summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--authfd.c46
-rw-r--r--authfd.h5
-rw-r--r--pathnames.h3
-rw-r--r--ssh-add.c62
-rw-r--r--sshconnect2.c4
5 files changed, 44 insertions, 76 deletions
diff --git a/authfd.c b/authfd.c
index ea664a16..8486e28b 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.102 2017/05/04 06:10:57 djm Exp $ */
+/* $OpenBSD: authfd.c,v 1.103 2017/05/05 10:42:49 naddy Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -227,35 +227,21 @@ deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp)
* Fetch list of identities held by the agent.
*/
int
-ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp)
+ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp)
{
- u_char type, code1 = 0, code2 = 0;
+ u_char type;
u_int32_t num, i;
struct sshbuf *msg;
struct ssh_identitylist *idl = NULL;
int r;
- /* Determine request and expected response types */
- switch (version) {
- case 1:
- code1 = SSH_AGENTC_REQUEST_RSA_IDENTITIES;
- code2 = SSH_AGENT_RSA_IDENTITIES_ANSWER;
- break;
- case 2:
- code1 = SSH2_AGENTC_REQUEST_IDENTITIES;
- code2 = SSH2_AGENT_IDENTITIES_ANSWER;
- break;
- default:
- return SSH_ERR_INVALID_ARGUMENT;
- }
-
/*
* Send a message to the agent requesting for a list of the
* identities it can represent.
*/
if ((msg = sshbuf_new()) == NULL)
return SSH_ERR_ALLOC_FAIL;
- if ((r = sshbuf_put_u8(msg, code1)) != 0)
+ if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_REQUEST_IDENTITIES)) != 0)
goto out;
if ((r = ssh_request_reply(sock, msg, msg)) != 0)
@@ -267,7 +253,7 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp)
if (agent_failed(type)) {
r = SSH_ERR_AGENT_FAILURE;
goto out;
- } else if (type != code2) {
+ } else if (type != SSH2_AGENT_IDENTITIES_ANSWER) {
r = SSH_ERR_INVALID_FORMAT;
goto out;
}
@@ -292,20 +278,14 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp)
goto out;
}
for (i = 0; i < num;) {
- switch (version) {
- case 1:
- break;
- case 2:
- if ((r = deserialise_identity2(msg,
- &(idl->keys[i]), &(idl->comments[i]))) != 0) {
- if (r == SSH_ERR_KEY_TYPE_UNKNOWN) {
- /* Gracefully skip unknown key types */
- num--;
- continue;
- } else
- goto out;
- }
- break;
+ if ((r = deserialise_identity2(msg, &(idl->keys[i]),
+ &(idl->comments[i]))) != 0) {
+ if (r == SSH_ERR_KEY_TYPE_UNKNOWN) {
+ /* Gracefully skip unknown key types */
+ num--;
+ continue;
+ } else
+ goto out;
}
i++;
}
diff --git a/authfd.h b/authfd.h
index 4b417e3f..0e98331d 100644
--- a/authfd.h
+++ b/authfd.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.h,v 1.39 2015/12/04 16:41:28 markus Exp $ */
+/* $OpenBSD: authfd.h,v 1.40 2017/05/05 10:42:49 naddy Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -27,8 +27,7 @@ int ssh_get_authentication_socket(int *fdp);
void ssh_close_authentication_socket(int sock);
int ssh_lock_agent(int sock, int lock, const char *password);
-int ssh_fetch_identitylist(int sock, int version,
- struct ssh_identitylist **idlp);
+int ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp);
void ssh_free_identitylist(struct ssh_identitylist *idl);
int ssh_add_identity_constrained(int sock, struct sshkey *key,
const char *comment, u_int life, u_int confirm);
diff --git a/pathnames.h b/pathnames.h
index cff672e2..1c221b01 100644
--- a/pathnames.h
+++ b/pathnames.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: pathnames.h,v 1.26 2017/05/03 21:08:09 naddy Exp $ */
+/* $OpenBSD: pathnames.h,v 1.27 2017/05/05 10:42:49 naddy Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -71,7 +71,6 @@
* Name of the default file containing client-side authentication key. This
* file should only be readable by the user him/herself.
*/
-#define _PATH_SSH_CLIENT_IDENTITY _PATH_SSH_USER_DIR "/identity"
#define _PATH_SSH_CLIENT_ID_DSA _PATH_SSH_USER_DIR "/id_dsa"
#define _PATH_SSH_CLIENT_ID_ECDSA _PATH_SSH_USER_DIR "/id_ecdsa"
#define _PATH_SSH_CLIENT_ID_RSA _PATH_SSH_USER_DIR "/id_rsa"
diff --git a/ssh-add.c b/ssh-add.c
index 5f62420f..a1e0d464 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.130 2017/05/04 06:10:57 djm Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.131 2017/05/05 10:42:49 naddy Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -362,46 +362,36 @@ static int
list_identities(int agent_fd, int do_fp)
{
char *fp;
- int r, had_identities = 0;
+ int r;
struct ssh_identitylist *idlist;
size_t i;
- int version = 2;
-
- for (; version <= 2; version++) {
- if ((r = ssh_fetch_identitylist(agent_fd, version,
- &idlist)) != 0) {
- if (r != SSH_ERR_AGENT_NO_IDENTITIES)
- fprintf(stderr, "error fetching identities for "
- "protocol %d: %s\n", version, ssh_err(r));
- continue;
- }
- for (i = 0; i < idlist->nkeys; i++) {
- had_identities = 1;
- if (do_fp) {
- fp = sshkey_fingerprint(idlist->keys[i],
- fingerprint_hash, SSH_FP_DEFAULT);
- printf("%u %s %s (%s)\n",
- sshkey_size(idlist->keys[i]),
- fp == NULL ? "(null)" : fp,
- idlist->comments[i],
- sshkey_type(idlist->keys[i]));
- free(fp);
- } else {
- if ((r = sshkey_write(idlist->keys[i],
- stdout)) != 0) {
- fprintf(stderr, "sshkey_write: %s\n",
- ssh_err(r));
- continue;
- }
- fprintf(stdout, " %s\n", idlist->comments[i]);
+
+ if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) {
+ if (r != SSH_ERR_AGENT_NO_IDENTITIES)
+ fprintf(stderr, "error fetching identities: %s\n",
+ ssh_err(r));
+ else
+ printf("The agent has no identities.\n");
+ return -1;
+ }
+ for (i = 0; i < idlist->nkeys; i++) {
+ if (do_fp) {
+ fp = sshkey_fingerprint(idlist->keys[i],
+ fingerprint_hash, SSH_FP_DEFAULT);
+ printf("%u %s %s (%s)\n", sshkey_size(idlist->keys[i]),
+ fp == NULL ? "(null)" : fp, idlist->comments[i],
+ sshkey_type(idlist->keys[i]));
+ free(fp);
+ } else {
+ if ((r = sshkey_write(idlist->keys[i], stdout)) != 0) {
+ fprintf(stderr, "sshkey_write: %s\n",
+ ssh_err(r));
+ continue;
}
+ fprintf(stdout, " %s\n", idlist->comments[i]);
}
- ssh_free_identitylist(idlist);
- }
- if (!had_identities) {
- printf("The agent has no identities.\n");
- return -1;
}
+ ssh_free_identitylist(idlist);
return 0;
}
diff --git a/sshconnect2.c b/sshconnect2.c
index 393353db..1b79253d 100644
--- a/sshconnect2.c
+++ b/sshconnect2.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect2.c,v 1.257 2017/04/30 23:18:44 djm Exp $ */
+/* $OpenBSD: sshconnect2.c,v 1.258 2017/05/05 10:42:49 naddy Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Damien Miller. All rights reserved.
@@ -1345,7 +1345,7 @@ pubkey_prepare(Authctxt *authctxt)
if (r != SSH_ERR_AGENT_NOT_PRESENT)
debug("%s: ssh_get_authentication_socket: %s",
__func__, ssh_err(r));
- } else if ((r = ssh_fetch_identitylist(agent_fd, 2, &idlist)) != 0) {
+ } else if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) {
if (r != SSH_ERR_AGENT_NO_IDENTITIES)
debug("%s: ssh_fetch_identitylist: %s",
__func__, ssh_err(r));