5 files changed, 34 insertions, 14 deletions

diff --git a/ChangeLog b/ChangeLog
index 4ad73258c..c44eb959a 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -75,6 +75,11 @@
    - jakob@cvs.openbsd.org 2001/07/31 08:41:10
      [scard.c]
      do not complain about missing smartcards. ok markus@
+   - jakob@cvs.openbsd.org 2001/07/31 09:28:44
+     [readconf.c readconf.h ssh.1 ssh.c]
+     add 'SmartcardDevice' client option to specify which smartcard device 
+     is used to access a smartcard used for storing the user's private RSA 
+     key. ok markus@.
 
 20010803
  - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on
@@ -6185,4 +6190,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1445 2001/08/06 21:25:38 mouring Exp $
+$Id: ChangeLog,v 1.1446 2001/08/06 21:27:53 mouring Exp $
diff --git a/readconf.c b/readconf.c
index 6519ec667..a4ae73333 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.84 2001/07/25 14:35:18 markus Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.85 2001/07/31 09:28:44 jakob Exp $");
 
 #include "ssh.h"
 #include "xmalloc.h"
@@ -114,7 +114,7 @@ typedef enum {
         oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
         oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
         oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
-        oHostKeyAlgorithms, oBindAddress
+        oHostKeyAlgorithms, oBindAddress, oSmartcardDevice
 } OpCodes;
 
 /* Textual representations of the tokens. */
@@ -183,6 +183,7 @@ static struct {
         { "preferredauthentications", oPreferredAuthentications },
         { "hostkeyalgorithms", oHostKeyAlgorithms },
         { "bindaddress", oBindAddress },
+        { "smartcarddevice", oSmartcardDevice },
         { NULL, 0 }
 };
 
@@ -468,6 +469,10 @@ parse_string:
                 charptr = &options->bind_address;
                 goto parse_string;
 
+        case oSmartcardDevice:
+                intptr = &options->smartcard_device;
+                goto parse_int;
+
         case oProxyCommand:
                 charptr = &options->proxy_command;
                 while ((arg = strdelim(&s)) != NULL && *arg != '\0') {
@@ -772,6 +777,7 @@ initialize_options(Options * options)
         options->log_level = (LogLevel) - 1;
         options->preferred_authentications = NULL;
         options->bind_address = NULL;
+        options->smartcard_device = -1;
 }
 
 /*
diff --git a/readconf.h b/readconf.h
index f91dc3899..623a44810 100644
--- a/readconf.h
+++ b/readconf.h
@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: readconf.h,v 1.35 2001/06/26 17:27:24 markus Exp $"); */
+/* RCSID("$OpenBSD: readconf.h,v 1.36 2001/07/31 09:28:44 jakob Exp $"); */
 
 #ifndef READCONF_H
 #define READCONF_H
@@ -87,6 +87,7 @@ typedef struct {
         char   *user_hostfile2;
         char   *preferred_authentications;
         char   *bind_address;   /* local socket address for connection to sshd */
+        int     smartcard_device; /* Smartcard reader device */
 
         int     num_identity_files;     /* Number of files for RSA/DSA identities. */
         char   *identity_files[SSH_MAX_IDENTITY_FILES];
diff --git a/ssh.1 b/ssh.1
index 32d54c37a..4e10ab109 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.124 2001/07/25 14:35:18 markus Exp $
+.\" $OpenBSD: ssh.1,v 1.125 2001/07/31 09:28:44 jakob Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@@ -448,6 +448,12 @@ It is possible to have multiple
 .Fl i
 options (and multiple identities specified in
 configuration files).
+.It Fl I Ar smartcard_device
+Specifies which smartcard device to use. The argument is
+the device
+.Nm
+should use to communicate with a smartcard used for storing the user's
+private RSA key.
 .It Fl k
 Disables forwarding of Kerberos tickets and AFS tokens.
 This may also be specified on a per-host basis in the configuration file.
@@ -1016,6 +1022,13 @@ or
 .Dq no .
 The default is
 .Dq yes .
+.It Cm SmartcardDevice
+Specifies which smartcard device to use. The argument to this keyword is
+the device
+.Nm
+should use to communicate with a smartcard used for storing the user's
+private RSA key. By default, no device is specified and smartcard support
+is not activated.
 .It Cm StrictHostKeyChecking
 If this flag is set to
 .Dq yes ,
diff --git a/ssh.c b/ssh.c
index d12d7580a..70eaa772b 100644
--- a/ssh.c
+++ b/ssh.c
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.131 2001/07/27 14:50:45 millert Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.132 2001/07/31 09:28:44 jakob Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -151,11 +151,6 @@ Buffer command;
 /* Should we execute a command or invoke a subsystem? */
 int subsystem_flag = 0;
 
-#ifdef SMARTCARD
-/* Smartcard reader id */
-int sc_reader_num = -1;
-#endif
-
 /* Prints a help message to the user.  This function never returns. */
 
 static void
@@ -377,7 +372,7 @@ again:
                         break;
                 case 'I':
 #ifdef SMARTCARD
-                        sc_reader_num = atoi(optarg);
+                        options.smartcard_device = atoi(optarg);
 #else
                         fprintf(stderr, "no support for smartcards.\n");
 #endif
@@ -1156,9 +1151,9 @@ load_public_identity_files(void)
         int i = 0;
 
 #ifdef SMARTCARD
-        if (sc_reader_num != -1 &&
+        if (options.smartcard_device >= 0 &&
             options.num_identity_files + 1 < SSH_MAX_IDENTITY_FILES &&
-            (public = sc_get_key(sc_reader_num)) != NULL ) {
+            (public = sc_get_key(options.smartcard_device)) != NULL ) {
                 Key *new;
 
                 if (options.num_identity_files + 2 > SSH_MAX_IDENTITY_FILES)