i, count = 0, success = 0, confirm = 0;
591 u_int seconds; 529 u_int seconds;
592 time_t death = 0; 530 time_t death = 0;
593 u_char type; 531 u_char type;
594 struct sshkey **keys = NULL, *k; 532 struct sshkey **keys = NULL, *k;
595 Identity *id; 533 Identity *id;
596 Idtab *tab;
597 534
598 if ((r = sshbuf_get_cstring(e->request, &provider, NULL)) != 0 || 535 if ((r = sshbuf_get_cstring(e->request, &provider, NULL)) != 0 ||
599 (r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0) 536 (r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0)
@@ -613,8 +550,7 @@ process_add_smartcard_key(SocketEntry *e)
613 confirm = 1; 550 confirm = 1;
614 break; 551 break;
615 default: 552 default:
616 error("process_add_smartcard_key: " 553 error("%s: Unknown constraint type %d", __func__, type);
617 "Unknown constraint type %d", type);
618 goto send; 554 goto send;
619 } 555 }
620 } 556 }
@@ -635,17 +571,15 @@ process_add_smartcard_key(SocketEntry *e)
635 count = pkcs11_add_provider(canonical_provider, pin, &keys); 571 count = pkcs11_add_provider(canonical_provider, pin, &keys);
636 for (i = 0; i < count; i++) { 572 for (i = 0; i < count; i++) {
637 k = keys[i]; 573 k = keys[i];
638 version = 2; 574 if (lookup_identity(k) == NULL) {
639 tab = idtab_lookup(version);
640 if (lookup_identity(k, version) == NULL) {
641 id = xcalloc(1, sizeof(Identity)); 575 id = xcalloc(1, sizeof(Identity));
642 id->key = k; 576 id->key = k;
643 id->provider = xstrdup(canonical_provider); 577 id->provider = xstrdup(canonical_provider);
644 id->comment = xstrdup(canonical_provider); /* XXX */ 578 id->comment = xstrdup(canonical_provider); /* XXX */
645 id->death = death; 579 id->death = death;
646 id->confirm = confirm; 580 id->confirm = confirm;
647 TAILQ_INSERT_TAIL(&tab->idlist, id, next); 581 TAILQ_INSERT_TAIL(&idtab->idlist, id, next);
648 tab->nentries++; 582 idtab->nentries++;
649 success = 1; 583 success = 1;
650 } else { 584 } else {
651 sshkey_free(k); 585 sshkey_free(k);
@@ -663,9 +597,8 @@ static void
663process_remove_smartcard_key(SocketEntry *e) 597process_remove_smartcard_key(SocketEntry *e)
664{ 598{
665 char *provider = NULL, *pin = NULL, canonical_provider[PATH_MAX]; 599 char *provider = NULL, *pin = NULL, canonical_provider[PATH_MAX];
666 int r, version, success = 0; 600 int r, success = 0;
667 Identity *id, *nxt; 601 Identity *id, *nxt;
668 Idtab *tab;
669 602
670 if ((r = sshbuf_get_cstring(e->request, &provider, NULL)) != 0 || 603 if ((r = sshbuf_get_cstring(e->request, &provider, NULL)) != 0 ||
671 (r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0) 604 (r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0)
@@ -679,25 +612,21 @@ process_remove_smartcard_key(SocketEntry *e)
679 } 612 }
680 613
681 debug("%s: remove %.100s", __func__, canonical_provider); 614 debug("%s: remove %.100s", __func__, canonical_provider);
682 for (version = 1; version < 3; version++) { 615 for (id = TAILQ_FIRST(&idtab->idlist); id; id = nxt) {
683 tab = idtab_lookup(version); 616 nxt = TAILQ_NEXT(id, next);
684 for (id = TAILQ_FIRST(&tab->idlist); id; id = nxt) { 617 /* Skip file--based keys */
