Annotation of src/usr.bin/ssh/ssh-add.c, Revision 1.2
1.1 deraadt 1: /*
2:
3: ssh-add.c
4:
5: Author: Tatu Ylonen <ylo@cs.hut.fi>
6:
7: Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8: All rights reserved
9:
10: Created: Thu Apr 6 00:52:24 1995 ylo
11:
12: Adds an identity to the authentication server, or removes an identity.
13:
14: */
15:
16: #include "includes.h"
17: RCSID("$Id: ssh-add.c,v 1.2 1999/05/04 11:59:12 bg Exp $");
18:
19: #include "rsa.h"
20: #include "ssh.h"
21: #include "xmalloc.h"
22: #include "authfd.h"
23:
1.2 ! provos 24: void
! 25: delete_file(const char *filename)
1.1 deraadt 26: {
1.2 ! provos 27: RSA *key;
1.1 deraadt 28: char *comment;
29: AuthenticationConnection *ac;
30:
1.2 ! provos 31: key = RSA_new();
! 32: if (!load_public_key(filename, key, &comment))
1.1 deraadt 33: {
34: printf("Bad key file %s: %s\n", filename, strerror(errno));
35: return;
36: }
37:
38: /* Send the request to the authentication agent. */
39: ac = ssh_get_authentication_connection();
40: if (!ac)
41: {
42: fprintf(stderr,
43: "Could not open a connection to your authentication agent.\n");
1.2 ! provos 44: RSA_free(key);
1.1 deraadt 45: xfree(comment);
46: return;
47: }
1.2 ! provos 48: if (ssh_remove_identity(ac, key))
1.1 deraadt 49: fprintf(stderr, "Identity removed: %s (%s)\n", filename, comment);
50: else
51: fprintf(stderr, "Could not remove identity: %s\n", filename);
1.2 ! provos 52: RSA_free(key);
1.1 deraadt 53: xfree(comment);
54: ssh_close_authentication_connection(ac);
55: }
56:
1.2 ! provos 57: void
! 58: delete_all()
1.1 deraadt 59: {
60: AuthenticationConnection *ac;
61:
62: /* Get a connection to the agent. */
63: ac = ssh_get_authentication_connection();
64: if (!ac)
65: {
66: fprintf(stderr,
67: "Could not open a connection to your authentication agent.\n");
68: return;
69: }
70:
71: /* Send a request to remove all identities. */
72: if (ssh_remove_all_identities(ac))
73: fprintf(stderr, "All identities removed.\n");
74: else
75: fprintf(stderr, "Failed to remove all identitities.\n");
76:
77: /* Close the connection to the agent. */
78: ssh_close_authentication_connection(ac);
79: }
80:
1.2 ! provos 81: void
! 82: add_file(const char *filename)
1.1 deraadt 83: {
1.2 ! provos 84: RSA *key;
! 85: RSA *public_key;
1.1 deraadt 86: AuthenticationConnection *ac;
87: char *saved_comment, *comment, *pass;
88: int first;
89:
1.2 ! provos 90: key = RSA_new();
! 91: public_key = RSA_new();
! 92: if (!load_public_key(filename, public_key, &saved_comment))
1.1 deraadt 93: {
94: printf("Bad key file %s: %s\n", filename, strerror(errno));
95: return;
96: }
1.2 ! provos 97: RSA_free(public_key);
1.1 deraadt 98:
99: pass = xstrdup("");
100: first = 1;
1.2 ! provos 101: while (!load_private_key(filename, pass, key, &comment))
1.1 deraadt 102: {
103: char buf[1024];
104: FILE *f;
105:
106: /* Free the old passphrase. */
107: memset(pass, 0, strlen(pass));
108: xfree(pass);
109:
110: /* Ask for a passphrase. */
111: if (getenv("DISPLAY") && !isatty(fileno(stdin)))
112: {
113: sprintf(buf, "ssh-askpass '%sEnter passphrase for %.100s'",
114: first ? "" : "You entered wrong passphrase. ",
115: saved_comment);
116: f = popen(buf, "r");
117: if (!fgets(buf, sizeof(buf), f))
118: {
119: pclose(f);
120: xfree(saved_comment);
121: return;
122: }
123: pclose(f);
124: if (strchr(buf, '\n'))
