#include <errno.h>
#include <assert.h>
#include <signal.h>
+#include <ctype.h>
#include <sys/types.h>
#include <sys/wait.h>
+#include <fcntl.h>
#include <unistd.h>
#define PUTTY_DO_GLOBALS /* actually _define_ globals */
SockAddr unix_sock_addr(const char *path);
Socket new_unix_listener(SockAddr listenaddr, Plug plug);
-void fatalbox(char *p, ...)
+void fatalbox(const char *p, ...)
{
va_list ap;
fprintf(stderr, "FATAL ERROR: ");
fputc('\n', stderr);
exit(1);
}
-void modalfatalbox(char *p, ...)
+void modalfatalbox(const char *p, ...)
{
va_list ap;
fprintf(stderr, "FATAL ERROR: ");
fputc('\n', stderr);
exit(1);
}
-void nonfatal(char *p, ...)
+void nonfatal(const char *p, ...)
{
va_list ap;
fprintf(stderr, "ERROR: ");
va_end(ap);
fputc('\n', stderr);
}
-void connection_fatal(void *frontend, char *p, ...)
+void connection_fatal(void *frontend, const char *p, ...)
{
va_list ap;
fprintf(stderr, "FATAL ERROR: ");
fputc('\n', stderr);
exit(1);
}
-void cmdline_error(char *p, ...)
+void cmdline_error(const char *p, ...)
{
va_list ap;
fprintf(stderr, "pageant: ");
* In Pageant our selects are synchronous, so these functions are
* empty stubs.
*/
-int uxsel_input_add(int fd, int rwx) { return 0; }
-void uxsel_input_remove(int id) { }
+uxsel_id *uxsel_input_add(int fd, int rwx) { return NULL; }
+void uxsel_input_remove(uxsel_id *id) { }
/*
* More stubs.
*/
-void logevent(void *frontend, const char *string) {}
void random_save_seed(void) {}
void random_destroy_seed(void) {}
void noise_ultralight(unsigned long data) {}
FontSpec *platform_default_fontspec(const char *name) { return fontspec_new(""); }
Filename *platform_default_filename(const char *name) { return filename_from_str(""); }
char *x_get_default(const char *key) { return NULL; }
-void old_keyfile_warning(void) {}
-void timer_change_notify(unsigned long next) {}
+void log_eventlog(void *handle, const char *event) {}
+int from_backend(void *frontend, int is_stderr, const char *data, int datalen)
+{ assert(!"only here to satisfy notional call from backend_socket_log"); }
/*
* Short description of parameters.
{
printf("Pageant: SSH agent\n");
printf("%s\n", ver);
- printf("FIXME\n");
+ printf("Usage: pageant <lifetime> [key files]\n");
+ printf(" pageant [key files] --exec <command> [args]\n");
+ printf(" pageant -a [key files]\n");
+ printf(" pageant -d [key identifiers]\n");
+ printf(" pageant --public [key identifiers]\n");
+ printf(" pageant --public-openssh [key identifiers]\n");
+ printf(" pageant -l\n");
+ printf(" pageant -D\n");
+ printf("Lifetime options, for running Pageant as an agent:\n");
+ printf(" -X run with the lifetime of the X server\n");
+ printf(" -T run with the lifetime of the controlling tty\n");
+ printf(" --permanent run permanently\n");
+ printf(" --debug run in debugging mode, without forking\n");
+ printf(" --exec <command> run with the lifetime of that command\n");
+ printf("Client options, for talking to an existing agent:\n");
+ printf(" -a add key(s) to the existing agent\n");
+ printf(" -l list currently loaded key fingerprints and comments\n");
+ printf(" --public print public keys in RFC 4716 format\n");
+ printf(" --public-openssh print public keys in OpenSSH format\n");
+ printf(" -d delete key(s) from the agent\n");
