#include "includes.h"
#include "openbsd-compat/sys-queue.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.108 2003/03/13 11:44:50 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.111 2003/06/12 19:12:03 markus Exp $");
#include <openssl/evp.h>
#include <openssl/md5.h>
/* The response is MD5 of decrypted challenge plus session id. */
len = BN_num_bytes(challenge);
if (len <= 0 || len > 32) {
- log("process_authentication_challenge: bad challenge length %d", len);
+ logit("process_authentication_challenge: bad challenge length %d", len);
goto failure;
}
memset(buf, 0, 32);
buffer_get_bignum(&e->request, key->rsa->n);
if (bits != key_size(key))
- log("Warning: identity keysize mismatch: actual %u, announced %u",
+ logit("Warning: identity keysize mismatch: actual %u, announced %u",
key_size(key), bits);
break;
case 2:
process_add_smartcard_key (SocketEntry *e)
{
char *sc_reader_id = NULL, *pin;
- int i, version, success = 0;
+ int i, version, success = 0, death = 0, confirm = 0;
Key **keys, *k;
Identity *id;
Idtab *tab;
sc_reader_id = buffer_get_string(&e->request, NULL);
pin = buffer_get_string(&e->request, NULL);
+
+ while (buffer_len(&e->request)) {
+ switch (buffer_get_char(&e->request)) {
+ case SSH_AGENT_CONSTRAIN_LIFETIME:
+ death = time(NULL) + buffer_get_int(&e->request);
+ break;
+ case SSH_AGENT_CONSTRAIN_CONFIRM:
+ confirm = 1;
+ break;
+ default:
+ break;
+ }
+ }
+ if (lifetime && !death)
+ death = time(NULL) + lifetime;
+
keys = sc_get_keys(sc_reader_id, pin);
xfree(sc_reader_id);
xfree(pin);
if (lookup_identity(k, version) == NULL) {
id = xmalloc(sizeof(Identity));
id->key = k;
- id->comment = xstrdup("smartcard key");
- id->death = 0;
- id->confirm = 0;
+ id->comment = sc_get_key_label(k);
+ id->death = death;
+ id->confirm = confirm;
TAILQ_INSERT_TAIL(&tab->idlist, id, next);
tab->nentries++;
success = 1;
break;
#ifdef SMARTCARD
case SSH_AGENTC_ADD_SMARTCARD_KEY:
+ case SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED:
process_add_smartcard_key(e);
break;
case SSH_AGENTC_REMOVE_SMARTCARD_KEY:
/* printf("Parent has died - Authentication agent exiting.\n"); */
cleanup_handler(sig); /* safe */
}
- signal(SIGALRM, check_parent_exists);
+ mysignal(SIGALRM, check_parent_exists);
alarm(10);
errno = save_errno;
}
SSLeay_add_all_algorithms();
- __progname = get_progname(av[0]);
+ __progname = ssh_get_progname(av[0]);
init_rng();
seed_rng();
fatal_add_cleanup(cleanup_socket, NULL);
new_socket(AUTH_SOCKET, sock);
if (ac > 0) {
- signal(SIGALRM, check_parent_exists);
+ mysignal(SIGALRM, check_parent_exists);
alarm(10);
}
idtab_init();