[Bug 1506] rationalize agent behavior on smartcard removal/reattachment

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Wed Feb 4 05:23:14 EST 2009


https://bugzilla.mindrot.org/show_bug.cgi?id=1506


Daniel Kahn Gillmor <dkg at fifthhorseman.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
   Attachment #1561|0                           |1
        is obsolete|                            |




--- Comment #8 from Daniel Kahn Gillmor <dkg at fifthhorseman.net>  2009-02-04 05:23:13 ---
Created an attachment (id=1600)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=1600)
retry smartcard at most once on detached reader, and purge PIN and all
H/W keys from agent on failure

I've updated the attached patch with damien's fix.

I just spent a bit of time looking at the agent and the scard-opensc
code, and it's not clear to me how to reasonably move those later hunks
out of ssh-agent.c and into scard-opensc.c.   Please point out if i'm
missing something or misunderstanding something.

Basically, we'd need to do something like having one possible side
effect of the sc_sign() call be to disable the RSA* object (which
ssh-agent sees as identity.key.rsa).  How would such a disabling work? 
RSA_free() doesn't make sense, because it looks like we wouldn't be
able to propagate that information back to the Key structure, as it
holds the pointer to the RSA object which would be invalid after an
RSA_free().

Even if we can figure out how to invalidate a key in a safe way, we'd
then need to update not only the agent, but also all the other code
that ever calls key_sign() to be aware of the possibility that a side
effect of key_sign() could be the disabling of the passed Key object.

So my current preference is to leave the code in ssh-agent, though i
could probably be convinced otherwise if a good technique was
suggested.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list