1
0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-10 01:48:00 +00:00

Unix Pageant: support -r and -R options to re-encrypt.

This links up the new re-encryption facilities to the Unix Pageant
client-mode command line. Analogously to -d and -D, 'pageant -r key-id'
re-encrypts a single key, and 'pageant -R' re-encrypts everything.
This commit is contained in:
Simon Tatham 2020-02-15 16:40:19 +00:00
parent e563627d4b
commit 2571eabeef

View File

@ -397,6 +397,8 @@ typedef enum {
KEYACT_CLIENT_PUBLIC_OPENSSH, KEYACT_CLIENT_PUBLIC_OPENSSH,
KEYACT_CLIENT_PUBLIC, KEYACT_CLIENT_PUBLIC,
KEYACT_CLIENT_SIGN, KEYACT_CLIENT_SIGN,
KEYACT_CLIENT_REENCRYPT,
KEYACT_CLIENT_REENCRYPT_ALL,
} keyact; } keyact;
struct cmdline_key_action { struct cmdline_key_action {
struct cmdline_key_action *next; struct cmdline_key_action *next;
@ -801,6 +803,18 @@ void run_client(void)
if (key) if (key)
pageant_pubkey_free(key); pageant_pubkey_free(key);
break; break;
case KEYACT_CLIENT_REENCRYPT:
key = NULL;
if (!(key = find_key(act->filename, &retstr)) ||
pageant_reencrypt_key(key, &retstr) == PAGEANT_ACTION_FAILURE) {
fprintf(stderr, "pageant: re-encrypting key '%s': %s\n",
act->filename, retstr);
sfree(retstr);
errors = true;
}
if (key)
pageant_pubkey_free(key);
break;
case KEYACT_CLIENT_PUBLIC_OPENSSH: case KEYACT_CLIENT_PUBLIC_OPENSSH:
case KEYACT_CLIENT_PUBLIC: case KEYACT_CLIENT_PUBLIC:
key = NULL; key = NULL;
@ -840,6 +854,20 @@ void run_client(void)
errors = true; errors = true;
} }
break; break;
case KEYACT_CLIENT_REENCRYPT_ALL: {
int status = pageant_reencrypt_all_keys(&retstr);
if (status == PAGEANT_ACTION_FAILURE) {
fprintf(stderr, "pageant: re-encrypting all keys: "
"%s\n", retstr);
sfree(retstr);
errors = true;
} else if (status == PAGEANT_ACTION_WARNING) {
fprintf(stderr, "pageant: re-encrypting all keys: "
"warning: %s\n", retstr);
sfree(retstr);
}
break;
}
case KEYACT_CLIENT_SIGN: case KEYACT_CLIENT_SIGN:
key = NULL; key = NULL;
if (!message_loaded) { if (!message_loaded) {
@ -1222,12 +1250,16 @@ int main(int argc, char **argv)
curr_keyact = KEYACT_CLIENT_ADD; curr_keyact = KEYACT_CLIENT_ADD;
} else if (!strcmp(p, "-d")) { } else if (!strcmp(p, "-d")) {
curr_keyact = KEYACT_CLIENT_DEL; curr_keyact = KEYACT_CLIENT_DEL;
} else if (!strcmp(p, "-r")) {
curr_keyact = KEYACT_CLIENT_REENCRYPT;
} else if (!strcmp(p, "-s")) { } else if (!strcmp(p, "-s")) {
shell_type = SHELL_SH; shell_type = SHELL_SH;
} else if (!strcmp(p, "-c")) { } else if (!strcmp(p, "-c")) {
shell_type = SHELL_CSH; shell_type = SHELL_CSH;
} else if (!strcmp(p, "-D")) { } else if (!strcmp(p, "-D")) {
add_keyact(KEYACT_CLIENT_DEL_ALL, NULL); add_keyact(KEYACT_CLIENT_DEL_ALL, NULL);
} else if (!strcmp(p, "-R")) {
add_keyact(KEYACT_CLIENT_REENCRYPT_ALL, NULL);
} else if (!strcmp(p, "-l")) { } else if (!strcmp(p, "-l")) {
add_keyact(KEYACT_CLIENT_LIST, NULL); add_keyact(KEYACT_CLIENT_LIST, NULL);
} else if (!strcmp(p, "--public")) { } else if (!strcmp(p, "--public")) {