|
Lines 48-53
Link Here
|
| 48 |
#include "authfile.h" |
48 |
#include "authfile.h" |
| 49 |
#include "pathnames.h" |
49 |
#include "pathnames.h" |
| 50 |
#include "readpass.h" |
50 |
#include "readpass.h" |
|
|
51 |
#include "readconf.h" |
| 51 |
|
52 |
|
| 52 |
#ifdef HAVE___PROGNAME |
53 |
#ifdef HAVE___PROGNAME |
| 53 |
extern char *__progname; |
54 |
extern char *__progname; |
|
Lines 58-65
Link Here
|
| 58 |
/* argv0 */ |
59 |
/* argv0 */ |
| 59 |
extern char *__progname; |
60 |
extern char *__progname; |
| 60 |
|
61 |
|
|
|
62 |
/* Original real UID. */ |
| 63 |
uid_t original_real_uid; |
| 64 |
|
| 61 |
/* we keep a cache of one passphrases */ |
65 |
/* we keep a cache of one passphrases */ |
| 62 |
static char *pass = NULL; |
66 |
static char *pass = NULL; |
|
|
67 |
static char *passphrases[SSH_MAX_IDENTITY_FILES]; |
| 68 |
static int num_passphrases = 0; |
| 69 |
|
| 63 |
static void |
70 |
static void |
| 64 |
clear_pass(void) |
71 |
clear_pass(void) |
| 65 |
{ |
72 |
{ |
|
Lines 120-126
Link Here
|
| 120 |
Key *private; |
127 |
Key *private; |
| 121 |
char *comment = NULL; |
128 |
char *comment = NULL; |
| 122 |
char msg[1024]; |
129 |
char msg[1024]; |
| 123 |
int ret = -1; |
130 |
int i, ret = -1; |
| 124 |
|
131 |
|
| 125 |
if (stat(filename, &st) < 0) { |
132 |
if (stat(filename, &st) < 0) { |
| 126 |
perror(filename); |
133 |
perror(filename); |
|
Lines 131-138
Link Here
|
| 131 |
if (comment == NULL) |
138 |
if (comment == NULL) |
| 132 |
comment = xstrdup(filename); |
139 |
comment = xstrdup(filename); |
| 133 |
/* try last */ |
140 |
/* try last */ |
| 134 |
if (private == NULL && pass != NULL) |
141 |
if (private == NULL && *passphrases != NULL) |
| 135 |
private = key_load_private(filename, pass, NULL); |
142 |
for (i = 0; i < num_passphrases; i++) { |
|
|
143 |
private = key_load_private(filename, passphrases[i], NULL); |
| 144 |
if (private != NULL) |
| 145 |
break; |
| 146 |
} |
| 147 |
|
| 136 |
if (private == NULL) { |
148 |
if (private == NULL) { |
| 137 |
/* clear passphrase since it did not work */ |
149 |
/* clear passphrase since it did not work */ |
| 138 |
clear_pass(); |
150 |
clear_pass(); |
|
Lines 155-160
Link Here
|
| 155 |
if (ssh_add_identity(ac, private, comment)) { |
167 |
if (ssh_add_identity(ac, private, comment)) { |
| 156 |
fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); |
168 |
fprintf(stderr, "Identity added: %s (%s)\n", filename, comment); |
| 157 |
ret = 0; |
169 |
ret = 0; |
|
|
170 |
if ( pass != NULL ) |
| 171 |
passphrases[num_passphrases++] = xstrdup(pass); |
| 172 |
if (num_passphrases >= SSH_MAX_IDENTITY_FILES) { |
| 173 |
fprintf(stderr,"Too many identity files specified (max %d).", |
| 174 |
SSH_MAX_IDENTITY_FILES); |
| 175 |
exit(1); |
| 176 |
} |
| 158 |
} else |
177 |
} else |
| 159 |
fprintf(stderr, "Could not add identity: %s\n", filename); |
