*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.82 2002/03/04 17:27:39 stevesk Exp $");
-
-#if defined(HAVE_SYS_QUEUE_H) && !defined(HAVE_BOGUS_SYS_QUEUE_H)
-#include <sys/queue.h>
-#else
#include "openbsd-compat/fake-queue.h"
-#endif
+RCSID("$OpenBSD: ssh-agent.c,v 1.85 2002/04/02 11:49:39 markus Exp $");
#include <openssl/evp.h>
#include <openssl/md5.h>
#include "log.h"
#ifdef SMARTCARD
-#include <openssl/engine.h>
#include "scard.h"
#endif
static void
process_add_smartcard_key (SocketEntry *e)
{
+ Identity *id;
Idtab *tab;
- Key *n = NULL, *k = NULL;
- char *sc_reader_id = NULL;
- int success = 0;
+ Key **keys, *k;
+ char *sc_reader_id = NULL, *pin;
+ int i, version, success = 0;
sc_reader_id = buffer_get_string(&e->input, NULL);
- k = sc_get_key(sc_reader_id);
+ pin = buffer_get_string(&e->input, NULL);
+ keys = sc_get_keys(sc_reader_id, pin);
xfree(sc_reader_id);
+ xfree(pin);
- if (k == NULL) {
- error("sc_get_pubkey failed");
+ if (keys == NULL || keys[0] == NULL) {
+ error("sc_get_keys failed");
goto send;
}
- success = 1;
-
- tab = idtab_lookup(1);
- k->type = KEY_RSA1;
- if (lookup_identity(k, 1) == NULL) {
- Identity *id = xmalloc(sizeof(Identity));
- n = key_new(KEY_RSA1);
- BN_copy(n->rsa->n, k->rsa->n);
- BN_copy(n->rsa->e, k->rsa->e);
- RSA_set_method(n->rsa, sc_get_engine());
- id->key = n;
- id->comment = xstrdup("rsa1 smartcard");
- TAILQ_INSERT_TAIL(&tab->idlist, id, next);
- tab->nentries++;
- }
- k->type = KEY_RSA;
- tab = idtab_lookup(2);
- if (lookup_identity(k, 2) == NULL) {
- Identity *id = xmalloc(sizeof(Identity));
- n = key_new(KEY_RSA);
- BN_copy(n->rsa->n, k->rsa->n);
- BN_copy(n->rsa->e, k->rsa->e);
- RSA_set_method(n->rsa, sc_get_engine());
- id->key = n;
- id->comment = xstrdup("rsa smartcard");
- TAILQ_INSERT_TAIL(&tab->idlist, id, next);
- tab->nentries++;
+ for (i = 0; keys[i] != NULL; i++) {
+ k = keys[i];
+ version = k->type == KEY_RSA1 ? 1 : 2;
+ tab = idtab_lookup(version);
+ if (lookup_identity(k, version) == NULL) {
+ id = xmalloc(sizeof(Identity));
+ id->key = k;
+ id->comment = xstrdup("smartcard key");
+ TAILQ_INSERT_TAIL(&tab->idlist, id, next);
+ tab->nentries++;
+ success = 1;
+ } else {
+ key_free(k);
+ }
+ keys[i] = NULL;
}
- key_free(k);
+ xfree(keys);
send:
buffer_put_int(&e->output, 1);
buffer_put_char(&e->output,
static void
process_remove_smartcard_key(SocketEntry *e)
{
- Key *k = NULL;
- int success = 0;
- char *sc_reader_id = NULL;
+ Identity *id;
+ Idtab *tab;
+ Key **keys, *k = NULL;
+ char *sc_reader_id = NULL, *pin;
+ int i, version, success = 0;
sc_reader_id = buffer_get_string(&e->input, NULL);
- k = sc_get_key(sc_reader_id);
+ pin = buffer_get_string(&e->input, NULL);
+ keys = sc_get_keys(sc_reader_id, pin);
xfree(sc_reader_id);
+ xfree(pin);
- if (k == NULL) {
- error("sc_get_pubkey failed");
- } else {
- Identity *id;
- k->type = KEY_RSA1;
- id = lookup_identity(k, 1);
- if (id != NULL) {
- Idtab *tab = idtab_lookup(1);
- TAILQ_REMOVE(&tab->idlist, id, next);
- free_identity(id);
+ if (keys == NULL || keys[0] == NULL) {
+ error("sc_get_keys failed");
+ goto send;
+ }
+ for (i = 0; keys[i] != NULL; i++) {
+ k = keys[i];
+ version = k->type == KEY_RSA1 ? 1 : 2;
+ if ((id = lookup_identity(k, version)) != NULL) {
+ tab = idtab_lookup(version);
+ TAILQ_REMOVE(&tab->idlist, id, next);
tab->nentries--;
- success = 1;
- }
- k->type = KEY_RSA;
- id = lookup_identity(k, 2);
- if (id != NULL) {
- Idtab *tab = idtab_lookup(2);
- TAILQ_REMOVE(&tab->idlist, id, next);
free_identity(id);
- tab->nentries--;
success = 1;
}
key_free(k);
+ keys[i] = NULL;
}
-
+ xfree(keys);
+send:
buffer_put_int(&e->output, 1);
buffer_put_char(&e->output,
success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE);
if (ac > 0 && (c_flag || k_flag || s_flag || d_flag))
usage();
- if (ac == 0 && !c_flag && !k_flag && !s_flag && !d_flag) {
+ if (ac == 0 && !c_flag && !s_flag) {
shell = getenv("SHELL");
if (shell != NULL && strncmp(shell + strlen(shell) - 3, "csh", 3) == 0)
c_flag = 1;