diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | authfd.c | 10 | ||||
| -rw-r--r-- | authfd.h | 10 | ||||
| -rw-r--r-- | ssh-add.c | 4 | ||||
| -rw-r--r-- | ssh-agent.c | 14 |
5 files changed, 23 insertions, 20 deletions
| @@ -9,6 +9,9 @@ | |||
| 9 | [authfd.c authfd.h ssh-add.c ssh-agent.c] | 9 | [authfd.c authfd.h ssh-add.c ssh-agent.c] |
| 10 | break agent key lifetime protocol and allow other contraints for key | 10 | break agent key lifetime protocol and allow other contraints for key |
| 11 | usage. | 11 | usage. |
| 12 | - markus@cvs.openbsd.org 2002/06/15 00:07:38 | ||
| 13 | [authfd.c authfd.h ssh-add.c ssh-agent.c] | ||
| 14 | fix stupid typo | ||
| 12 | 15 | ||
| 13 | 20020613 | 16 | 20020613 |
| 14 | - (bal) typo of setgroup for cygwin. Patch by vinschen@redhat.com | 17 | - (bal) typo of setgroup for cygwin. Patch by vinschen@redhat.com |
| @@ -937,4 +940,4 @@ | |||
| 937 | - (stevesk) entropy.c: typo in debug message | 940 | - (stevesk) entropy.c: typo in debug message |
| 938 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ | 941 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ |
| 939 | 942 | ||
| 940 | $Id: ChangeLog,v 1.2219 2002/06/21 00:04:48 mouring Exp $ | 943 | $Id: ChangeLog,v 1.2220 2002/06/21 00:06:54 mouring Exp $ |
| @@ -35,7 +35,7 @@ | |||
| 35 | */ | 35 | */ |
| 36 | 36 | ||
| 37 | #include "includes.h" | 37 | #include "includes.h" |
| 38 | RCSID("$OpenBSD: authfd.c,v 1.52 2002/06/15 00:01:36 markus Exp $"); | 38 | RCSID("$OpenBSD: authfd.c,v 1.53 2002/06/15 00:07:38 markus Exp $"); |
| 39 | 39 | ||
| 40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
| 41 | 41 | ||
| @@ -552,7 +552,7 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key) | |||
| 552 | } | 552 | } |
| 553 | 553 | ||
| 554 | int | 554 | int |
| 555 | ssh_contrain_identity(AuthenticationConnection *auth, Key *key, u_int life) | 555 | ssh_constrain_identity(AuthenticationConnection *auth, Key *key, u_int life) |
| 556 | { | 556 | { |
| 557 | Buffer msg; | 557 | Buffer msg; |
| 558 | int type; | 558 | int type; |
| @@ -562,20 +562,20 @@ ssh_contrain_identity(AuthenticationConnection *auth, Key *key, u_int life) | |||
| 562 | buffer_init(&msg); | 562 | buffer_init(&msg); |
| 563 | 563 | ||
| 564 | if (key->type == KEY_RSA1) { | 564 | if (key->type == KEY_RSA1) { |
| 565 | buffer_put_char(&msg, SSH_AGENTC_CONTRAIN_IDENTITY1); | 565 | buffer_put_char(&msg, SSH_AGENTC_CONSTRAIN_IDENTITY1); |
| 566 | buffer_put_int(&msg, BN_num_bits(key->rsa->n)); | 566 | buffer_put_int(&msg, BN_num_bits(key->rsa->n)); |
| 567 | buffer_put_bignum(&msg, key->rsa->e); | 567 | buffer_put_bignum(&msg, key->rsa->e); |
| 568 | buffer_put_bignum(&msg, key->rsa->n); | 568 | buffer_put_bignum(&msg, key->rsa->n); |
| 569 | } else if (key->type == KEY_DSA || key->type == KEY_RSA) { | 569 | } else if (key->type == KEY_DSA || key->type == KEY_RSA) { |
| 570 | key_to_blob(key, &blob, &blen); | 570 | key_to_blob(key, &blob, &blen); |
| 571 | buffer_put_char(&msg, SSH_AGENTC_CONTRAIN_IDENTITY); | 571 | buffer_put_char(&msg, SSH_AGENTC_CONSTRAIN_IDENTITY); |
| 572 | buffer_put_string(&msg, blob, blen); | 572 | buffer_put_string(&msg, blob, blen); |
| 573 | xfree(blob); | 573 | xfree(blob); |
