version 1.72, 2005/07/17 07:17:55 |
version 1.72.2.2, 2006/10/06 03:19:33 |
|
|
|
/* $OpenBSD$ */ |
/* |
/* |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
*/ |
*/ |
|
|
#include "includes.h" |
#include <sys/types.h> |
RCSID("$OpenBSD$"); |
#include <sys/stat.h> |
|
#include <sys/param.h> |
|
|
#include <openssl/evp.h> |
#include <openssl/evp.h> |
|
|
|
#include <fcntl.h> |
|
#include <pwd.h> |
|
#include <stdio.h> |
|
#include <stdlib.h> |
|
#include <string.h> |
|
#include <unistd.h> |
|
|
|
#include "xmalloc.h" |
#include "ssh.h" |
#include "ssh.h" |
#include "rsa.h" |
#include "rsa.h" |
#include "log.h" |
#include "log.h" |
#include "xmalloc.h" |
|
#include "key.h" |
#include "key.h" |
|
#include "buffer.h" |
#include "authfd.h" |
#include "authfd.h" |
#include "authfile.h" |
#include "authfile.h" |
#include "pathnames.h" |
#include "pathnames.h" |
|
|
static int |
static int |
add_file(AuthenticationConnection *ac, const char *filename) |
add_file(AuthenticationConnection *ac, const char *filename) |
{ |
{ |
struct stat st; |
|
Key *private; |
Key *private; |
char *comment = NULL; |
char *comment = NULL; |
char msg[1024]; |
char msg[1024]; |
int ret = -1; |
int fd, perms_ok, ret = -1; |
|
|
if (stat(filename, &st) < 0) { |
if ((fd = open(filename, O_RDONLY)) < 0) { |
perror(filename); |
perror(filename); |
return -1; |
return -1; |
} |
} |
|
|
|
/* |
|
* Since we'll try to load a keyfile multiple times, permission errors |
|
* will occur multiple times, so check perms first and bail if wrong. |
|
*/ |
|
perms_ok = key_perm_ok(fd, filename); |
|
close(fd); |
|
if (!perms_ok) |
|
return -1; |
|
|
/* At first, try empty passphrase */ |
/* At first, try empty passphrase */ |
private = key_load_private(filename, "", &comment); |
private = key_load_private(filename, "", &comment); |
if (comment == NULL) |
if (comment == NULL) |
|
|
static void |
static void |
usage(void) |
usage(void) |
{ |
{ |
fprintf(stderr, "Usage: %s [options]\n", __progname); |
fprintf(stderr, "Usage: %s [options] [file ...]\n", __progname); |
fprintf(stderr, "Options:\n"); |
fprintf(stderr, "Options:\n"); |
fprintf(stderr, " -l List fingerprints of all identities.\n"); |
fprintf(stderr, " -l List fingerprints of all identities.\n"); |
fprintf(stderr, " -L List public key parameters of all identities.\n"); |
fprintf(stderr, " -L List public key parameters of all identities.\n"); |
|
|
char *sc_reader_id = NULL; |
char *sc_reader_id = NULL; |
int i, ch, deleting = 0, ret = 0; |
int i, ch, deleting = 0, ret = 0; |
|
|
|
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ |
|
sanitise_stdfd(); |
|
|
SSLeay_add_all_algorithms(); |
SSLeay_add_all_algorithms(); |
|
|
/* At first, get a connection to the authentication agent. */ |
/* At first, get a connection to the authentication agent. */ |
ac = ssh_get_authentication_connection(); |
ac = ssh_get_authentication_connection(); |
if (ac == NULL) { |
if (ac == NULL) { |
fprintf(stderr, "Could not open a connection to your authentication agent.\n"); |
fprintf(stderr, |
|
"Could not open a connection to your authentication agent.\n"); |
exit(2); |
exit(2); |
} |
} |
while ((ch = getopt(argc, argv, "lLcdDxXe:s:t:")) != -1) { |
while ((ch = getopt(argc, argv, "lLcdDxXe:s:t:")) != -1) { |
|
|
if (list_identities(ac, ch == 'l' ? 1 : 0) == -1) |
if (list_identities(ac, ch == 'l' ? 1 : 0) == -1) |
ret = 1; |
ret = 1; |
goto done; |
goto done; |
break; |
|
case 'x': |
case 'x': |
case 'X': |
case 'X': |
if (lock_agent(ac, ch == 'x' ? 1 : 0) == -1) |
if (lock_agent(ac, ch == 'x' ? 1 : 0) == -1) |
ret = 1; |
ret = 1; |
goto done; |
goto done; |
break; |
|
case 'c': |
case 'c': |
confirm = 1; |
confirm = 1; |
break; |
break; |
|
|
if (delete_all(ac) == -1) |
if (delete_all(ac) == -1) |
ret = 1; |
ret = 1; |
goto done; |
goto done; |
break; |
|
case 's': |
case 's': |
sc_reader_id = optarg; |
sc_reader_id = optarg; |
break; |
break; |