| version 1.46.2.4, 2002/10/11 14:53:07 |
version 1.47, 2001/12/19 07:18:56 |
|
|
| #include "authfile.h" |
#include "authfile.h" |
| #include "pathnames.h" |
#include "pathnames.h" |
| #include "readpass.h" |
#include "readpass.h" |
| #include "misc.h" |
|
| |
|
| /* argv0 */ |
/* argv0 */ |
| extern char *__progname; |
extern char *__progname; |
| |
|
| /* Default files to add */ |
|
| static char *default_files[] = { |
|
| _PATH_SSH_CLIENT_ID_RSA, |
|
| _PATH_SSH_CLIENT_ID_DSA, |
|
| _PATH_SSH_CLIENT_IDENTITY, |
|
| NULL |
|
| }; |
|
| |
|
| /* Default lifetime (0 == forever) */ |
|
| static int lifetime = 0; |
|
| |
|
| /* we keep a cache of one passphrases */ |
/* we keep a cache of one passphrases */ |
| static char *pass = NULL; |
static char *pass = NULL; |
| static void |
static void |
|
|
| strlcpy(msg, "Bad passphrase, try again: ", sizeof msg); |
strlcpy(msg, "Bad passphrase, try again: ", sizeof msg); |
| } |
} |
| } |
} |
| |
if (ssh_add_identity(ac, private, comment)) { |
| if (ssh_add_identity_constrained(ac, private, comment, lifetime)) { |
|
| fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); |
fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); |
| ret = 0; |
ret = 0; |
| if (lifetime != 0) |
} else |
| fprintf(stderr, |
|
| "Lifetime set to %d seconds\n", lifetime); |
|
| } else if (ssh_add_identity(ac, private, comment)) { |
|
| fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); |
|
| ret = 0; |
|
| } else { |
|
| fprintf(stderr, "Could not add identity: %s\n", filename); |
fprintf(stderr, "Could not add identity: %s\n", filename); |
| } |
|
| |
|
| xfree(comment); |
xfree(comment); |
| key_free(private); |
key_free(private); |
|
|
| static int |
static int |
| update_card(AuthenticationConnection *ac, int add, const char *id) |
update_card(AuthenticationConnection *ac, int add, const char *id) |
| { |
{ |
| char *pin; |
if (ssh_update_card(ac, add, id)) { |
| |
|
| pin = read_passphrase("Enter passphrase for smartcard: ", RP_ALLOW_STDIN); |
|
| if (pin == NULL) |
|
| return -1; |
|
| |
|
| if (ssh_update_card(ac, add, id, pin)) { |
|
| fprintf(stderr, "Card %s: %s\n", |
fprintf(stderr, "Card %s: %s\n", |
| add ? "added" : "removed", id); |
add ? "added" : "removed", id); |
| return 0; |
return 0; |
|
|
| } |
} |
| } |
} |
| |
|
| static int |
static void |
| list_identities(AuthenticationConnection *ac, int do_fp) |
list_identities(AuthenticationConnection *ac, int do_fp) |
| { |
{ |
| Key *key; |
Key *key; |
|
|
| xfree(comment); |
xfree(comment); |
| } |
} |
| } |
} |
| if (!had_identities) { |
if (!had_identities) |
| printf("The agent has no identities.\n"); |
printf("The agent has no identities.\n"); |
| return -1; |
|
| } |
|
| return 0; |
|
| } |
} |
| |
|
| static int |
|
| lock_agent(AuthenticationConnection *ac, int lock) |
|
| { |
|
| char prompt[100], *p1, *p2; |
|
| int passok = 1, ret = -1; |
|
| |
|
| strlcpy(prompt, "Enter lock password: ", sizeof(prompt)); |
|
| p1 = read_passphrase(prompt, RP_ALLOW_STDIN); |
|
| if (lock) { |
|
| strlcpy(prompt, "Again: ", sizeof prompt); |
|
| p2 = read_passphrase(prompt, RP_ALLOW_STDIN); |
|
| if (strcmp(p1, p2) != 0) { |
|
| fprintf(stderr, "Passwords do not match.\n"); |
|
| passok = 0; |
|
| } |
|
| memset(p2, 0, strlen(p2)); |
|
| xfree(p2); |
|
| } |
|
| if (passok && ssh_lock_agent(ac, lock, p1)) { |
|
| fprintf(stderr, "Agent %slocked.\n", lock ? "" : "un"); |
|
| ret = 0; |
|
| } else |
|
| fprintf(stderr, "Failed to %slock agent.\n", lock ? "" : "un"); |
|
| memset(p1, 0, strlen(p1)); |
|
| xfree(p1); |
|
| return (ret); |
|
| } |
|
| |
|
| static int |
|
| do_file(AuthenticationConnection *ac, int deleting, char *file) |
|
| { |
|
| if (deleting) { |
|
| if (delete_file(ac, file) == -1) |
|
| return -1; |
|
| } else { |
|
| if (add_file(ac, file) == -1) |
|
| return -1; |
|
| } |
|
| return 0; |
|
| } |
|
| |
|
| static void |
static void |
