mirror of git://anongit.mindrot.org/openssh.git
- markus@cvs.openbsd.org 2001/08/01 23:38:45
[scard.c ssh.c] support finish rsa keys. free public keys after login -> call finish -> close smartcard.
This commit is contained in:
parent
6818bfbf30
commit
a6c8a8d4d5
|
@ -98,6 +98,10 @@
|
||||||
[ssh-keygen.c]
|
[ssh-keygen.c]
|
||||||
allow uploading RSA keys for non-default AUT0 (sha1 over passphrase
|
allow uploading RSA keys for non-default AUT0 (sha1 over passphrase
|
||||||
like sectok).
|
like sectok).
|
||||||
|
- markus@cvs.openbsd.org 2001/08/01 23:38:45
|
||||||
|
[scard.c ssh.c]
|
||||||
|
support finish rsa keys.
|
||||||
|
free public keys after login -> call finish -> close smartcard.
|
||||||
|
|
||||||
20010803
|
20010803
|
||||||
- (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on
|
- (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on
|
||||||
|
@ -6208,4 +6212,4 @@
|
||||||
- Wrote replacements for strlcpy and mkdtemp
|
- Wrote replacements for strlcpy and mkdtemp
|
||||||
- Released 1.0pre1
|
- Released 1.0pre1
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.1451 2001/08/06 21:40:04 mouring Exp $
|
$Id: ChangeLog,v 1.1452 2001/08/06 21:42:00 mouring Exp $
|
||||||
|
|
21
scard.c
21
scard.c
|
@ -24,7 +24,7 @@
|
||||||
|
|
||||||
#ifdef SMARTCARD
|
#ifdef SMARTCARD
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: scard.c,v 1.11 2001/08/01 22:03:33 markus Exp $");
|
RCSID("$OpenBSD: scard.c,v 1.12 2001/08/01 23:38:45 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/engine.h>
|
#include <openssl/engine.h>
|
||||||
#include <sectok.h>
|
#include <sectok.h>
|
||||||
|
@ -262,6 +262,20 @@ err:
|
||||||
return (len >= 0 ? len : status);
|
return (len >= 0 ? len : status);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* called on free */
|
||||||
|
|
||||||
|
static int (*orig_finish)(RSA *rsa) = NULL;
|
||||||
|
|
||||||
|
static int
|
||||||
|
sc_finish(RSA *rsa)
|
||||||
|
{
|
||||||
|
if (orig_finish)
|
||||||
|
orig_finish(rsa);
|
||||||
|
sc_close();
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/* engine for overloading private key operations */
|
/* engine for overloading private key operations */
|
||||||
|
|
||||||
static ENGINE *smart_engine = NULL;
|
static ENGINE *smart_engine = NULL;
|
||||||
|
@ -291,13 +305,16 @@ sc_get_engine(void)
|
||||||
smart_rsa.rsa_priv_enc = sc_private_encrypt;
|
smart_rsa.rsa_priv_enc = sc_private_encrypt;
|
||||||
smart_rsa.rsa_priv_dec = sc_private_decrypt;
|
smart_rsa.rsa_priv_dec = sc_private_decrypt;
|
||||||
|
|
||||||
|
/* save original */
|
||||||
|
orig_finish = def->finish;
|
||||||
|
smart_rsa.finish = sc_finish;
|
||||||
|
|
||||||
/* just use the OpenSSL version */
|
/* just use the OpenSSL version */
|
||||||
smart_rsa.rsa_pub_enc = def->rsa_pub_enc;
|
smart_rsa.rsa_pub_enc = def->rsa_pub_enc;
|
||||||
smart_rsa.rsa_pub_dec = def->rsa_pub_dec;
|
smart_rsa.rsa_pub_dec = def->rsa_pub_dec;
|
||||||
smart_rsa.rsa_mod_exp = def->rsa_mod_exp;
|
smart_rsa.rsa_mod_exp = def->rsa_mod_exp;
|
||||||
smart_rsa.bn_mod_exp = def->bn_mod_exp;
|
smart_rsa.bn_mod_exp = def->bn_mod_exp;
|
||||||
smart_rsa.init = def->init;
|
smart_rsa.init = def->init;
|
||||||
smart_rsa.finish = def->finish;
|
|
||||||
smart_rsa.flags = def->flags;
|
smart_rsa.flags = def->flags;
|
||||||
smart_rsa.app_data = def->app_data;
|
smart_rsa.app_data = def->app_data;
|
||||||
smart_rsa.rsa_sign = def->rsa_sign;
|
smart_rsa.rsa_sign = def->rsa_sign;
|
||||||
|
|
12
ssh.c
12
ssh.c
|
@ -39,7 +39,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: ssh.c,v 1.133 2001/08/01 22:03:33 markus Exp $");
|
RCSID("$OpenBSD: ssh.c,v 1.134 2001/08/01 23:38:45 markus Exp $");
|
||||||
|
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/err.h>
|
#include <openssl/err.h>
|
||||||
|
@ -756,6 +756,16 @@ again:
|
||||||
}
|
}
|
||||||
xfree(sensitive_data.keys);
|
xfree(sensitive_data.keys);
|
||||||
}
|
}
|
||||||
|
for (i = 0; i < options.num_identity_files; i++) {
|
||||||
|
if (options.identity_files[i]) {
|
||||||
|
xfree(options.identity_files[i]);
|
||||||
|
options.identity_files[i] = NULL;
|
||||||
|
}
|
||||||
|
if (options.identity_keys[i]) {
|
||||||
|
key_free(options.identity_keys[i]);
|
||||||
|
options.identity_keys[i] = NULL;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
exit_status = compat20 ? ssh_session2() : ssh_session();
|
exit_status = compat20 ? ssh_session2() : ssh_session();
|
||||||
packet_close();
|
packet_close();
|
||||||
|
|
Loading…
Reference in New Issue