diff options
Diffstat (limited to 'net-misc/openssh/files/openssh-3.9_p1-opensc.patch')
| -rw-r--r-- | net-misc/openssh/files/openssh-3.9_p1-opensc.patch | 130 |
1 files changed, 0 insertions, 130 deletions
diff --git a/net-misc/openssh/files/openssh-3.9_p1-opensc.patch b/net-misc/openssh/files/openssh-3.9_p1-opensc.patch deleted file mode 100644 index c81dcc9..0000000 --- a/net-misc/openssh/files/openssh-3.9_p1-opensc.patch +++ /dev/null @@ -1,130 +0,0 @@ -http://bugs.gentoo.org/43593 -http://bugzilla.mindrot.org/show_bug.cgi?id=608 - -Index: scard-opensc.c -=================================================================== -RCS file: /cvs/openssh/scard-opensc.c,v -retrieving revision 1.12 ---- scard-opensc.c -+++ scard-opensc.c -@@ -38,6 +38,8 @@ - #include "readpass.h" - #include "scard.h" - -+int ask_for_pin=0; -+ - #if OPENSSL_VERSION_NUMBER < 0x00907000L && defined(CRYPTO_LOCK_ENGINE) - #define USE_ENGINE - #define RSA_get_default_method RSA_get_default_openssl_method -@@ -119,6 +121,7 @@ - struct sc_pkcs15_prkey_info *key; - struct sc_pkcs15_object *pin_obj; - struct sc_pkcs15_pin_info *pin; -+ char *passphrase = NULL; - - priv = (struct sc_priv_data *) RSA_get_app_data(rsa); - if (priv == NULL) -@@ -156,24 +159,47 @@ - goto err; - } - pin = pin_obj->data; -+ -+ if (sc_pin) -+ passphrase = sc_pin; -+ else if (ask_for_pin) { -+ /* we need a pin but don't have one => ask for the pin */ -+ char prompt[64]; -+ -+ snprintf(prompt, sizeof(prompt), "Enter PIN for %s: ", -+ key_obj->label ? key_obj->label : "smartcard key"); -+ passphrase = read_passphrase(prompt, 0); -+ if (!passphrase || !strcmp(passphrase, "")) -+ goto err; -+ } else -+ /* no pin => error */ -+ goto err; -+ - r = sc_lock(card); - if (r) { - error("Unable to lock smartcard: %s", sc_strerror(r)); - goto err; - } -- if (sc_pin != NULL) { -- r = sc_pkcs15_verify_pin(p15card, pin, sc_pin, -- strlen(sc_pin)); -- if (r) { -- sc_unlock(card); -- error("PIN code verification failed: %s", -- sc_strerror(r)); -- goto err; -- } -+ r = sc_pkcs15_verify_pin(p15card, pin, passphrase, -+ strlen(passphrase)); -+ if (r) { -+ sc_unlock(card); -+ error("PIN code verification failed: %s", -+ sc_strerror(r)); -+ goto err; - } -+ - *key_obj_out = key_obj; -+ if (!sc_pin) { -+ memset(passphrase, 0, strlen(passphrase)); -+ xfree(passphrase); -+ } - return 0; - err: -+ if (!sc_pin && passphrase) { -+ memset(passphrase, 0, strlen(passphrase)); -+ xfree(passphrase); -+ } - sc_close(); - return -1; - } -Index: scard.c -=================================================================== -RCS file: /cvs/openssh/scard.c,v -retrieving revision 1.27 ---- scard.c -+++ scard.c -@@ -35,6 +35,9 @@ - #include "readpass.h" - #include "scard.h" - -+/* currently unused */ -+int ask_for_pin = 0; -+ - #if OPENSSL_VERSION_NUMBER < 0x00907000L - #define USE_ENGINE - #define RSA_get_default_method RSA_get_default_openssl_method -Index: scard.h -=================================================================== -RCS file: /cvs/openssh/scard.h,v -retrieving revision 1.10 ---- scard.h -+++ scard.h -@@ -33,6 +33,8 @@ - #define SCARD_ERROR_NOCARD -2 - #define SCARD_ERROR_APPLET -3 - -+extern int ask_for_pin; -+ - Key **sc_get_keys(const char *, const char *); - void sc_close(void); - int sc_put_key(Key *, const char *); -Index: ssh.c -=================================================================== -RCS file: /cvs/openssh/ssh.c,v -retrieving revision 1.180 ---- ssh.c -+++ ssh.c -@@ -1155,6 +1155,9 @@ - #ifdef SMARTCARD - Key **keys; - -+ if (!options.batch_mode) -+ ask_for_pin = 1; -+ - if (options.smartcard_device != NULL && - options.num_identity_files < SSH_MAX_IDENTITY_FILES && - (keys = sc_get_keys(options.smartcard_device, NULL)) != NULL ) { |