- markus@cvs.openbsd.org 2001/08/01 22:03:33

[authfd.c authfd.h readconf.c readconf.h scard.c scard.h ssh-add.c
      ssh-agent.c ssh.c]
     use strings instead of ints for smartcard reader ids

ChangeLog

@@ -87,6 +87,10 @@
    - jakob@cvs.openbsd.org 2001/07/31 12:53:34
      [scard.c]
      close smartcard connection if card is missing
+   - markus@cvs.openbsd.org 2001/08/01 22:03:33
+     [authfd.c authfd.h readconf.c readconf.h scard.c scard.h ssh-add.c 
+      ssh-agent.c ssh.c]
+     use strings instead of ints for smartcard reader ids
 
 20010803
  - (djm) Fix interrupted read in entropy gatherer. Spotted by markus@ on
@@ -6197,4 +6201,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1448 2001/08/06 21:33:44 mouring Exp $
+$Id: ChangeLog,v 1.1449 2001/08/06 21:35:51 mouring Exp $

authfd.c

@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: authfd.c,v 1.42 2001/06/26 04:59:59 markus Exp $");
+RCSID("$OpenBSD: authfd.c,v 1.43 2001/08/01 22:03:33 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -535,7 +535,7 @@ ssh_remove_identity(AuthenticationConnection *auth, Key *key)
 }
 
 int
-ssh_update_card(AuthenticationConnection *auth, int add, int reader_id)
+ssh_update_card(AuthenticationConnection *auth, int add, const char *reader_id)
 {
 	Buffer msg;
 	int type;
@@ -543,7 +543,7 @@ ssh_update_card(AuthenticationConnection *auth, int add, int reader_id)
 	buffer_init(&msg);
 	buffer_put_char(&msg, add ? SSH_AGENTC_ADD_SMARTCARD_KEY :
 	    SSH_AGENTC_REMOVE_SMARTCARD_KEY);
-	buffer_put_int(&msg, reader_id);
+	buffer_put_cstring(&msg, reader_id);
 	if (ssh_request_reply(auth, &msg, &msg) == 0) {
 		buffer_free(&msg);
 		return 0;

authfd.h

@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: authfd.h,v 1.19 2001/06/26 17:27:22 markus Exp $"); */
+/* RCSID("$OpenBSD: authfd.h,v 1.20 2001/08/01 22:03:33 markus Exp $"); */
 
 #ifndef AUTHFD_H
 #define AUTHFD_H
@@ -62,9 +62,9 @@ int	 ssh_get_num_identities(AuthenticationConnection *, int);
 Key	*ssh_get_first_identity(AuthenticationConnection *, char **, int);
 Key	*ssh_get_next_identity(AuthenticationConnection *, char **, int);
 int	 ssh_add_identity(AuthenticationConnection *, Key *, const char *);
-int      ssh_remove_identity(AuthenticationConnection *, Key *);
+int	 ssh_remove_identity(AuthenticationConnection *, Key *);
 int	 ssh_remove_all_identities(AuthenticationConnection *, int);
-int	 ssh_update_card(AuthenticationConnection *, int, int);
+int	 ssh_update_card(AuthenticationConnection *, int, const char *);
 
 int
 ssh_decrypt_challenge(AuthenticationConnection *, Key *, BIGNUM *, u_char[16],

readconf.c

@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.85 2001/07/31 09:28:44 jakob Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.86 2001/08/01 22:03:33 markus Exp $");
 
 #include "ssh.h"
 #include "xmalloc.h"
@@ -470,8 +470,8 @@ parse_string:
 		goto parse_string;
 
 	case oSmartcardDevice:
-		intptr = &options->smartcard_device;
-		goto parse_int;
+		charptr = &options->smartcard_device;
+		goto parse_string;
 
 	case oProxyCommand:
 		charptr = &options->proxy_command;
@@ -777,7 +777,7 @@ initialize_options(Options * options)
 	options->log_level = (LogLevel) - 1;
 	options->preferred_authentications = NULL;
 	options->bind_address = NULL;
-	options->smartcard_device = -1;
+	options->smartcard_device = NULL;
 }
 
