[Bug 1506] rationalize agent behavior on smartcard removal/reattachment
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Mon Feb 2 10:02:00 EST 2009
https://bugzilla.mindrot.org/show_bug.cgi?id=1506
--- Comment #6 from Damien Miller <djm at mindrot.org> 2009-02-02 10:01:59 ---
(From update of attachment 1561)
>diff -ruN openssh-5.1p1/scard-opensc.c openssh-5.1p1.dkg/scard-opensc.c
>--- openssh-5.1p1/scard-opensc.c 2007-03-12 16:35:39.000000000 -0400
>+++ openssh-5.1p1.dkg/scard-opensc.c 2008-08-19 21:35:31.000000000 -0400
>@@ -124,7 +121,9 @@
> struct sc_pkcs15_prkey_info *key;
> struct sc_pkcs15_object *pin_obj;
> struct sc_pkcs15_pin_info *pin;
>+ int detach_retry = 1;
>
>+ detachretry:
> priv = (struct sc_priv_data *) RSA_get_app_data(rsa);
> if (priv == NULL)
> return -1;
>@@ -162,6 +161,13 @@
> }
> pin = pin_obj->data;
> r = sc_lock(card);
>+ if (r == SC_ERROR_READER_DETACHED) {
Shouldn't this be (r == SC_ERROR_READER_DETACHED && detach_retry)
>diff -ruN openssh-5.1p1/ssh-agent.c openssh-5.1p1.dkg/ssh-agent.c
>--- openssh-5.1p1/ssh-agent.c 2008-07-04 09:10:49.000000000 -0400
>+++ openssh-5.1p1.dkg/ssh-agent.c 2008-08-21 11:49:47.000000000 -0400
>@@ -136,6 +136,11 @@
> /* Default lifetime (0 == forever) */
> static int lifetime = 0;
>
>+#ifdef SMARTCARD
>+/* forward declaration needed */
>+static void remove_all_smartcard_keys();
>+#endif /* SMARTCARD */
>+
> static void
> close_socket(SocketEntry *e)
> {
>@@ -330,8 +335,14 @@
> key = key_from_blob(blob, blen);
> if (key != NULL) {
> Identity *id = lookup_identity(key, 2);
>- if (id != NULL && (!id->confirm || confirm_key(id) == 0))
>+ if (id != NULL && (!id->confirm || confirm_key(id) == 0)) {
> ok = key_sign(id->key, &signature, &slen, data, dlen);
>+#ifdef SMARTCARD
>+ if ((ok != 0) && (id->key->flags &= KEY_FLAG_EXT)) {
>+ remove_all_smartcard_keys();
>+ }
>+#endif /* SMARTCARD */
Could this be moved into scard-opensc.c somehow?
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list