version 1.11, 1999/11/16 22:49:28 |
version 1.12, 1999/11/23 22:25:55 |
|
|
void |
void |
delete_file(AuthenticationConnection *ac, const char *filename) |
delete_file(AuthenticationConnection *ac, const char *filename) |
{ |
{ |
RSA *key; |
RSA *key; |
char *comment; |
char *comment; |
|
|
key = RSA_new(); |
key = RSA_new(); |
if (!load_public_key(filename, key, &comment)) |
if (!load_public_key(filename, key, &comment)) { |
{ |
printf("Bad key file %s: %s\n", filename, strerror(errno)); |
printf("Bad key file %s: %s\n", filename, strerror(errno)); |
return; |
return; |
} |
} |
if (ssh_remove_identity(ac, key)) |
|
fprintf(stderr, "Identity removed: %s (%s)\n", filename, comment); |
if (ssh_remove_identity(ac, key)) |
else |
fprintf(stderr, "Identity removed: %s (%s)\n", filename, comment); |
fprintf(stderr, "Could not remove identity: %s\n", filename); |
else |
RSA_free(key); |
fprintf(stderr, "Could not remove identity: %s\n", filename); |
xfree(comment); |
RSA_free(key); |
|
xfree(comment); |
|
} |
} |
|
|
void |
void |
delete_all(AuthenticationConnection *ac) |
delete_all(AuthenticationConnection *ac) |
{ |
{ |
/* Send a request to remove all identities. */ |
/* Send a request to remove all identities. */ |
if (ssh_remove_all_identities(ac)) |
if (ssh_remove_all_identities(ac)) |
fprintf(stderr, "All identities removed.\n"); |
fprintf(stderr, "All identities removed.\n"); |
else |
else |
fprintf(stderr, "Failed to remove all identitities.\n"); |
fprintf(stderr, "Failed to remove all identitities.\n"); |
} |
} |
|
|
void |
void |
add_file(AuthenticationConnection *ac, const char *filename) |
add_file(AuthenticationConnection *ac, const char *filename) |
{ |
{ |
RSA *key; |
RSA *key; |
RSA *public_key; |
RSA *public_key; |
char *saved_comment, *comment; |
char *saved_comment, *comment; |
int success; |
int success; |
|
|
key = RSA_new(); |
|
public_key = RSA_new(); |
|
if (!load_public_key(filename, public_key, &saved_comment)) |
|
{ |
|
printf("Bad key file %s: %s\n", filename, strerror(errno)); |
|
return; |
|
} |
|
RSA_free(public_key); |
|
|
|
/* At first, try empty passphrase */ |
key = RSA_new(); |
success = load_private_key(filename, "", key, &comment); |
public_key = RSA_new(); |
if (!success) { |
if (!load_public_key(filename, public_key, &saved_comment)) { |
printf("Need passphrase for %s (%s).\n", filename, saved_comment); |
printf("Bad key file %s: %s\n", filename, strerror(errno)); |
if (!isatty(STDIN_FILENO)){ |
return; |
xfree(saved_comment); |
} |
return; |
RSA_free(public_key); |
} |
|
for (;;) { |
|
char *pass = read_passphrase("Enter passphrase: ", 1); |
|
if (strcmp(pass, "") == 0){ |
|
xfree(pass); |
|
xfree(saved_comment); |
|
return; |
|
} |
|
success = load_private_key(filename, pass, key, &comment); |
|
memset(pass, 0, strlen(pass)); |
|
xfree(pass); |
|
if (success) |
|
break; |
|
printf("Bad passphrase.\n"); |
|
} |
|
} |
|
xfree(saved_comment); |
|
|
|
if (ssh_add_identity(ac, key, comment)) |
/* At first, try empty passphrase */ |
fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); |
success = load_private_key(filename, "", key, &comment); |
else |
if (!success) { |
fprintf(stderr, "Could not add identity: %s\n", filename); |
printf("Need passphrase for %s (%s).\n", filename, saved_comment); |
RSA_free(key); |
if (!isatty(STDIN_FILENO)) { |
xfree(comment); |
xfree(saved_comment); |
|
return; |
|
} |
|
for (;;) { |
|
char *pass = read_passphrase("Enter passphrase: ", 1); |
|
if (strcmp(pass, "") == 0) { |
|
xfree(pass); |
|
xfree(saved_comment); |
|
return; |
|
} |
|
success = load_private_key(filename, pass, key, &comment); |
|
memset(pass, 0, strlen(pass)); |
|
xfree(pass); |
|
if (success) |
|
break; |
|
printf("Bad passphrase.\n"); |
|
} |
|
} |
|
xfree(saved_comment); |
|
|
|
if (ssh_add_identity(ac, key, comment)) |
|
fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); |
|
else |
|
fprintf(stderr, "Could not add identity: %s\n", filename); |
|
RSA_free(key); |
|
xfree(comment); |
} |
} |
|
|
void |
void |
list_identities(AuthenticationConnection *ac, int fp) |
list_identities(AuthenticationConnection *ac, int fp) |
{ |
{ |
BIGNUM *e, *n; |
BIGNUM *e, *n; |
int status; |
int status; |
char *comment; |
char *comment; |
int had_identities; |
int had_identities; |
|
|
e = BN_new(); |
e = BN_new(); |
n = BN_new(); |
n = BN_new(); |
had_identities = 0; |
had_identities = 0; |
