diff --git a/authfd.c b/authfd.c index ea664a167..8486e28b3 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.102 2017/05/04 06:10:57 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.103 2017/05/05 10:42:49 naddy Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -227,35 +227,21 @@ deserialise_identity2(struct sshbuf *ids, struct sshkey **keyp, char **commentp) * Fetch list of identities held by the agent. */ int -ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp) +ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp) { - u_char type, code1 = 0, code2 = 0; + u_char type; u_int32_t num, i; struct sshbuf *msg; struct ssh_identitylist *idl = NULL; int r; - /* Determine request and expected response types */ - switch (version) { - case 1: - code1 = SSH_AGENTC_REQUEST_RSA_IDENTITIES; - code2 = SSH_AGENT_RSA_IDENTITIES_ANSWER; - break; - case 2: - code1 = SSH2_AGENTC_REQUEST_IDENTITIES; - code2 = SSH2_AGENT_IDENTITIES_ANSWER; - break; - default: - return SSH_ERR_INVALID_ARGUMENT; - } - /* * Send a message to the agent requesting for a list of the * identities it can represent. */ if ((msg = sshbuf_new()) == NULL) return SSH_ERR_ALLOC_FAIL; - if ((r = sshbuf_put_u8(msg, code1)) != 0) + if ((r = sshbuf_put_u8(msg, SSH2_AGENTC_REQUEST_IDENTITIES)) != 0) goto out; if ((r = ssh_request_reply(sock, msg, msg)) != 0) @@ -267,7 +253,7 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp) if (agent_failed(type)) { r = SSH_ERR_AGENT_FAILURE; goto out; - } else if (type != code2) { + } else if (type != SSH2_AGENT_IDENTITIES_ANSWER) { r = SSH_ERR_INVALID_FORMAT; goto out; } @@ -292,20 +278,14 @@ ssh_fetch_identitylist(int sock, int version, struct ssh_identitylist **idlp) goto out; } for (i = 0; i < num;) { - switch (version) { - case 1: - break; - case 2: - if ((r = deserialise_identity2(msg, - &(idl->keys[i]), &(idl->comments[i]))) != 0) { - if (r == SSH_ERR_KEY_TYPE_UNKNOWN) { - /* Gracefully skip unknown key types */ - num--; - continue; - } else - goto out; - } - break; + if ((r = deserialise_identity2(msg, &(idl->keys[i]), + &(idl->comments[i]))) != 0) { + if (r == SSH_ERR_KEY_TYPE_UNKNOWN) { + /* Gracefully skip unknown key types */ + num--; + continue; + } else + goto out; } i++; } diff --git a/authfd.h b/authfd.h index 4b417e3f4..0e98331d7 100644 --- a/authfd.h +++ b/authfd.h @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.h,v 1.39 2015/12/04 16:41:28 markus Exp $ */ +/* $OpenBSD: authfd.h,v 1.40 2017/05/05 10:42:49 naddy Exp $ */ /* * Author: Tatu Ylonen @@ -27,8 +27,7 @@ int ssh_get_authentication_socket(int *fdp); void ssh_close_authentication_socket(int sock); int ssh_lock_agent(int sock, int lock, const char *password); -int ssh_fetch_identitylist(int sock, int version, - struct ssh_identitylist **idlp); +int ssh_fetch_identitylist(int sock, struct ssh_identitylist **idlp); void ssh_free_identitylist(struct ssh_identitylist *idl); int ssh_add_identity_constrained(int sock, struct sshkey *key, const char *comment, u_int life, u_int confirm); diff --git a/pathnames.h b/pathnames.h index cff672e2f..1c221b01b 100644 --- a/pathnames.h +++ b/pathnames.h @@ -1,4 +1,4 @@ -/* $OpenBSD: pathnames.h,v 1.26 2017/05/03 21:08:09 naddy Exp $ */ +/* $OpenBSD: pathnames.h,v 1.27 2017/05/05 10:42:49 