diff options
| author | Damien Miller <djm@mindrot.org> | 2011-05-05 14:17:18 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2011-05-05 14:17:18 +1000 |
| commit | 2ce12ef1ac96c47b386168459cf7264fdc6faf95 (patch) | |
| tree | f22a2364e250199fc1c83504b8489a37665c3607 /ssh-add.c | |
| parent | 8cb1cda1e3a24c6f73b96822f36762c1c80ae147 (diff) | |
- djm@cvs.openbsd.org 2011/05/04 21:15:29
[authfile.c authfile.h ssh-add.c]
allow "ssh-add - < key"; feedback and ok markus@
Diffstat (limited to 'ssh-add.c')
| -rw-r--r-- | ssh-add.c | 33 |
1 files changed, 25 insertions, 8 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.100 2010/08/31 12:33:38 djm Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.101 2011/05/04 21:15:29 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -145,8 +145,12 @@ add_file(AuthenticationConnection *ac, const char *filename) char *comment = NULL; char msg[1024], *certpath; int fd, perms_ok, ret = -1; + Buffer keyblob; - if ((fd = open(filename, O_RDONLY)) < 0) { + if (strcmp(filename, "-") == 0) { + fd = STDIN_FILENO; + filename = "(stdin)"; + } else if ((fd = open(filename, O_RDONLY)) < 0) { perror(filename); return -1; } @@ -155,18 +159,28 @@ add_file(AuthenticationConnection *ac, const char *filename) * Since we'll try to load a keyfile multiple times, permission errors * will occur multiple times, so check perms first and bail if wrong. */ - perms_ok = key_perm_ok(fd, filename); - close(fd); - if (!perms_ok) + if (fd != STDIN_FILENO) { + perms_ok = key_perm_ok(fd, filename); + if (!perms_ok) { + close(fd); + return -1; + } + } + buffer_init(&keyblob); + if (!key_load_file(fd, filename, &keyblob)) { + buffer_free(&keyblob); + close(fd); return -1; + } + close(fd); /* At first, try empty passphrase */ - private = key_load_private(filename, "", &comment); + private = key_parse_private(&keyblob, filename, "", &comment); if (comment == NULL) comment = xstrdup(filename); /* try last */ if (private == NULL && pass != NULL) - private = key_load_private(filename, pass, NULL); + private = key_parse_private(&keyblob, filename, pass, NULL); if (private == NULL) { /* clear passphrase since it did not work */ clear_pass(); @@ -177,9 +191,11 @@ add_file(AuthenticationConnection *ac, const char *filename) if (strcmp(pass, "") == 0) { clear_pass(); xfree(comment); + buffer_free(&keyblob); return -1; } - private = key_load_private(filename, pass, &comment); + private = key_parse_private(&keyblob, filename, pass, + &comment); if (private != NULL) break; clear_pass(); @@ -187,6 +203,7 @@ add_file(AuthenticationConnection *ac, const char *filename) "Bad passphrase, try again for %.200s: ", comment); } } + buffer_free(&keyblob); if (ssh_add_identity_constrained(ac, private, comment, lifetime, confirm)) { |