version 1.103, 2011/10/18 23:37:42 |
version 1.104, 2012/12/02 20:42:15 |
|
|
} |
} |
|
|
static int |
static int |
delete_file(AuthenticationConnection *ac, const char *filename) |
delete_file(AuthenticationConnection *ac, const char *filename, int key_only) |
{ |
{ |
Key *public; |
Key *public = NULL, *cert = NULL; |
char *comment = NULL; |
char *certpath = NULL, *comment = NULL; |
int ret = -1; |
int ret = -1; |
|
|
public = key_load_public(filename, &comment); |
public = key_load_public(filename, &comment); |
|
|
} else |
} else |
fprintf(stderr, "Could not remove identity: %s\n", filename); |
fprintf(stderr, "Could not remove identity: %s\n", filename); |
|
|
key_free(public); |
if (key_only) |
xfree(comment); |
goto out; |
|
|
|
/* Now try to delete the corresponding certificate too */ |
|
free(comment); |
|
xasprintf(&certpath, "%s-cert.pub", filename); |
|
if ((cert = key_load_public(certpath, &comment)) == NULL) |
|
goto out; |
|
if (!key_equal_public(cert, public)) |
|
fatal("Certificate %s does not match private key %s", |
|
certpath, filename); |
|
|
|
if (ssh_remove_identity(ac, cert)) { |
|
fprintf(stderr, "Identity removed: %s (%s)\n", certpath, |
|
comment); |
|
ret = 0; |
|
} else |
|
fprintf(stderr, "Could not remove identity: %s\n", certpath); |
|
|
|
out: |
|
if (cert != NULL) |
|
key_free(cert); |
|
if (public != NULL) |
|
key_free(public); |
|
free(certpath); |
|
free(comment); |
|
|
return ret; |
return ret; |
} |
} |
|
|
|
|
do_file(AuthenticationConnection *ac, int deleting, int key_only, char *file) |
do_file(AuthenticationConnection *ac, int deleting, int key_only, char *file) |
{ |
{ |
if (deleting) { |
if (deleting) { |
if (delete_file(ac, file) == -1) |
if (delete_file(ac, file, key_only) == -1) |
return -1; |
return -1; |
} else { |
} else { |
if (add_file(ac, file, key_only) == -1) |
if (add_file(ac, file, key_only) == -1) |