diff options
| author | Kenny Root <kenny@the-b.org> | 2009-06-26 08:36:12 +0000 |
|---|---|---|
| committer | Kenny Root <kenny@the-b.org> | 2009-06-26 08:36:12 +0000 |
| commit | 6ace5e865f2d385b7ac5e78020584bdff4057840 (patch) | |
| tree | 891a84935edf8ce200ad8d3559ba52059668213e | |
| parent | 6e628c5b4b6176f5e287ca7a2c2a5cee2005602a (diff) | |
| download | sshlib-6ace5e865f2d385b7ac5e78020584bdff4057840.tar.gz sshlib-6ace5e865f2d385b7ac5e78020584bdff4057840.tar.bz2 sshlib-6ace5e865f2d385b7ac5e78020584bdff4057840.zip | |
Add confirm-use and lifetime constraints to individual pubkeys
git-svn-id: https://connectbot.googlecode.com/svn/trunk/connectbot@334 df292f66-193f-0410-a5fc-6d59da041ff2
| -rw-r--r-- | lib/src/main/java/com/trilead/ssh2/AuthAgentCallback.java | 4 | ||||
| -rw-r--r-- | lib/src/main/java/com/trilead/ssh2/channel/AuthAgentForwardThread.java | 27 |
2 files changed, 27 insertions, 4 deletions
diff --git a/lib/src/main/java/com/trilead/ssh2/AuthAgentCallback.java b/lib/src/main/java/com/trilead/ssh2/AuthAgentCallback.java index ffc3020..c395198 100644 --- a/lib/src/main/java/com/trilead/ssh2/AuthAgentCallback.java +++ b/lib/src/main/java/com/trilead/ssh2/AuthAgentCallback.java @@ -20,9 +20,11 @@ public interface AuthAgentCallback { * containing a DSA or RSA private key of * the user in Trilead object format. * @param comment comment associated with this key + * @param confirmUse whether to prompt before using this key + * @param lifetime lifetime in seconds for key to be remembered * @return success or failure */ - boolean addIdentity(Object key, String comment); + boolean addIdentity(Object key, String comment, boolean confirmUse, int lifetime); /** * @param publicKey byte blob containing the OpenSSH-format encoded public key diff --git a/lib/src/main/java/com/trilead/ssh2/channel/AuthAgentForwardThread.java b/lib/src/main/java/com/trilead/ssh2/channel/AuthAgentForwardThread.java index 1c6be84..b4ab108 100644 --- a/lib/src/main/java/com/trilead/ssh2/channel/AuthAgentForwardThread.java +++ b/lib/src/main/java/com/trilead/ssh2/channel/AuthAgentForwardThread.java @@ -129,7 +129,10 @@ public class AuthAgentForwardThread extends Thread implements IChannelWorkerThre sendIdentities(); break; case SSH2_AGENTC_ADD_IDENTITY: - addIdentity(tr); + addIdentity(tr, false); + break; + case SSH2_AGENTC_ADD_ID_CONSTRAINED: + addIdentity(tr, true); break; case SSH2_AGENTC_REMOVE_IDENTITY: removeIdentity(tr); @@ -240,7 +243,7 @@ public class AuthAgentForwardThread extends Thread implements IChannelWorkerThre /** * @param tr */ - private void addIdentity(TypesReader tr) { + private void addIdentity(TypesReader tr, boolean checkConstraints) { try { if (failWhenLocked()) @@ -275,7 +278,25 @@ public class AuthAgentForwardThread extends Thread implements IChannelWorkerThre return; } - if (authAgent.addIdentity(key, comment)) + boolean confirmUse = false; + int lifetime = 0; + + if (checkConstraints) { + while (tr.remain() > 0) { + int constraint = tr.readByte(); + if (constraint == SSH_AGENT_CONSTRAIN_CONFIRM) + confirmUse = true; + else if (constraint == SSH_AGENT_CONSTRAIN_LIFETIME) + lifetime = tr.readUINT32(); + else { + // Unknown constraint. Bail. + os.write(SSH_AGENT_FAILURE); + return; + } + } + } + + if (authAgent.addIdentity(key, comment, confirmUse, lifetime)) os.write(SSH_AGENT_SUCCESS); else os.write(SSH_AGENT_FAILURE); |