version 1.114, 2014/11/26 18:34:51 |
version 1.115, 2014/12/21 22:27:56 |
|
|
#include "pathnames.h" |
#include "pathnames.h" |
#include "misc.h" |
#include "misc.h" |
#include "ssherr.h" |
#include "ssherr.h" |
|
#include "digest.h" |
|
|
/* argv0 */ |
/* argv0 */ |
extern char *__progname; |
extern char *__progname; |
|
|
NULL |
NULL |
}; |
}; |
|
|
|
static int fingerprint_hash = SSH_FP_HASH_DEFAULT; |
|
|
/* Default lifetime (0 == forever) */ |
/* Default lifetime (0 == forever) */ |
static int lifetime = 0; |
static int lifetime = 0; |
|
|
|
|
key = ssh_get_next_identity(ac, &comment, version)) { |
key = ssh_get_next_identity(ac, &comment, version)) { |
had_identities = 1; |
had_identities = 1; |
if (do_fp) { |
if (do_fp) { |
fp = key_fingerprint(key, SSH_FP_MD5, |
fp = key_fingerprint(key, fingerprint_hash, |
SSH_FP_HEX); |
SSH_FP_DEFAULT); |
printf("%d %s %s (%s)\n", |
printf("%d %s %s (%s)\n", |
key_size(key), fp, comment, key_type(key)); |
key_size(key), fp, comment, key_type(key)); |
free(fp); |
free(fp); |
|
|
fprintf(stderr, "usage: %s [options] [file ...]\n", __progname); |
fprintf(stderr, "usage: %s [options] [file ...]\n", __progname); |
fprintf(stderr, "Options:\n"); |
fprintf(stderr, "Options:\n"); |
fprintf(stderr, " -l List fingerprints of all identities.\n"); |
fprintf(stderr, " -l List fingerprints of all identities.\n"); |
|
fprintf(stderr, " -E hash Specify hash algorithm used for fingerprints.\n"); |
fprintf(stderr, " -L List public key parameters of all identities.\n"); |
fprintf(stderr, " -L List public key parameters of all identities.\n"); |
fprintf(stderr, " -k Load only keys and not certificates.\n"); |
fprintf(stderr, " -k Load only keys and not certificates.\n"); |
fprintf(stderr, " -c Require confirmation to sign using identities\n"); |
fprintf(stderr, " -c Require confirmation to sign using identities\n"); |
|
|
AuthenticationConnection *ac = NULL; |
AuthenticationConnection *ac = NULL; |
char *pkcs11provider = NULL; |
char *pkcs11provider = NULL; |
int i, ch, deleting = 0, ret = 0, key_only = 0; |
int i, ch, deleting = 0, ret = 0, key_only = 0; |
|
int xflag = 0, lflag = 0, Dflag = 0; |
|
|
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
sanitise_stdfd(); |
sanitise_stdfd(); |
|
|
"Could not open a connection to your authentication agent.\n"); |
"Could not open a connection to your authentication agent.\n"); |
exit(2); |
exit(2); |
} |
} |
while ((ch = getopt(argc, argv, "klLcdDxXe:s:t:")) != -1) { |
while ((ch = getopt(argc, argv, "klLcdDxXE:e:s:t:")) != -1) { |
switch (ch) { |
switch (ch) { |
|
case 'E': |
|
fingerprint_hash = ssh_digest_alg_by_name(optarg); |
|
if (fingerprint_hash == -1) |
|
fatal("Invalid hash algorithm \"%s\"", optarg); |
|
break; |
case 'k': |
case 'k': |
key_only = 1; |
key_only = 1; |
break; |
break; |
case 'l': |
case 'l': |
case 'L': |
case 'L': |
if (list_identities(ac, ch == 'l' ? 1 : 0) == -1) |
if (lflag != 0) |
ret = 1; |
fatal("-%c flag already specified", lflag); |
goto done; |
lflag = ch; |
|
break; |
case 'x': |
case 'x': |
case 'X': |
case 'X': |
if (lock_agent(ac, ch == 'x' ? 1 : 0) == -1) |
if (xflag != 0) |
ret = 1; |
fatal("-%c flag already specified", xflag); |
goto done; |
xflag = ch; |
|
break; |
case 'c': |
case 'c': |
confirm = 1; |
confirm = 1; |
break; |
break; |
|
|
deleting = 1; |
deleting = 1; |
break; |
break; |
case 'D': |
case 'D': |
if (delete_all(ac) == -1) |
Dflag = 1; |
ret = 1; |
break; |
goto done; |
|
case 's': |
case 's': |
pkcs11provider = optarg; |
pkcs11provider = optarg; |
break; |
break; |
|
|
goto done; |
goto done; |
} |
} |
} |
} |
|
|
|
if ((xflag != 0) + (lflag != 0) + (Dflag != 0) > 1) |
|
fatal("Invalid combination of actions"); |
|
else if (xflag) { |
|
if (lock_agent(ac, xflag == 'x' ? 1 : 0) == -1) |
|
ret = 1; |
|
goto done; |
|
} else if (lflag) { |
|
if (list_identities(ac, lflag == 'l' ? 1 : 0) == -1) |
|
ret = 1; |
|
goto done; |
|
} else if (Dflag) { |
|
if (delete_all(ac) == -1) |
|
ret = 1; |
|
goto done; |
|
} |
|
|
argc -= optind; |
argc -= optind; |
argv += optind; |
argv += optind; |
if (pkcs11provider != NULL) { |
if (pkcs11provider != NULL) { |