+ printf(" -D delete all keys from the agent\n");
+ printf("Other options:\n");
+ printf(" -v verbose mode (in agent mode)\n");
+ printf(" -s -c force POSIX or C shell syntax (in agent mode)\n");
exit(1);
}
static void version(void)
{
- printf("pageant: %s\n", ver);
- exit(1);
+ char *buildinfo_text = buildinfo("\n");
+ printf("pageant: %s\n%s\n", ver, buildinfo_text);
+ sfree(buildinfo_text);
+ exit(0);
}
void keylist_update(void)
const char *const appname = "Pageant";
-char *platform_get_x_display(void) {
- return dupstr(getenv("DISPLAY"));
-}
-
static int time_to_die = FALSE;
/* Stub functions to permit linking against x11fwd.c. These never get
};
char *socketname;
+static enum { SHELL_AUTO, SHELL_SH, SHELL_CSH } shell_type = SHELL_AUTO;
void pageant_print_env(int pid)
{
- printf("SSH_AUTH_SOCK=%s; export SSH_AUTH_SOCK;\n"
- "SSH_AGENT_PID=%d; export SSH_AGENT_PID;\n",
- socketname, (int)pid);
+ if (shell_type == SHELL_AUTO) {
+ /* Same policy as OpenSSH: if $SHELL ends in "csh" then assume
+ * it's csh-shaped. */
+ const char *shell = getenv("SHELL");
+ if (shell && strlen(shell) >= 3 &&
+ !strcmp(shell + strlen(shell) - 3, "csh"))
+ shell_type = SHELL_CSH;
+ else
+ shell_type = SHELL_SH;
+ }
+
+ /*
+ * These shell snippets could usefully pay some attention to
+ * escaping of interesting characters. I don't think it causes a
+ * problem at the moment, because the pathnames we use are so
+ * utterly boring, but it's a lurking bug waiting to happen once
+ * a bit more flexibility turns up.
+ */
+
+ switch (shell_type) {
+ case SHELL_SH:
+ printf("SSH_AUTH_SOCK=%s; export SSH_AUTH_SOCK;\n"
+ "SSH_AGENT_PID=%d; export SSH_AGENT_PID;\n",
+ socketname, pid);
+ break;
+ case SHELL_CSH:
+ printf("setenv SSH_AUTH_SOCK %s;\n"
+ "setenv SSH_AGENT_PID %d;\n",
+ socketname, pid);
+ break;
+ case SHELL_AUTO:
+ assert(0 && "Can't get here");
+ break;
+ }
}
-void pageant_fork_and_print_env(void)
+void pageant_fork_and_print_env(int retain_tty)
{
pid_t pid = fork();
if (pid == -1) {
}
close(0);
close(1);
- setsid();
+ if (retain_tty) {
+ /* Get out of our previous process group, to avoid being
+ * blasted by passing signals. But keep our controlling tty,
+ * so we can keep checking to see if we still have one. */
+ setpgrp();
+ } else {
+ /* Do that, but also leave our entire session and detach from
+ * the controlling tty (if any). */
+ setsid();
+ }
}
int signalpipe[2];
/* not much we can do about it */;
}
-int main(int argc, char **argv)
+#define TTY_LIFE_POLL_INTERVAL (TICKSPERSEC * 30)
+void *dummy_timer_ctx;
+static void tty_life_timer(void *ctx, unsigned long now)
{
- int *fdlist;
- int fd;
- int i, fdcount, fdsize, fdstate;
- int errors;
- unsigned long now;
- char *username, *socketdir;
- const char *err;
- struct pageant_listen_state *pl;
- Socket sock;
- enum {
- LIFE_UNSPEC, LIFE_X11, LIFE_DEBUG, LIFE_PERM, LIFE_EXEC
- } life = LIFE_UNSPEC;
- const char *display = NULL;
- int doing_opts = TRUE;
- char **exec_args = NULL;
- int termination_pid = -1;
- Conf *conf;
+ schedule_timer(TTY_LIFE_POLL_INTERVAL, tty_life_timer, &dummy_timer_ctx);
+}
- fdlist = NULL;
- fdcount = fdsize = 0;
- errors = FALSE;
+typedef enum {
+ KEYACT_AGENT_LOAD,
+ KEYACT_CLIENT_ADD,
+ KEYACT_CLIENT_DEL,
+ KEYACT_CLIENT_DEL_ALL,
+ KEYACT_CLIENT_LIST,
