diff options
-rw-r--r-- | ChangeLog | 10 | ||||
-rw-r--r-- | ssh-agent.1 | 11 | ||||
-rw-r--r-- | ssh-agent.c | 16 |
3 files changed, 33 insertions, 4 deletions
@@ -1,3 +1,11 @@ | |||
1 | 20030122 | ||
2 | - (djm) OpenBSD CVS Sync | ||
3 | - marc@cvs.openbsd.org 2003/01/21 18:14:36 | ||
4 | [ssh-agent.1 ssh-agent.c] | ||
5 | Add a -t life option to ssh-agent that set the default lifetime. | ||
6 | The default can still be overriden by using -t in ssh-add. | ||
7 | OK markus@ | ||
8 | |||
1 | 20030120 | 9 | 20030120 |
2 | - (djm) Fix compilation for NetBSD from dtucker@zip.com.au | 10 | - (djm) Fix compilation for NetBSD from dtucker@zip.com.au |
3 | - (tim) [progressmeter.c] make compilers without long long happy. | 11 | - (tim) [progressmeter.c] make compilers without long long happy. |
@@ -1040,4 +1048,4 @@ | |||
1040 | save auth method before monitor_reset_key_state(); bugzilla bug #284; | 1048 | save auth method before monitor_reset_key_state(); bugzilla bug #284; |
1041 | ok provos@ | 1049 | ok provos@ |
1042 | 1050 | ||
1043 | $Id: ChangeLog,v 1.2578 2003/01/20 04:20:24 tim Exp $ | 1051 | $Id: ChangeLog,v 1.2579 2003/01/22 00:47:19 djm Exp $ |
diff --git a/ssh-agent.1 b/ssh-agent.1 index 0227436c1..98f9dc80d 100644 --- a/ssh-agent.1 +++ b/ssh-agent.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-agent.1,v 1.35 2002/06/24 13:12:23 markus Exp $ | 1 | .\" $OpenBSD: ssh-agent.1,v 1.36 2003/01/21 18:14:36 marc Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -44,6 +44,7 @@ | |||
44 | .Nm ssh-agent | 44 | .Nm ssh-agent |
45 | .Op Fl a Ar bind_address | 45 | .Op Fl a Ar bind_address |
46 | .Op Fl c Li | Fl s | 46 | .Op Fl c Li | Fl s |
47 | .Op Fl t Ar life | ||
47 | .Op Fl d | 48 | .Op Fl d |
48 | .Op Ar command Op Ar args ... | 49 | .Op Ar command Op Ar args ... |
49 | .Nm ssh-agent | 50 | .Nm ssh-agent |
@@ -86,6 +87,14 @@ does not look like it's a csh style of shell. | |||
86 | Kill the current agent (given by the | 87 | Kill the current agent (given by the |
87 | .Ev SSH_AGENT_PID | 88 | .Ev SSH_AGENT_PID |
88 | environment variable). | 89 | environment variable). |
90 | .It Fl t Ar life | ||
91 | Set a default value for the maximum lifetime of identities added to the agent. | ||
92 | The lifetime may be specified in seconds or in a time format specified in | ||
93 | .Xr sshd 8 . | ||
94 | A lifetime specified for an identity with | ||
95 | .Xr ssh-add 1 | ||
96 | overrides this value. | ||
97 | Without this option the default maximum lifetime is forever. | ||
89 | .It Fl d | 98 | .It Fl d |
90 | Debug mode. When this option is specified | 99 | Debug mode. When this option is specified |
91 | .Nm | 100 | .Nm |
diff --git a/ssh-agent.c b/ssh-agent.c index cca720ee2..554f8942a 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -35,7 +35,7 @@ | |||
35 | 35 | ||
36 | #include "includes.h" | 36 | #include "includes.h" |
37 | #include "openbsd-compat/sys-queue.h" | 37 | #include "openbsd-compat/sys-queue.h" |
38 | RCSID("$OpenBSD: ssh-agent.c,v 1.105 2002/10/01 20:34:12 markus Exp $"); | 38 | RCSID("$OpenBSD: ssh-agent.c,v 1.106 2003/01/21 18:14:36 marc Exp $"); |
39 | 39 | ||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | #include <openssl/md5.h> | 41 | #include <openssl/md5.h> |
@@ -106,6 +106,9 @@ extern char *__progname; | |||
106 | char *__progname; | 106 | char *__progname; |
107 | #endif | 107 | #endif |
108 | 108 | ||
109 | /* Default lifetime (0 == forever) */ | ||
110 | static int lifetime = 0; | ||
111 | |||
109 | static void | 112 | static void |
110 | close_socket(SocketEntry *e) | 113 | close_socket(SocketEntry *e) |
111 | { | 114 | { |
@@ -468,6 +471,8 @@ process_add_identity(SocketEntry *e, int version) | |||
468 | break; | 471 | break; |
469 | } | 472 | } |
470 | } | 473 | } |
474 | if (lifetime && !death) | ||
475 | death = time(NULL) + lifetime; | ||
471 | if (lookup_identity(k, version) == NULL) { | 476 | if (lookup_identity(k, version) == NULL) { |
472 | Identity *id = xmalloc(sizeof(Identity)); | 477 | Identity *id = xmalloc(sizeof(Identity)); |
473 | id->key = k; | 478 | id->key = k; |
@@ -930,6 +935,7 @@ usage(void) | |||
930 | fprintf(stderr, " -k Kill the current agent.\n"); | 935 | fprintf(stderr, " -k Kill the current agent.\n"); |
931 | fprintf(stderr, " -d Debug mode.\n"); | 936 | fprintf(stderr, " -d Debug mode.\n"); |
932 | fprintf(stderr, " -a socket Bind agent socket to given name.\n"); | 937 | fprintf(stderr, " -a socket Bind agent socket to given name.\n"); |
938 | fprintf(stderr, " -t life Default identity lifetime (seconds).\n"); | ||
933 | exit(1); | 939 | exit(1); |
934 | } | 940 | } |
935 | 941 | ||
@@ -961,7 +967,7 @@ main(int ac, char **av) | |||
961 | init_rng(); | 967 | init_rng(); |
962 | seed_rng(); | 968 | seed_rng(); |
963 | 969 | ||
964 | while ((ch = getopt(ac, av, "cdksa:")) != -1) { | 970 | while ((ch = getopt(ac, av, "cdksa:t:")) != -1) { |
965 | switch (ch) { | 971 | switch (ch) { |
966 | case 'c': | 972 | case 'c': |
967 | if (s_flag) | 973 | if (s_flag) |
@@ -984,6 +990,12 @@ main(int ac, char **av) | |||
984 | case 'a': | 990 | case 'a': |
985 | agentsocket = optarg; | 991 | agentsocket = optarg; |
986 | break; | 992 | break; |
993 | case 't': | ||
994 | if ((lifetime = convtime(optarg)) == -1) { | ||
995 | fprintf(stderr, "Invalid lifetime\n"); | ||
996 | usage(); | ||
997 | } | ||
998 | break; | ||
987 | default: | 999 | default: |
988 | usage(); | 1000 | usage(); |
989 | } | 1001 | } |