685 nxt = TAILQ_NEXT(id, next); 618 if (id->provider == NULL)
686 /* Skip file--based keys */ 619 continue;
687 if (id->provider == NULL) 620 if (!strcmp(canonical_provider, id->provider)) {
688 continue; 621 TAILQ_REMOVE(&idtab->idlist, id, next);
689 if (!strcmp(canonical_provider, id->provider)) { 622 free_identity(id);
690 TAILQ_REMOVE(&tab->idlist, id, next); 623 idtab->nentries--;
691 free_identity(id);
692 tab->nentries--;
693 }
694 } 624 }
695 } 625 }
696 if (pkcs11_del_provider(canonical_provider) == 0) 626 if (pkcs11_del_provider(canonical_provider) == 0)
697 success = 1; 627 success = 1;
698 else 628 else
699 error("process_remove_smartcard_key:" 629 error("%s: pkcs11_del_provider failed", __func__);
700 " pkcs11_del_provider failed");
701send: 630send:
702 free(provider); 631 free(provider);
703 send_status(e, success); 632 send_status(e, success);
@@ -735,10 +664,9 @@ process_message(SocketEntry *e)
735 if (locked && type != SSH_AGENTC_UNLOCK) { 664 if (locked && type != SSH_AGENTC_UNLOCK) {
736 sshbuf_reset(e->request); 665 sshbuf_reset(e->request);
737 switch (type) { 666 switch (type) {
738 case SSH_AGENTC_REQUEST_RSA_IDENTITIES:
739 case SSH2_AGENTC_REQUEST_IDENTITIES: 667 case SSH2_AGENTC_REQUEST_IDENTITIES:
740 /* send empty lists */ 668 /* send empty lists */
741 no_identities(e, type); 669 no_identities(e);
742 break; 670 break;
743 default: 671 default:
744 /* send a fail message for all other request types */ 672 /* send a fail message for all other request types */
@@ -754,24 +682,24 @@ process_message(SocketEntry *e)
754 process_lock_agent(e, type == SSH_AGENTC_LOCK); 682 process_lock_agent(e, type == SSH_AGENTC_LOCK);
755 break; 683 break;
756 case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: 684 case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES:
757 process_remove_all_identities(e, 1); /* safe for !WITH_SSH1 */ 685 process_remove_all_identities(e); /* safe for !WITH_SSH1 */
758 break; 686 break;
759 /* ssh2 */ 687 /* ssh2 */
760 case SSH2_AGENTC_SIGN_REQUEST: 688 case SSH2_AGENTC_SIGN_REQUEST:
761 process_sign_request2(e); 689 process_sign_request2(e);
762 break; 690 break;
763 case SSH2_AGENTC_REQUEST_IDENTITIES: 691 case SSH2_AGENTC_REQUEST_IDENTITIES:
764 process_request_identities(e, 2); 692 process_request_identities(e);
765 break; 693 break;
766 case SSH2_AGENTC_ADD_IDENTITY: 694 case SSH2_AGENTC_ADD_IDENTITY:
767 case SSH2_AGENTC_ADD_ID_CONSTRAINED: 695 case SSH2_AGENTC_ADD_ID_CONSTRAINED:
768 process_add_identity(e, 2); 696 process_add_identity(e);
769 break; 697 break;
770 case SSH2_AGENTC_REMOVE_IDENTITY: 698 case SSH2_AGENTC_REMOVE_IDENTITY:
771 process_remove_identity(e, 2); 699 process_remove_identity(e);
772 break; 700 break;
773 case SSH2_AGENTC_REMOVE_ALL_IDENTITIES: 701 case SSH2_AGENTC_REMOVE_ALL_IDENTITIES:
774 process_remove_all_identities(e, 2); 702 process_remove_all_identities(e);
775 break; 703 break;
776#ifdef ENABLE_PKCS11 704#ifdef ENABLE_PKCS11
777 case SSH_AGENTC_ADD_SMARTCARD_KEY: 705 case SSH_AGENTC_ADD_SMARTCARD_KEY: