| version 1.36, 2001/04/18 21:57:42 |
version 1.36.2.2, 2001/11/15 00:15:19 |
|
|
| * called by a name other than "ssh" or "Secure Shell". |
* called by a name other than "ssh" or "Secure Shell". |
| * |
* |
| * SSH2 implementation, |
* SSH2 implementation, |
| * Copyright (c) 2000 Markus Friedl. All rights reserved. |
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. |
| * |
* |
| * Redistribution and use in source and binary forms, with or without |
* Redistribution and use in source and binary forms, with or without |
| * modification, are permitted provided that the following conditions |
* modification, are permitted provided that the following conditions |
|
|
| #include "pathnames.h" |
#include "pathnames.h" |
| #include "readpass.h" |
#include "readpass.h" |
| |
|
| |
/* argv0 */ |
| |
extern char *__progname; |
| |
|
| /* we keep a cache of one passphrases */ |
/* we keep a cache of one passphrases */ |
| static char *pass = NULL; |
static char *pass = NULL; |
| void |
static void |
| clear_pass(void) |
clear_pass(void) |
| { |
{ |
| if (pass) { |
if (pass) { |
|
|
| } |
} |
| } |
} |
| |
|
| void |
static int |
| delete_file(AuthenticationConnection *ac, const char *filename) |
delete_file(AuthenticationConnection *ac, const char *filename) |
| { |
{ |
| Key *public; |
Key *public; |
| char *comment = NULL; |
char *comment = NULL; |
| |
int ret = -1; |
| |
|
| public = key_load_public(filename, &comment); |
public = key_load_public(filename, &comment); |
| if (public == NULL) { |
if (public == NULL) { |
| printf("Bad key file %s\n", filename); |
printf("Bad key file %s\n", filename); |
| return; |
return -1; |
| } |
} |
| if (ssh_remove_identity(ac, public)) |
if (ssh_remove_identity(ac, public)) { |
| fprintf(stderr, "Identity removed: %s (%s)\n", filename, comment); |
fprintf(stderr, "Identity removed: %s (%s)\n", filename, comment); |
| else |
ret = 0; |
| |
} else |
| fprintf(stderr, "Could not remove identity: %s\n", filename); |
fprintf(stderr, "Could not remove identity: %s\n", filename); |
| |
|
| key_free(public); |
key_free(public); |
| xfree(comment); |
xfree(comment); |
| |
|
| |
return ret; |
| } |
} |
| |
|
| /* Send a request to remove all identities. */ |
/* Send a request to remove all identities. */ |
| void |
static int |
| delete_all(AuthenticationConnection *ac) |
delete_all(AuthenticationConnection *ac) |
| { |
{ |
| int success = 1; |
int ret = -1; |
| |
|
| if (!ssh_remove_all_identities(ac, 1)) |
if (ssh_remove_all_identities(ac, 1)) |
| success = 0; |
ret = 0; |
| /* ignore error-code for ssh2 */ |
/* ignore error-code for ssh2 */ |
| ssh_remove_all_identities(ac, 2); |
ssh_remove_all_identities(ac, 2); |
| |
|
| if (success) |
if (ret == 0) |
| fprintf(stderr, "All identities removed.\n"); |
fprintf(stderr, "All identities removed.\n"); |
| else |
else |
| fprintf(stderr, "Failed to remove all identities.\n"); |
fprintf(stderr, "Failed to remove all identities.\n"); |
| |
|
| |
return ret; |
| } |
} |
| |
|
| void |
static int |
| add_file(AuthenticationConnection *ac, const char *filename) |
add_file(AuthenticationConnection *ac, const char *filename) |
| { |
{ |
| struct stat st; |
struct stat st; |
