- markus@cvs.openbsd.org 2002/06/15 00:01:36
[authfd.c authfd.h ssh-add.c ssh-agent.c]
break agent key lifetime protocol and allow other contraints for key
usage.
diff --git a/authfd.h b/authfd.h
index 263e4b9..e3ef6ff 100644
--- a/authfd.h
+++ b/authfd.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.h,v 1.26 2002/06/05 21:55:44 markus Exp $ */
+/* $OpenBSD: authfd.h,v 1.27 2002/06/15 00:01:36 markus Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -46,9 +46,11 @@
#define SSH_AGENTC_LOCK 22
#define SSH_AGENTC_UNLOCK 23
-/* set key lifetime */
-#define SSH_AGENTC_LIFETIME_IDENTITY1 24
-#define SSH_AGENTC_LIFETIME_IDENTITY 25
+/* constrain key usage */
+#define SSH_AGENTC_CONTRAIN_IDENTITY1 24
+#define SSH_AGENTC_CONTRAIN_IDENTITY 25
+
+#define SSH_AGENT_CONTRAIN_LIFETIME 1
/* extended failure messages */
#define SSH2_AGENT_FAILURE 30
@@ -73,7 +75,7 @@
Key *ssh_get_first_identity(AuthenticationConnection *, char **, int);
Key *ssh_get_next_identity(AuthenticationConnection *, char **, int);
int ssh_add_identity(AuthenticationConnection *, Key *, const char *);
-int ssh_lifetime_identity(AuthenticationConnection *, Key *, u_int);
+int ssh_contrain_identity(AuthenticationConnection *, Key *, u_int);
int ssh_remove_identity(AuthenticationConnection *, Key *);
int ssh_remove_all_identities(AuthenticationConnection *, int);
int ssh_lock_agent(AuthenticationConnection *, int, const char *);