naddy Exp $ */ /* * Author: Tatu Ylonen @@ -71,7 +71,6 @@ * Name of the default file containing client-side authentication key. This * file should only be readable by the user him/herself. */ -#define _PATH_SSH_CLIENT_IDENTITY _PATH_SSH_USER_DIR "/identity" #define _PATH_SSH_CLIENT_ID_DSA _PATH_SSH_USER_DIR "/id_dsa" #define _PATH_SSH_CLIENT_ID_ECDSA _PATH_SSH_USER_DIR "/id_ecdsa" #define _PATH_SSH_CLIENT_ID_RSA _PATH_SSH_USER_DIR "/id_rsa" diff --git a/ssh-add.c b/ssh-add.c index 5f62420f9..a1e0d464b 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.130 2017/05/04 06:10:57 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.131 2017/05/05 10:42:49 naddy Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -362,46 +362,36 @@ static int list_identities(int agent_fd, int do_fp) { char *fp; - int r, had_identities = 0; + int r; struct ssh_identitylist *idlist; size_t i; - int version = 2; - for (; version <= 2; version++) { - if ((r = ssh_fetch_identitylist(agent_fd, version, - &idlist)) != 0) { - if (r != SSH_ERR_AGENT_NO_IDENTITIES) - fprintf(stderr, "error fetching identities for " - "protocol %d: %s\n", version, ssh_err(r)); - continue; - } - for (i = 0; i < idlist->nkeys; i++) { - had_identities = 1; - if (do_fp) { - fp = sshkey_fingerprint(idlist->keys[i], - fingerprint_hash, SSH_FP_DEFAULT); - printf("%u %s %s (%s)\n", - sshkey_size(idlist->keys[i]), - fp == NULL ? "(null)" : fp, - idlist->comments[i], - sshkey_type(idlist->keys[i])); - free(fp); - } else { - if ((r = sshkey_write(idlist->keys[i], - stdout)) != 0) { - fprintf(stderr, "sshkey_write: %s\n", - ssh_err(r)); - continue; - } - fprintf(stdout, " %s\n", idlist->comments[i]); - } - } - ssh_free_identitylist(idlist); - } - if (!had_identities) { - printf("The agent has no identities.\n"); + if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) { + if (r != SSH_ERR_AGENT_NO_IDENTITIES) + fprintf(stderr, "error fetching identities: %s\n", + ssh_err(r)); + else + printf("The agent has no identities.\n"); return -1; } + for (i = 0; i < idlist->nkeys; i++) { + if (do_fp) { + fp = sshkey_fingerprint(idlist->keys[i], + fingerprint_hash, SSH_FP_DEFAULT); + printf("%u %s %s (%s)\n", sshkey_size(idlist->keys[i]), + fp == NULL ? "(null)" : fp, idlist->comments[i], + sshkey_type(idlist->keys[i])); + free(fp); + } else { + if ((r = sshkey_write(idlist->keys[i], stdout)) != 0) { + fprintf(stderr, "sshkey_write: %s\n", + ssh_err(r)); + continue; + } + fprintf(stdout, " %s\n", idlist->comments[i]); + } + } + ssh_free_identitylist(idlist); return 0; } diff --git a/sshconnect2.c b/sshconnect2.c index 393353db5..1b79253da 100644 --- a/sshconnect2.c +++ b/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.257 2017/04/30 23:18:44 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.258 2017/05/05 10:42:49 naddy Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1345,7 +1345,7 @@ pubkey_prepare(Authctxt *authctxt) if (r != SSH_ERR_AGENT_NOT_PRESENT) debug("%s: ssh_get_authentication_socket: %s", __func__, ssh_err(r)); - } else if ((r = ssh_fetch_identitylist(agent_fd, 2, &idlist)) != 0) { + } else if ((r = ssh_fetch_identitylist(agent_fd, &idlist)) != 0) { if (r != SSH_ERR_AGENT_NO_IDENTITIES) debug("%s: ssh_fetch_identitylist: %s", __func__, ssh_err(r));