| 574 | } else { | 574 | } else { |
| 575 | buffer_free(&msg); | 575 | buffer_free(&msg); |
| 576 | return 0; | 576 | return 0; |
| 577 | } | 577 | } |
| 578 | buffer_put_char(&msg, SSH_AGENT_CONTRAIN_LIFETIME); | 578 | buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_LIFETIME); |
| 579 | buffer_put_int(&msg, life); | 579 | buffer_put_int(&msg, life); |
| 580 | 580 | ||
| 581 | if (ssh_request_reply(auth, &msg, &msg) == 0) { | 581 | if (ssh_request_reply(auth, &msg, &msg) == 0) { |
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: authfd.h,v 1.27 2002/06/15 00:01:36 markus Exp $ */ | 1 | /* $OpenBSD: authfd.h,v 1.28 2002/06/15 00:07:38 markus Exp $ */ |
| 2 | 2 | ||
| 3 | /* | 3 | /* |
| 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| @@ -47,10 +47,10 @@ | |||
| 47 | #define SSH_AGENTC_UNLOCK 23 | 47 | #define SSH_AGENTC_UNLOCK 23 |
| 48 | 48 | ||
| 49 | /* constrain key usage */ | 49 | /* constrain key usage */ |
| 50 | #define SSH_AGENTC_CONTRAIN_IDENTITY1 24 | 50 | #define SSH_AGENTC_CONSTRAIN_IDENTITY1 24 |
| 51 | #define SSH_AGENTC_CONTRAIN_IDENTITY 25 | 51 | #define SSH_AGENTC_CONSTRAIN_IDENTITY 25 |
| 52 | 52 | ||
| 53 | #define SSH_AGENT_CONTRAIN_LIFETIME 1 | 53 | #define SSH_AGENT_CONSTRAIN_LIFETIME 1 |
| 54 | 54 | ||
| 55 | /* extended failure messages */ | 55 | /* extended failure messages */ |
| 56 | #define SSH2_AGENT_FAILURE 30 | 56 | #define SSH2_AGENT_FAILURE 30 |
| @@ -75,7 +75,7 @@ int ssh_get_num_identities(AuthenticationConnection *, int); | |||
| 75 | Key *ssh_get_first_identity(AuthenticationConnection *, char **, int); | 75 | Key *ssh_get_first_identity(AuthenticationConnection *, char **, int); |
| 76 | Key *ssh_get_next_identity(AuthenticationConnection *, char **, int); | 76 | Key *ssh_get_next_identity(AuthenticationConnection *, char **, int); |
| 77 | int ssh_add_identity(AuthenticationConnection *, Key *, const char *); | 77 | int ssh_add_identity(AuthenticationConnection *, Key *, const char *); |
| 78 | int ssh_contrain_identity(AuthenticationConnection *, Key *, u_int); | 78 | int ssh_constrain_identity(AuthenticationConnection *, Key *, u_int); |
| 79 | int ssh_remove_identity(AuthenticationConnection *, Key *); | 79 | int ssh_remove_identity(AuthenticationConnection *, Key *); |
| 80 | int ssh_remove_all_identities(AuthenticationConnection *, int); | 80 | int ssh_remove_all_identities(AuthenticationConnection *, int); |
| 81 | int ssh_lock_agent(AuthenticationConnection *, int, const char *); | 81 | int ssh_lock_agent(AuthenticationConnection *, int, const char *); |
| @@ -35,7 +35,7 @@ | |||
| 35 | */ | 35 | */ |
| 36 | 36 | ||
| 37 | #include "includes.h" | 37 | #include "includes.h" |
| 38 | RCSID("$OpenBSD: ssh-add.c,v 1.58 2002/06/15 00:01:36 markus Exp $"); | 38 | RCSID("$OpenBSD: ssh-add.c,v 1.59 2002/06/15 00:07:38 markus Exp $"); |
| 39 | 39 | ||
| 40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
| 41 | 41 | ||
| @@ -171,7 +171,7 @@ add_file(AuthenticationConnection *ac, const char *filename) | |||
| 171 | fprintf(stderr, "Could not add identity: %s\n", filename); | 171 | fprintf(stderr, "Could not add identity: %s\n", filename); |
| 172 | 172 | ||
