diff options
author | des <des@FreeBSD.org> | 2012-09-03 16:51:41 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2012-09-03 16:51:41 +0000 |
commit | 00f3582ac62b9883e85e2cb420c3d9f5d9028188 (patch) | |
tree | eafe8a40bcffb53c6bb88d75ac823cdc99ac92fe /crypto/openssh/ssh-add.c | |
parent | d00fafff0e6a902c30e2a606c69d740558908f1d (diff) | |
download | FreeBSD-src-00f3582ac62b9883e85e2cb420c3d9f5d9028188.zip FreeBSD-src-00f3582ac62b9883e85e2cb420c3d9f5d9028188.tar.gz |
Upgrade OpenSSH to 6.1p1.
Diffstat (limited to 'crypto/openssh/ssh-add.c')
-rw-r--r-- | crypto/openssh/ssh-add.c | 32 |
1 files changed, 20 insertions, 12 deletions
diff --git a/crypto/openssh/ssh-add.c b/crypto/openssh/ssh-add.c index 6d5e2a9..738644d 100644 --- a/crypto/openssh/ssh-add.c +++ b/crypto/openssh/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.101 2011/05/04 21:15:29 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.103 2011/10/18 23:37:42 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -139,11 +139,11 @@ delete_all(AuthenticationConnection *ac) } static int -add_file(AuthenticationConnection *ac, const char *filename) +add_file(AuthenticationConnection *ac, const char *filename, int key_only) { Key *private, *cert; char *comment = NULL; - char msg[1024], *certpath; + char msg[1024], *certpath = NULL; int fd, perms_ok, ret = -1; Buffer keyblob; @@ -219,6 +219,9 @@ add_file(AuthenticationConnection *ac, const char *filename) fprintf(stderr, "Could not add identity: %s\n", filename); } + /* Skip trying to load the cert if requested */ + if (key_only) + goto out; /* Now try to add the certificate flavour too */ xasprintf(&certpath, "%s-cert.pub", filename); @@ -253,7 +256,8 @@ add_file(AuthenticationConnection *ac, const char *filename) if (confirm != 0) fprintf(stderr, "The user must confirm each use of the key\n"); out: - xfree(certpath); + if (certpath != NULL) + xfree(certpath); xfree(comment); key_free(private); @@ -347,13 +351,13 @@ lock_agent(AuthenticationConnection *ac, int lock) } static int -do_file(AuthenticationConnection *ac, int deleting, char *file) +do_file(AuthenticationConnection *ac, int deleting, int key_only, char *file) { if (deleting) { if (delete_file(ac, file) == -1) return -1; } else { - if (add_file(ac, file) == -1) + if (add_file(ac, file, key_only) == -1) return -1; } return 0; @@ -366,12 +370,13 @@ usage(void) fprintf(stderr, "Options:\n"); fprintf(stderr, " -l List fingerprints of all identities.\n"); fprintf(stderr, " -L List public key parameters of all identities.\n"); + fprintf(stderr, " -k Load only keys and not certificates.\n"); + fprintf(stderr, " -c Require confirmation to sign using identities\n"); + fprintf(stderr, " -t life Set lifetime (in seconds) when adding identities.\n"); fprintf(stderr, " -d Delete identity.\n"); fprintf(stderr, " -D Delete all identities.\n"); fprintf(stderr, " -x Lock agent.\n"); fprintf(stderr, " -X Unlock agent.\n"); - fprintf(stderr, " -t life Set lifetime (in seconds) when adding identities.\n"); - fprintf(stderr, " -c Require confirmation to sign using identities\n"); fprintf(stderr, " -s pkcs11 Add keys from PKCS#11 provider.\n"); fprintf(stderr, " -e pkcs11 Remove keys provided by PKCS#11 provider.\n"); } @@ -383,7 +388,7 @@ main(int argc, char **argv) extern int optind; AuthenticationConnection *ac = NULL; char *pkcs11provider = NULL; - int i, ch, deleting = 0, ret = 0; + int i, ch, deleting = 0, ret = 0, key_only = 0; /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ sanitise_stdfd(); @@ -400,8 +405,11 @@ main(int argc, char **argv) "Could not open a connection to your authentication agent.\n"); exit(2); } - while ((ch = getopt(argc, argv, "lLcdDxXe:s:t:")) != -1) { + while ((ch = getopt(argc, argv, "klLcdDxXe:s:t:")) != -1) { switch (ch) { + case 'k': + key_only = 1; + break; case 'l': case 'L': if (list_identities(ac, ch == 'l' ? 1 : 0) == -1) @@ -467,7 +475,7 @@ main(int argc, char **argv) default_files[i]); if (stat(buf, &st) < 0) continue; - if (do_file(ac, deleting, buf) == -1) + if (do_file(ac, deleting, key_only, buf) == -1) ret = 1; else count++; @@ -476,7 +484,7 @@ main(int argc, char **argv) ret = 1; } else { for (i = 0; i < argc; i++) { - if (do_file(ac, deleting, argv[i]) == -1) + if (do_file(ac, deleting, key_only, argv[i]) == -1) ret = 1; } } |