version 1.75, 2006/02/20 17:19:54 |
version 1.75.2.1, 2006/09/30 04:06:51 |
|
|
|
/* $OpenBSD$ */ |
/* |
/* |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Author: Tatu Ylonen <ylo@cs.hut.fi> |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
|
|
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
*/ |
*/ |
|
|
#include "includes.h" |
|
RCSID("$OpenBSD$"); |
|
|
|
#include <sys/types.h> |
#include <sys/types.h> |
#include <sys/stat.h> |
#include <sys/stat.h> |
|
#include <sys/param.h> |
|
|
#include <openssl/evp.h> |
#include <openssl/evp.h> |
|
|
|
#include <fcntl.h> |
|
#include <pwd.h> |
|
#include <stdio.h> |
|
#include <stdlib.h> |
|
#include <string.h> |
|
#include <unistd.h> |
|
|
|
#include "xmalloc.h" |
#include "ssh.h" |
#include "ssh.h" |
#include "rsa.h" |
#include "rsa.h" |
#include "log.h" |
#include "log.h" |
#include "xmalloc.h" |
|
#include "key.h" |
#include "key.h" |
|
#include "buffer.h" |
#include "authfd.h" |
#include "authfd.h" |
#include "authfile.h" |
#include "authfile.h" |
#include "pathnames.h" |
#include "pathnames.h" |
|
|
static int |
static int |
add_file(AuthenticationConnection *ac, const char *filename) |
add_file(AuthenticationConnection *ac, const char *filename) |
{ |
{ |
struct stat st; |
|
Key *private; |
Key *private; |
char *comment = NULL; |
char *comment = NULL; |
char msg[1024]; |
char msg[1024]; |
int ret = -1; |
int fd, perms_ok, ret = -1; |
|
|
if (stat(filename, &st) < 0) { |
if ((fd = open(filename, O_RDONLY)) < 0) { |
perror(filename); |
perror(filename); |
return -1; |
return -1; |
} |
} |
|
|
|
/* |
|
* Since we'll try to load a keyfile multiple times, permission errors |
|
* will occur multiple times, so check perms first and bail if wrong. |
|
*/ |
|
perms_ok = key_perm_ok(fd, filename); |
|
close(fd); |
|
if (!perms_ok) |
|
return -1; |
|
|
/* At first, try empty passphrase */ |
/* At first, try empty passphrase */ |
private = key_load_private(filename, "", &comment); |
private = key_load_private(filename, "", &comment); |
if (comment == NULL) |
if (comment == NULL) |
|
|
static void |
static void |
usage(void) |
usage(void) |
{ |
{ |
fprintf(stderr, "Usage: %s [options]\n", __progname); |
fprintf(stderr, "Usage: %s [options] [file ...]\n", __progname); |
fprintf(stderr, "Options:\n"); |
fprintf(stderr, "Options:\n"); |
fprintf(stderr, " -l List fingerprints of all identities.\n"); |
fprintf(stderr, " -l List fingerprints of all identities.\n"); |
fprintf(stderr, " -L List public key parameters of all identities.\n"); |
fprintf(stderr, " -L List public key parameters of all identities.\n"); |
|
|
if (list_identities(ac, ch == 'l' ? 1 : 0) == -1) |
if (list_identities(ac, ch == 'l' ? 1 : 0) == -1) |
ret = 1; |
ret = 1; |
goto done; |
goto done; |
break; |
|
case 'x': |
case 'x': |
case 'X': |
case 'X': |
if (lock_agent(ac, ch == 'x' ? 1 : 0) == -1) |
if (lock_agent(ac, ch == 'x' ? 1 : 0) == -1) |
ret = 1; |
ret = 1; |
goto done; |
goto done; |
break; |
|
case 'c': |
case 'c': |
confirm = 1; |
confirm = 1; |
break; |
break; |
|
|
if (delete_all(ac) == -1) |
if (delete_all(ac) == -1) |
ret = 1; |
ret = 1; |
goto done; |
goto done; |
break; |
|
case 's': |
case 's': |
sc_reader_id = optarg; |
sc_reader_id = optarg; |
break; |
break; |