version 1.135, 2018/02/23 15:58:37 |
version 1.136, 2018/09/19 02:03:02 |
|
|
|
|
/* Send a request to remove all identities. */ |
/* Send a request to remove all identities. */ |
static int |
static int |
delete_all(int agent_fd) |
delete_all(int agent_fd, int qflag) |
{ |
{ |
int ret = -1; |
int ret = -1; |
|
|
|
|
/* ignore error-code for ssh1 */ |
/* ignore error-code for ssh1 */ |
ssh_remove_all_identities(agent_fd, 1); |
ssh_remove_all_identities(agent_fd, 1); |
|
|
if (ret == 0) |
if (ret != 0) |
fprintf(stderr, "All identities removed.\n"); |
|
else |
|
fprintf(stderr, "Failed to remove all identities.\n"); |
fprintf(stderr, "Failed to remove all identities.\n"); |
|
else if (!qflag) |
|
fprintf(stderr, "All identities removed.\n"); |
|
|
return ret; |
return ret; |
} |
} |
|
|
|
|
if ((r = ssh_add_identity_constrained(agent_fd, private, comment, |
if ((r = ssh_add_identity_constrained(agent_fd, private, comment, |
lifetime, confirm, maxsign)) == 0) { |
lifetime, confirm, maxsign)) == 0) { |
fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); |
|
ret = 0; |
ret = 0; |
if (lifetime != 0) |
if (!qflag) { |
fprintf(stderr, |
fprintf(stderr, "Identity added: %s (%s)\n", |
"Lifetime set to %d seconds\n", lifetime); |
filename, comment); |
if (confirm != 0) |
if (lifetime != 0) { |
fprintf(stderr, |
fprintf(stderr, |
"The user must confirm each use of the key\n"); |
"Lifetime set to %d seconds\n", lifetime); |
|
} |
|
if (confirm != 0) { |
|
fprintf(stderr, "The user must confirm " |
|
"each use of the key\n"); |
|
} |
|
} |
} else { |
} else { |
fprintf(stderr, "Could not add identity \"%s\": %s\n", |
fprintf(stderr, "Could not add identity \"%s\": %s\n", |
filename, ssh_err(r)); |
filename, ssh_err(r)); |
|
|
private->cert->key_id, ssh_err(r)); |
private->cert->key_id, ssh_err(r)); |
goto out; |
goto out; |
} |
} |
fprintf(stderr, "Certificate added: %s (%s)\n", certpath, |
/* success */ |
private->cert->key_id); |
if (!qflag) { |
if (lifetime != 0) |
fprintf(stderr, "Certificate added: %s (%s)\n", certpath, |
fprintf(stderr, "Lifetime set to %d seconds\n", lifetime); |
private->cert->key_id); |
if (confirm != 0) |
if (lifetime != 0) { |
fprintf(stderr, "The user must confirm each use of the key\n"); |
fprintf(stderr, "Lifetime set to %d seconds\n", |
|
lifetime); |
|
} |
|
if (confirm != 0) { |
|
fprintf(stderr, "The user must confirm each use " |
|
"of the key\n"); |
|
} |
|
} |
|
|
out: |
out: |
free(certpath); |
free(certpath); |
free(comment); |
free(comment); |
|
|
} |
} |
|
|
static int |
static int |
update_card(int agent_fd, int add, const char *id) |
update_card(int agent_fd, int add, const char *id, int qflag) |
{ |
{ |
char *pin = NULL; |
char *pin = NULL; |
int r, ret = -1; |
int r, ret = -1; |
|
|
|
|
if ((r = ssh_update_card(agent_fd, add, id, pin == NULL ? "" : pin, |
if ((r = ssh_update_card(agent_fd, add, id, pin == NULL ? "" : pin, |
lifetime, confirm)) == 0) { |
lifetime, confirm)) == 0) { |
fprintf(stderr, "Card %s: %s\n", |
|
add ? "added" : "removed", id); |
|
ret = 0; |
ret = 0; |
|
if (!qflag) { |
|
fprintf(stderr, "Card %s: %s\n", |
|
add ? "added" : "removed", id); |
|
} |
} else { |
} else { |
fprintf(stderr, "Could not %s card \"%s\": %s\n", |
fprintf(stderr, "Could not %s card \"%s\": %s\n", |
add ? "add" : "remove", id, ssh_err(r)); |
add ? "add" : "remove", id, ssh_err(r)); |
|
|
ret = 1; |
ret = 1; |
goto done; |
goto done; |
} else if (Dflag) { |
} else if (Dflag) { |
if (delete_all(agent_fd) == -1) |
if (delete_all(agent_fd, qflag) == -1) |
ret = 1; |
ret = 1; |
goto done; |
goto done; |
} |
} |
|
|
argc -= optind; |
argc -= optind; |
argv += optind; |
argv += optind; |
if (pkcs11provider != NULL) { |
if (pkcs11provider != NULL) { |
if (update_card(agent_fd, !deleting, pkcs11provider) == -1) |
if (update_card(agent_fd, !deleting, pkcs11provider, |
|
qflag) == -1) |
ret = 1; |
ret = 1; |
goto done; |
goto done; |
} |
} |