diff options
Diffstat (limited to 'ssh.c')
-rw-r--r-- | ssh.c | 29 |
1 files changed, 17 insertions, 12 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.332 2010/01/26 01:28:35 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.333 2010/02/08 10:50:20 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -103,8 +103,8 @@ | |||
103 | #include "roaming.h" | 103 | #include "roaming.h" |
104 | #include "version.h" | 104 | #include "version.h" |
105 | 105 | ||
106 | #ifdef SMARTCARD | 106 | #ifdef ENABLE_PKCS11 |
107 | #include "scard.h" | 107 | #include "ssh-pkcs11.h" |
108 | #endif | 108 | #endif |
109 | 109 | ||
110 | extern char *__progname; | 110 | extern char *__progname; |
@@ -362,10 +362,10 @@ main(int ac, char **av) | |||
362 | xstrdup(optarg); | 362 | xstrdup(optarg); |
363 | break; | 363 | break; |
364 | case 'I': | 364 | case 'I': |
365 | #ifdef SMARTCARD | 365 | #ifdef ENABLE_PKCS11 |
366 | options.smartcard_device = xstrdup(optarg); | 366 | options.pkcs11_provider = xstrdup(optarg); |
367 | #else | 367 | #else |
368 | fprintf(stderr, "no support for smartcards.\n"); | 368 | fprintf(stderr, "no support for PKCS#11.\n"); |
369 | #endif | 369 | #endif |
370 | break; | 370 | break; |
371 | case 't': | 371 | case 't': |
@@ -1305,14 +1305,17 @@ load_public_identity_files(void) | |||
1305 | int i = 0; | 1305 | int i = 0; |
1306 | Key *public; | 1306 | Key *public; |
1307 | struct passwd *pw; | 1307 | struct passwd *pw; |
1308 | #ifdef SMARTCARD | 1308 | #ifdef ENABLE_PKCS11 |
1309 | Key **keys; | 1309 | Key **keys; |
1310 | int nkeys; | ||
1310 | 1311 | ||
1311 | if (options.smartcard_device != NULL && | 1312 | if (options.pkcs11_provider != NULL && |
1312 | options.num_identity_files < SSH_MAX_IDENTITY_FILES && | 1313 | options.num_identity_files < SSH_MAX_IDENTITY_FILES && |
1313 | (keys = sc_get_keys(options.smartcard_device, NULL)) != NULL) { | 1314 | (pkcs11_init(!options.batch_mode) == 0) && |
1315 | (nkeys = pkcs11_add_provider(options.pkcs11_provider, NULL, | ||
1316 | &keys)) > 0) { | ||
1314 | int count = 0; | 1317 | int count = 0; |
1315 | for (i = 0; keys[i] != NULL; i++) { | 1318 | for (i = 0; i < nkeys; i++) { |
1316 | count++; | 1319 | count++; |
1317 | memmove(&options.identity_files[1], | 1320 | memmove(&options.identity_files[1], |
1318 | &options.identity_files[0], | 1321 | &options.identity_files[0], |
@@ -1322,14 +1325,16 @@ load_public_identity_files(void) | |||
1322 | sizeof(Key *) * (SSH_MAX_IDENTITY_FILES - 1)); | 1325 | sizeof(Key *) * (SSH_MAX_IDENTITY_FILES - 1)); |
1323 | options.num_identity_files++; | 1326 | options.num_identity_files++; |
1324 | options.identity_keys[0] = keys[i]; | 1327 | options.identity_keys[0] = keys[i]; |
1325 | options.identity_files[0] = sc_get_key_label(keys[i]); | 1328 | options.identity_files[0] = |
1329 | xstrdup(options.pkcs11_provider); /* XXX */ | ||
1326 | } | 1330 | } |
1327 | if (options.num_identity_files > SSH_MAX_IDENTITY_FILES) | 1331 | if (options.num_identity_files > SSH_MAX_IDENTITY_FILES) |
1328 | options.num_identity_files = SSH_MAX_IDENTITY_FILES; | 1332 | options.num_identity_files = SSH_MAX_IDENTITY_FILES; |
1329 | i = count; | 1333 | i = count; |
1330 | xfree(keys); | 1334 | xfree(keys); |
1335 | /* XXX leaks some keys */ | ||
1331 | } | 1336 | } |
1332 | #endif /* SMARTCARD */ | 1337 | #endif /* ENABLE_PKCS11 */ |
1333 | if ((pw = getpwuid(original_real_uid)) == NULL) | 1338 | if ((pw = getpwuid(original_real_uid)) == NULL) |
1334 | fatal("load_public_identity_files: getpwuid failed"); | 1339 | fatal("load_public_identity_files: getpwuid failed"); |
1335 | pwname = xstrdup(pw->pw_name); | 1340 | pwname = xstrdup(pw->pw_name); |