diff options
| author |   markus <markus@openbsd.org> | 2002-06-15 00:01:36 +0000 |
|---|---|---|
| committer | markus <markus@openbsd.org> | 2002-06-15 00:01:36 +0000 |
| commit | d77f6525fb4f8b07be47dc2e03bc3f3a9fe4f657 (patch) | |
| tree | ef0f0f41644aab7ea3bc42f0995a1f2a61c8c4d9 /usr.bin/ssh/ssh-agent.c | |
| parent | spelling; from Brian Poole <raj@cerias.purdue.edu> (diff) | |
| download | wireguard-openbsd-d77f6525fb4f8b07be47dc2e03bc3f3a9fe4f657.tar.xz wireguard-openbsd-d77f6525fb4f8b07be47dc2e03bc3f3a9fe4f657.zip | |
break agent key lifetime protocol and allow other contraints for key usage.
Diffstat (limited to 'usr.bin/ssh/ssh-agent.c')
| -rw-r--r-- | usr.bin/ssh/ssh-agent.c | 27 |
1 files changed, 17 insertions, 10 deletions
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c index d3da35e4075..d40a9409b93 100644 --- a/usr.bin/ssh/ssh-agent.c +++ b/usr.bin/ssh/ssh-agent.c @@ -35,7 +35,7 @@ #include "includes.h" #include <sys/queue.h> -RCSID("$OpenBSD: ssh-agent.c,v 1.91 2002/06/11 05:46:20 mpech Exp $"); +RCSID("$OpenBSD: ssh-agent.c,v 1.92 2002/06/15 00:01:36 markus Exp $"); #include <openssl/evp.h> #include <openssl/md5.h> @@ -466,15 +466,13 @@ send: } static void -process_lifetime_identity(SocketEntry *e, int version) +process_contrain_identity(SocketEntry *e, int version) { Key *key = NULL; u_char *blob; - u_int blen, bits, death; + u_int blen, bits, death = 0; int success = 0; - death = time(NULL) + buffer_get_int(&e->request); - switch (version) { case 1: key = key_new(KEY_RSA1); @@ -489,9 +487,18 @@ process_lifetime_identity(SocketEntry *e, int version) xfree(blob); break; } + while (buffer_len(&e->request)) { + switch (buffer_get_char(&e->request)) { + case SSH_AGENT_CONTRAIN_LIFETIME: + death = time(NULL) + buffer_get_int(&e->request); + break; + default: + break; + } + } if (key != NULL) { Identity *id = lookup_identity(key, version); - if (id != NULL && id->death == 0) { + if (id != NULL && id->death == 0 && death != 0) { id->death = death; success = 1; } @@ -703,8 +710,8 @@ process_message(SocketEntry *e) case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: process_remove_all_identities(e, 1); break; - case SSH_AGENTC_LIFETIME_IDENTITY1: - process_lifetime_identity(e, 1); + case SSH_AGENTC_CONTRAIN_IDENTITY1: + process_contrain_identity(e, 1); break; /* ssh2 */ case SSH2_AGENTC_SIGN_REQUEST: @@ -722,8 +729,8 @@ process_message(SocketEntry *e) case SSH2_AGENTC_REMOVE_ALL_IDENTITIES: process_remove_all_identities(e, 2); break; - case SSH_AGENTC_LIFETIME_IDENTITY: - process_lifetime_identity(e, 2); + case SSH_AGENTC_CONTRAIN_IDENTITY: + process_contrain_identity(e, 2); break; #ifdef SMARTCARD case SSH_AGENTC_ADD_SMARTCARD_KEY: |