upstream: let ssh_config(5)'s AddKeysToAgent keyword accept a time

limit for keys in addition to its current flag options. Time-limited keys will automatically be removed from ssh-agent after their expiry time has passed; ok markus@ OpenBSD-Commit-ID: 792e71cacbbc25faab5424cf80bee4a006119f94
author: djm@openbsd.org <djm@openbsd.org> 2020-08-11 09:49:57 +0000
committer: Damien Miller <djm@mindrot.org> 2020-08-27 11:27:01 +1000
commit: d0a195c89e26766d3eb8f3e4e2a00ebc98b57795 (patch)
tree: 4479d2c36da47752ca6b09bfc8dc4a0e6d2af97c /sshconnect.c
parent: e9c2002891a7b8e66f4140557a982978f372e5a3 (diff)
1 files changed, 3 insertions, 2 deletions
diff --git a/sshconnect.c b/sshconnect.c
index f6d8a1bcf..63a97d039 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.330 2020/07/17 03:43:42 dtucker Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.331 2020/08/11 09:49:57 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1433,7 +1433,8 @@ maybe_add_key_to_agent(const char *authfile, struct sshkey *private,
        if (sshkey_is_sk(private))
                skprovider = options.sk_provider;
        if ((r = ssh_add_identity_constrained(auth_sock, private,
-            comment == NULL ? authfile : comment, 0,
+            comment == NULL ? authfile : comment,
+            options.add_keys_to_agent_lifespan,
            (options.add_keys_to_agent == 3), 0, skprovider)) == 0)
                debug("identity added to agent: %s", authfile);
        else
author	djm@openbsd.org <djm@openbsd.org>	2020-08-11 09:49:57 +0000
committer	Damien Miller <djm@mindrot.org>	2020-08-27 11:27:01 +1000
commit	d0a195c89e26766d3eb8f3e4e2a00ebc98b57795 (patch)
tree	4479d2c36da47752ca6b09bfc8dc4a0e6d2af97c /sshconnect.c
parent	e9c2002891a7b8e66f4140557a982978f372e5a3 (diff)