summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--authfd.c6
-rw-r--r--ssh-add.c7
2 files changed, 11 insertions, 2 deletions
diff --git a/authfd.c b/authfd.c
index 915a6da48..ea664a167 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: authfd.c,v 1.101 2017/04/30 23:10:43 djm Exp $ */ 1/* $OpenBSD: authfd.c,v 1.102 2017/05/04 06:10:57 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -575,6 +575,10 @@ ssh_update_card(int sock, int add, const char *reader_id, const char *pin,
575/* 575/*
576 * Removes all identities from the agent. 576 * Removes all identities from the agent.
577 * This call is intended only for use by ssh-add(1) and like applications. 577 * This call is intended only for use by ssh-add(1) and like applications.
578 *
579 * This supports the SSH protocol 1 message to because, when clearing all
580 * keys from an agent, we generally want to clear both protocol v1 and v2
581 * keys.
578 */ 582 */
579int 583int
580ssh_remove_all_identities(int sock, int version) 584ssh_remove_all_identities(int sock, int version)
diff --git a/ssh-add.c b/ssh-add.c
index 37ce56dfd..5f62420f9 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-add.c,v 1.129 2017/04/30 23:10:43 djm Exp $ */ 1/* $OpenBSD: ssh-add.c,v 1.130 2017/05/04 06:10:57 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -161,6 +161,11 @@ delete_all(int agent_fd)
161{ 161{
162 int ret = -1; 162 int ret = -1;
163 163
164 /*
165 * Since the agent might be forwarded, old or non-OpenSSH, when asked
166 * to remove all keys, attempt to remove both protocol v.1 and v.2
167 * keys.
168 */
164 if (ssh_remove_all_identities(agent_fd, 2) == 0) 169 if (ssh_remove_all_identities(agent_fd, 2) == 0)
165 ret = 0; 170 ret = 0;
166 /* ignore error-code for ssh1 */ 171 /* ignore error-code for ssh1 */