for (status = ssh_get_first_identity(ac, e, n, &comment); |
for (status = ssh_get_first_identity(ac, e, n, &comment); |
status; |
status; |
status = ssh_get_next_identity(ac, e, n, &comment)) |
status = ssh_get_next_identity(ac, e, n, &comment)) { |
{ |
unsigned int bits = BN_num_bits(n); |
unsigned int bits = BN_num_bits(n); |
had_identities = 1; |
had_identities = 1; |
if (fp) { |
if (fp) { |
printf("%d %s %s\n", bits, fingerprint(e, n), comment); |
printf("%d %s %s\n", bits, fingerprint(e, n), comment); |
} else { |
} else { |
char *ebuf, *nbuf; |
char *ebuf, *nbuf; |
ebuf = BN_bn2dec(e); |
ebuf = BN_bn2dec(e); |
if (ebuf == NULL) { |
if (ebuf == NULL) { |
error("list_identities: BN_bn2dec(e) failed."); |
error("list_identities: BN_bn2dec(e) failed."); |
} else { |
}else{ |
nbuf = BN_bn2dec(n); |
nbuf = BN_bn2dec(n); |
if (nbuf == NULL) { |
if (nbuf == NULL) { |
error("list_identities: BN_bn2dec(n) failed."); |
error("list_identities: BN_bn2dec(n) failed."); |
} else { |
}else{ |
printf("%d %s %s %s\n", bits, ebuf, nbuf, comment); |
printf("%d %s %s %s\n", bits, ebuf, nbuf, comment); |
free(nbuf); |
free(nbuf); |
} |
} |
free(ebuf); |
free(ebuf); |
} |
|
} |
|
xfree(comment); |
} |
} |
} |
BN_clear_free(e); |
xfree(comment); |
BN_clear_free(n); |
} |
if (!had_identities) |
BN_clear_free(e); |
printf("The agent has no identities.\n"); |
BN_clear_free(n); |
|
if (!had_identities) |
|
printf("The agent has no identities.\n"); |
|
} |
} |
|
|
int |
int |
main(int argc, char **argv) |
main(int argc, char **argv) |
{ |
{ |
AuthenticationConnection *ac = NULL; |
AuthenticationConnection *ac = NULL; |
struct passwd *pw; |
struct passwd *pw; |
char buf[1024]; |
char buf[1024]; |
int no_files = 1; |
int no_files = 1; |
int i; |
int i; |
int deleting = 0; |
int deleting = 0; |
|
|
/* check if RSA support exists */ |
/* check if RSA support exists */ |
if (rsa_alive() == 0) { |
if (rsa_alive() == 0) { |
extern char *__progname; |
extern char *__progname; |
|
|
fprintf(stderr, |
fprintf(stderr, |
"%s: no RSA support in libssl and libcrypto. See ssl(8).\n", |
"%s: no RSA support in libssl and libcrypto. See ssl(8).\n", |
__progname); |
__progname); |
exit(1); |
exit(1); |
} |
|
|
|
/* At first, get a connection to the authentication agent. */ |
|
ac = ssh_get_authentication_connection(); |
|
if (ac == NULL) { |
|
fprintf(stderr, "Could not open a connection to your authentication agent.\n"); |
|
exit(1); |
|
} |
|
|
|
for (i = 1; i < argc; i++) |
|
{ |
|
if ((strcmp(argv[i], "-l") == 0) || |
|
(strcmp(argv[i], "-L") == 0)) |
|
{ |
|
list_identities(ac, argv[i][1] == 'l' ? 1 : 0); |
|
no_files = 0; /* Don't default-add/delete if -l. */ |
|
continue; |
|
} |
} |
if (strcmp(argv[i], "-d") == 0) |
/* At first, get a connection to the authentication agent. */ |
{ |
ac = ssh_get_authentication_connection(); |
deleting = 1; |
if (ac == NULL) { |
continue; |
fprintf(stderr, "Could not open a connection to your authentication agent.\n"); |
|
exit(1); |
} |
} |
if (strcmp(argv[i], "-D") == 0) |
for (i = 1; i < argc; i++) { |
{ |
if ((strcmp(argv[i], "-l") == 0) || |
delete_all(ac); |
(strcmp(argv[i], "-L") == 0)) { |
no_files = 0; |
list_identities(ac, argv[i][1] == 'l' ? 1 : 0); |
continue; |
/* Don't default-add/delete if -l. */ |
|
no_files = 0; |
|
continue; |
|
} |
|
if (strcmp(argv[i], "-d") == 0) { |
|
deleting = 1; |
|
continue; |
|
} |
|
if (strcmp(argv[i], "-D") == 0) { |
|
delete_all(ac); |
|
no_files = 0; |
|
continue; |
|
} |
|
no_files = 0; |
|
if (deleting) |
|
delete_file(ac, argv[i]); |
|
else |
|
add_file(ac, argv[i]); |
} |
} |
no_files = 0; |
if (no_files) { |
if (deleting) |
pw = getpwuid(getuid()); |
delete_file(ac, argv[i]); |
if (!pw) { |
else |
fprintf(stderr, "No user found with uid %d\n", (int) getuid()); |
add_file(ac, argv[i]); |
ssh_close_authentication_connection(ac); |
} |
exit(1); |
if (no_files) |
} |
{ |
snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY); |
pw = getpwuid(getuid()); |
if (deleting) |
if (!pw) |
delete_file(ac, buf); |
{ |
else |
fprintf(stderr, "No user found with uid %d\n", (int)getuid()); |
add_file(ac, buf); |
ssh_close_authentication_connection(ac); |
|
exit(1); |
|
} |
} |
snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY); |
ssh_close_authentication_connection(ac); |
if (deleting) |
exit(0); |
delete_file(ac, buf); |
|
else |
|
add_file(ac, buf); |
|
} |
|
ssh_close_authentication_connection(ac); |
|
exit(0); |
|
} |
} |