===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/authfd.c,v
retrieving revision 1.81
retrieving revision 1.82
diff -u -r1.81 -r1.82
--- src/usr.bin/ssh/authfd.c	2009/08/27 17:44:52	1.81
+++ src/usr.bin/ssh/authfd.c	2010/02/26 20:29:54	1.82
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.81 2009/08/27 17:44:52 djm Exp $ */
+/* $OpenBSD: authfd.c,v 1.82 2010/02/26 20:29:54 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -481,6 +481,16 @@
 		buffer_put_bignum2(b, key->rsa->p);
 		buffer_put_bignum2(b, key->rsa->q);
 		break;
+	case KEY_RSA_CERT:
+		if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0)
+			fatal("%s: no cert/certblob", __func__);
+		buffer_put_string(b, buffer_ptr(&key->cert->certblob),
+		    buffer_len(&key->cert->certblob));
+		buffer_put_bignum2(b, key->rsa->d);
+		buffer_put_bignum2(b, key->rsa->iqmp);
+		buffer_put_bignum2(b, key->rsa->p);
+		buffer_put_bignum2(b, key->rsa->q);
+		break;
 	case KEY_DSA:
 		buffer_put_bignum2(b, key->dsa->p);
 		buffer_put_bignum2(b, key->dsa->q);
@@ -488,6 +498,13 @@
 		buffer_put_bignum2(b, key->dsa->pub_key);
 		buffer_put_bignum2(b, key->dsa->priv_key);
 		break;
+	case KEY_DSA_CERT:
+		if (key->cert == NULL || buffer_len(&key->cert->certblob) == 0)
+			fatal("%s: no cert/certblob", __func__);
+		buffer_put_string(b, buffer_ptr(&key->cert->certblob),
+		    buffer_len(&key->cert->certblob));
+		buffer_put_bignum2(b, key->dsa->priv_key);
+		break;
 	}
 	buffer_put_cstring(b, comment);
 }
@@ -515,7 +532,9 @@
 		ssh_encode_identity_rsa1(&msg, key->rsa, comment);
 		break;
 	case KEY_RSA:
+	case KEY_RSA_CERT:
 	case KEY_DSA:
+	case KEY_DSA_CERT:
 		type = constrained ?
 		    SSH2_AGENTC_ADD_ID_CONSTRAINED :
 		    SSH2_AGENTC_ADD_IDENTITY;
@@ -563,7 +582,8 @@
 		buffer_put_int(&msg, BN_num_bits(key->rsa->n));
 		buffer_put_bignum(&msg, key->rsa->e);
 		buffer_put_bignum(&msg, key->rsa->n);
-	} else if (key->type == KEY_DSA || key->type == KEY_RSA) {
+	} else if (key_type_plain(key->type) == KEY_DSA ||
+	    key_type_plain(key->type) == KEY_RSA) {
 		key_to_blob(key, &blob, &blen);
 		buffer_put_char(&msg, SSH2_AGENTC_REMOVE_IDENTITY);
 		buffer_put_string(&msg, blob, blen);