- markus@cvs.openbsd.org 2001/06/26 20:14:11

[key.c key.h ssh.c sshconnect1.c sshconnect2.c] add smartcard support to the client, too (now you can use both the agent and the client).
author: Ben Lindstrom <mouring@eviladmin.org> 2001-07-04 04:52:03 +0000
committer: Ben Lindstrom <mouring@eviladmin.org> 2001-07-04 04:52:03 +0000
commit: c5b680018b1fbc58ad2316199693e2805dadf638 (patch)
tree: c01554c5d55ef51cc90b52dbc28c7513f75fc0bd /ssh.c
parent: eb7a84c49e6248279ba130f8592bae356e7fb61e (diff)
1 files changed, 47 insertions, 2 deletions
diff --git a/ssh.c b/ssh.c
index 484e5de46..a7fe1408a 100644
--- a/ssh.c
+++ b/ssh.c
@@ -39,7 +39,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.126 2001/06/23 15:12:21 itojun Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.127 2001/06/26 20:14:11 markus Exp $");
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -69,6 +69,11 @@ RCSID("$OpenBSD: ssh.c,v 1.126 2001/06/23 15:12:21 itojun Exp $");
 #include "mac.h"
 #include "sshtty.h"
+#ifdef SMARTCARD
+#include <openssl/engine.h>
+#include "scard.h"
+#endif
 #ifdef HAVE___PROGNAME
 extern char *__progname;
 #else
@@ -146,6 +151,11 @@ Buffer command;
 /* Should we execute a command or invoke a subsystem? */
 int subsystem_flag = 0;
+#ifdef SMARTCARD
+/* Smartcard reader id */
+int sc_reader_num = -1;
+#endif
 /* Prints a help message to the user.  This function never returns. */
 static void
@@ -320,7 +330,7 @@ main(int ac, char **av)
                opt = av[optind][1];
                if (!opt)
                        usage();
-                if (strchr("eilcmpbLRDo", opt)) {   /* options with arguments */
+                if (strchr("eilcmpbILRDo", opt)) {   /* options with arguments */
                        optarg = av[optind] + 2;
                        if (strcmp(optarg, "") == 0) {
                                if (optind >= ac - 1)
@@ -387,6 +397,13 @@ main(int ac, char **av)
                                    SSH_MAX_IDENTITY_FILES);
                        options.identity_files[options.num_identity_files++] = xstrdup(optarg);
                        break;
+                case 'I':
+#ifdef SMARTCARD
+                        sc_reader_num = atoi(optarg);
+#else
+                        fprintf(stderr, "no support for smartcards.\n");
+#endif
+                        break;
                case 't':
                        if (tty_flag)
                                force_tty_flag = 1;
@@ -1140,4 +1157,32 @@ load_public_identity_files(void)
                options.identity_files[i] = filename;
                options.identity_keys[i] = public;
        }
+#ifdef SMARTCARD
+        if (sc_reader_num != -1 &&
+            options.num_identity_files + 1 < SSH_MAX_IDENTITY_FILES &&
+            (public = sc_get_key(sc_reader_num)) != NULL ) {
+                Key *new;
+                /* XXX ssh1 vs ssh2 */
+                new = key_new(KEY_RSA);
+                new->flags = KEY_FLAG_EXT;
+                BN_copy(new->rsa->n, public->rsa->n);
+                BN_copy(new->rsa->e, public->rsa->e);
+                RSA_set_method(new->rsa, sc_get_engine());
+                i = options.num_identity_files++;
+                options.identity_keys[i] = new;
+                options.identity_files[i] = xstrdup("smartcard rsa key");;
+                new = key_new(KEY_RSA1);
+                new->flags = KEY_FLAG_EXT;
+                BN_copy(new->rsa->n, public->rsa->n);
+                BN_copy(new->rsa->e, public->rsa->e);
+                RSA_set_method(new->rsa, sc_get_engine());
+                i = options.num_identity_files++;
+                options.identity_keys[i] = new;
+                options.identity_files[i] = xstrdup("smartcard rsa1 key");;
+                key_free(public);
+        }
+#endif
 }
author	Ben Lindstrom <mouring@eviladmin.org>	2001-07-04 04:52:03 +0000
