summaryrefslogtreecommitdiff
path: root/ssh-add.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssh-add.c')
-rw-r--r--ssh-add.c35
1 files changed, 16 insertions, 19 deletions
diff --git a/ssh-add.c b/ssh-add.c
index d6271d78e..fb9a53e64 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh-add.c,v 1.123 2015/07/03 03:43:18 djm Exp $ */ 1/* $OpenBSD: ssh-add.c,v 1.128 2016/02/15 09:47:49 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -93,7 +93,7 @@ static int lifetime = 0;
93/* User has to confirm key use */ 93/* User has to confirm key use */
94static int confirm = 0; 94static int confirm = 0;
95 95
96/* we keep a cache of one passphrases */ 96/* we keep a cache of one passphrase */
97static char *pass = NULL; 97static char *pass = NULL;
98static void 98static void
99clear_pass(void) 99clear_pass(void)
@@ -150,10 +150,8 @@ delete_file(int agent_fd, const char *filename, int key_only)
150 certpath, ssh_err(r)); 150 certpath, ssh_err(r));
151 151
152 out: 152 out:
153 if (cert != NULL) 153 sshkey_free(cert);
154 sshkey_free(cert); 154 sshkey_free(public);
155 if (public != NULL)
156 sshkey_free(public);
157 free(certpath); 155 free(certpath);
158 free(comment); 156 free(comment);
159 157
@@ -218,35 +216,32 @@ add_file(int agent_fd, const char *filename, int key_only)
218 close(fd); 216 close(fd);
219 217
220 /* At first, try empty passphrase */ 218 /* At first, try empty passphrase */
221 if ((r = sshkey_parse_private_fileblob(keyblob, "", filename, 219 if ((r = sshkey_parse_private_fileblob(keyblob, "", &private,
222 &private, &comment)) != 0 && r != SSH_ERR_KEY_WRONG_PASSPHRASE) { 220 &comment)) != 0 && r != SSH_ERR_KEY_WRONG_PASSPHRASE) {
223 fprintf(stderr, "Error loading key \"%s\": %s\n", 221 fprintf(stderr, "Error loading key \"%s\": %s\n",
224 filename, ssh_err(r)); 222 filename, ssh_err(r));
225 goto fail_load; 223 goto fail_load;
226 } 224 }
227 /* try last */ 225 /* try last */
228 if (private == NULL && pass != NULL) { 226 if (private == NULL && pass != NULL) {
229 if ((r = sshkey_parse_private_fileblob(keyblob, pass, filename, 227 if ((r = sshkey_parse_private_fileblob(keyblob, pass, &private,
230 &private, &comment)) != 0 && 228 &comment)) != 0 && r != SSH_ERR_KEY_WRONG_PASSPHRASE) {
231 r != SSH_ERR_KEY_WRONG_PASSPHRASE) {
232 fprintf(stderr, "Error loading key \"%s\": %s\n", 229 fprintf(stderr, "Error loading key \"%s\": %s\n",
233 filename, ssh_err(r)); 230 filename, ssh_err(r));
234 goto fail_load; 231 goto fail_load;
235 } 232 }
236 } 233 }
237 if (comment == NULL)
238 comment = xstrdup(filename);
239 if (private == NULL) { 234 if (private == NULL) {
240 /* clear passphrase since it did not work */ 235 /* clear passphrase since it did not work */
241 clear_pass(); 236 clear_pass();
242 snprintf(msg, sizeof msg, "Enter passphrase for %.200s%s: ", 237 snprintf(msg, sizeof msg, "Enter passphrase for %s%s: ",
243 comment, confirm ? " (will confirm each use)" : ""); 238 filename, confirm ? " (will confirm each use)" : "");
244 for (;;) { 239 for (;;) {
245 pass = read_passphrase(msg, RP_ALLOW_STDIN); 240 pass = read_passphrase(msg, RP_ALLOW_STDIN);
246 if (strcmp(pass, "") == 0) 241 if (strcmp(pass, "") == 0)
247 goto fail_load; 242 goto fail_load;
248 if ((r = sshkey_parse_private_fileblob(keyblob, pass, 243 if ((r = sshkey_parse_private_fileblob(keyblob, pass,
249 filename, &private, NULL)) == 0) 244 &private, &comment)) == 0)
250 break; 245 break;
251 else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) { 246 else if (r != SSH_ERR_KEY_WRONG_PASSPHRASE) {
252 fprintf(stderr, 247 fprintf(stderr,
@@ -254,16 +249,17 @@ add_file(int agent_fd, const char *filename, int key_only)
254 filename, ssh_err(r)); 249 filename, ssh_err(r));
255 fail_load: 250 fail_load:
256 clear_pass(); 251 clear_pass();
257 free(comment);
258 sshbuf_free(keyblob); 252 sshbuf_free(keyblob);
259 return -1; 253 return -1;
260 } 254 }
261 clear_pass(); 255 clear_pass();
262 snprintf(msg, sizeof msg, 256 snprintf(msg, sizeof msg,
263 "Bad passphrase, try again for %.200s%s: ", comment, 257 "Bad passphrase, try again for %s%s: ", filename,
264 confirm ? " (will confirm each use)" : ""); 258 confirm ? " (will confirm each use)" : "");
265 } 259 }
266 } 260 }
261 if (comment == NULL || *comment == '\0')
262 comment = xstrdup(filename);
267 sshbuf_free(keyblob); 263 sshbuf_free(keyblob);
268 264
269 if ((r = ssh_add_identity_constrained(agent_fd, private, comment, 265 if ((r = ssh_add_identity_constrained(agent_fd, private, comment,
@@ -386,7 +382,7 @@ list_identities(int agent_fd, int do_fp)
386 if (do_fp) { 382 if (do_fp) {
387 fp = sshkey_fingerprint(idlist->keys[i], 383 fp = sshkey_fingerprint(idlist->keys[i],
388 fingerprint_hash, SSH_FP_DEFAULT); 384 fingerprint_hash, SSH_FP_DEFAULT);
389 printf("%d %s %s (%s)\n", 385 printf("%u %s %s (%s)\n",
390 sshkey_size(idlist->keys[i]), 386 sshkey_size(idlist->keys[i]),
391 fp == NULL ? "(null)" : fp, 387 fp == NULL ? "(null)" : fp,
392 idlist->comments[i], 388 idlist->comments[i],
@@ -485,6 +481,7 @@ main(int argc, char **argv)
485 int r, i, ch, deleting = 0, ret = 0, key_only = 0; 481 int r, i, ch, deleting = 0, ret = 0, key_only = 0;
486 int xflag = 0, lflag = 0, Dflag = 0; 482 int xflag = 0, lflag = 0, Dflag = 0;
487 483
484 ssh_malloc_init(); /* must be called before any mallocs */
488 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ 485 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
489 sanitise_stdfd(); 486 sanitise_stdfd();
490 487
generated by cgit v1.2.3 (git 2.39.1) at 2024-08-29 22:40:29 +0000