Annotation of src/usr.bin/ssh/ssh-add.c, Revision 1.5
1.1 deraadt 1: /*
2:
3: ssh-add.c
4:
5: Author: Tatu Ylonen <ylo@cs.hut.fi>
6:
7: Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
8: All rights reserved
9:
10: Created: Thu Apr 6 00:52:24 1995 ylo
11:
12: Adds an identity to the authentication server, or removes an identity.
13:
14: */
15:
16: #include "includes.h"
1.5 ! markus 17: RCSID("$Id: ssh-add.c,v 1.4 1999/09/29 21:14:16 deraadt Exp $");
1.1 deraadt 18:
19: #include "rsa.h"
20: #include "ssh.h"
21: #include "xmalloc.h"
22: #include "authfd.h"
23:
1.2 provos 24: void
25: delete_file(const char *filename)
1.1 deraadt 26: {
1.2 provos 27: RSA *key;
1.1 deraadt 28: char *comment;
29: AuthenticationConnection *ac;
30:
1.2 provos 31: key = RSA_new();
32: if (!load_public_key(filename, key, &comment))
1.1 deraadt 33: {
34: printf("Bad key file %s: %s\n", filename, strerror(errno));
35: return;
36: }
37:
38: /* Send the request to the authentication agent. */
39: ac = ssh_get_authentication_connection();
40: if (!ac)
41: {
42: fprintf(stderr,
43: "Could not open a connection to your authentication agent.\n");
1.2 provos 44: RSA_free(key);
1.1 deraadt 45: xfree(comment);
46: return;
47: }
1.2 provos 48: if (ssh_remove_identity(ac, key))
1.1 deraadt 49: fprintf(stderr, "Identity removed: %s (%s)\n", filename, comment);
50: else
51: fprintf(stderr, "Could not remove identity: %s\n", filename);
1.2 provos 52: RSA_free(key);
1.1 deraadt 53: xfree(comment);
54: ssh_close_authentication_connection(ac);
55: }
56:
1.2 provos 57: void
58: delete_all()
1.1 deraadt 59: {
60: AuthenticationConnection *ac;
61:
62: /* Get a connection to the agent. */
63: ac = ssh_get_authentication_connection();
64: if (!ac)
65: {
66: fprintf(stderr,
67: "Could not open a connection to your authentication agent.\n");
68: return;
69: }
70:
71: /* Send a request to remove all identities. */
72: if (ssh_remove_all_identities(ac))
73: fprintf(stderr, "All identities removed.\n");
74: else
75: fprintf(stderr, "Failed to remove all identitities.\n");
76:
77: /* Close the connection to the agent. */
78: ssh_close_authentication_connection(ac);
79: }
80:
1.2 provos 81: void
82: add_file(const char *filename)
1.1 deraadt 83: {
1.2 provos 84: RSA *key;
85: RSA *public_key;
1.1 deraadt 86: AuthenticationConnection *ac;
87: char *saved_comment, *comment, *pass;
88: int first;
89:
1.2 provos 90: key = RSA_new();
91: public_key = RSA_new();
92: if (!load_public_key(filename, public_key, &saved_comment))
1.1 deraadt 93: {
94: printf("Bad key file %s: %s\n", filename, strerror(errno));
95: return;
96: }
1.2 provos 97: RSA_free(public_key);
1.1 deraadt 98:
99: pass = xstrdup("");
100: first = 1;
1.2 provos 101: while (!load_private_key(filename, pass, key, &comment))
1.1 deraadt 102: {
103: char buf[1024];
104: FILE *f;
105:
106: /* Free the old passphrase. */
107: memset(pass, 0, strlen(pass));
108: xfree(pass);
109:
110: /* Ask for a passphrase. */
111: if (getenv("DISPLAY") && !isatty(fileno(stdin)))
112: {
113: xfree(saved_comment);
114: return;
115: }
116: else
117: {
118: if (first)
119: printf("Need passphrase for %s (%s).\n", filename, saved_comment);
120: else
121: printf("Bad passphrase.\n");
122: pass = read_passphrase("Enter passphrase: ", 1);
123: if (strcmp(pass, "") == 0)