 /*

readconf.h

@@ -11,7 +11,7 @@
  * called by a name other than "ssh" or "Secure Shell".
  */
 
-/* RCSID("$OpenBSD: readconf.h,v 1.36 2001/07/31 09:28:44 jakob Exp $"); */
+/* RCSID("$OpenBSD: readconf.h,v 1.37 2001/08/01 22:03:33 markus Exp $"); */
 
 #ifndef READCONF_H
 #define READCONF_H
@@ -87,7 +87,7 @@ typedef struct {
 	char   *user_hostfile2;
 	char   *preferred_authentications;
 	char   *bind_address;	/* local socket address for connection to sshd */
-	int	smartcard_device; /* Smartcard reader device */
+	char   *smartcard_device; /* Smartcard reader device */
 
 	int     num_identity_files;	/* Number of files for RSA/DSA identities. */
 	char   *identity_files[SSH_MAX_IDENTITY_FILES];

scard.c

@@ -24,7 +24,7 @@
 
 #ifdef SMARTCARD
 #include "includes.h"
-RCSID("$OpenBSD: scard.c,v 1.10 2001/07/31 12:53:34 jakob Exp $");
+RCSID("$OpenBSD: scard.c,v 1.11 2001/08/01 22:03:33 markus Exp $");
 
 #include <openssl/engine.h>
 #include <sectok.h>
@@ -43,7 +43,7 @@ RCSID("$OpenBSD: scard.c,v 1.10 2001/07/31 12:53:34 jakob Exp $");
 #define MAX_BUF_SIZE 256
 
 static int sc_fd = -1;
-static int sc_reader_num = -1;
+static char *sc_reader_id = NULL;
 static int cla = 0x00;	/* class */
 
 /* interface to libsectok */
@@ -56,14 +56,14 @@ sc_open(void)
 	if (sc_fd >= 0)
 		return sc_fd;
 
-	sc_fd = sectok_open(sc_reader_num, STONOWAIT, &sw);
+	sc_fd = sectok_friendly_open(sc_reader_id, STONOWAIT, &sw);
 	if (sc_fd < 0) {
 		error("sectok_open failed: %s", sectok_get_sw(sw));
 		return SCARD_ERROR_FAIL;
 	}
 	if (! sectok_cardpresent(sc_fd)) {
-		debug("smartcard in reader %d not present, skipping",
-		    sc_reader_num);
+		debug("smartcard in reader %s not present, skipping",
+		    sc_reader_id);
 		sc_close();
 		return SCARD_ERROR_NOCARD;
 	}
@@ -326,12 +326,15 @@ sc_close(void)
 }
 
 Key *
-sc_get_key(int num)
+sc_get_key(const char *id)
 {
 	Key *k;
 	int status;
 
-	sc_reader_num = num;
+	if (sc_reader_id != NULL)
+		xfree(sc_reader_id);
+	sc_reader_id = xstrdup(id);
+
 	k = key_new(KEY_RSA);
 	if (k == NULL) {
 		return NULL;

scard.h

@@ -22,7 +22,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
-/* $OpenBSD: scard.h,v 1.5 2001/07/30 16:06:07 jakob Exp $ */
+/* $OpenBSD: scard.h,v 1.6 2001/08/01 22:03:33 markus Exp $ */
 
 #include <openssl/engine.h>
 
@@ -33,7 +33,7 @@
 #define SCARD_ERROR_NOCARD	-2
 #define SCARD_ERROR_APPLET	-3
 
-Key	*sc_get_key(int);
+Key	*sc_get_key(const char*);
 ENGINE	*sc_get_engine(void);
 void	 sc_close(void);
 

ssh-add.c

@@ -35,7 +35,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-add.c,v 1.43 2001/06/27 06:26:36 markus Exp $");
+RCSID("$OpenBSD: ssh-add.c,v 1.44 2001/08/01 22:03:33 markus Exp $");
 