125: *strchr(buf, '\n') = 0;
126: pass = xstrdup(buf);
127: }
128: else
129: {
130: if (first)
131: printf("Need passphrase for %s (%s).\n", filename, saved_comment);
132: else
133: printf("Bad passphrase.\n");
134: pass = read_passphrase("Enter passphrase: ", 1);
135: if (strcmp(pass, "") == 0)
136: {
137: xfree(saved_comment);
138: xfree(pass);
139: return;
140: }
141: }
142: first = 0;
143: }
144: memset(pass, 0, strlen(pass));
145: xfree(pass);
146:
147: xfree(saved_comment);
148:
149: /* Send the key to the authentication agent. */
150: ac = ssh_get_authentication_connection();
151: if (!ac)
152: {
153: fprintf(stderr,
154: "Could not open a connection to your authentication agent.\n");
1.2 ! provos 155: RSA_free(key);
1.1 deraadt 156: xfree(comment);
157: return;
158: }
1.2 ! provos 159: if (ssh_add_identity(ac, key, comment))
1.1 deraadt 160: fprintf(stderr, "Identity added: %s (%s)\n", filename, comment);
161: else
162: fprintf(stderr, "Could not add identity: %s\n", filename);
1.2 ! provos 163: RSA_free(key);
1.1 deraadt 164: xfree(comment);
165: ssh_close_authentication_connection(ac);
166: }
167:
1.2 ! provos 168: void
! 169: list_identities()
1.1 deraadt 170: {
171: AuthenticationConnection *ac;
1.2 ! provos 172: BIGNUM *e, *n;
1.1 deraadt 173: int bits, status;
174: char *comment;
175: int had_identities;
176:
177: ac = ssh_get_authentication_connection();
178: if (!ac)
179: {
180: fprintf(stderr, "Could not connect to authentication server.\n");
181: return;
182: }
1.2 ! provos 183: e = BN_new();
! 184: n = BN_new();
1.1 deraadt 185: had_identities = 0;
1.2 ! provos 186: for (status = ssh_get_first_identity(ac, &bits, e, n, &comment);
1.1 deraadt 187: status;
1.2 ! provos 188: status = ssh_get_next_identity(ac, &bits, e, n, &comment))
1.1 deraadt 189: {
1.2 ! provos 190: char *buf;
1.1 deraadt 191: had_identities = 1;
192: printf("%d ", bits);
1.2 ! provos 193: buf = BN_bn2dec(e);
! 194: assert(buf != NULL);
! 195: printf("%s ", buf);
! 196: free (buf);
! 197: buf = BN_bn2dec(n);
! 198: assert(buf != NULL);
! 199: printf("%s %s\n", buf, comment);
! 200: free (buf);
1.1 deraadt 201: xfree(comment);
202: }
1.2 ! provos 203: BN_clear_free(e);
! 204: BN_clear_free(n);
1.1 deraadt 205: if (!had_identities)
206: printf("The agent has no identities.\n");
207: ssh_close_authentication_connection(ac);
208: }
209:
1.2 ! provos 210: int
! 211: main(int ac, char **av)
1.1 deraadt 212: {
213: struct passwd *pw;
214: char buf[1024];
215: int no_files = 1;
216: int i;
217: int deleting = 0;
218:
219: for (i = 1; i < ac; i++)
220: {
221: if (strcmp(av[i], "-l") == 0)
222: {
223: list_identities();
224: no_files = 0; /* Don't default-add/delete if -l. */
225: continue;
226: }
227: if (strcmp(av[i], "-d") == 0)
228: {
229: deleting = 1;
230: continue;
231: }
232: if (strcmp(av[i], "-D") == 0)
233: {
234: delete_all();
235: no_files = 0;
236: continue;
237: }
238: no_files = 0;
239: if (deleting)
240: delete_file(av[i]);
241: else
242: add_file(av[i]);
243: }
244: if (no_files)
245: {
246: pw = getpwuid(getuid());
247: if (!pw)
248: {
249: fprintf(stderr, "No user found with uid %d\n", (int)getuid());
250: exit(1);
251: }
252: sprintf(buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY);
253: if (deleting)
254: delete_file(buf);
255: else
256: add_file(buf);
257: }
258: exit(0);
259: }