version 1.88, 2002/06/05 19:57:12 |
version 1.89, 2002/06/05 21:55:44 |
|
|
TAILQ_ENTRY(identity) next; |
TAILQ_ENTRY(identity) next; |
Key *key; |
Key *key; |
char *comment; |
char *comment; |
|
u_int death; |
} Identity; |
} Identity; |
|
|
typedef struct { |
typedef struct { |
|
|
return &idtable[version]; |
return &idtable[version]; |
} |
} |
|
|
|
static void |
|
free_identity(Identity *id) |
|
{ |
|
key_free(id->key); |
|
xfree(id->comment); |
|
xfree(id); |
|
} |
|
|
/* return matching private key for given public key */ |
/* return matching private key for given public key */ |
static Identity * |
static Identity * |
lookup_identity(Key *key, int version) |
lookup_identity(Key *key, int version) |
|
|
return (NULL); |
return (NULL); |
} |
} |
|
|
static void |
|
free_identity(Identity *id) |
|
{ |
|
key_free(id->key); |
|
xfree(id->comment); |
|
xfree(id); |
|
} |
|
|
|
/* send list of supported public keys to 'client' */ |
/* send list of supported public keys to 'client' */ |
static void |
static void |
process_request_identities(SocketEntry *e, int version) |
process_request_identities(SocketEntry *e, int version) |
|
|
} |
} |
|
|
static void |
static void |
|
reaper(void) |
|
{ |
|
Idtab *tab; |
|
Identity *id, *nxt; |
|
int version; |
|
u_int now = time(NULL); |
|
|
|
for (version = 1; version < 3; version++) { |
|
tab = idtab_lookup(version); |
|
for (id = TAILQ_FIRST(&tab->idlist); id; id = nxt) { |
|
nxt = TAILQ_NEXT(id, next); |
|
if (id->death != 0 && now >= id->death) { |
|
TAILQ_REMOVE(&tab->idlist, id, next); |
|
free_identity(id); |
|
tab->nentries--; |
|
} |
|
} |
|
} |
|
} |
|
|
|
static void |
process_add_identity(SocketEntry *e, int version) |
process_add_identity(SocketEntry *e, int version) |
{ |
{ |
Key *k = NULL; |
Key *k = NULL; |
|
|
Identity *id = xmalloc(sizeof(Identity)); |
Identity *id = xmalloc(sizeof(Identity)); |
id->key = k; |
id->key = k; |
id->comment = comment; |
id->comment = comment; |
|
id->death = 0; |
TAILQ_INSERT_TAIL(&tab->idlist, id, next); |
TAILQ_INSERT_TAIL(&tab->idlist, id, next); |
/* Increment the number of identities. */ |
/* Increment the number of identities. */ |
tab->nentries++; |
tab->nentries++; |
|
|
success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); |
success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); |
} |
} |
|
|
|
static void |
|
process_lifetime_identity(SocketEntry *e, int version) |
|
{ |
|
Key *key = NULL; |
|
u_char *blob; |
|
u_int blen, bits, death; |
|
int success = 0; |
|
|
|
death = time(NULL) + buffer_get_int(&e->request); |
|
|
|
switch (version) { |
|
case 1: |
|
key = key_new(KEY_RSA1); |
|
bits = buffer_get_int(&e->request); |
|
buffer_get_bignum(&e->request, key->rsa->e); |
|
buffer_get_bignum(&e->request, key->rsa->n); |
|
|
|
break; |
|
case 2: |
|
blob = buffer_get_string(&e->request, &blen); |
|
key = key_from_blob(blob, blen); |
|
xfree(blob); |
|
break; |
|
} |
|
if (key != NULL) { |
|
Identity *id = lookup_identity(key, version); |
|
if (id != NULL && id->death == 0) { |
|
id->death = death; |
|
success = 1; |
|
} |
|
key_free(key); |
|
} |
|
buffer_put_int(&e->output, 1); |
|
buffer_put_char(&e->output, |
|
success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); |
|
} |
|
|
/* XXX todo: encrypt sensitive data with passphrase */ |
/* XXX todo: encrypt sensitive data with passphrase */ |
static void |
static void |
process_lock_agent(SocketEntry *e, int lock) |
process_lock_agent(SocketEntry *e, int lock) |
|
|
id = xmalloc(sizeof(Identity)); |
id = xmalloc(sizeof(Identity)); |
id->key = k; |
id->key = k; |
id->comment = xstrdup("smartcard key"); |
id->comment = xstrdup("smartcard key"); |
|
id->death = 0; |
TAILQ_INSERT_TAIL(&tab->idlist, id, next); |
TAILQ_INSERT_TAIL(&tab->idlist, id, next); |
tab->nentries++; |
tab->nentries++; |
success = 1; |
success = 1; |
|
|
u_int msg_len; |
u_int msg_len; |
u_int type; |
u_int type; |
u_char *cp; |
u_char *cp; |
|
|
|
/* kill dead keys */ |
|
reaper(); |
|
|
if (buffer_len(&e->input) < 5) |
if (buffer_len(&e->input) < 5) |
return; /* Incomplete message. */ |
return; /* Incomplete message. */ |
cp = buffer_ptr(&e->input); |
cp = buffer_ptr(&e->input); |
|
|
case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: |
case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: |
process_remove_all_identities(e, 1); |
process_remove_all_identities(e, 1); |
break; |
break; |
|
case SSH_AGENTC_LIFETIME_IDENTITY1: |
|
process_lifetime_identity(e, 1); |
|
break; |
/* ssh2 */ |
/* ssh2 */ |
case SSH2_AGENTC_SIGN_REQUEST: |
case SSH2_AGENTC_SIGN_REQUEST: |
process_sign_request2(e); |
process_sign_request2(e); |
|
|
break; |
break; |
case SSH2_AGENTC_REMOVE_ALL_IDENTITIES: |
case SSH2_AGENTC_REMOVE_ALL_IDENTITIES: |
process_remove_all_identities(e, 2); |
process_remove_all_identities(e, 2); |
|
break; |
|
case SSH_AGENTC_LIFETIME_IDENTITY: |
|
process_lifetime_identity(e, 2); |
break; |
break; |
#ifdef SMARTCARD |
#ifdef SMARTCARD |
case SSH_AGENTC_ADD_SMARTCARD_KEY: |
case SSH_AGENTC_ADD_SMARTCARD_KEY: |