diff options
Diffstat (limited to 'ssh.c')
| -rw-r--r-- | ssh.c | 29 |
1 files changed, 17 insertions, 12 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh.c,v 1.332 2010/01/26 01:28:35 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.333 2010/02/08 10:50:20 markus Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -103,8 +103,8 @@ | |||
| 103 | #include "roaming.h" | 103 | #include "roaming.h" |
| 104 | #include "version.h" | 104 | #include "version.h" |
| 105 | 105 | ||
| 106 | #ifdef SMARTCARD | 106 | #ifdef ENABLE_PKCS11 |
| 107 | #include "scard.h" | 107 | #include "ssh-pkcs11.h" |
| 108 | #endif | 108 | #endif |
| 109 | 109 | ||
| 110 | extern char *__progname; | 110 | extern char *__progname; |
| @@ -362,10 +362,10 @@ main(int ac, char **av) | |||
| 362 | xstrdup(optarg); | 362 | xstrdup(optarg); |
| 363 | break; | 363 | break; |
| 364 | case 'I': | 364 | case 'I': |
| 365 | #ifdef SMARTCARD | 365 | #ifdef ENABLE_PKCS11 |
| 366 | options.smartcard_device = xstrdup(optarg); | 366 | options.pkcs11_provider = xstrdup(optarg); |
| 367 | #else | 367 | #else |
| 368 | fprintf(stderr, "no support for smartcards.\n"); | 368 | fprintf(stderr, "no support for PKCS#11.\n"); |
| 369 | #endif | 369 | #endif |
| 370 | break; | 370 | break; |
| 371 | case 't': | 371 | case 't': |
| @@ -1305,14 +1305,17 @@ load_public_identity_files(void) | |||
| 1305 | int i = 0; | 1305 | int i = 0; |
| 1306 | Key *public; | 1306 | Key *public; |
| 1307 | struct passwd *pw; | 1307 | struct passwd *pw; |
| 1308 | #ifdef SMARTCARD | 1308 | #ifdef ENABLE_PKCS11 |
| 1309 | Key **keys; | 1309 | Key **keys; |
| 1310 | int nkeys; | ||
| 1310 | 1311 | ||
| 1311 | if (options.smartcard_device != NULL && | 1312 | if (options.pkcs11_provider != NULL && |
| 1312 | options.num_identity_files < SSH_MAX_IDENTITY_FILES && | 1313 | options.num_identity_files < SSH_MAX_IDENTITY_FILES && |
| 1313 | (keys = sc_get_keys(options.smartcard_device, NULL)) != NULL) { | 1314 | (pkcs11_init(!options.batch_mode) == 0) && |
| 1315 | (nkeys = pkcs11_add_provider(options.pkcs11_provider, NULL, | ||
| 1316 | &keys)) > 0) { | ||
| 1314 | int count = 0; | 1317 | int count = 0; |
| 1315 | for (i = 0; keys[i] != NULL; i++) { | 1318 | for (i = 0; i < nkeys; i++) { |
| 1316 | count++; | 1319 | count++; |
| 1317 | memmove(&options.identity_files[1], | 1320 | memmove(&options.identity_files[1], |
| 1318 | &options.identity_files[0], | 1321 | &options.identity_files[0], |
| @@ -1322,14 +1325,16 @@ load_public_identity_files(void) | |||
| 1322 | sizeof(Key *) * (SSH_MAX_IDENTITY_FILES - 1)); | 1325 | sizeof(Key *) * (SSH_MAX_IDENTITY_FILES - 1)); |
| 1323 | options.num_identity_files++; | 1326 | options.num_identity_files++; |
| 1324 | options.identity_keys[0] = keys[i]; | 1327 | options.identity_keys[0] = keys[i]; |
| 1325 | options.identity_files[0] = sc_get_key_label(keys[i]); | 1328 | options.identity_files[0] = |
| 1329 | xstrdup(options.pkcs11_provider); /* XXX */ | ||
| 1326 | } | 1330 | } |
| 1327 | if (options.num_identity_files > SSH_MAX_IDENTITY_FILES) | 1331 | if (options.num_identity_files > SSH_MAX_IDENTITY_FILES) |
| 1328 | options.num_identity_files = SSH_MAX_IDENTITY_FILES; | 1332 | options.num_identity_files = SSH_MAX_IDENTITY_FILES; |
| 1329 | i = count; | 1333 | i = count; |
| 1330 | xfree(keys); | 1334 | xfree(keys); |
| 1335 | /* XXX leaks some keys */ | ||
| 1331 | } | 1336 | } |
| 1332 | #endif /* SMARTCARD */ | 1337 | #endif /* ENABLE_PKCS11 */ |
| 1333 | if ((pw = getpwuid(original_real_uid)) == NULL) | 1338 | if ((pw = getpwuid(original_real_uid)) == NULL) |
| 1334 | fatal("load_public_identity_files: getpwuid failed"); | 1339 | fatal("load_public_identity_files: getpwuid failed"); |
| 1335 | pwname = xstrdup(pw->pw_name); | 1340 | pwname = xstrdup(pw->pw_name); |