aboutsummaryrefslogtreecommitdiffstats
path: root/agent/command-ssh.c (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* agent: Fix UPDATESTARTUPTTY for ssh.Werner Koch2014-03-071-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/command-ssh.c (setup_ssh_env): Fix env setting. -- gniibe reported this to gnupg-devel on 2012-07-04: [...] (2) UPDATESTARTUPTTY doesn't work to switch TTY for pinentry for SSH. [...] Current implementation: In the function start_command_handler_ssh, the logic puts priority on ctrl->session_env which is initialized by agent_init_default_ctrl. There are always GPG_TTY and TERM defined, because lines around 968 in gpg-agent.c, it says: /* Make sure that we have a default ttyname. */ While UPDATESTARTUPTTY updates opt.startup_env, it doesn't affect at all. Here is a patch to point the issue. Tested and works for me. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 9f5578c29adba6d4f7d3650121d07322c2f8d254)
* ssh: Add support for Putty.Werner Koch2014-03-071-0/+146
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/gpg-agent.c [W32]: Include Several Windows header. (opts): Change help text for enable-ssh-support. (opts, main): Add option --enable-putty-support (putty_support, PUTTY_IPC_MAGIC, PUTTY_IPC_MAXLEN): New for W32. (agent_init_default_ctrl): Add and asssert call. (putty_message_proc, putty_message_thread): New. (handle_connections) [W32]: Start putty message thread. * common/sysutils.c (w32_get_user_sid): New for W32 only * tools/gpgconf-comp.c (gc_options_gpg_agent): Add --enable-ssh-support and --enable-putty-support. Make the configuration group visible at basic level. * agent/command-ssh.c (serve_mmapped_ssh_request): New for W32 only. -- This patch enables support for Putty. It has been tested with Putty 0.62 using an Unix created ssh key copied to the private-keys-v1.d directory on Windows and with a manually crafted sshcontrol file. It also works with a smartcard key. May thanks to gniibe who implemented a proxy in Python to test the putty/gpg-agent communication. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit 9f32499f99a0817f63f7a73b09bdcebe60d4775d) Resolved conflicts: NEWS agent/agent.h agent/gpg-agent.c: Convert from pth to npth. common/sysutils.c common/sysutils.h
* agent: Fix binary vs. text mode problem in ssh.Werner Koch2014-03-071-32/+39
| | | | | | | | | | | | | | | | | | * agent/command-ssh.c (file_to_buffer) (ssh_handler_request_identities): Open streams in binary mode. (start_command_handler_ssh): Factor some code out to .. (setup_ssh_env): new function. -- This is for now a theoretical fix because there is no ssh client yet which uses the GnuPG style IPC. OpenSSL for Cygwin uses only a quite similar one. gniibe suggested to implement that IPC style in Libassuan so that a Cygwin version of OpenSSL may be used with GnuPG. Signed-off-by: Werner Koch <[email protected]> (cherry picked from commit ed056d67c7c93306b68829f83a2565e978dcfd9b) Also fixed one typo.
* Fix commit 04e2c83f.Werner Koch2013-08-281-1/+2
| | | | | * agent/command-ssh.c (stream_read_string): Do not assign to a NULL ptr.
* agent: Fix two compiler warnings.Werner Koch2013-08-281-0/+2
| | | | | | | | | | | | | | * agent/command.c (cmd_preset_passphrase, pinentry_loopback): Use %zu in format string. * scd/ccid-driver.c (ccid_get_atr): Ditto. * agent/command-ssh.c (stream_read_string): Init arg STRING_SIZE to avoid maybe_unitialized warning. -- Actually the first one might have been a problem on big endian machines. Signed-off-by: Werner Koch <[email protected]>
* agent: Extend cmd KEYINFO to return data from sshcontrol.Werner Koch2013-08-081-15/+95
| | | | | | | | | | | | | | | | | | | * agent/command-ssh.c (struct control_file_s): Rename to ssh_control_file_s. (ssh_open_control_file, ssh_close_control_file) (ssh_read_control_file, ssh_search_control_file): New. (control_file_t): Rename and move to ... * agent/agent.h (ssh_control_file_t): here. * agent/command.c (do_one_keyinfo): Add args is_ssh, ttl, disabled, and confirm. Rename unknown keytype indicator from '-' to 'X'. Extend output. (cmd_keyinfo): Add options --ssh-list and --with-ssh. -- This extension allows the development of frontends to manage the sshcontrol file. Signed-off-by: Werner Koch <[email protected]>
* Modernize two format string file name quotes.Werner Koch2013-06-271-2/+2
| | | | --
* Remove some unused variables.Werner Koch2013-02-221-0/+2
| | | | | | | * tools/gpgconf-comp.c (gc_process_gpgconf_conf): Remove unused used_components. * agent/command-ssh.c (ssh_signature_encoder_ecdsa): Mark unused arg. * g13/g13.c (main): Comment variable of yet unimplemented options.
