charon-cmd: --agent optionally takes the path to an ssh-agent socket
authorTobias Brunner <tobias@strongswan.org>
Tue, 7 May 2013 13:04:02 +0000 (15:04 +0200)
committerTobias Brunner <tobias@strongswan.org>
Wed, 8 May 2013 10:30:36 +0000 (12:30 +0200)
If not given it is read from the SSH_AUTH_SOCK environment variable.

src/charon-cmd/cmd/cmd_connection.c
src/charon-cmd/cmd/cmd_creds.c
src/charon-cmd/cmd/cmd_options.c

index 8b42bef..9c25df9 100644 (file)
@@ -1,4 +1,7 @@
 /*
+ * Copyright (C) 2013 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
  * Copyright (C) 2013 Martin Willi
  * Copyright (C) 2013 revosec AG
  *
index 31e5789..98337db 100644 (file)
@@ -1,4 +1,7 @@
 /*
+ * Copyright (C) 2013 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
  * Copyright (C) 2013 Martin Willi
  * Copyright (C) 2013 revosec AG
  *
@@ -49,9 +52,9 @@ struct private_cmd_creds_t {
        bool prompted;
 
        /**
-        * Provide keys via ssh-agent
+        * Path to ssh-agent socket
         */
-       bool agent;
+       char *agent;
 
        /**
         * Local identity
@@ -138,17 +141,9 @@ static void load_agent(private_cmd_creds_t *this)
        public_key_t *pubkey;
        identification_t *id;
        certificate_t *cert;
-       char *agent;
-
-       agent = getenv("SSH_AUTH_SOCK");
-       if (!agent)
-       {
-               DBG1(DBG_CFG, "ssh-agent socket not found");
-               exit(1);
-       }
 
-       privkey = lib->creds->create(lib->creds, CRED_PRIVATE_KEY,
-                                                                KEY_ANY, BUILD_AGENT_SOCKET, agent, BUILD_END);
+       privkey = lib->creds->create(lib->creds, CRED_PRIVATE_KEY, KEY_ANY,
+                                                                BUILD_AGENT_SOCKET, this->agent, BUILD_END);
        if (!privkey)
        {
                DBG1(DBG_CFG, "failed to load private key from ssh-agent");
@@ -192,7 +187,12 @@ METHOD(cmd_creds_t, handle, bool,
                        this->identity = arg;
                        break;
                case CMD_OPT_AGENT:
-                       this->agent = TRUE;
+                       this->agent = arg ?: getenv("SSH_AUTH_SOCK");
+                       if (!this->agent)
+                       {
+                               DBG1(DBG_CFG, "no ssh-agent socket defined");
+                               exit(1);
+                       }
                        break;
                default:
                        return FALSE;
@@ -201,7 +201,7 @@ METHOD(cmd_creds_t, handle, bool,
        {
                load_agent(this);
                /* only do this once */
-               this->agent = FALSE;
+               this->agent = NULL;
        }
        return TRUE;
 }
index f25719a..06d0996 100644 (file)
@@ -1,4 +1,7 @@
 /*
+ * Copyright (C) 2013 Tobias Brunner
+ * Hochschule fuer Technik Rapperswil
+ *
  * Copyright (C) 2013 Martin Willi
  * Copyright (C) 2013 revosec AG
  *
@@ -35,8 +38,10 @@ cmd_option_t cmd_options[CMD_OPT_COUNT] = {
          "trusted certificate, for authentication or trust chain validation", {}},
        { CMD_OPT_RSA, "rsa", required_argument, "path",
          "RSA private key to use for authentication", {}},
-       { CMD_OPT_AGENT, "agent", no_argument, "",
-         "use SSH agent for authentication", {}},
+       { CMD_OPT_AGENT, "agent", optional_argument, "socket",
+         "use SSH agent for authentication. If socket is not specified", {
+               "it is read from the SSH_AUTH_SOCK environment variable",
+       }},
        { CMD_OPT_LOCAL_TS, "local-ts", required_argument, "subnet",
          "additional traffic selector to propose for our side", {}},
        { CMD_OPT_REMOTE_TS, "remote-ts", required_argument, "subnet",