diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2001-08-01 23:38:46 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2001-08-01 23:38:46 +0000 |
| commit | 7b38ac457864e829c3919b68173acb7fa795c009 (patch) | |
| tree | 384f3c97d5b72b4d20c2b71b839f469028ab7190 | |
| parent | 15782849294bca66b7ff91989ff3b2e7b9e63764 (diff) | |
support finish rsa keys.
free public keys after login -> call finish -> close smartcard.
| -rw-r--r-- | usr.bin/ssh/scard.c | 21 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh.c | 12 |
2 files changed, 30 insertions, 3 deletions
diff --git a/usr.bin/ssh/scard.c b/usr.bin/ssh/scard.c index 8b3abcfa09f..cfcd953bd95 100644 --- a/usr.bin/ssh/scard.c +++ b/usr.bin/ssh/scard.c @@ -24,7 +24,7 @@ #ifdef SMARTCARD #include "includes.h" -RCSID("$OpenBSD: scard.c,v 1.11 2001/08/01 22:03:33 markus Exp $"); +RCSID("$OpenBSD: scard.c,v 1.12 2001/08/01 23:38:45 markus Exp $"); #include <openssl/engine.h> #include <sectok.h> @@ -262,6 +262,20 @@ err: return (len >= 0 ? len : status); } +/* called on free */ + +static int (*orig_finish)(RSA *rsa) = NULL; + +static int +sc_finish(RSA *rsa) +{ + if (orig_finish) + orig_finish(rsa); + sc_close(); + return 1; +} + + /* engine for overloading private key operations */ static ENGINE *smart_engine = NULL; @@ -291,13 +305,16 @@ sc_get_engine(void) smart_rsa.rsa_priv_enc = sc_private_encrypt; smart_rsa.rsa_priv_dec = sc_private_decrypt; + /* save original */ + orig_finish = def->finish; + smart_rsa.finish = sc_finish; + /* just use the OpenSSL version */ smart_rsa.rsa_pub_enc = def->rsa_pub_enc; smart_rsa.rsa_pub_dec = def->rsa_pub_dec; smart_rsa.rsa_mod_exp = def->rsa_mod_exp; smart_rsa.bn_mod_exp = def->bn_mod_exp; smart_rsa.init = def->init; - smart_rsa.finish = def->finish; smart_rsa.flags = def->flags; smart_rsa.app_data = def->app_data; smart_rsa.rsa_sign = def->rsa_sign; diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 15bf3443785..6f20c7ba2a1 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.133 2001/08/01 22:03:33 markus Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.134 2001/08/01 23:38:45 markus Exp $"); #include <openssl/evp.h> #include <openssl/err.h> @@ -732,6 +732,16 @@ again: } xfree(sensitive_data.keys); } + for (i = 0; i < options.num_identity_files; i++) { + if (options.identity_files[i]) { + xfree(options.identity_files[i]); + options.identity_files[i] = NULL; + } + if (options.identity_keys[i]) { + key_free(options.identity_keys[i]); + options.identity_keys[i] = NULL; + } + } exit_status = compat20 ? ssh_session2() : ssh_session(); packet_close(); |