+ KEYACT_CLIENT_PUBLIC_OPENSSH,
+ KEYACT_CLIENT_PUBLIC
+} keyact;
+struct cmdline_key_action {
+ struct cmdline_key_action *next;
+ keyact action;
+ const char *filename;
+};
+
+int is_agent_action(keyact action)
+{
+ return action == KEYACT_AGENT_LOAD;
+}
+
+struct cmdline_key_action *keyact_head = NULL, *keyact_tail = NULL;
+
+void add_keyact(keyact action, const char *filename)
+{
+ struct cmdline_key_action *a = snew(struct cmdline_key_action);
+ a->action = action;
+ a->filename = filename;
+ a->next = NULL;
+ if (keyact_tail)
+ keyact_tail->next = a;
+ else
+ keyact_head = a;
+ keyact_tail = a;
+}
+
+int have_controlling_tty(void)
+{
+ int fd = open("/dev/tty", O_RDONLY);
+ if (fd < 0) {
+ if (errno != ENXIO) {
+ perror("/dev/tty: open");
+ exit(1);
+ }
+ return FALSE;
+ } else {
+ close(fd);
+ return TRUE;
+ }
+}
+
+char **exec_args = NULL;
+enum {
+ LIFE_UNSPEC, LIFE_X11, LIFE_TTY, LIFE_DEBUG, LIFE_PERM, LIFE_EXEC
+} life = LIFE_UNSPEC;
+const char *display = NULL;
+
+static char *askpass(const char *comment)
+{
+ if (have_controlling_tty()) {
+ int ret;
+ prompts_t *p = new_prompts(NULL);
+ p->to_server = FALSE;
+ p->name = dupstr("Pageant passphrase prompt");
+ add_prompt(p,
+ dupprintf("Enter passphrase to load key '%s': ", comment),
+ FALSE);
+ ret = console_get_userpass_input(p, NULL, 0);
+ assert(ret >= 0);
+
+ if (!ret) {
+ perror("pageant: unable to read passphrase");
+ free_prompts(p);
+ return NULL;
+ } else {
+ char *passphrase = dupstr(p->prompts[0]->result);
+ free_prompts(p);
+ return passphrase;
+ }
+ } else if (display) {
+ char *prompt, *passphrase;
+ int success;
+
+ /* in gtkask.c */
+ char *gtk_askpass_main(const char *display, const char *wintitle,
+ const char *prompt, int *success);
+
+ prompt = dupprintf("Enter passphrase to load key '%s': ", comment);
+ passphrase = gtk_askpass_main(display,
+ "Pageant passphrase prompt",
+ prompt, &success);
+ sfree(prompt);
+ if (!success) {
+ /* return value is error message */
+ fprintf(stderr, "%s\n", passphrase);
+ sfree(passphrase);
+ passphrase = NULL;
+ }
+ return passphrase;
+ } else {
+ fprintf(stderr, "no way to read a passphrase without tty or "
+ "X display\n");
+ return NULL;
+ }
+}
+
+static int unix_add_keyfile(const char *filename_str)
+{
+ Filename *filename = filename_from_str(filename_str);
+ int status, ret;
+ char *err;
+
+ ret = TRUE;
/*
- * Process the command line.
+ * Try without a passphrase.
*/
- while (--argc) {
- char *p = *++argv;
- if (*p == '-' && doing_opts) {
- if (!strcmp(p, "-V") || !strcmp(p, "--version")) {
- version();
- } else if (!strcmp(p, "--help")) {
- usage();
- exit(0);
- } else if (!strcmp(p, "-v")) {
- pageant_logfp = stderr;
- } else if (!strcmp(p, "-X")) {
- life = LIFE_X11;
- } else if (!strcmp(p, "--debug")) {
- life = LIFE_DEBUG;
- } else if (!strcmp(p, "--permanent")) {
- life = LIFE_PERM;
- } else if (!strcmp(p, "--exec")) {
- life = LIFE_EXEC;
- } else if (!strcmp(p, "--")) {
- doing_opts = FALSE;
+ status = pageant_add_keyfile(filename, NULL, &err);
+ if (status == PAGEANT_ACTION_OK) {
+ goto cleanup;
+ } else if (status == PAGEANT_ACTION_FAILURE) {
+ fprintf(stderr, "pageant: %s: %s\n", filename_str, err);
+ ret = FALSE;
+ goto cleanup;
+ }
+
+ /*
+ * And now try prompting for a passphrase.
+ */
+ while (1) {
+ char *passphrase = askpass(err);
+ sfree(err);
+ err = NULL;
+ if (!passphrase)
+ break;
+
+ status = pageant_add_keyfile(filename, passphrase, &err);
+
+ smemclr(passphrase, strlen(passphrase));
+ sfree(passphrase);
+ passphrase = NULL;
+
+ if (status == PAGEANT_ACTION_OK) {
+ goto cleanup;
+ } else if (status == PAGEANT_ACTION_FAILURE) {
+ fprintf(stderr, "pageant: %s: %s\n", filename_str, err);
+ ret = FALSE;
+ goto cleanup;
+ }
+ }
+
+ cleanup:
+ sfree(err);
+ filename_free(filename);
+ return ret;
+}
+
+void key_list_callback(void *ctx, const char *fingerprint,
+ const char *comment, struct pageant_pubkey *key)
+{
+ printf("%s %s\n", fingerprint, comment);
+}
+
+struct key_find_ctx {
+ const char *string;
+ int match_fp, match_comment;
+ struct pageant_pubkey *found;
+ int nfound;
+};
+
+int match_fingerprint_string(const char *string, const char *fingerprint)
+{
+ const char *hash;
+
+ /* Find the hash in the fingerprint string. It'll be the word at the end. */
+ hash = strrchr(fingerprint, ' ');
+ assert(hash);
+ hash++;
+
+ /* Now see if the search string is a prefix of the full hash,
+ * neglecting colons and case differences. */
+ while (1) {
+ while (*string == ':') string++;
+ while (*hash == ':') hash++;
+ if (!*string)
+ return TRUE;
+ if (tolower((unsigned char)*string) != tolower((unsigned char)*hash))
+ return FALSE;
+ string++;
+ hash++;
+ }
+}
+
+void key_find_callback(void *vctx, const char *fingerprint,
+ const char *comment, struct pageant_pubkey *key)
+{
+ struct key_find_ctx *ctx = (struct key_find_ctx *)vctx;
+
+ if ((ctx->match_comment && !strcmp(ctx->string, comment)) ||
+ (ctx->match_fp && match_fingerprint_string(ctx->string, fingerprint)))
+ {
+ if (!ctx->found)
+ ctx->found = pageant_pubkey_copy(key);
+ ctx->nfound++;
+ }
+}
+
+struct pageant_pubkey *find_key(const char *string, char **retstr)
+{
+ struct key_find_ctx actx, *ctx = &actx;
+ struct pageant_pubkey key_in, *key_ret;
+ int try_file = TRUE, try_fp = TRUE, try_comment = TRUE;
+ int file_errors = FALSE;
+
+ /*
+ * Trim off disambiguating prefixes telling us how to interpret
+ * the provided string.
+ */
+ if (!strncmp(string, "file:", 5)) {
+ string += 5;
+ try_fp = try_comment = FALSE;
+ file_errors = TRUE; /* also report failure to load the file */
+ } else if (!strncmp(string, "comment:", 8)) {
+ string += 8;
+ try_file = try_fp = FALSE;
+ } else if (!strncmp(string, "fp:", 3)) {
+ string += 3;
+ try_file = try_comment = FALSE;
+ } else if (!strncmp(string, "fingerprint:", 12)) {
+ string += 12;
+ try_file = try_comment = FALSE;
+ }
+
+ /*
+ * Try interpreting the string as a key file name.
+ */
+ if (try_file) {
+ Filename *fn = filename_from_str(string);
+ int keytype = key_type(fn);
+ if (keytype == SSH_KEYTYPE_SSH1 ||
+ keytype == SSH_KEYTYPE_SSH1_PUBLIC) {
+ const char *error;
+
+ if (!rsakey_pubblob(fn, &key_in.blob, &key_in.bloblen,
+ NULL, &error)) {
+ if (file_errors) {
+ *retstr = dupprintf("unable to load file '%s': %s",
+ string, error);
+ filename_free(fn);
+ return NULL;
+ }
+ } else {
+ /*
+ * If we've successfully loaded the file, stop here - we
+ * already have a key blob and need not go to the agent to
+ * list things.
