add version 2 identities by default, too
mouring at etoh.eviladmin.org
mouring at etoh.eviladmin.org
Sun Jul 29 15:04:08 EST 2001
On Sun, 29 Jul 2001, Colin Walters wrote:
> [ I'm not subscribed to this list; please CC any followups to me as
> well ]
>
> When a user invokes "ssh-add" with no arguments, I think we should
> default to adding both version 1 and version 2 keys. Here's a patch
> against the source included with my Debian package of OpenSSH:
>
> walters at space-ghost:/usr/src/ssh/openssh-2.9p2$ diff -u ssh-add.c~ ssh-add.c
> --- ssh-add.c~ Thu Apr 19 16:33:08 2001
> +++ ssh-add.c Sat Jul 28 23:49:01 2001
> @@ -182,12 +182,63 @@
> printf("The agent has no identities.\n");
> }
>
> +void
> +add_default_identities(AuthenticationConnection *ac, int deleting)
> +{
> + char identity_name[1024];
> + char dsa_name[1024];
> + char rsa_name[1024];
> + struct passwd *pw = getpwuid(getuid());
> + snprintf(identity_name, sizeof identity_name, "%s/%s", pw->pw_dir, _PATH_SSH_CLIENT_IDENTITY);
> + snprintf(rsa_name, sizeof rsa_name, "%s/%s", pw->pw_dir, _PATH_SSH_CLIENT_ID_RSA);
> + snprintf(dsa_name, sizeof dsa_name, "%s/%s", pw->pw_dir, _PATH_SSH_CLIENT_ID_DSA);
Correct me if I'm wrong.. But this looks wrong.. Using pw before checking
to ensure it's valid?! That just seems like asking for trouble.
- Ben
> + if (!pw) {
> + fprintf(stderr, "No user found with uid %u\n",
> + (u_int)getuid());
> + ssh_close_authentication_connection(ac);
> + exit(1);
> + } else {
To me it the creation and population of those variables should be
here. Where you know at least the pw has been populated with something
that looks like data.
> + int identity_found = !access(identity_name, R_OK);
> + int rsa_found = !access(rsa_name, R_OK);
> + int dsa_found = !access(dsa_name, R_OK);
> +
[..]
- Ben
More information about the openssh-unix-dev
mailing list