committer	Ben Lindstrom <mouring@eviladmin.org>	2001-07-04 04:52:03 +0000
commit	c5b680018b1fbc58ad2316199693e2805dadf638 (patch)
tree	c01554c5d55ef51cc90b52dbc28c7513f75fc0bd /ssh.c
parent	eb7a84c49e6248279ba130f8592bae356e7fb61e (diff)

diff --git a/ssh.c b/ssh.c index 484e5de46..a7fe1408a 100644 --- a/ssh.c +++ b/ssh.c
@@ -39,7 +39,7 @@
39	*/	39	*/
40		40
41	#include "includes.h"	41	#include "includes.h"
42	RCSID("$OpenBSD: ssh.c,v 1.126 2001/06/23 15:12:21 itojun Exp $");	42	RCSID("$OpenBSD: ssh.c,v 1.127 2001/06/26 20:14:11 markus Exp $");
43		43
44	#include <openssl/evp.h>	44	#include <openssl/evp.h>
45	#include <openssl/err.h>	45	#include <openssl/err.h>
@@ -69,6 +69,11 @@ RCSID("$OpenBSD: ssh.c,v 1.126 2001/06/23 15:12:21 itojun Exp $");
69	#include "mac.h"	69	#include "mac.h"
70	#include "sshtty.h"	70	#include "sshtty.h"
71		71
		72	#ifdef SMARTCARD
		73	#include <openssl/engine.h>
		74	#include "scard.h"
		75	#endif
		76
72	#ifdef HAVE___PROGNAME	77	#ifdef HAVE___PROGNAME
73	extern char *__progname;	78	extern char *__progname;
74	#else	79	#else
@@ -146,6 +151,11 @@ Buffer command;
146	/* Should we execute a command or invoke a subsystem? */	151	/* Should we execute a command or invoke a subsystem? */
147	int subsystem_flag = 0;	152	int subsystem_flag = 0;
148		153
		154	#ifdef SMARTCARD
		155	/* Smartcard reader id */
		156	int sc_reader_num = -1;
		157	#endif
		158
149	/* Prints a help message to the user. This function never returns. */	159	/* Prints a help message to the user. This function never returns. */
150		160
151	static void	161	static void
@@ -320,7 +330,7 @@ main(int ac, char **av)
320	opt = av[optind][1];	330	opt = av[optind][1];
321	if (!opt)	331	if (!opt)
322	usage();	332	usage();
323	if (strchr("eilcmpbLRDo", opt)) { /* options with arguments */	333	if (strchr("eilcmpbILRDo", opt)) { /* options with arguments */
324	optarg = av[optind] + 2;	334	optarg = av[optind] + 2;
325	if (strcmp(optarg, "") == 0) {	335	if (strcmp(optarg, "") == 0) {
326	if (optind >= ac - 1)	336	if (optind >= ac - 1)
@@ -387,6 +397,13 @@ main(int ac, char **av)
387	SSH_MAX_IDENTITY_FILES);	397	SSH_MAX_IDENTITY_FILES);
388	options.identity_files[options.num_identity_files++] = xstrdup(optarg);	398	options.identity_files[options.num_identity_files++] = xstrdup(optarg);
389	break;	399	break;
		400	case 'I':
		401	#ifdef SMARTCARD
		402	sc_reader_num = atoi(optarg);
		403	#else
		404	fprintf(stderr, "no support for smartcards.\n");
		405	#endif
		406	break;
390	case 't':	407	case 't':
391	if (tty_flag)	408	if (tty_flag)
392	force_tty_flag = 1;	409	force_tty_flag = 1;
@@ -1140,4 +1157,32 @@ load_public_identity_files(void)
1140	options.identity_files[i] = filename;	1157	options.identity_files[i] = filename;
1141	options.identity_keys[i] = public;	1158	options.identity_keys[i] = public;
1142	}	1159	}
		1160	#ifdef SMARTCARD
		1161	if (sc_reader_num != -1 &&
		1162	options.num_identity_files + 1 < SSH_MAX_IDENTITY_FILES &&
		1163	(public = sc_get_key(sc_reader_num)) != NULL ) {
		1164	Key *new;
		1165
		1166	/* XXX ssh1 vs ssh2 */
		1167	new = key_new(KEY_RSA);
		1168	new->flags = KEY_FLAG_EXT;
		1169	BN_copy(new->rsa->n, public->rsa->n);
		1170	BN_copy(new->rsa->e, public->rsa->e);
		1171	RSA_set_method(new->rsa, sc_get_engine());
		1172	i = options.num_identity_files++;
		1173	options.identity_keys[i] = new;
		1174	options.identity_files[i] = xstrdup("smartcard rsa key");;
		1175
		1176	new = key_new(KEY_RSA1);
		1177	new->flags = KEY_FLAG_EXT;
		1178	BN_copy(new->rsa->n, public->rsa->n);
		1179	BN_copy(new->rsa->e, public->rsa->e);
		1180	RSA_set_method(new->rsa, sc_get_engine());
		1181	i = options.num_identity_files++;
		1182	options.identity_keys[i] = new;
		1183	options.identity_files[i] = xstrdup("smartcard rsa1 key");;
		1184
		1185	key_free(public);
		1186	}
		1187	#endif
1143	}	1188	}