Attachment #3416 for bug #3180

Lines 335-341 ssh_free_identitylist(struct ssh_identitylist *idl) Link Here

(-)a/authfd.c (-2 / +2 lines)
335	* Returns 0 if found, or a negative SSH_ERR_* error code on failure.	335	* Returns 0 if found, or a negative SSH_ERR_* error code on failure.
336	*/	336	*/
337	int	337	int
338	ssh_agent_has_key(int sock, struct sshkey *key)	338	ssh_agent_has_key(int sock, const struct sshkey *key)
339	{	339	{
340	int r, ret = SSH_ERR_KEY_NOT_FOUND;	340	int r, ret = SSH_ERR_KEY_NOT_FOUND;
341	size_t i;	341	size_t i;
Lines 533-539 ssh_add_identity_constrained(int sock, struct sshkey *key, Link Here
533	* This call is intended only for use by ssh-add(1) and like applications.	533	* This call is intended only for use by ssh-add(1) and like applications.
534	*/	534	*/
535	int	535	int
536	ssh_remove_identity(int sock, struct sshkey *key)	536	ssh_remove_identity(int sock, const struct sshkey *key)
537	{	537	{
538	struct sshbuf *msg;	538	struct sshbuf *msg;
539	int r;	539	int r;

Lines 33-40 void ssh_free_identitylist(struct ssh_identitylist *idl); Link Here

(-)a/authfd.h (-2 / +2 lines)
33	int ssh_add_identity_constrained(int sock, struct sshkey *key,	33	int ssh_add_identity_constrained(int sock, struct sshkey *key,
34	const char *comment, u_int life, u_int confirm, u_int maxsign,	34	const char *comment, u_int life, u_int confirm, u_int maxsign,
35	const char *provider);	35	const char *provider);
36	int ssh_agent_has_key(int sock, struct sshkey *key);	36	int ssh_agent_has_key(int sock, const struct sshkey *key);
37	int ssh_remove_identity(int sock, struct sshkey *key);	37	int ssh_remove_identity(int sock, const struct sshkey *key);
38	int ssh_update_card(int sock, int add, const char *reader_id,	38	int ssh_update_card(int sock, int add, const char *reader_id,
39	const char *pin, u_int life, u_int confirm);	39	const char *pin, u_int life, u_int confirm);
40	int ssh_remove_all_identities(int sock, int version);	40	int ssh_remove_all_identities(int sock, int version);




	}
}

static int
delete_one(int agent_fd, const struct sshkey *key, const char *comment,
    const char *path, int qflag)
{
	int r;

	if ((r = ssh_remove_identity(agent_fd, key)) != 0) {
		fprintf(stderr, "Could not remove identity \"%s\": %s\n",
		    path, ssh_err(r));
		return r;
	}
	if (!qflag) {
		fprintf(stderr, "Identity removed: %s %s (%s)\n", path,
		    sshkey_type(key), comment);
	}
	return 0;
}

static int
delete_stdin(int agent_fd, int qflag)
{
	char *line = NULL, *cp;
	size_t linesize = 0;
	struct sshkey *key = NULL;
	int lnum = 0, r, ret = -1;

	while (getline(&line, &linesize, stdin) != -1) {
		lnum++;
		sshkey_free(key);
		key = NULL;
		line[strcspn(line, "\n")] = '\0';
		cp = line + strspn(line, " \t");
		if (*cp == '#' || *cp == '\0')
			continue;
		if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
			fatal("%s: sshkey_new", __func__);
		if ((r = sshkey_read(key, &cp)) != 0) {
			error("(stdin):%d: invalid key: %s", lnum, ssh_err(r));
			continue;
		}
		if (delete_one(agent_fd, key, cp, "(stdin)", qflag) == 0)
			ret = 0;
	}
	sshkey_free(key);
	free(line);
	return ret;
}

static int
delete_file(int agent_fd, const char *filename, int key_only, int qflag)
{

	char *certpath = NULL, *comment = NULL;
	int r, ret = -1;

	if (strcmp(filename, "-") == 0)
		return delete_stdin(agent_fd, qflag);

	if ((r = sshkey_load_public(filename, &public,  &comment)) != 0) {
		printf("Bad key file %s: %s\n", filename, ssh_err(r));
		return -1;
	}
	if (delete_one(agent_fd, public, comment, filename, qflag) == 0)
		if (!qflag) {
			fprintf(stderr, "Identity removed: %s (%s)\n",
			    filename, comment);
		}
		ret = 0;
	} else
		fprintf(stderr, "Could not remove identity \"%s\": %s\n",
		    filename, ssh_err(r));

	if (key_only)
		goto out;

		fatal("Certificate %s does not match private key %s",
		    certpath, filename);

	if (delete_one(agent_fd, cert, comment, certpath, qflag) == 0)
		if (!qflag) {
			fprintf(stderr, "Identity removed: %s (%s)\n",
			    certpath, comment);
		}
		ret = 0;
	} else
		fprintf(stderr, "Could not remove identity \"%s\": %s\n",
		    certpath, ssh_err(r));

 out:
	sshkey_free(cert);

