diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | authfd.c | 21 | ||||
-rw-r--r-- | authfd.h | 10 | ||||
-rw-r--r-- | ssh-add.c | 52 |
4 files changed, 83 insertions, 5 deletions
@@ -22,6 +22,9 @@ | |||
22 | - markus@cvs.openbsd.org 2001/06/26 04:07:06 | 22 | - markus@cvs.openbsd.org 2001/06/26 04:07:06 |
23 | [ssh-agent.1 ssh-agent.c] | 23 | [ssh-agent.1 ssh-agent.c] |
24 | add debug flag | 24 | add debug flag |
25 | - markus@cvs.openbsd.org 2001/06/26 04:59:59 | ||
26 | [authfd.c authfd.h ssh-add.c] | ||
27 | initial support for smartcards in the agent | ||
25 | 28 | ||
26 | 20010629 | 29 | 20010629 |
27 | - (bal) Removed net_aton() since we don't use it any more | 30 | - (bal) Removed net_aton() since we don't use it any more |
@@ -5849,4 +5852,4 @@ | |||
5849 | - Wrote replacements for strlcpy and mkdtemp | 5852 | - Wrote replacements for strlcpy and mkdtemp |
5850 | - Released 1.0pre1 | 5853 | - Released 1.0pre1 |
5851 | 5854 | ||
5852 | $Id: ChangeLog,v 1.1350 2001/07/04 03:48:02 mouring Exp $ | 5855 | $Id: ChangeLog,v 1.1351 2001/07/04 03:50:02 mouring Exp $ |
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: authfd.c,v 1.41 2001/06/23 15:12:17 itojun Exp $"); | 38 | RCSID("$OpenBSD: authfd.c,v 1.42 2001/06/26 04:59:59 markus Exp $"); |
39 | 39 | ||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | 41 | ||
@@ -534,6 +534,25 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key) | |||
534 | return decode_reply(type); | 534 | return decode_reply(type); |
535 | } | 535 | } |
536 | 536 | ||
537 | int | ||
538 | ssh_update_card(AuthenticationConnection *auth, int add, int reader_id) | ||
539 | { | ||
540 | Buffer msg; | ||
541 | int type; | ||
542 | |||
543 | buffer_init(&msg); | ||
544 | buffer_put_char(&msg, add ? SSH_AGENTC_ADD_SMARTCARD_KEY : | ||
545 | SSH_AGENTC_REMOVE_SMARTCARD_KEY); | ||
546 | buffer_put_int(&msg, reader_id); | ||
547 | if (ssh_request_reply(auth, &msg, &msg) == 0) { | ||
548 | buffer_free(&msg); | ||
549 | return 0; | ||
550 | } | ||
551 | type = buffer_get_char(&msg); | ||
552 | buffer_free(&msg); | ||
553 | return decode_reply(type); | ||
554 | } | ||
555 | |||
537 | /* | 556 | /* |
538 | * Removes all identities from the agent. This call is not meant to be used | 557 | * Removes all identities from the agent. This call is not meant to be used |
539 | * by normal applications. | 558 | * by normal applications. |
@@ -11,7 +11,7 @@ | |||
11 | * called by a name other than "ssh" or "Secure Shell". | 11 | * called by a name other than "ssh" or "Secure Shell". |
12 | */ | 12 | */ |
13 | 13 | ||
14 | /* RCSID("$OpenBSD: authfd.h,v 1.16 2000/12/20 19:37:21 markus Exp $"); */ | 14 | /* RCSID("$OpenBSD: authfd.h,v 1.17 2001/06/26 04:59:59 markus Exp $"); */ |
15 | 15 | ||
16 | #ifndef AUTHFD_H | 16 | #ifndef AUTHFD_H |
17 | #define AUTHFD_H | 17 | #define AUTHFD_H |
@@ -38,6 +38,10 @@ | |||
38 | #define SSH2_AGENTC_REMOVE_IDENTITY 18 | 38 | #define SSH2_AGENTC_REMOVE_IDENTITY 18 |
39 | #define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19 | 39 | #define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19 |
40 | 40 | ||
41 | /* smartcard */ | ||
42 | #define SSH_AGENTC_ADD_SMARTCARD_KEY 20 | ||
43 | #define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21 | ||
44 | |||
41 | /* additional error code for ssh.com's ssh-agent2 */ | 45 | /* additional error code for ssh.com's ssh-agent2 */ |
42 | #define SSH_COM_AGENT2_FAILURE 102 | 46 | #define SSH_COM_AGENT2_FAILURE 102 |
43 | 47 | ||
@@ -133,6 +137,8 @@ int ssh_remove_identity(AuthenticationConnection *auth, Key *key); | |||
133 | * meant to be used by normal applications. This returns true if the | 137 | * meant to be used by normal applications. This returns true if the |
134 | * operation was successful. | 138 | * operation was successful. |
135 | */ | 139 | */ |
