*/
#include "includes.h"
-RCSID("$OpenBSD: authfd.c,v 1.57 2002/09/11 18:27:26 stevesk Exp $");
+RCSID("$OpenBSD: authfd.c,v 1.59 2003/04/08 20:21:28 itojun Exp $");
#include <openssl/evp.h>
buffer_get_bignum(&auth->identities, key->rsa->n);
*comment = buffer_get_string(&auth->identities, NULL);
if (bits != BN_num_bits(key->rsa->n))
- log("Warning: identity keysize mismatch: actual %d, announced %u",
+ logit("Warning: identity keysize mismatch: actual %d, announced %u",
BN_num_bits(key->rsa->n), bits);
break;
case 2:
if (key->type != KEY_RSA1)
return 0;
if (response_type == 0) {
- log("Compatibility with ssh protocol version 1.0 no longer supported.");
+ logit("Compatibility with ssh protocol version 1.0 no longer supported.");
return 0;
}
buffer_init(&buffer);
type = buffer_get_char(&buffer);
if (agent_failed(type)) {
- log("Agent admitted failure to authenticate using the key.");
+ logit("Agent admitted failure to authenticate using the key.");
} else if (type != SSH_AGENT_RSA_RESPONSE) {
fatal("Bad authentication response: %d", type);
} else {
}
type = buffer_get_char(&msg);
if (agent_failed(type)) {
- log("Agent admitted failure to sign using the key.");
+ logit("Agent admitted failure to sign using the key.");
} else if (type != SSH2_AGENT_SIGN_RESPONSE) {
fatal("Bad authentication response: %d", type);
} else {
int
ssh_add_identity_constrained(AuthenticationConnection *auth, Key *key,
- const char *comment, u_int life)
+ const char *comment, u_int life, u_int confirm)
{
Buffer msg;
- int type, constrained = (life != 0);
+ int type, constrained = (life || confirm);
buffer_init(&msg);
buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_LIFETIME);
buffer_put_int(&msg, life);
}
+ if (confirm != 0)
+ buffer_put_char(&msg, SSH_AGENT_CONSTRAIN_CONFIRM);
}
if (ssh_request_reply(auth, &msg, &msg) == 0) {
buffer_free(&msg);
int
ssh_add_identity(AuthenticationConnection *auth, Key *key, const char *comment)
{
- return ssh_add_identity_constrained(auth, key, comment, 0);
+ return ssh_add_identity_constrained(auth, key, comment, 0, 0);
}
/*
case SSH_AGENT_FAILURE:
case SSH_COM_AGENT2_FAILURE:
case SSH2_AGENT_FAILURE:
- log("SSH_AGENT_FAILURE");
+ logit("SSH_AGENT_FAILURE");
return 0;
case SSH_AGENT_SUCCESS:
return 1;