* ssh: Support ECDSA keys.Werner Koch2012-12-121-96/+307
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * agent/command-ssh.c (SPEC_FLAG_IS_ECDSA): New. (struct ssh_key_type_spec): Add fields CURVE_NAME and HASH_ALGO. (ssh_key_types): Add types ecdsa-sha2-nistp{256,384,521}. (ssh_signature_encoder_t): Add arg spec and adjust all callers. (ssh_signature_encoder_ecdsa): New. (sexp_key_construct, sexp_key_extract, ssh_receive_key) (ssh_convert_key_to_blob): Support ecdsa. (ssh_identifier_from_curve_name): New. (ssh_send_key_public): Retrieve and pass the curve_name. (key_secret_to_public): Ditto. (data_sign): Add arg SPEC and change callers to pass it. (ssh_handler_sign_request): Get the hash algo from SPEC. * common/ssh-utils.c (get_fingerprint): Support ecdsa. * agent/protect.c (protect_info): Add flag ECC_HACK. (agent_protect): Allow the use of the "curve" parameter. * agent/t-protect.c (test_agent_protect): Add a test case for ecdsa. * agent/command-ssh.c (ssh_key_grip): Print a better error code. -- The 3 standard curves are now supported in gpg-agent's ssh-agent protocol implementation. I tested this with all 3 curves and keys generated by OpenSSH 5.9p1. Using existing non-ssh generated keys will likely fail for now. To fix this, the code should first undergo some more cleanup; then the fixes are pretty straightforward. And yes, the data structures are way too complicated.
* ssh: Rewrite a function for better maintainabilityWerner Koch2012-12-111-40/+41
| | | | | | | | * agent/command-ssh.c (ssh_signature_encoder_dsa): Rewrite. -- Using es_fopenmem instead of a preallocated buffer is safer and easier to read.
* ssh: Improve key lookup for many keys.Werner Koch2012-12-101-154/+166
| | | | | | | | | | | | | | | | | | | * agent/command-ssh.c: Remove dirent.h. (control_file_s): Add struct item. (rewind_control_file): New. (search_control_file): Factor code out to ... (read_control_file_item): New. (ssh_handler_request_identities): Change to iterate over entries in sshcontrol. -- Formerly we scanned the private key directory for matches of entries in sshcontrol. This patch changes it to scan the sshcontrol file and thus considers only keys configured there. The rationale for this is that it is common to have only a few ssh keys but many private keys. Even if that assumption does not hold true, the scanning of the sshcontrol file is faster than reading the directory and only then scanning the ssh control for each directory entry.
* ssh: Cleanup sshcontrol file access code.Werner Koch2012-12-101-61/+104
| | | | | | | | * agent/command-ssh.c (SSH_CONTROL_FILE_NAME): New macro to replace the direct use of the string. (struct control_file_s, control_file_t): New. (open_control_file, close_control_file): New. Use them instead of using fopen/fclose directly.
* Change all quotes in strings and comments to the new GNU standard.Werner Koch2012-06-051-6/+6
| | | | | | | | | | | | | | | | | | | The asymmetric quotes used by GNU in the past (`...') don't render nicely on modern systems. We now use two \x27 characters ('...'). The proper solution would be to use the correct Unicode symmetric quotes here. However this has the disadvantage that the system requires Unicode support. We don't want that today. If Unicode is available a generated po file can be used to output proper quotes. A simple sed script like the one used for en@quote is sufficient to change them. The changes have been done by applying sed -i "s/\`\([^'\`]*\)'/'\1'/g" to most files and fixing obvious problems by hand. The msgid strings in the po files were fixed with a similar command.
* Improve ssh card key diagnostic message.Werner Koch2011-11-281-2/+3
| | | | | | | * command-ssh.c (card_key_available): Change wording of no key diagnostic. (ssh_handler_request_identities): Do not call card_key_available if the scdaemon is disabled.
* Fixed set but unused variable bugsWerner Koch2011-08-101-2/+0
|
* Fix crash while reading unsupported ssh keys.Werner Koch2011-07-221-12/+6
| | | | | This bug was found by n-roeser at gmx.net (gnupg-devel@, msgid [email protected]).
* Support a confirm flag for ssh.Werner Koch2011-07-201-22/+133
| | | | | This implements the suggestion from bug#1349. With this change the fingerprint of the ssh key is also displayed in the pinentry prompts.
* Added gpg-agent OPTION "s2k-count".Ben Kibbey2011-06-291-1/+1
| | | | When unset or 0, the calibrated count will be used.
* Nuked almost all trailing white space.post-nuke-of-trailing-wsWerner Koch2011-02-041-62/+62
| | | | | | | | We better do this once and for all instead of cluttering all future commits with diffs of trailing white spaces. In the majority of cases blank or single lines are affected and thus this change won't disturb a git blame too much. For future commits the pre-commit scripts checks that this won't happen again.