| Key *private; |
Key *private; |
| char *comment = NULL; |
char *comment = NULL; |
| char msg[1024]; |
char msg[1024]; |
| |
int ret = -1; |
| |
|
| if (stat(filename, &st) < 0) { |
if (stat(filename, &st) < 0) { |
| perror(filename); |
perror(filename); |
| exit(1); |
return -1; |
| } |
} |
| /* At first, try empty passphrase */ |
/* At first, try empty passphrase */ |
| private = key_load_private(filename, "", &comment); |
private = key_load_private(filename, "", &comment); |
|
|
| if (private == NULL) { |
if (private == NULL) { |
| /* clear passphrase since it did not work */ |
/* clear passphrase since it did not work */ |
| clear_pass(); |
clear_pass(); |
| printf("Need passphrase for %.200s\n", filename); |
snprintf(msg, sizeof msg, "Enter passphrase for %.200s: ", |
| snprintf(msg, sizeof msg, "Enter passphrase for %.200s ", |
|
| comment); |
comment); |
| for (;;) { |
for (;;) { |
| pass = read_passphrase(msg, 1); |
pass = read_passphrase(msg, RP_ALLOW_STDIN); |
| if (strcmp(pass, "") == 0) { |
if (strcmp(pass, "") == 0) { |
| clear_pass(); |
clear_pass(); |
| xfree(comment); |
xfree(comment); |
| return; |
return -1; |
| } |
} |
| private = key_load_private(filename, pass, &comment); |
private = key_load_private(filename, pass, &comment); |
| if (private != NULL) |
if (private != NULL) |
| break; |
break; |
| clear_pass(); |
clear_pass(); |
| strlcpy(msg, "Bad passphrase, try again ", sizeof msg); |
strlcpy(msg, "Bad passphrase, try again: ", sizeof msg); |
| } |
} |
| } |
} |
| if (ssh_add_identity(ac, private, comment)) |
if (ssh_add_identity(ac, private, comment)) { |
| fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); |
fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); |
| else |
ret = 0; |
| |
} else |
| fprintf(stderr, "Could not add identity: %s\n", filename); |
fprintf(stderr, "Could not add identity: %s\n", filename); |
| |
|
| xfree(comment); |
xfree(comment); |
| key_free(private); |
key_free(private); |
| |
|
| |
return ret; |
| } |
} |
| |
|
| void |
static int |
| |
update_card(AuthenticationConnection *ac, int add, const char *id) |
| |
{ |
| |
if (ssh_update_card(ac, add, id)) { |
| |
fprintf(stderr, "Card %s: %s\n", |
| |
add ? "added" : "removed", id); |
| |
return 0; |
| |
} else { |
| |
fprintf(stderr, "Could not %s card: %s\n", |
| |
add ? "add" : "remove", id); |
| |
return -1; |
| |
} |
| |
} |
| |
|
| |
static void |
| list_identities(AuthenticationConnection *ac, int do_fp) |
list_identities(AuthenticationConnection *ac, int do_fp) |
| { |
{ |
| Key *key; |
Key *key; |
|
|
| printf("The agent has no identities.\n"); |
printf("The agent has no identities.\n"); |
| } |
} |
| |
|
| |
static void |
| |
usage(void) |
| |
{ |
| |
fprintf(stderr, "Usage: %s [options]\n", __progname); |
| |
fprintf(stderr, "Options:\n"); |
| |
fprintf(stderr, " -l List fingerprints of all identities.\n"); |
| |
fprintf(stderr, " -L List public key parameters of all identities.\n"); |
| |
fprintf(stderr, " -d Delete identity.\n"); |
| |
fprintf(stderr, " -D Delete all identities.\n"); |
| |
#ifdef SMARTCARD |
| |
fprintf(stderr, " -s reader Add key in smartcard reader.\n"); |
| |
fprintf(stderr, " -e reader Remove key in smartcard reader.\n"); |