+ */
+ key_in.ssh_version = 1;
+ key_in.comment = NULL;
+ key_ret = pageant_pubkey_copy(&key_in);
+ sfree(key_in.blob);
+ filename_free(fn);
+ return key_ret;
}
- } else {
- if (life == LIFE_EXEC) {
- exec_args = argv;
- break; /* everything else is now args to the exec command */
+ } else if (keytype == SSH_KEYTYPE_SSH2 ||
+ keytype == SSH_KEYTYPE_SSH2_PUBLIC_RFC4716 ||
+ keytype == SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH) {
+ const char *error;
+
+ if ((key_in.blob = ssh2_userkey_loadpub(fn, NULL,
+ &key_in.bloblen,
+ NULL, &error)) == NULL) {
+ if (file_errors) {
+ *retstr = dupprintf("unable to load file '%s': %s",
+ string, error);
+ filename_free(fn);
+ return NULL;
+ }
} else {
- fprintf(stderr, "pageant: unexpected argument '%s'\n", p);
- exit(1);
+ /*
+ * If we've successfully loaded the file, stop here - we
+ * already have a key blob and need not go to the agent to
+ * list things.
+ */
+ key_in.ssh_version = 2;
+ key_in.comment = NULL;
+ key_ret = pageant_pubkey_copy(&key_in);
+ sfree(key_in.blob);
+ filename_free(fn);
+ return key_ret;
+ }
+ } else {
+ if (file_errors) {
+ *retstr = dupprintf("unable to load key file '%s': %s",
+ string, key_type_to_str(keytype));
+ filename_free(fn);
+ return NULL;
}
}
+ filename_free(fn);
}
- if (errors)
- return 1;
+ /*
+ * Failing that, go through the keys in the agent, and match
+ * against fingerprints and comments as appropriate.
+ */
+ ctx->string = string;
+ ctx->match_fp = try_fp;
+ ctx->match_comment = try_comment;
+ ctx->found = NULL;
+ ctx->nfound = 0;
+ if (pageant_enum_keys(key_find_callback, ctx, retstr) ==
+ PAGEANT_ACTION_FAILURE)
+ return NULL;
- if (life == LIFE_UNSPEC) {
- fprintf(stderr, "pageant: expected a lifetime option\n");
- exit(1);
+ if (ctx->nfound == 0) {
+ *retstr = dupstr("no key matched");
+ assert(!ctx->found);
+ return NULL;
+ } else if (ctx->nfound > 1) {
+ *retstr = dupstr("multiple keys matched");
+ assert(ctx->found);
+ pageant_pubkey_free(ctx->found);
+ return NULL;
}
- if (life == LIFE_EXEC && !exec_args) {
- fprintf(stderr, "pageant: expected a command with --exec\n");
+
+ assert(ctx->found);
+ return ctx->found;
+}
+
+void run_client(void)
+{
+ const struct cmdline_key_action *act;
+ struct pageant_pubkey *key;
+ int errors = FALSE;
+ char *retstr;
+
+ if (!agent_exists()) {
+ fprintf(stderr, "pageant: no agent running to talk to\n");
exit(1);
}
+ for (act = keyact_head; act; act = act->next) {
+ switch (act->action) {
+ case KEYACT_CLIENT_ADD:
+ if (!unix_add_keyfile(act->filename))
+ errors = TRUE;
+ break;
+ case KEYACT_CLIENT_LIST:
+ if (pageant_enum_keys(key_list_callback, NULL, &retstr) ==
+ PAGEANT_ACTION_FAILURE) {
+ fprintf(stderr, "pageant: listing keys: %s\n", retstr);
+ sfree(retstr);
+ errors = TRUE;
+ }
+ break;
+ case KEYACT_CLIENT_DEL:
+ key = NULL;
+ if (!(key = find_key(act->filename, &retstr)) ||
+ pageant_delete_key(key, &retstr) == PAGEANT_ACTION_FAILURE) {
+ fprintf(stderr, "pageant: deleting key '%s': %s\n",
+ act->filename, retstr);
+ sfree(retstr);
+ errors = TRUE;
+ }
+ if (key)
+ pageant_pubkey_free(key);
+ break;
+ case KEYACT_CLIENT_PUBLIC_OPENSSH:
+ case KEYACT_CLIENT_PUBLIC:
+ key = NULL;
+ if (!(key = find_key(act->filename, &retstr))) {
+ fprintf(stderr, "pageant: finding key '%s': %s\n",
+ act->filename, retstr);
+ sfree(retstr);
+ errors = TRUE;
+ } else {
+ FILE *fp = stdout; /* FIXME: add a -o option? */
+
+ if (key->ssh_version == 1) {
+ struct RSAKey rkey;
+ memset(&rkey, 0, sizeof(rkey));
+ rkey.comment = dupstr(key->comment);
+ makekey(key->blob, key->bloblen, &rkey, NULL, 0);
+ ssh1_write_pubkey(fp, &rkey);
+ freersakey(&rkey);
+ } else {
+ ssh2_write_pubkey(fp, key->comment, key->blob,key->bloblen,
+ (act->action == KEYACT_CLIENT_PUBLIC ?