 #include <openssl/evp.h>
 
@@ -150,13 +150,13 @@ add_file(AuthenticationConnection *ac, const char *filename)
 }
 
 static void
-update_card(AuthenticationConnection *ac, int add, int id)
+update_card(AuthenticationConnection *ac, int add, const char *id)
 {
 	if (ssh_update_card(ac, add, id))
-		fprintf(stderr, "Card %s: %d\n",
+		fprintf(stderr, "Card %s: %s\n",
 		     add ? "added" : "removed", id);
 	else
-		fprintf(stderr, "Could not %s card: %d\n",
+		fprintf(stderr, "Could not %s card: %s\n",
 		     add ? "add" : "remove", id);
 }
 
@@ -211,7 +211,8 @@ main(int argc, char **argv)
 	AuthenticationConnection *ac = NULL;
 	struct passwd *pw;
 	char buf[1024];
-	int i, ch, deleting = 0, sc_reader_num = -1;
+	char *sc_reader_id = NULL;
+	int i, ch, deleting = 0;
 
 	__progname = get_progname(argv[0]);
 	init_rng();
@@ -240,11 +241,11 @@ main(int argc, char **argv)
 			goto done;
 			break;
 		case 's':
-			sc_reader_num = atoi(optarg);
+			sc_reader_id = optarg;
 			break;
 		case 'e':
 			deleting = 1; 
-			sc_reader_num = atoi(optarg);
+			sc_reader_id = optarg;
 			break;
 		default:
 			usage();
@@ -254,8 +255,8 @@ main(int argc, char **argv)
 	}
 	argc -= optind;
 	argv += optind;
-	if (sc_reader_num != -1) {
-		update_card(ac, !deleting, sc_reader_num);
+	if (sc_reader_id != NULL) {
+		update_card(ac, !deleting, sc_reader_id);
 		goto done;
 	}
 	if (argc == 0) {

ssh-agent.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: ssh-agent.c,v 1.68 2001/07/20 14:46:11 markus Exp $	*/
+/*	$OpenBSD: ssh-agent.c,v 1.69 2001/08/01 22:03:33 markus Exp $	*/
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -36,7 +36,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.68 2001/07/20 14:46:11 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.69 2001/08/01 22:03:33 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/md5.h>
@@ -451,12 +451,13 @@ process_add_smartcard_key (SocketEntry *e)
 {
 	Idtab *tab;
 	Key *n = NULL, *k = NULL;
+	char *sc_reader_id = NULL;
 	int success = 0;
-	int sc_reader_num = 0;
 	
-	sc_reader_num = buffer_get_int(&e->input);
+	sc_reader_id = buffer_get_string(&e->input, NULL);
+	k = sc_get_key(sc_reader_id);
+	xfree(sc_reader_id);
 
-	k = sc_get_key(sc_reader_num);
 	if (k == NULL) {
 		error("sc_get_pubkey failed");
 		goto send;
@@ -510,11 +511,13 @@ process_remove_smartcard_key(SocketEntry *e)
 	Key *k = NULL, *private;
 	int idx;
 	int success = 0;
-	int sc_reader_num = 0;
+	char *sc_reader_id = NULL;
 
-	sc_reader_num = buffer_get_int(&e->input);
+	sc_reader_id = buffer_get_string(&e->input, NULL);
+	k = sc_get_key(sc_reader_id);
+	xfree(sc_reader_id);
 
-	if ((k = sc_get_key(sc_reader_num)) == NULL) {
+	if (k == NULL) {
 		error("sc_get_pubkey failed");
 	} else {
 		k->type = KEY_RSA1;

ssh.c

@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.132 2001/07/31 09:28:44 jakob Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.133 2001/08/01 22:03:33 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -372,7 +372,7 @@ again:
 			break;
 		case 'I':
 #ifdef SMARTCARD
-			options.smartcard_device = atoi(optarg);
+			options.smartcard_device = xstrdup(optarg);
 #else
 			fprintf(stderr, "no support for smartcards.\n");
 #endif
@@ -1151,7 +1151,7 @@ load_public_identity_files(void)
 	int i = 0;
 
 #ifdef SMARTCARD
-	if (options.smartcard_device >= 0 &&
+	if (options.smartcard_device != NULL &&
 	    options.num_identity_files + 1 < SSH_MAX_IDENTITY_FILES &&
 	    (public = sc_get_key(options.smartcard_device)) != NULL ) {
 		Key *new;