patch for ssh-agent force confirm keys

[catam]

Hi all

Patch adds flag -C to ssh-agent which will force
confirmation for any key added in agent (similar
to ssh-add -c)
Helps when forwarded agent authentication is used and
each key should be confirmed before use


catam


--- ssh-agent.c 2006-08-28 14:02:12.000000000 +0300
+++ ssh-agent.c.orig    2006-08-28 13:36:05.000000000 +0300
@@ -111,9 +111,6 @@
  /* Default lifetime (0 == forever) */
  static int lifetime = 0;

-/* global confirm */
-static int confirm = 0;
-
  static void
  close_socket(SocketEntry *e)
  {
@@ -246,7 +243,7 @@
                 goto failure;

         id = lookup_identity(key, 1);
-       if (id != NULL && ((!confirm && !id->confirm) || confirm_key(id) == 0)) {
+       if (id != NULL && (!id->confirm || confirm_key(id) == 0)) {
                 Key *private = id->key;
                 /* Decrypt the challenge using the private key. */
                 if (rsa_private_decrypt(challenge, challenge, private->rsa) <= 0)
@@ -306,7 +303,7 @@
         key = key_from_blob(blob, blen);
         if (key != NULL) {
                 Identity *id = lookup_identity(key, 2);
-               if (id != NULL && ((!confirm && !id->confirm) || confirm_key(id) == 0))
+               if (id != NULL && (!id->confirm || confirm_key(id) == 0))
                         ok = key_sign(id->key, &signature, &slen, data, 
dlen);
         }
         key_free(key);
@@ -1029,7 +1026,7 @@
         init_rng();
         seed_rng();

-       while ((ch = getopt(ac, av, "Ccdksa:t:")) != -1) {
+       while ((ch = getopt(ac, av, "cdksa:t:")) != -1) {
                 switch (ch) {
                 case 'c':
                         if (s_flag)
@@ -1058,9 +1055,6 @@
                                 usage();
                         }
                         break;
-      case 'C':
-         confirm = 1;
-         break;
                 default:
                         usage();
                 }