summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/ssh-add.c
diff options
context:
space:
mode:
authorMarkus Friedl <markus@cvs.openbsd.org>2001-04-09 15:12:24 +0000
committerMarkus Friedl <markus@cvs.openbsd.org>2001-04-09 15:12:24 +0000
commit295f645a9cc7960b5e6911e3852b8bfd697ebd9a (patch)
treebf53da6fd72282960affe3be8f061a3d38d4268f /usr.bin/ssh/ssh-add.c
parent648d41bfb77c17b8c18e45632d70edec2e087c54 (diff)
passphrase caching: ssh-add tries last passphrase, clears passphrase if
not successful and after last try. based on discussions with espie@, jakob@, ... and code from jakob@ and wolfgang@wsrcc.com
Diffstat (limited to 'usr.bin/ssh/ssh-add.c')
-rw-r--r--usr.bin/ssh/ssh-add.c25
1 files changed, 21 insertions, 4 deletions
diff --git a/usr.bin/ssh/ssh-add.c b/usr.bin/ssh/ssh-add.c
index 4831bf6991f..58cc26cfcc6 100644
--- a/usr.bin/ssh/ssh-add.c
+++ b/usr.bin/ssh/ssh-add.c
@@ -35,7 +35,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh-add.c,v 1.32 2001/04/08 13:03:00 markus Exp $");
+RCSID("$OpenBSD: ssh-add.c,v 1.33 2001/04/09 15:12:23 markus Exp $");
#include <openssl/evp.h>
@@ -49,6 +49,18 @@ RCSID("$OpenBSD: ssh-add.c,v 1.32 2001/04/08 13:03:00 markus Exp $");
#include "pathnames.h"
#include "readpass.h"
+/* we keep a cache of one passphrases */
+static char *pass = NULL;
+void
+clear_pass(void)
+{
+ if (pass) {
+ memset(pass, 0, strlen(pass));
+ xfree(pass);
+ pass = NULL;
+ }
+}
+
void
delete_file(AuthenticationConnection *ac, const char *filename)
{
@@ -130,7 +142,7 @@ add_file(AuthenticationConnection *ac, const char *filename)
{
struct stat st;
Key *private;
- char *comment = NULL, *askpass = NULL, *pass;
+ char *comment = NULL, *askpass = NULL;
char buf[1024], msg[1024];
int interactive = isatty(STDIN_FILENO);
@@ -149,7 +161,12 @@ add_file(AuthenticationConnection *ac, const char *filename)
private = key_load_private(filename, "", &comment);
if (comment == NULL)
comment = xstrdup(filename);
+ /* try last */
+ if (private == NULL && pass != NULL)
+ private = key_load_private(filename, pass, NULL);
if (private == NULL) {
+ /* clear passphrase since it did not work */
+ clear_pass();
printf("Need passphrase for %.200s\n", filename);
if (!interactive && askpass == NULL) {
xfree(comment);
@@ -169,10 +186,9 @@ add_file(AuthenticationConnection *ac, const char *filename)
return;
}
private = key_load_private(filename, pass, &comment);
- memset(pass, 0, strlen(pass));
- xfree(pass);
if (private != NULL)
break;
+ clear_pass();
strlcpy(msg, "Bad passphrase, try again", sizeof msg);
}
}
@@ -271,6 +287,7 @@ main(int argc, char **argv)
else
add_file(ac, buf);
}
+ clear_pass();
ssh_close_authentication_connection(ac);
exit(0);
}