diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2001-07-04 03:50:02 +0000 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2001-07-04 03:50:02 +0000 |
| commit | 036a6b28c9ef5a237e2fbd7d73ca94af3d24e897 (patch) | |
| tree | 3968210d82563cc98a092737e5028319e4833d07 | |
| parent | d94580c708175649f4e433451ac096425d3b81e2 (diff) | |
- markus@cvs.openbsd.org 2001/06/26 04:59:59
[authfd.c authfd.h ssh-add.c]
initial support for smartcards in the agent
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | authfd.c | 21 | ||||
| -rw-r--r-- | authfd.h | 10 | ||||
| -rw-r--r-- | ssh-add.c | 52 |
4 files changed, 83 insertions, 5 deletions
@@ -22,6 +22,9 @@ - markus@cvs.openbsd.org 2001/06/26 04:07:06 [ssh-agent.1 ssh-agent.c] add debug flag + - markus@cvs.openbsd.org 2001/06/26 04:59:59 + [authfd.c authfd.h ssh-add.c] + initial support for smartcards in the agent 20010629 - (bal) Removed net_aton() since we don't use it any more @@ -5849,4 +5852,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.1350 2001/07/04 03:48:02 mouring Exp $ +$Id: ChangeLog,v 1.1351 2001/07/04 03:50:02 mouring Exp $ @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfd.c,v 1.41 2001/06/23 15:12:17 itojun Exp $"); +RCSID("$OpenBSD: authfd.c,v 1.42 2001/06/26 04:59:59 markus Exp $"); #include <openssl/evp.h> @@ -534,6 +534,25 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key) return decode_reply(type); } +int +ssh_update_card(AuthenticationConnection *auth, int add, int reader_id) +{ + Buffer msg; + int type; + + buffer_init(&msg); + buffer_put_char(&msg, add ? SSH_AGENTC_ADD_SMARTCARD_KEY : + SSH_AGENTC_REMOVE_SMARTCARD_KEY); + buffer_put_int(&msg, reader_id); + if (ssh_request_reply(auth, &msg, &msg) == 0) { + buffer_free(&msg); + return 0; + } + type = buffer_get_char(&msg); + buffer_free(&msg); + return decode_reply(type); +} + /* * Removes all identities from the agent. This call is not meant to be used * by normal applications. @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: authfd.h,v 1.16 2000/12/20 19:37:21 markus Exp $"); */ +/* RCSID("$OpenBSD: authfd.h,v 1.17 2001/06/26 04:59:59 markus Exp $"); */ #ifndef AUTHFD_H #define AUTHFD_H @@ -38,6 +38,10 @@ #define SSH2_AGENTC_REMOVE_IDENTITY 18 #define SSH2_AGENTC_REMOVE_ALL_IDENTITIES 19 +/* smartcard */ +#define SSH_AGENTC_ADD_SMARTCARD_KEY 20 +#define SSH_AGENTC_REMOVE_SMARTCARD_KEY 21 + /* additional error code for ssh.com's ssh-agent2 */ #define SSH_COM_AGENT2_FAILURE 102 @@ -133,6 +137,8 @@ int ssh_remove_identity(AuthenticationConnection *auth, Key *key); * meant to be used by normal applications. This returns true if the * operation was successful. */ -int ssh_remove_all_identities(AuthenticationConnection *auth, int version); +int ssh_remove_all_identities(AuthenticationConnection *auth, int version); + +int ssh_update_card(AuthenticationConnection *auth, int add, int reader_id); #endif /* AUTHFD_H */ @@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh-add.c,v 1.41 2001/06/25 08:25:40 markus Exp $"); +RCSID("$OpenBSD: ssh-add.c,v 1.42 2001/06/26 04:59:59 markus Exp $"); #include <openssl/evp.h> @@ -150,6 +150,17 @@ add_file(AuthenticationConnection *ac, const char *filename) } static void +update_card(AuthenticationConnection *ac, int add, int id) +{ + if (ssh_update_card(ac, add, id)) + fprintf(stderr, "Card %s: %d\n", + add ? "added" : "removed", id); + else + fprintf(stderr, "Could not %s card: %d\n", + add ? "add" : "remove", id); +} + +static void list_identities(AuthenticationConnection *ac, int do_fp) { Key *key; @@ -181,6 +192,18 @@ list_identities(AuthenticationConnection *ac, int do_fp) printf("The agent has no identities.\n"); } +static void +usage(void) +{ + printf("Usage: ssh-add [options]\n"); + printf(" -l, -L : list identities\n"); + printf(" -d : delete identity\n"); + printf(" -D : delete all identities\n"); + printf(" -s reader_num : add key in the smartcard in reader_num.\n"); + printf(" -e reader_num : remove key in the smartcard in reader_num.\n"); + exit (1); +} + int main(int argc, char **argv) { @@ -190,6 +213,8 @@ main(int argc, char **argv) int no_files = 1; int i; int deleting = 0; + int sc_mode = 0; + int sc_reader_num = 0; __progname = get_progname(argv[0]); init_rng(); @@ -220,12 +245,37 @@ main(int argc, char **argv) no_files = 0; continue; } + if (strcmp(argv[i], "-s") == 0) { + sc_mode = 1; + deleting = 0; + i++; + if (i >= argc) + usage(); + sc_reader_num = atoi(argv[i]); + continue; + } + if (strcmp(argv[i], "-e") == 0) { + sc_mode = 1; + deleting = 1; + i++; + if (i >= argc) + usage(); + sc_reader_num = atoi(argv[i]); + continue; + } + if (sc_mode == 1) + update_card(ac, !deleting, sc_reader_num); no_files = 0; if (deleting) delete_file(ac, argv[i]); else add_file(ac, argv[i]); } + if (sc_mode == 1) { + update_card(ac, !deleting, sc_reader_num); + ssh_close_authentication_connection(ac); + exit(0); + } if (no_files) { pw = getpwuid(getuid()); if (!pw) { |