178 |
fprintf(stderr, "Could not add identity: %s\n", filename); |
| 160 |
|
179 |
|
|
Lines 232-245
Link Here
|
| 232 |
extern int optind; |
251 |
extern int optind; |
| 233 |
AuthenticationConnection *ac = NULL; |
252 |
AuthenticationConnection *ac = NULL; |
| 234 |
struct passwd *pw; |
253 |
struct passwd *pw; |
|
|
254 |
struct stat st; |
| 255 |
Options options; |
| 235 |
char buf[1024]; |
256 |
char buf[1024]; |
| 236 |
char *sc_reader_id = NULL; |
257 |
char *sc_reader_id = NULL; |
|
|
258 |
char *host = "nullhost"; |
| 259 |
char *filename; |
| 237 |
int i, ch, deleting = 0, ret = 0; |
260 |
int i, ch, deleting = 0, ret = 0; |
| 238 |
|
261 |
|
| 239 |
__progname = get_progname(argv[0]); |
262 |
__progname = get_progname(argv[0]); |
|
|
263 |
*passphrases = NULL; |
| 240 |
init_rng(); |
264 |
init_rng(); |
| 241 |
seed_rng(); |
265 |
seed_rng(); |
| 242 |
|
266 |
|
|
|
267 |
original_real_uid = getuid(); |
| 243 |
SSLeay_add_all_algorithms(); |
268 |
SSLeay_add_all_algorithms(); |
| 244 |
|
269 |
|
| 245 |
/* At first, get a connection to the authentication agent. */ |
270 |
/* At first, get a connection to the authentication agent. */ |
|
Lines 291-303
Link Here
|
| 291 |
ret = 1; |
316 |
ret = 1; |
| 292 |
goto done; |
317 |
goto done; |
| 293 |
} |
318 |
} |
| 294 |
snprintf(buf, sizeof buf, "%s/%s", pw->pw_dir, _PATH_SSH_CLIENT_IDENTITY); |
319 |
|
| 295 |
if (deleting) { |
320 |
/* Read per-user configuration file. */ |
| 296 |
if (delete_file(ac, buf) == -1) |
321 |
snprintf(buf, sizeof buf, "%.100s/%.100s", pw->pw_dir, |
| 297 |
ret = 1; |
322 |
_PATH_SSH_USER_CONFFILE); |
| 298 |
} else { |
323 |
|
| 299 |
if (add_file(ac, buf) == -1) |
324 |
initialize_options(&options); |
| 300 |
ret = 1; |
325 |
read_config_file(buf, host, &options); |
|
|
326 |
|
| 327 |
/* Read systemwide configuration file. */ |
| 328 |
read_config_file(_PATH_HOST_CONFIG_FILE, host, &options); |
| 329 |
|
| 330 |
for (i = 0; i < options.num_identity_files; i++) { |
| 331 |
filename = tilde_expand_filename(options.identity_files[i], |
| 332 |
getuid()); |
| 333 |
if (stat(filename,&st) != 0) { |
| 334 |
xfree(options.identity_files[i]); |
| 335 |
continue; |
| 336 |
} |
| 337 |
|
| 338 |
if (deleting) |
| 339 |
delete_file(ac, filename); |
| 340 |
else |
| 341 |
add_file(ac, filename); |
| 342 |
xfree(options.identity_files[i]); |
| 301 |
} |
343 |
} |
| 302 |
} else { |
344 |
} else { |
| 303 |
for (i = 0; i < argc; i++) { |
345 |
for (i = 0; i < argc; i++) { |
|
Lines 314-318
Link Here
|
| 314 |
|
356 |
|
| 315 |
done: |
357 |
done: |
| 316 |
ssh_close_authentication_connection(ac); |
358 |
ssh_close_authentication_connection(ac); |
|
|
359 |
for(i = 0; i < num_passphrases; i++) |
| 360 |
if (passphrases[i]) |
| 361 |
xfree(passphrases[i]); |
| 317 |
return ret; |
362 |
return ret; |
| 318 |
} |
363 |
} |