diff options
| author | Markus Friedl <markus@cvs.openbsd.org> | 2001-06-26 20:14:13 +0000 |
|---|---|---|
| committer | Markus Friedl <markus@cvs.openbsd.org> | 2001-06-26 20:14:13 +0000 |
| commit | cd71233358ccaa760b0cfbdb5ce26e55bebf24de (patch) | |
| tree | 92c0983bda701891c5175c97cf1cc29525a30eac /usr.bin/ssh/ssh.c | |
| parent | 6eab76bf6a7b30806d7045c9baddbb078fecdf31 (diff) | |
add smartcard support to the client, too (now you can use both
the agent and the client).
Diffstat (limited to 'usr.bin/ssh/ssh.c')
| -rw-r--r-- | usr.bin/ssh/ssh.c | 49 |
1 files changed, 47 insertions, 2 deletions
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index c6f32ccf3a6..1b7c639bd40 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -39,7 +39,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: ssh.c,v 1.126 2001/06/23 15:12:21 itojun Exp $"); +RCSID("$OpenBSD: ssh.c,v 1.127 2001/06/26 20:14:11 markus Exp $"); #include <openssl/evp.h> #include <openssl/err.h> @@ -69,6 +69,11 @@ RCSID("$OpenBSD: ssh.c,v 1.126 2001/06/23 15:12:21 itojun Exp $"); #include "mac.h" #include "sshtty.h" +#ifdef SMARTCARD +#include <openssl/engine.h> +#include "scard.h" +#endif + extern char *__progname; /* Flag indicating whether IPv4 or IPv6. This can be set on the command line. @@ -138,6 +143,11 @@ Buffer command; /* Should we execute a command or invoke a subsystem? */ int subsystem_flag = 0; +#ifdef SMARTCARD +/* Smartcard reader id */ +int sc_reader_num = -1; +#endif + /* Prints a help message to the user. This function never returns. */ static void @@ -307,7 +317,7 @@ main(int ac, char **av) opt = av[optind][1]; if (!opt) usage(); - if (strchr("eilcmpbLRDo", opt)) { /* options with arguments */ + if (strchr("eilcmpbILRDo", opt)) { /* options with arguments */ optarg = av[optind] + 2; if (strcmp(optarg, "") == 0) { if (optind >= ac - 1) @@ -374,6 +384,13 @@ main(int ac, char **av) SSH_MAX_IDENTITY_FILES); options.identity_files[options.num_identity_files++] = xstrdup(optarg); break; + case 'I': +#ifdef SMARTCARD + sc_reader_num = atoi(optarg); +#else + fprintf(stderr, "no support for smartcards.\n"); +#endif + break; case 't': if (tty_flag) force_tty_flag = 1; @@ -1119,4 +1136,32 @@ load_public_identity_files(void) options.identity_files[i] = filename; options.identity_keys[i] = public; } +#ifdef SMARTCARD + if (sc_reader_num != -1 && + options.num_identity_files + 1 < SSH_MAX_IDENTITY_FILES && + (public = sc_get_key(sc_reader_num)) != NULL ) { + Key *new; + + /* XXX ssh1 vs ssh2 */ + new = key_new(KEY_RSA); + new->flags = KEY_FLAG_EXT; + BN_copy(new->rsa->n, public->rsa->n); + BN_copy(new->rsa->e, public->rsa->e); + RSA_set_method(new->rsa, sc_get_engine()); + i = options.num_identity_files++; + options.identity_keys[i] = new; + options.identity_files[i] = xstrdup("smartcard rsa key");; + + new = key_new(KEY_RSA1); + new->flags = KEY_FLAG_EXT; + BN_copy(new->rsa->n, public->rsa->n); + BN_copy(new->rsa->e, public->rsa->e); + RSA_set_method(new->rsa, sc_get_engine()); + i = options.num_identity_files++; + options.identity_keys[i] = new; + options.identity_files[i] = xstrdup("smartcard rsa1 key");; + + key_free(public); + } +#endif } |