+/* XXX todo: encrypt sensitive data with passphrase */
+static void
+process_lock_agent(SocketEntry *e, int lock)
+{
+ int success = 0;
+ char *passwd;
+
+ passwd = buffer_get_string(&e->request, NULL);
+ if (locked && !lock && strcmp(passwd, lock_passwd) == 0) {
+ locked = 0;
+ memset(lock_passwd, 0, strlen(lock_passwd));
+ xfree(lock_passwd);
+ lock_passwd = NULL;
+ success = 1;
+ } else if (!locked && lock) {
+ locked = 1;
+ lock_passwd = xstrdup(passwd);
+ success = 1;
+ }
+ memset(passwd, 0, strlen(passwd));
+ xfree(passwd);
+
+ buffer_put_int(&e->output, 1);
+ buffer_put_char(&e->output,
+ success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE);
+}
+
+static void
+no_identities(SocketEntry *e, u_int type)
+{
+ Buffer msg;
+
+ buffer_init(&msg);
+ buffer_put_char(&msg,
+ (type == SSH_AGENTC_REQUEST_RSA_IDENTITIES) ?
+ SSH_AGENT_RSA_IDENTITIES_ANSWER : SSH2_AGENT_IDENTITIES_ANSWER);
+ buffer_put_int(&msg, 0);
+ buffer_put_int(&e->output, buffer_len(&msg));
+ buffer_append(&e->output, buffer_ptr(&msg), buffer_len(&msg));
+ buffer_free(&msg);
+}
+
+#ifdef SMARTCARD
+static void
+process_add_smartcard_key (SocketEntry *e)
+{
+ char *sc_reader_id = NULL, *pin;
+ int i, version, success = 0;
+ Key **keys, *k;
+ Identity *id;
+ Idtab *tab;
+
+ sc_reader_id = buffer_get_string(&e->request, NULL);
+ pin = buffer_get_string(&e->request, NULL);
+ keys = sc_get_keys(sc_reader_id, pin);
+ xfree(sc_reader_id);
+ xfree(pin);
+
+ if (keys == NULL || keys[0] == NULL) {
+ error("sc_get_keys failed");
+ goto send;
+ }
+ for (i = 0; keys[i] != NULL; i++) {
+ k = keys[i];
+ version = k->type == KEY_RSA1 ? 1 : 2;
+ tab = idtab_lookup(version);
+ if (lookup_identity(k, version) == NULL) {
+ id = xmalloc(sizeof(Identity));
+ id->key = k;
+ id->comment = xstrdup("smartcard key");
+ id->death = 0;
+ id->confirm = 0;
+ TAILQ_INSERT_TAIL(&tab->idlist, id, next);
+ tab->nentries++;
+ success = 1;
+ } else {
+ key_free(k);
+ }
+ keys[i] = NULL;
+ }
+ xfree(keys);
+send:
+ buffer_put_int(&e->output, 1);
+ buffer_put_char(&e->output,
+ success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE);
+}
+
+static void
+process_remove_smartcard_key(SocketEntry *e)
+{
+ char *sc_reader_id = NULL, *pin;
+ int i, version, success = 0;
+ Key **keys, *k = NULL;
+ Identity *id;
+ Idtab *tab;
+
+ sc_reader_id = buffer_get_string(&e->request, NULL);
+ pin = buffer_get_string(&e->request, NULL);
+ keys = sc_get_keys(sc_reader_id, pin);
+ xfree(sc_reader_id);
+ xfree(pin);
+
+ if (keys == NULL || keys[0] == NULL) {
+ error("sc_get_keys failed");
+ goto send;
+ }
+ for (i = 0; keys[i] != NULL; i++) {
+ k = keys[i];
+ version = k->type == KEY_RSA1 ? 1 : 2;
+ if ((id = lookup_identity(k, version)) != NULL) {
+ tab = idtab_lookup(version);
+ TAILQ_REMOVE(&tab->idlist, id, next);
+ tab->nentries--;
+ free_identity(id);
+ success = 1;
+ }
+ key_free(k);
+ keys[i] = NULL;
+ }
+ xfree(keys);
+send:
+ buffer_put_int(&e->output, 1);
+ buffer_put_char(&e->output,
+ success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE);
+}
+#endif /* SMARTCARD */
+