| 173 | if (ret == 0 && lifetime != 0) { | 173 | if (ret == 0 && lifetime != 0) { |
| 174 | if (ssh_contrain_identity(ac, private, lifetime)) { | 174 | if (ssh_constrain_identity(ac, private, lifetime)) { |
| 175 | fprintf(stderr, | 175 | fprintf(stderr, |
| 176 | "Lifetime set to %d seconds for: %s (%s)\n", | 176 | "Lifetime set to %d seconds for: %s (%s)\n", |
| 177 | lifetime, filename, comment); | 177 | lifetime, filename, comment); |
diff --git a/ssh-agent.c b/ssh-agent.c index 4a288199f..991774aae 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
| @@ -35,7 +35,7 @@ | |||
| 35 | 35 | ||
| 36 | #include "includes.h" | 36 | #include "includes.h" |
| 37 | #include "openbsd-compat/fake-queue.h" | 37 | #include "openbsd-compat/fake-queue.h" |
| 38 | RCSID("$OpenBSD: ssh-agent.c,v 1.92 2002/06/15 00:01:36 markus Exp $"); | 38 | RCSID("$OpenBSD: ssh-agent.c,v 1.93 2002/06/15 00:07:38 markus Exp $"); |
| 39 | 39 | ||
| 40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
| 41 | #include <openssl/md5.h> | 41 | #include <openssl/md5.h> |
| @@ -470,7 +470,7 @@ send: | |||
| 470 | } | 470 | } |
| 471 | 471 | ||
| 472 | static void | 472 | static void |
| 473 | process_contrain_identity(SocketEntry *e, int version) | 473 | process_constrain_identity(SocketEntry *e, int version) |
| 474 | { | 474 | { |
| 475 | Key *key = NULL; | 475 | Key *key = NULL; |
| 476 | u_char *blob; | 476 | u_char *blob; |
| @@ -493,7 +493,7 @@ process_contrain_identity(SocketEntry *e, int version) | |||
| 493 | } | 493 | } |
| 494 | while (buffer_len(&e->request)) { | 494 | while (buffer_len(&e->request)) { |
| 495 | switch (buffer_get_char(&e->request)) { | 495 | switch (buffer_get_char(&e->request)) { |
| 496 | case SSH_AGENT_CONTRAIN_LIFETIME: | 496 | case SSH_AGENT_CONSTRAIN_LIFETIME: |
| 497 | death = time(NULL) + buffer_get_int(&e->request); | 497 | death = time(NULL) + buffer_get_int(&e->request); |
| 498 | break; | 498 | break; |
| 499 | default: | 499 | default: |
| @@ -714,8 +714,8 @@ process_message(SocketEntry *e) | |||
| 714 | case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: | 714 | case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: |
| 715 | process_remove_all_identities(e, 1); | 715 | process_remove_all_identities(e, 1); |
| 716 | break; | 716 | break; |
| 717 | case SSH_AGENTC_CONTRAIN_IDENTITY1: | 717 | case SSH_AGENTC_CONSTRAIN_IDENTITY1: |
| 718 | process_contrain_identity(e, 1); | 718 | process_constrain_identity(e, 1); |
| 719 | break; | 719 | break; |
| 720 | /* ssh2 */ | 720 | /* ssh2 */ |
| 721 | case SSH2_AGENTC_SIGN_REQUEST: | 721 | case SSH2_AGENTC_SIGN_REQUEST: |
| @@ -733,8 +733,8 @@ process_message(SocketEntry *e) | |||
| 733 | case SSH2_AGENTC_REMOVE_ALL_IDENTITIES: | 733 | case SSH2_AGENTC_REMOVE_ALL_IDENTITIES: |
| 734 | process_remove_all_identities(e, 2); | 734 | process_remove_all_identities(e, 2); |
| 735 | break; | 735 | break; |
| 736 | case SSH_AGENTC_CONTRAIN_IDENTITY: | 736 | case SSH_AGENTC_CONSTRAIN_IDENTITY: |
| 737 | process_contrain_identity(e, 2); | 737 | process_constrain_identity(e, 2); |
| 738 | break; | 738 | break; |
| 739 | #ifdef SMARTCARD | 739 | #ifdef SMARTCARD |
| 740 | case SSH_AGENTC_ADD_SMARTCARD_KEY: | 740 | case SSH_AGENTC_ADD_SMARTCARD_KEY: |