136 | int ssh_remove_all_identities(AuthenticationConnection *auth, int version); | 140 | int ssh_remove_all_identities(AuthenticationConnection *auth, int version); |
141 | |||
142 | int ssh_update_card(AuthenticationConnection *auth, int add, int reader_id); | ||
137 | 143 | ||
138 | #endif /* AUTHFD_H */ | 144 | #endif /* AUTHFD_H */ |
@@ -35,7 +35,7 @@ | |||
35 | */ | 35 | */ |
36 | 36 | ||
37 | #include "includes.h" | 37 | #include "includes.h" |
38 | RCSID("$OpenBSD: ssh-add.c,v 1.41 2001/06/25 08:25:40 markus Exp $"); | 38 | RCSID("$OpenBSD: ssh-add.c,v 1.42 2001/06/26 04:59:59 markus Exp $"); |
39 | 39 | ||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | 41 | ||
@@ -150,6 +150,17 @@ add_file(AuthenticationConnection *ac, const char *filename) | |||
150 | } | 150 | } |
151 | 151 | ||
152 | static void | 152 | static void |
153 | update_card(AuthenticationConnection *ac, int add, int id) | ||
154 | { | ||
155 | if (ssh_update_card(ac, add, id)) | ||
156 | fprintf(stderr, "Card %s: %d\n", | ||
157 | add ? "added" : "removed", id); | ||
158 | else | ||
159 | fprintf(stderr, "Could not %s card: %d\n", | ||
160 | add ? "add" : "remove", id); | ||
161 | } | ||
162 | |||
163 | static void | ||
153 | list_identities(AuthenticationConnection *ac, int do_fp) | 164 | list_identities(AuthenticationConnection *ac, int do_fp) |
154 | { | 165 | { |
155 | Key *key; | 166 | Key *key; |
@@ -181,6 +192,18 @@ list_identities(AuthenticationConnection *ac, int do_fp) | |||
181 | printf("The agent has no identities.\n"); | 192 | printf("The agent has no identities.\n"); |
182 | } | 193 | } |
183 | 194 | ||
195 | static void | ||
196 | usage(void) | ||
197 | { | ||
198 | printf("Usage: ssh-add [options]\n"); | ||
199 | printf(" -l, -L : list identities\n"); | ||
200 | printf(" -d : delete identity\n"); | ||
201 | printf(" -D : delete all identities\n"); | ||
202 | printf(" -s reader_num : add key in the smartcard in reader_num.\n"); | ||
203 | printf(" -e reader_num : remove key in the smartcard in reader_num.\n"); | ||
204 | exit (1); | ||
205 | } | ||
206 | |||
184 | int | 207 | int |
185 | main(int argc, char **argv) | 208 | main(int argc, char **argv) |
186 | { | 209 | { |
@@ -190,6 +213,8 @@ main(int argc, char **argv) | |||
190 | int no_files = 1; | 213 | int no_files = 1; |
191 | int i; | 214 | int i; |
192 | int deleting = 0; | 215 | int deleting = 0; |
216 | int sc_mode = 0; | ||
217 | int sc_reader_num = 0; | ||
193 | 218 | ||
194 | __progname = get_progname(argv[0]); | 219 | __progname = get_progname(argv[0]); |
195 | init_rng(); | 220 | init_rng(); |
@@ -220,12 +245,37 @@ main(int argc, char **argv) | |||
220 | no_files = 0; | 245 | no_files = 0; |
221 | continue; | 246 | continue; |
222 | } | 247 | } |
248 | if (strcmp(argv[i], "-s") == 0) { | ||
249 | sc_mode = 1; | ||
250 | deleting = 0; | ||
251 | i++; | ||
252 | if (i >= argc) | ||
253 | usage(); | ||
254 | sc_reader_num = atoi(argv[i]); | ||
255 | continue; | ||
256 | } | ||
257 | if (strcmp(argv[i], "-e") == 0) { | ||
258 | sc_mode = 1; | ||
259 | deleting = 1; | ||
260 | i++; | ||
261 | if (i >= argc) | ||
262 | usage(); | ||
263 | sc_reader_num = atoi(argv[i]); | ||
264 | continue; | ||
265 | } | ||
266 | if (sc_mode == 1) | ||
267 | update_card(ac, !deleting, sc_reader_num); | ||
223 | no_files = 0; | 268 | no_files = 0; |
224 | if (deleting) | 269 | if (deleting) |
225 | delete_file(ac, argv[i]); | 270 | delete_file(ac, argv[i]); |
226 | else | 271 | else |
227 | add_file(ac, argv[i]); | 272 | add_file(ac, argv[i]); |
228 | } | 273 | } |
274 | if (sc_mode == 1) { | ||
275 | update_card(ac, !deleting, sc_reader_num); | ||
276 | ssh_close_authentication_connection(ac); | ||
277 | exit(0); | ||
278 | } | ||
229 | if (no_files) { | 279 | if (no_files) { |
230 | pw = getpwuid(getuid()); | 280 | pw = getpwuid(getuid()); |
231 | if (!pw) { | 281 | if (!pw) { |