| |
#endif |
| |
} |
| |
|
| int |
int |
| main(int argc, char **argv) |
main(int argc, char **argv) |
| { |
{ |
| |
extern char *optarg; |
| |
extern int optind; |
| AuthenticationConnection *ac = NULL; |
AuthenticationConnection *ac = NULL; |
| struct passwd *pw; |
struct passwd *pw; |
| char buf[1024]; |
char buf[1024]; |
| int no_files = 1; |
char *sc_reader_id = NULL; |
| int i; |
int i, ch, deleting = 0, ret = 0; |
| int deleting = 0; |
|
| |
|
| SSLeay_add_all_algorithms(); |
SSLeay_add_all_algorithms(); |
| |
|
|
|
| fprintf(stderr, "Could not open a connection to your authentication agent.\n"); |
fprintf(stderr, "Could not open a connection to your authentication agent.\n"); |
| exit(1); |
exit(1); |
| } |
} |
| for (i = 1; i < argc; i++) { |
while ((ch = getopt(argc, argv, "lLdDe:s:")) != -1) { |
| if ((strcmp(argv[i], "-l") == 0) || |
switch (ch) { |
| (strcmp(argv[i], "-L") == 0)) { |
case 'l': |
| list_identities(ac, argv[i][1] == 'l' ? 1 : 0); |
case 'L': |
| /* Don't default-add/delete if -l. */ |
list_identities(ac, ch == 'l' ? 1 : 0); |
| no_files = 0; |
goto done; |
| continue; |
break; |
| } |
case 'd': |
| if (strcmp(argv[i], "-d") == 0) { |
|
| deleting = 1; |
deleting = 1; |
| continue; |
break; |
| |
case 'D': |
| |
if (delete_all(ac) == -1) |
| |
ret = 1; |
| |
goto done; |
| |
break; |
| |
case 's': |
| |
sc_reader_id = optarg; |
| |
break; |
| |
case 'e': |
| |
deleting = 1; |
| |
sc_reader_id = optarg; |
| |
break; |
| |
default: |
| |
usage(); |
| |
ret = 1; |
| |
goto done; |
| } |
} |
| if (strcmp(argv[i], "-D") == 0) { |
|
| delete_all(ac); |
|
| no_files = 0; |
|
| continue; |
|
| } |
|
| no_files = 0; |
|
| if (deleting) |
|
| delete_file(ac, argv[i]); |
|
| else |
|
| add_file(ac, argv[i]); |
|
| } |
} |
| if (no_files) { |
argc -= optind; |
| |
argv += optind; |
| |
if (sc_reader_id != NULL) { |
| |
if (update_card(ac, !deleting, sc_reader_id) == -1) |
| |
ret = 1; |
| |
goto done; |
| |
} |
| |
if (argc == 0) { |
| pw = getpwuid(getuid()); |
pw = getpwuid(getuid()); |
| if (!pw) { |
if (!pw) { |
| fprintf(stderr, "No user found with uid %u\n", |
fprintf(stderr, "No user found with uid %u\n", |
| (u_int)getuid()); |
(u_int)getuid()); |
| ssh_close_authentication_connection(ac); |
ret = 1; |
| exit(1); |
goto done; |
| } |
} |
| snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_CLIENT_IDENTITY); |
snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_CLIENT_IDENTITY); |
| if (deleting) |
if (deleting) { |
| delete_file(ac, buf); |
if (delete_file(ac, buf) == -1) |
| else |
ret = 1; |
| add_file(ac, buf); |
} else { |
| |
if (add_file(ac, buf) == -1) |
| |
ret = 1; |
| |
} |
| |
} else { |
| |
for (i = 0; i < argc; i++) { |
| |
if (deleting) { |
| |
if (delete_file(ac, argv[i]) == -1) |
| |
ret = 1; |
| |
} else { |
| |
if (add_file(ac, argv[i]) == -1) |
| |
ret = 1; |
| |
} |
| |
} |
| } |
} |
| clear_pass(); |
clear_pass(); |
| |
|
| |
done: |
| ssh_close_authentication_connection(ac); |
ssh_close_authentication_connection(ac); |
| exit(0); |
return ret; |
| } |
} |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-add.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh