diff options
| author | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-21 02:04:48 +0200 |
|---|---|---|
| committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-21 02:04:48 +0200 |
| commit | 4eb4c4e1ef39906056e282d6e160350dcd3fa533 (patch) | |
| tree | 9a31a7dc0115b01bc26d57fb488fb9cadf6b499d /ssh-agent.c | |
| parent | - (bal) Fixed AIX environment handling, use setpcred() instead of existing (diff) | |
| download | openssh-4eb4c4e1ef39906056e282d6e160350dcd3fa533.tar.xz openssh-4eb4c4e1ef39906056e282d6e160350dcd3fa533.zip | |
- markus@cvs.openbsd.org 2002/06/15 00:01:36
[authfd.c authfd.h ssh-add.c ssh-agent.c]
break agent key lifetime protocol and allow other contraints for key
usage.
Diffstat (limited to 'ssh-agent.c')
| -rw-r--r-- | ssh-agent.c | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/ssh-agent.c b/ssh-agent.c index b89ead6e5..4a288199f 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -35,7 +35,7 @@ #include "includes.h" #include "openbsd-compat/fake-queue.h" -RCSID("$OpenBSD: ssh-agent.c,v 1.91 2002/06/11 05:46:20 mpech Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.92 2002/06/15 00:01:36 markus Exp $"); #include <openssl/evp.h> #include <openssl/md5.h> @@ -470,15 +470,13 @@ send: } static void -process_lifetime_identity(SocketEntry *e, int version) +process_contrain_identity(SocketEntry *e, int version) { Key *key = NULL; u_char *blob; - u_int blen, bits, death; + u_int blen, bits, death = 0; int success = 0; - death = time(NULL) + buffer_get_int(&e->request); - switch (version) { case 1: key = key_new(KEY_RSA1); @@ -493,9 +491,18 @@ process_lifetime_identity(SocketEntry *e, int version) xfree(blob); break; } + while (buffer_len(&e->request)) { + switch (buffer_get_char(&e->request)) { + case SSH_AGENT_CONTRAIN_LIFETIME: + death = time(NULL) + buffer_get_int(&e->request); + break; + default: + break; + } + } if (key != NULL) { Identity *id = lookup_identity(key, version); - if (id != NULL && id->death == 0) { + if (id != NULL && id->death == 0 && death != 0) { id->death = death; success = 1; } @@ -707,8 +714,8 @@ process_message(SocketEntry *e) case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: process_remove_all_identities(e, 1); break; - case SSH_AGENTC_LIFETIME_IDENTITY1: - process_lifetime_identity(e, 1); + case SSH_AGENTC_CONTRAIN_IDENTITY1: + process_contrain_identity(e, 1); break; /* ssh2 */ case SSH2_AGENTC_SIGN_REQUEST: @@ -726,8 +733,8 @@ process_message(SocketEntry *e) case SSH2_AGENTC_REMOVE_ALL_IDENTITIES: process_remove_all_identities(e, 2); break; - case SSH_AGENTC_LIFETIME_IDENTITY: - process_lifetime_identity(e, 2); + case SSH_AGENTC_CONTRAIN_IDENTITY: + process_contrain_identity(e, 2); break; #ifdef SMARTCARD case SSH_AGENTC_ADD_SMARTCARD_KEY: |