diff options
author | Damien Miller <djm@mindrot.org> | 2003-06-11 22:06:33 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2003-06-11 22:06:33 +1000 |
commit | d94f20d28e9e966576302cd951776401c2856df6 (patch) | |
tree | 028352e13c131c8500f0826088cc3c4bb3a3c00a /authfd.c | |
parent | 0e1b937f1362866765c09c11d3f4066f108ff910 (diff) |
- djm@cvs.openbsd.org 2003/06/11 11:18:38
[authfd.c authfd.h ssh-add.c ssh-agent.c]
make agent constraints (lifetime, confirm) work with smartcard keys;
ok markus@
Diffstat (limited to 'authfd.c')
-rw-r--r-- | authfd.c | 27 |
1 files changed, 22 insertions, 5 deletions
@@ -35,7 +35,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: authfd.c,v 1.59 2003/04/08 20:21:28 itojun Exp $"); +RCSID("$OpenBSD: authfd.c,v 1.60 2003/06/11 11:18:38 djm Exp $"); #include <openssl/evp.h> @@ -589,16 +589,33 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key) } int -ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id, const char *pin) +ssh_update_card(AuthenticationConnection *auth, int add, + const char *reader_id, const char *pin, u_int life, u_int confirm) { Buffer msg; - int type; + int type, constrained = (life || confirm); + + if (add) { + type = constrained ? + SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED : + SSH_AGENTC_ADD_SMARTCARD_KEY; + } else + type = SSH_AGENTC_REMOVE_SMARTCARD_KEY; buffer_init(&msg); - buffer_put_char(&msg, add ? SSH_AGENTC_ADD_SMARTCARD_KEY : - SSH_AGENTC_REMOVE_SMARTCARD_KEY); + buffer_put_char(&msg, type); buffer_put_cstring(&msg, reader_id); buffer_put_cstring(&msg, pin); + + if (constrained) { + if (life != 0) { + buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_LIFETIME); + buffer_put_int(&msg, life); + } + if (confirm != 0) + buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_CONFIRM); + } + if (ssh_request_reply(auth, &msg, &msg) == 0) { buffer_free(&msg); return 0; |