1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 01:48:00 +00:00

Pageant: accept adding an unencrypted version of an encrypted key.

Now, if you send SSH2_AGENTC_ADD_IDENTITY with a cleartext private key
blob, and the agent already contains an encrypted-only version of the
same key, it will drop the cleartext version in alongside it,
effectively decrypting the key as if the passphrase had been typed.
This commit is contained in:
Simon Tatham 2020-12-15 13:54:55 +00:00
parent 91c9caa3fe
commit 1a8a6f76a4

View File

@ -244,12 +244,21 @@ bool pageant_add_ssh2_key(ssh2_userkey *skey)
pk->blocked_requests.next = pk->blocked_requests.prev =
&pk->blocked_requests;
if (add234(keytree, pk) == pk) {
PageantKey *pk_in_tree = add234(keytree, pk);
if (pk_in_tree == pk) {
/* The key wasn't in the tree at all, and we've just added it. */
pk->skey = skey;
if (skey->comment)
pk->comment = dupstr(skey->comment);
return true;
} else if (!pk_in_tree->skey) {
/* The key was only stored encrypted, and now we have an
* unencrypted version to add to the existing record. */
pk_in_tree->skey = skey;
pk_free(pk);
return true;
} else {
/* The key was already in the tree in full. */
pk_free(pk);
return false;
}