* More agent support for gpg.Werner Koch2010-10-131-2/+2
|
* Exporting secret keys via gpg-agent is now basically supported.Werner Koch2010-10-011-2/+2
| | | | | | A couple of forward ported changes. Doc updates.
* s/CACHE_MODE_IMPGEN/CACHE_MODE_NONCE/.Werner Koch2010-09-011-1/+1
| | | | | Prepare for more use cases of the cache nonce.
* .Werner Koch2010-08-261-7/+5
|
* Whole lot of changes to support CE.Werner Koch2010-04-141-1/+2
|
* Merged jnlib into common.Werner Koch2010-03-101-1/+0
|
* Reworked passing of envars to Pinentry.Werner Koch2009-07-071-16/+28
|
* Fix bug #1053Werner Koch2009-05-151-12/+49
| | | | | Add option --qualitybar to command GET_PASSPHRASE.
* Marked all unused args on non-W32 platforms.Werner Koch2008-10-201-0/+15
|
* Fixed segv in gpg-agent (command marktrusted).Werner Koch2008-05-271-2/+2
| | | | | | Replaced almost all free by xfree. Translation fixes.
* Started to implement the audit log feature.Werner Koch2007-11-191-0/+4
| | | | | | | | Pass PINENTRY_USER_DATA and XAUTHORITY to Pinentry. Improved support for the quality bar. Minor internal restructuring. Translation fixes.
* 2007-10-15 Daiki Ueno <[email protected]> (wk)Werner Koch2007-10-151-3/+37
| | | | | | | | * command-ssh.c (reenter_compare_cb): New function; imported from genkey.c. (ssh_identity_register): Ask initial passphrase twice.
* Use Assuan socket wrapper calls.Werner Koch2007-10-011-5/+2
| | | | | Made socket servers secure under Windows.
* Changed to GPLv3.Werner Koch2007-07-041-4/+2
| | | | | Removed intl/.
* agent/Werner Koch2007-01-311-7/+15
| | | | | | | * command-ssh.c (stream_read_string): Initialize LENGTH to zero. (start_command_handler_ssh): Use es_fgetc/es_ungetc to check if EOF has been reached before trying to process another request.
* Made some PIN pads work.Werner Koch2006-11-201-25/+15
| | | | | Some cleanups for 64 bit CPUs.
* Preparing a new releasegnupg-1.9.90Werner Koch2006-09-251-2/+2
|
* Take advantage of newer gpg-error features.Werner Koch2006-09-141-40/+40
|
* Allow for 4k ssh keys and better error reporting.Werner Koch2006-08-291-0/+9
|
* Various smaller changesWerner Koch2006-06-271-11/+7
|
* Updated FSF's address.Werner Koch2006-06-201-2/+2
|
* 2006-04-09 Moritz Schulte <[email protected]>Moritz Schulte2006-04-091-5/+8
| | | | | | * command-ssh.c (ssh_request_process): Removed FIXME mentioning a possible DoS attack.
* 2006-04-01 Moritz Schulte <[email protected]>Moritz Schulte2006-04-011-3/+1
| | | | | | | * command-ssh.c (ssh_identity_register): Make KEY_GRIP_RAW be 20 instead of 21 bytes long; do not fill KEY_GRIP_RAW[20] with NUL byte - KEY_GRIP_RAW is a raw binary string anyway.
* Bug fixes and ssh support for the BELPIC.Werner Koch2005-09-091-21/+25
|
* (data_sign): Removed empty statement.Werner Koch2005-06-291-1/+1
|
* gcc-4 defaults forced me to edit many many files to get rid of theWerner Koch2005-06-161-42/+33
| | | | | | | char * vs. unsigned char * warnings. The GNU coding standards used to say that these mismatches are okay and better than a bunch of casts. Obviously this has changed now.
* New debugging optionhs, updates to the manual.Werner Koch2005-06-071-2/+3
|
* * call-scd.c (inq_needpin): Skip leading spaces in of PINWerner Koch2005-05-241-1/+1
| | | | | | | | | description. * divert-scd.c (getpin_cb): Enhanced to cope with description flags. * query.c (agent_askpin): Add arg PROMPT_TEXT. Changed all callers.
* 2005-05-05 Moritz Schulte <[email protected]>Moritz Schulte2005-05-051-31/+29
| | | | | | | * command-ssh.c: Use ssh_key_grip(), where gcry_pk_get_keygrip() has been used before. (ssh_handler_sign_request): Removed unusued variable P.
* 2005-05-05 Moritz Schulte <[email protected]>Moritz Schulte2005-05-051-38/+85
| | | | | | | * command-ssh.c (ssh_key_to_buffer): Rename to ... (ssh_key_to_protected_buffer): ... this; change callers. Improved documentation.
* 2005-04-20 Moritz Schulte <[email protected]>Moritz Schulte2005-04-201-3/+0
| | | | | | * command-ssh.c (ssh_handler_request_identities): Removed debugging code (sleep call), which was commited unintenionally.
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-13 20:05:30 +0000