src/usr.bin/ssh/ssh-add.c - diff

Return to ssh-add.c CVS log

Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/ssh-add.c between version 1.142 and 1.143

version 1.142, 2019/10/31 21:19:15

version 1.143, 2019/10/31 21:19:56

Line 71

_PATH_SSH_CLIENT_ID_RSA,

_PATH_SSH_CLIENT_ID_DSA,

_PATH_SSH_CLIENT_ID_ECDSA,

_PATH_SSH_CLIENT_ID_ECDSA_SK,

_PATH_SSH_CLIENT_ID_ED25519,

_PATH_SSH_CLIENT_ID_XMSS,

NULL

Line 183

Line 184

}

static int

add_file(int agent_fd, const char *filename, int key_only, int qflag)

add_file(int agent_fd, const char *filename, int key_only, int qflag,

const char *skprovider)

{

struct sshkey *private, *cert;

char *comment = NULL;

Line 302

Line 304

ssh_free_identitylist(idlist);

}

if (sshkey_type_plain(private->type) != KEY_ECDSA_SK)

skprovider = NULL; /* Don't send constraint for other keys */

else if (skprovider == NULL) {

fprintf(stderr, "Cannot load security key %s without "

"provider\n", filename);

goto out;

}

if ((r = ssh_add_identity_constrained(agent_fd, private, comment,

lifetime, confirm, maxsign, NULL)) == 0) {

lifetime, confirm, maxsign, skprovider)) == 0) {

ret = 0;

if (!qflag) {

fprintf(stderr, "Identity added: %s (%s)\n",

Line 356

Line 366

sshkey_free(cert);

if ((r = ssh_add_identity_constrained(agent_fd, private, comment,

lifetime, confirm, maxsign, NULL)) != 0) {

lifetime, confirm, maxsign, skprovider)) != 0) {

error("Certificate %s (%s) add failed: %s", certpath,

private->cert->key_id, ssh_err(r));

goto out;

Line 521

Line 531

}

static int

do_file(int agent_fd, int deleting, int key_only, char *file, int qflag)

do_file(int agent_fd, int deleting, int key_only, char *file, int qflag,

const char *skprovider)

{

if (deleting) {

if (delete_file(agent_fd, file, key_only, qflag) == -1)

return -1;

} else {

if (add_file(agent_fd, file, key_only, qflag) == -1)

if (add_file(agent_fd, file, key_only, qflag, skprovider) == -1)

return -1;

}

return 0;

Line 553

Line 564

fprintf(stderr, " -s pkcs11 Add keys from PKCS#11 provider.\n");

fprintf(stderr, " -e pkcs11 Remove keys provided by PKCS#11 provider.\n");

fprintf(stderr, " -T pubkey Test if ssh-agent can access matching private key.\n");

fprintf(stderr, " -S provider Specify security key provider.\n");

fprintf(stderr, " -q Be quiet after a successful operation.\n");

fprintf(stderr, " -v Be more verbose.\n");

}

Line 563

Line 575

extern char *optarg;

extern int optind;

int agent_fd;

char *pkcs11provider = NULL;

char *pkcs11provider = NULL, *skprovider = NULL;

int r, i, ch, deleting = 0, ret = 0, key_only = 0;

int xflag = 0, lflag = 0, Dflag = 0, qflag = 0, Tflag = 0;

SyslogFacility log_facility = SYSLOG_FACILITY_AUTH;

Line 592

Line 604

exit(2);

}

while ((ch = getopt(argc, argv, "vklLcdDTxXE:e:M:m:qs:t:")) != -1) {

skprovider = getenv("SSH_SK_PROVIDER");

while ((ch = getopt(argc, argv, "vklLcdDTxXE:e:M:m:qs:S:t:")) != -1) {

switch (ch) {

case 'v':

if (log_level == SYSLOG_LEVEL_INFO)

Line 648

Line 662

case 's':

pkcs11provider = optarg;

break;

case 'S':

skprovider = optarg;

break;

case 'e':

deleting = 1;

pkcs11provider = optarg;

Line 724

Line 741

if (stat(buf, &st) == -1)

continue;

if (do_file(agent_fd, deleting, key_only, buf,

qflag) == -1)

qflag, skprovider) == -1)

ret = 1;

else

count++;

Line 734

Line 751

} else {

for (i = 0; i < argc; i++) {

if (do_file(agent_fd, deleting, key_only,

argv[i], qflag) == -1)

argv[i], qflag, skprovider) == -1)

ret = 1;

}