diff options
| author | Justus Winter <[email protected]> | 2016-07-19 14:48:38 +0000 |
|---|---|---|
| committer | Justus Winter <[email protected]> | 2016-07-19 14:51:16 +0000 |
| commit | 270f7f7b8b235cc93516566702e2a1d256605cca (patch) | |
| tree | 1a37d670acc906711322cf7e2cde1d7a43f167ae /agent/command-ssh.c | |
| parent | tests: Add test for ssh support. (diff) | |
| download | gnupg-270f7f7b8b235cc93516566702e2a1d256605cca.tar.gz gnupg-270f7f7b8b235cc93516566702e2a1d256605cca.zip | |
agent: Add known keys to sshcontrol.
* agent/command-ssh.c (ssh_identity_register): Add a key to sshcontrol
even if it is already in the private key store.
* tests/openpgp/ssh.scm: Test this.
GnuPG-bug-id: 2316
Signed-off-by: Justus Winter <[email protected]>
Diffstat (limited to 'agent/command-ssh.c')
| -rw-r--r-- | agent/command-ssh.c | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/agent/command-ssh.c b/agent/command-ssh.c index e3cd4b9b8..48f1b3d45 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -3152,8 +3152,8 @@ reenter_compare_cb (struct pin_entry_info_s *pi) /* Store the ssh KEY into our local key storage and protect it after asking for a passphrase. Cache that passphrase. TTL is the maximum caching time for that key. If the key already exists in - our key storage, don't do anything. When entering a new key also - add an entry to the sshcontrol file. */ + our key storage, don't do anything. When entering a key also add + an entry to the sshcontrol file. */ static gpg_error_t ssh_identity_register (ctrl_t ctrl, ssh_key_type_spec_t *spec, gcry_sexp_t key, int ttl, int confirm) @@ -3175,15 +3175,17 @@ ssh_identity_register (ctrl_t ctrl, ssh_key_type_spec_t *spec, if (err) goto out; - /* Check whether the key is already in our key storage. Don't do - anything then. */ - if ( !agent_key_available (key_grip_raw) ) - goto out; /* Yes, key is available. */ + bin2hex (key_grip_raw, 20, key_grip); err = ssh_get_fingerprint_string (key, &key_fpr); if (err) goto out; + /* Check whether the key is already in our key storage. Don't do + anything then besides (re-)adding it to sshcontrol. */ + if ( !agent_key_available (key_grip_raw) ) + goto key_exists; /* Yes, key is available. */ + err = ssh_key_extract_comment (key, &comment); if (err) goto out; @@ -3249,11 +3251,11 @@ ssh_identity_register (ctrl_t ctrl, ssh_key_type_spec_t *spec, goto out; /* Cache this passphrase. */ - bin2hex (key_grip_raw, 20, key_grip); err = agent_put_cache (key_grip, CACHE_MODE_SSH, pi->pin, ttl); if (err) goto out; + key_exists: /* And add an entry to the sshcontrol file. */ err = add_control_entry (ctrl, spec, key_grip, key_fpr, ttl, confirm); |