mirror of git://anongit.mindrot.org/openssh.git
- markus@cvs.openbsd.org 2001/04/09 15:12:23
[ssh-add.c] passphrase caching: ssh-add tries last passphrase, clears passphrase if not successful and after last try. based on discussions with espie@, jakob@, ... and code from jakob@ and wolfgang@wsrcc.com
This commit is contained in:
parent
8ffeacfb2d
commit
ee61794620
|
@ -9,6 +9,12 @@
|
|||
- stevesk@cvs.openbsd.org 2001/04/09 00:42:05
|
||||
[sftp.1]
|
||||
spelling
|
||||
- markus@cvs.openbsd.org 2001/04/09 15:12:23
|
||||
[ssh-add.c]
|
||||
passphrase caching: ssh-add tries last passphrase, clears passphrase if
|
||||
not successful and after last try.
|
||||
based on discussions with espie@, jakob@, ... and code from jakob@ and
|
||||
wolfgang@wsrcc.com
|
||||
|
||||
20010409
|
||||
- (stevesk) use setresgid() for setegid() if needed
|
||||
|
@ -4978,4 +4984,4 @@
|
|||
- Wrote replacements for strlcpy and mkdtemp
|
||||
- Released 1.0pre1
|
||||
|
||||
$Id: ChangeLog,v 1.1090 2001/04/10 02:43:57 mouring Exp $
|
||||
$Id: ChangeLog,v 1.1091 2001/04/10 02:45:32 mouring Exp $
|
||||
|
|
25
ssh-add.c
25
ssh-add.c
|
@ -35,7 +35,7 @@
|
|||
*/
|
||||
|
||||
#include "includes.h"
|
||||
RCSID("$OpenBSD: ssh-add.c,v 1.32 2001/04/08 13:03:00 markus Exp $");
|
||||
RCSID("$OpenBSD: ssh-add.c,v 1.33 2001/04/09 15:12:23 markus Exp $");
|
||||
|
||||
#include <openssl/evp.h>
|
||||
|
||||
|
@ -55,6 +55,18 @@ extern char *__progname;
|
|||
char *__progname;
|
||||
#endif
|
||||
|
||||
/* we keep a cache of one passphrases */
|
||||
static char *pass = NULL;
|
||||
void
|
||||
clear_pass(void)
|
||||
{
|
||||
if (pass) {
|
||||
memset(pass, 0, strlen(pass));
|
||||
xfree(pass);
|
||||
pass = NULL;
|
||||
}
|
||||
}
|
||||
|
||||
void
|
||||
delete_file(AuthenticationConnection *ac, const char *filename)
|
||||
{
|
||||
|
@ -136,7 +148,7 @@ add_file(AuthenticationConnection *ac, const char *filename)
|
|||
{
|
||||
struct stat st;
|
||||
Key *private;
|
||||
char *comment = NULL, *askpass = NULL, *pass;
|
||||
char *comment = NULL, *askpass = NULL;
|
||||
char buf[1024], msg[1024];
|
||||
int interactive = isatty(STDIN_FILENO);
|
||||
|
||||
|
@ -155,7 +167,12 @@ add_file(AuthenticationConnection *ac, const char *filename)
|
|||
private = key_load_private(filename, "", &comment);
|
||||
if (comment == NULL)
|
||||
comment = xstrdup(filename);
|
||||
/* try last */
|
||||
if (private == NULL && pass != NULL)
|
||||
private = key_load_private(filename, pass, NULL);
|
||||
if (private == NULL) {
|
||||
/* clear passphrase since it did not work */
|
||||
clear_pass();
|
||||
printf("Need passphrase for %.200s\n", filename);
|
||||
if (!interactive && askpass == NULL) {
|
||||
xfree(comment);
|
||||
|
@ -175,10 +192,9 @@ add_file(AuthenticationConnection *ac, const char *filename)
|
|||
return;
|
||||
}
|
||||
private = key_load_private(filename, pass, &comment);
|
||||
memset(pass, 0, strlen(pass));
|
||||
xfree(pass);
|
||||
if (private != NULL)
|
||||
break;
|
||||
clear_pass();
|
||||
strlcpy(msg, "Bad passphrase, try again", sizeof msg);
|
||||
}
|
||||
}
|
||||
|
@ -280,6 +296,7 @@ main(int argc, char **argv)
|
|||
else
|
||||
add_file(ac, buf);
|
||||
}
|
||||
clear_pass();
|
||||
ssh_close_authentication_connection(ac);
|
||||
exit(0);
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue