Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / c5b680018b1fbc58ad2316199693e2805dadf638^! / . / ssh.c
commitc5b680018b1fbc58ad2316199693e2805dadf638[log] [tgz]
authorBen Lindstrom <mouring@eviladmin.org>Wed Jul 04 04:52:03 2001 +0000
committerBen Lindstrom <mouring@eviladmin.org>Wed Jul 04 04:52:03 2001 +0000
treec01554c5d55ef51cc90b52dbc28c7513f75fc0bd
parenteb7a84c49e6248279ba130f8592bae356e7fb61e [diff] [blame]
   - markus@cvs.openbsd.org 2001/06/26 20:14:11
     [key.c key.h ssh.c sshconnect1.c sshconnect2.c]
     add smartcard support to the client, too (now you can use both
     the agent and the client).

diff --git a/ssh.c b/ssh.c
index 484e5de..a7fe140 100644
--- a/ssh.c
+++ b/ssh.c

@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.126 2001/06/23 15:12:21 itojun Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.127 2001/06/26 20:14:11 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -69,6 +69,11 @@
 #include "mac.h"
 #include "sshtty.h"
 
+#ifdef SMARTCARD
+#include <openssl/engine.h>
+#include "scard.h"
+#endif
+
 #ifdef HAVE___PROGNAME
 extern char *__progname;
 #else
@@ -146,6 +151,11 @@
 /* Should we execute a command or invoke a subsystem? */
 int subsystem_flag = 0;
 
+#ifdef SMARTCARD
+/* Smartcard reader id */
+int sc_reader_num = -1;
+#endif
+
 /* Prints a help message to the user.  This function never returns. */
 
 static void
@@ -320,7 +330,7 @@
 		opt = av[optind][1];
 		if (!opt)
 			usage();
-		if (strchr("eilcmpbLRDo", opt)) {   /* options with arguments */
+		if (strchr("eilcmpbILRDo", opt)) {   /* options with arguments */
 			optarg = av[optind] + 2;
 			if (strcmp(optarg, "") == 0) {
 				if (optind >= ac - 1)
@@ -387,6 +397,13 @@
 				    SSH_MAX_IDENTITY_FILES);
 			options.identity_files[options.num_identity_files++] = xstrdup(optarg);
 			break;
+		case 'I':
+#ifdef SMARTCARD
+			sc_reader_num = atoi(optarg);
+#else
+			fprintf(stderr, "no support for smartcards.\n");
+#endif
+			break;
 		case 't':
 			if (tty_flag)
 				force_tty_flag = 1;
@@ -1140,4 +1157,32 @@
 		options.identity_files[i] = filename;
 		options.identity_keys[i] = public;
 	}
+#ifdef SMARTCARD
+	if (sc_reader_num != -1 &&
+	    options.num_identity_files + 1 < SSH_MAX_IDENTITY_FILES &&
+	    (public = sc_get_key(sc_reader_num)) != NULL ) {
+		Key *new;
+
+		/* XXX ssh1 vs ssh2 */
+		new = key_new(KEY_RSA);
+		new->flags = KEY_FLAG_EXT;
+		BN_copy(new->rsa->n, public->rsa->n);
+		BN_copy(new->rsa->e, public->rsa->e);
+		RSA_set_method(new->rsa, sc_get_engine());
+		i = options.num_identity_files++;
+		options.identity_keys[i] = new;
+		options.identity_files[i] = xstrdup("smartcard rsa key");;
+
+		new = key_new(KEY_RSA1);
+		new->flags = KEY_FLAG_EXT;
+		BN_copy(new->rsa->n, public->rsa->n);
+		BN_copy(new->rsa->e, public->rsa->e);
+		RSA_set_method(new->rsa, sc_get_engine());
+		i = options.num_identity_files++;
+		options.identity_keys[i] = new;
+		options.identity_files[i] = xstrdup("smartcard rsa1 key");;
+
+		key_free(public);
+	}
+#endif
 }