Return to bug 3180

Lines 103-108 clear_pass(void) Link Here

(-)a/ssh-add.c (-16 / +53 lines)
103	}	103	}
104	}	104	}
105		105
		106	static int
		107	delete_one(int agent_fd, const struct sshkey key, const char comment,
		108	const char *path, int qflag)
		109	{
		110	int r;
		111
		112	if ((r = ssh_remove_identity(agent_fd, key)) != 0) {
		113	fprintf(stderr, "Could not remove identity \"%s\": %s\n",
		114	path, ssh_err(r));
		115	return r;
		116	}
		117	if (!qflag) {
		118	fprintf(stderr, "Identity removed: %s %s (%s)\n", path,
		119	sshkey_type(key), comment);
		120	}
		121	return 0;
		122	}
		123
		124	static int
		125	delete_stdin(int agent_fd, int qflag)
		126	{
		127	char line = NULL, cp;
		128	size_t linesize = 0;
		129	struct sshkey *key = NULL;
		130	int lnum = 0, r, ret = -1;
		131
		132	while (getline(&line, &linesize, stdin) != -1) {
		133	lnum++;
		134	sshkey_free(key);
		135	key = NULL;
		136	line[strcspn(line, "\n")] = '\0';
		137	cp = line + strspn(line, " \t");
		138	if (cp == '#' \|\| cp == '\0')
		139	continue;
		140	if ((key = sshkey_new(KEY_UNSPEC)) == NULL)
		141	fatal("%s: sshkey_new", __func__);
		142	if ((r = sshkey_read(key, &cp)) != 0) {
		143	error("(stdin):%d: invalid key: %s", lnum, ssh_err(r));
		144	continue;
		145	}
		146	if (delete_one(agent_fd, key, cp, "(stdin)", qflag) == 0)
		147	ret = 0;
		148	}
		149	sshkey_free(key);
		150	free(line);
		151	return ret;
		152	}
		153
106	static int	154	static int
107	delete_file(int agent_fd, const char *filename, int key_only, int qflag)	155	delete_file(int agent_fd, const char *filename, int key_only, int qflag)
108	{	156	{
Lines 110-128 delete_file(int agent_fd, const char *filename, int key_only, int qflag) Link Here
110	char certpath = NULL, comment = NULL;	158	char certpath = NULL, comment = NULL;
111	int r, ret = -1;	159	int r, ret = -1;
112		160
		161	if (strcmp(filename, "-") == 0)
		162	return delete_stdin(agent_fd, qflag);
		163
113	if ((r = sshkey_load_public(filename, &public, &comment)) != 0) {	164	if ((r = sshkey_load_public(filename, &public, &comment)) != 0) {
114	printf("Bad key file %s: %s\n", filename, ssh_err(r));	165	printf("Bad key file %s: %s\n", filename, ssh_err(r));
115	return -1;	166	return -1;
116	}	167	}
117	if ((r = ssh_remove_identity(agent_fd, public)) == 0) {	168	if (delete_one(agent_fd, public, comment, filename, qflag) == 0)
118	if (!qflag) {
119	fprintf(stderr, "Identity removed: %s (%s)\n",
120	filename, comment);
121	}
122	ret = 0;	169	ret = 0;
123	} else
124	fprintf(stderr, "Could not remove identity \"%s\": %s\n",
125	filename, ssh_err(r));
126		170
127	if (key_only)	171	if (key_only)
128	goto out;	172	goto out;
Lines 142-156 delete_file(int agent_fd, const char *filename, int key_only, int qflag) Link Here
142	fatal("Certificate %s does not match private key %s",	186	fatal("Certificate %s does not match private key %s",
143	certpath, filename);	187	certpath, filename);
144		188
145	if ((r = ssh_remove_identity(agent_fd, cert)) == 0) {	189	if (delete_one(agent_fd, cert, comment, certpath, qflag) == 0)
146	if (!qflag) {
147	fprintf(stderr, "Identity removed: %s (%s)\n",
148	certpath, comment);
149	}
150	ret = 0;	190	ret = 0;
151	} else
152	fprintf(stderr, "Could not remove identity \"%s\": %s\n",
153	certpath, ssh_err(r));
154		191
155	out:	192	out:
156	sshkey_free(cert);	193	sshkey_free(cert);