Bugzilla – Attachment 2193 Details for
Bug 2046
ssh-add -d does not drop certificate
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Make ssh-add -d remove certificate too
keygen-dash-d-remove-cert.diff (text/plain), 1.60 KB, created by
Damien Miller
on 2012-11-09 10:49:41 AEDT
(
hide
)
Description:
Make ssh-add -d remove certificate too
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2012-11-09 10:49:41 AEDT
Size:
1.60 KB
patch
obsolete
>diff --git ssh-add.c ssh-add.c >index ab6ed51..50db9c0 100644 >--- ssh-add.c >+++ ssh-add.c >@@ -90,10 +90,10 @@ clear_pass(void) > } > > static int >-delete_file(AuthenticationConnection *ac, const char *filename) >+delete_file(AuthenticationConnection *ac, const char *filename, int key_only) > { >- Key *public; >- char *comment = NULL; >+ Key *public = NULL, *cert = NULL; >+ char *certpath = NULL, *comment = NULL; > int ret = -1; > > public = key_load_public(filename, &comment); >@@ -107,8 +107,31 @@ delete_file(AuthenticationConnection *ac, const char *filename) > } else > fprintf(stderr, "Could not remove identity: %s\n", filename); > >- key_free(public); >- xfree(comment); >+ if (key_only) >+ goto out; >+ >+ /* Now try to delete the corresponding certificate too */ >+ xasprintf(&certpath, "%s-cert.pub", filename); >+ if ((cert = key_load_public(certpath, &comment)) == NULL) >+ goto out; >+ if (!key_equal_public(cert, public)) >+ fatal("Certificate %s does not match private key %s", >+ certpath, filename); >+ >+ if (ssh_remove_identity(ac, cert)) { >+ fprintf(stderr, "Identity removed: %s (%s)\n", certpath, >+ comment); >+ ret = 0; >+ } else >+ fprintf(stderr, "Could not remove identity: %s\n", certpath); >+ >+ out: >+ if (cert != NULL) >+ key_free(cert); >+ if (public != NULL) >+ key_free(public); >+ free(certpath); >+ free(comment); > > return ret; > } >@@ -348,7 +371,7 @@ static int > do_file(AuthenticationConnection *ac, int deleting, int key_only, char *file) > { > if (deleting) { >- if (delete_file(ac, file) == -1) >+ if (delete_file(ac, file, key_only) == -1) > return -1; > } else { > if (add_file(ac, file, key_only) == -1)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=2193">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2046
: 2193