+ SSH_KEYTYPE_SSH2_PUBLIC_RFC4716 :
+ SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH));
+ }
+ pageant_pubkey_free(key);
+ }
+ break;
+ case KEYACT_CLIENT_DEL_ALL:
+ if (pageant_delete_all_keys(&retstr) == PAGEANT_ACTION_FAILURE) {
+ fprintf(stderr, "pageant: deleting all keys: %s\n", retstr);
+ sfree(retstr);
+ errors = TRUE;
+ }
+ break;
+ default:
+ assert(0 && "Invalid client action found");
+ }
+ }
+
+ if (errors)
+ exit(1);
+}
+
+void run_agent(void)
+{
+ const char *err;
+ char *username, *socketdir;
+ struct pageant_listen_state *pl;
+ Socket sock;
+ unsigned long now;
+ int *fdlist;
+ int fd;
+ int i, fdcount, fdsize, fdstate;
+ int termination_pid = -1;
+ int errors = FALSE;
+ Conf *conf;
+ const struct cmdline_key_action *act;
+
+ fdlist = NULL;
+ fdcount = fdsize = 0;
+
+ pageant_init();
+
/*
- * Block SIGPIPE, so that we'll get EPIPE individually on
- * particular network connections that go wrong.
+ * Start by loading any keys provided on the command line.
*/
- putty_signal(SIGPIPE, SIG_IGN);
-
- sk_init();
- uxsel_init();
+ for (act = keyact_head; act; act = act->next) {
+ assert(act->action == KEYACT_AGENT_LOAD);
+ if (!unix_add_keyfile(act->filename))
+ errors = TRUE;
+ }
+ if (errors)
+ exit(1);
/*
* Set up a listening socket and run Pageant on it.
exit(1);
}
socketname = dupprintf("%s/pageant.%d", socketdir, (int)getpid());
- pageant_init();
pl = pageant_listener_new();
sock = new_unix_listener(unix_sock_addr(socketname), (Plug)pl);
if ((err = sk_socket_error(sock)) != NULL) {
NULL
};
- if (!display)
- display = getenv("DISPLAY");
if (!display) {
fprintf(stderr, "pageant: no DISPLAY for -X mode\n");
exit(1);
smemclr(greeting, greetinglen);
sfree(greeting);
- pageant_fork_and_print_env();
+ pageant_fork_and_print_env(FALSE);
+ } else if (life == LIFE_TTY) {
+ schedule_timer(TTY_LIFE_POLL_INTERVAL,
+ tty_life_timer, &dummy_timer_ctx);
+ pageant_fork_and_print_env(TRUE);
} else if (life == LIFE_PERM) {
- pageant_fork_and_print_env();
+ pageant_fork_and_print_env(FALSE);
} else if (life == LIFE_DEBUG) {
pageant_print_env(getpid());
pageant_logfp = stdout;
exit(1);
}
+ if (life == LIFE_TTY) {
+ /*
+ * Every time we wake up (whether it was due to tty_timer
+ * elapsing or for any other reason), poll to see if we
+ * still have a controlling terminal. If we don't, then
+ * our containing tty session has ended, so it's time to
+ * clean up and leave.
+ */
+ if (!have_controlling_tty()) {
+ time_to_die = TRUE;
+ break;
+ }
+ }
+
for (i = 0; i < fdcount; i++) {
fd = fdlist[i];
/*
exit(1);
}
+ conf_free(conf);
+}
+
+int main(int argc, char **argv)
+{
+ int doing_opts = TRUE;
+ keyact curr_keyact = KEYACT_AGENT_LOAD;
+
+ /*
+ * Process the command line.