124: {
125: xfree(saved_comment);
126: xfree(pass);
127: return;
128: }
129: }
130: first = 0;
131: }
132: memset(pass, 0, strlen(pass));
133: xfree(pass);
134:
135: xfree(saved_comment);
136:
137: /* Send the key to the authentication agent. */
138: ac = ssh_get_authentication_connection();
139: if (!ac)
140: {
141: fprintf(stderr,
142: "Could not open a connection to your authentication agent.\n");
1.2 provos 143: RSA_free(key);
1.1 deraadt 144: xfree(comment);
145: return;
146: }
1.2 provos 147: if (ssh_add_identity(ac, key, comment))
1.1 deraadt 148: fprintf(stderr, "Identity added: %s (%s)\n", filename, comment);
149: else
150: fprintf(stderr, "Could not add identity: %s\n", filename);
1.2 provos 151: RSA_free(key);
1.1 deraadt 152: xfree(comment);
153: ssh_close_authentication_connection(ac);
154: }
155:
1.2 provos 156: void
157: list_identities()
1.1 deraadt 158: {
159: AuthenticationConnection *ac;
1.2 provos 160: BIGNUM *e, *n;
1.1 deraadt 161: int bits, status;
162: char *comment;
163: int had_identities;
164:
165: ac = ssh_get_authentication_connection();
166: if (!ac)
167: {
168: fprintf(stderr, "Could not connect to authentication server.\n");
169: return;
170: }
1.2 provos 171: e = BN_new();
172: n = BN_new();
1.1 deraadt 173: had_identities = 0;
1.2 provos 174: for (status = ssh_get_first_identity(ac, &bits, e, n, &comment);
1.1 deraadt 175: status;
1.2 provos 176: status = ssh_get_next_identity(ac, &bits, e, n, &comment))
1.1 deraadt 177: {
1.2 provos 178: char *buf;
1.1 deraadt 179: had_identities = 1;
180: printf("%d ", bits);
1.2 provos 181: buf = BN_bn2dec(e);
182: assert(buf != NULL);
183: printf("%s ", buf);
184: free (buf);
185: buf = BN_bn2dec(n);
186: assert(buf != NULL);
187: printf("%s %s\n", buf, comment);
188: free (buf);
1.1 deraadt 189: xfree(comment);
190: }
1.2 provos 191: BN_clear_free(e);
192: BN_clear_free(n);
1.1 deraadt 193: if (!had_identities)
194: printf("The agent has no identities.\n");
195: ssh_close_authentication_connection(ac);
196: }
197:
1.2 provos 198: int
199: main(int ac, char **av)
1.1 deraadt 200: {
201: struct passwd *pw;
202: char buf[1024];
203: int no_files = 1;
204: int i;
205: int deleting = 0;
1.3 deraadt 206:
207: /* check if RSA support exists */
208: if (rsa_alive() == 0) {
209: extern char *__progname;
210:
211: fprintf(stderr,
212: "%s: no RSA support in libssl and libcrypto. See ssl(8).\n",
213: __progname);
214: exit(1);
215: }
1.1 deraadt 216:
217: for (i = 1; i < ac; i++)
218: {
219: if (strcmp(av[i], "-l") == 0)
220: {
221: list_identities();
222: no_files = 0; /* Don't default-add/delete if -l. */
223: continue;
224: }
225: if (strcmp(av[i], "-d") == 0)
226: {
227: deleting = 1;
228: continue;
229: }
230: if (strcmp(av[i], "-D") == 0)
231: {
232: delete_all();
233: no_files = 0;
234: continue;
235: }
236: no_files = 0;
237: if (deleting)
238: delete_file(av[i]);
239: else
240: add_file(av[i]);
241: }
242: if (no_files)
243: {
244: pw = getpwuid(getuid());
245: if (!pw)
246: {
247: fprintf(stderr, "No user found with uid %d\n", (int)getuid());
248: exit(1);
249: }
1.4 deraadt 250: snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, SSH_CLIENT_IDENTITY);
1.1 deraadt 251: if (deleting)
252: delete_file(buf);
253: else
254: add_file(buf);
255: }
256: exit(0);
257: }