| usage(void) |
usage(void) |
| { |
{ |
|
|
| fprintf(stderr, " -L List public key parameters of all identities.\n"); |
fprintf(stderr, " -L List public key parameters of all identities.\n"); |
| fprintf(stderr, " -d Delete identity.\n"); |
fprintf(stderr, " -d Delete identity.\n"); |
| fprintf(stderr, " -D Delete all identities.\n"); |
fprintf(stderr, " -D Delete all identities.\n"); |
| fprintf(stderr, " -x Lock agent.\n"); |
|
| fprintf(stderr, " -X Unlock agent.\n"); |
|
| fprintf(stderr, " -t life Set lifetime (in seconds) when adding identities.\n"); |
|
| #ifdef SMARTCARD |
#ifdef SMARTCARD |
| fprintf(stderr, " -s reader Add key in smartcard reader.\n"); |
fprintf(stderr, " -s reader Add key in smartcard reader.\n"); |
| fprintf(stderr, " -e reader Remove key in smartcard reader.\n"); |
fprintf(stderr, " -e reader Remove key in smartcard reader.\n"); |
|
|
| extern char *optarg; |
extern char *optarg; |
| extern int optind; |
extern int optind; |
| AuthenticationConnection *ac = NULL; |
AuthenticationConnection *ac = NULL; |
| |
struct passwd *pw; |
| |
char buf[1024]; |
| char *sc_reader_id = NULL; |
char *sc_reader_id = NULL; |
| int i, ch, deleting = 0, ret = 0; |
int i, ch, deleting = 0, ret = 0; |
| |
|
|
|
| ac = ssh_get_authentication_connection(); |
ac = ssh_get_authentication_connection(); |
| if (ac == NULL) { |
if (ac == NULL) { |
| fprintf(stderr, "Could not open a connection to your authentication agent.\n"); |
fprintf(stderr, "Could not open a connection to your authentication agent.\n"); |
| exit(2); |
exit(1); |
| } |
} |
| while ((ch = getopt(argc, argv, "lLdDxXe:s:t:")) != -1) { |
while ((ch = getopt(argc, argv, "lLdDe:s:")) != -1) { |
| switch (ch) { |
switch (ch) { |
| case 'l': |
case 'l': |
| case 'L': |
case 'L': |
| if (list_identities(ac, ch == 'l' ? 1 : 0) == -1) |
list_identities(ac, ch == 'l' ? 1 : 0); |
| ret = 1; |
|
| goto done; |
goto done; |
| break; |
break; |
| case 'x': |
|
| case 'X': |
|
| if (lock_agent(ac, ch == 'x' ? 1 : 0) == -1) |
|
| ret = 1; |
|
| goto done; |
|
| break; |
|
| case 'd': |
case 'd': |
| deleting = 1; |
deleting = 1; |
| break; |
break; |
|
|
| deleting = 1; |
deleting = 1; |
| sc_reader_id = optarg; |
sc_reader_id = optarg; |
| break; |
break; |
| case 't': |
|
| if ((lifetime = convtime(optarg)) == -1) { |
|
| fprintf(stderr, "Invalid lifetime\n"); |
|
| ret = 1; |
|
| goto done; |
|
| } |
|
| break; |
|
| default: |
default: |
| usage(); |
usage(); |
| ret = 1; |
ret = 1; |
|
|
| goto done; |
goto done; |
| } |
} |
| if (argc == 0) { |
if (argc == 0) { |
| char buf[MAXPATHLEN]; |
pw = getpwuid(getuid()); |
| struct passwd *pw; |
if (!pw) { |
| struct stat st; |
|
| int count = 0; |
|
| |
|
| if ((pw = getpwuid(getuid())) == NULL) { |
|
| fprintf(stderr, "No user found with uid %u\n", |
fprintf(stderr, "No user found with uid %u\n", |
| (u_int)getuid()); |
(u_int)getuid()); |
| ret = 1; |
ret = 1; |
| goto done; |
goto done; |
| } |
} |
| |
snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_CLIENT_IDENTITY); |
| for(i = 0; default_files[i]; i++) { |
if (deleting) { |
| snprintf(buf, sizeof(buf), "%s/%s", pw->pw_dir, |
if (delete_file(ac, buf) == -1) |
| default_files[i]); |
|
| if (stat(buf, &st) < 0) |
|
| continue; |
|
| if (do_file(ac, deleting, buf) == -1) |
|
| ret = 1; |
ret = 1; |
| else |
} else { |
| count++; |
if (add_file(ac, buf) == -1) |
| |
ret = 1; |
| } |
} |
| if (count == 0) |
|
| ret = 1; |
|
| } else { |
} else { |
| for(i = 0; i < argc; i++) { |
for (i = 0; i < argc; i++) { |
| if (do_file(ac, deleting, argv[i]) == -1) |
if (deleting) { |
| ret = 1; |
if (delete_file(ac, argv[i]) == -1) |
| |
ret = 1; |
| |
} else { |
| |
if (add_file(ac, argv[i]) == -1) |
| |
ret = 1; |
| |
} |
| } |
} |
| } |
} |
| clear_pass(); |
clear_pass(); |
![[BACK]](/icons/back.gif){kind=icon}
Return to ssh-add.c CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / usr.bin / ssh