+ */
+ while (--argc > 0) {
+ char *p = *++argv;
+ if (*p == '-' && doing_opts) {
+ if (!strcmp(p, "-V") || !strcmp(p, "--version")) {
+ version();
+ } else if (!strcmp(p, "--help")) {
+ usage();
+ exit(0);
+ } else if (!strcmp(p, "-v")) {
+ pageant_logfp = stderr;
+ } else if (!strcmp(p, "-a")) {
+ curr_keyact = KEYACT_CLIENT_ADD;
+ } else if (!strcmp(p, "-d")) {
+ curr_keyact = KEYACT_CLIENT_DEL;
+ } else if (!strcmp(p, "-s")) {
+ shell_type = SHELL_SH;
+ } else if (!strcmp(p, "-c")) {
+ shell_type = SHELL_CSH;
+ } else if (!strcmp(p, "-D")) {
+ add_keyact(KEYACT_CLIENT_DEL_ALL, NULL);
+ } else if (!strcmp(p, "-l")) {
+ add_keyact(KEYACT_CLIENT_LIST, NULL);
+ } else if (!strcmp(p, "--public")) {
+ curr_keyact = KEYACT_CLIENT_PUBLIC;
+ } else if (!strcmp(p, "--public-openssh")) {
+ curr_keyact = KEYACT_CLIENT_PUBLIC_OPENSSH;
+ } else if (!strcmp(p, "-X")) {
+ life = LIFE_X11;
+ } else if (!strcmp(p, "-T")) {
+ life = LIFE_TTY;
+ } else if (!strcmp(p, "--debug")) {
+ life = LIFE_DEBUG;
+ } else if (!strcmp(p, "--permanent")) {
+ life = LIFE_PERM;
+ } else if (!strcmp(p, "--exec")) {
+ life = LIFE_EXEC;
+ /* Now all subsequent arguments go to the exec command. */
+ if (--argc > 0) {
+ exec_args = ++argv;
+ argc = 0; /* force end of option processing */
+ } else {
+ fprintf(stderr, "pageant: expected a command "
+ "after --exec\n");
+ exit(1);
+ }
+ } else if (!strcmp(p, "--")) {
+ doing_opts = FALSE;
+ }
+ } else {
+ /*
+ * Non-option arguments (apart from those after --exec,
+ * which are treated specially above) are interpreted as
+ * the names of private key files to either add or delete
+ * from an agent.
+ */
+ add_keyact(curr_keyact, p);
+ }
+ }
+
+ if (life == LIFE_EXEC && !exec_args) {
+ fprintf(stderr, "pageant: expected a command with --exec\n");
+ exit(1);
+ }
+
+ /*
+ * Block SIGPIPE, so that we'll get EPIPE individually on
+ * particular network connections that go wrong.
+ */
+ putty_signal(SIGPIPE, SIG_IGN);
+
+ sk_init();
+ uxsel_init();
+
+ if (!display) {
+ display = getenv("DISPLAY");
+ if (display && !*display)
+ display = NULL;
+ }
+
+ /*
+ * Now distinguish our two main running modes. Either we're
+ * actually starting up an agent, in which case we should have a
+ * lifetime mode, and no key actions of KEYACT_CLIENT_* type; or
+ * else we're contacting an existing agent to add or remove keys,
+ * in which case we should have no lifetime mode, and no key
+ * actions of KEYACT_AGENT_* type.
+ */
+ {
+ int has_agent_actions = FALSE;
+ int has_client_actions = FALSE;
+ int has_lifetime = FALSE;
+ const struct cmdline_key_action *act;
+
+ for (act = keyact_head; act; act = act->next) {
+ if (is_agent_action(act->action))
+ has_agent_actions = TRUE;
+ else
+ has_client_actions = TRUE;
+ }
+ if (life != LIFE_UNSPEC)
+ has_lifetime = TRUE;
+
+ if (has_lifetime && has_client_actions) {
+ fprintf(stderr, "pageant: client key actions (-a, -d, -D, -l, -L)"
+ " do not go with an agent lifetime option\n");
+ exit(1);
+ }
+ if (!has_lifetime && has_agent_actions) {
+ fprintf(stderr, "pageant: expected an agent lifetime option with"
+ " bare key file arguments\n");
+ exit(1);
+ }
+ if (!has_lifetime && !has_client_actions) {
+ fprintf(stderr, "pageant: expected an agent lifetime option"
+ " or a client key action\n");
+ exit(1);
+ }
+
+ if (has_lifetime) {
+ run_agent();
+ } else if (has_client_actions) {
+ run_client();
+ }
+ }
+
return 0;
}
projects / PuTTY.git / blobdiff