- markus@cvs.openbsd.org 2003/01/23 13:50:27

[openssh.git] / authfd.c

diff --git a/authfd.c b/authfd.c
index f04e0858b04806e2da4c53e59dbcb702bbf8ddf3..a186e01175b0004fa5e5722671abfde52b6cb55a 100644 (file)
--- a/authfd.c
+++ b/authfd.c
@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: authfd.c,v 1.57 2002/09/11 18:27:26 stevesk Exp $");
+RCSID("$OpenBSD: authfd.c,v 1.58 2003/01/23 13:50:27 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -499,10 +499,10 @@ ssh_encode_identity_ssh2(Buffer *b, Key *key, const char *comment)
 
 int
 ssh_add_identity_constrained(AuthenticationConnection *auth, Key *key,
-    const char *comment, u_int life)
+    const char *comment, u_int life, u_int confirm)
 {
        Buffer msg;
-       int type, constrained = (life != 0);
+       int type, constrained = (life || confirm);
 
        buffer_init(&msg);
 
@@ -532,6 +532,8 @@ ssh_add_identity_constrained(AuthenticationConnection *auth, Key *key,
                        buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_LIFETIME);
                        buffer_put_int(&msg, life);
                }
+               if (confirm != 0)
+                       buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_CONFIRM);
        }
        if (ssh_request_reply(auth, &msg, &msg) == 0) {
                buffer_free(&msg);
@@ -545,7 +547,7 @@ ssh_add_identity_constrained(AuthenticationConnection *auth, Key *key,
 int
 ssh_add_identity(AuthenticationConnection *auth, Key *key, const char *comment)
 {
-       return ssh_add_identity_constrained(auth, key, comment, 0);
+       return ssh_add_identity_constrained(auth, key, comment, 0, 0);
 }
 
 /*