diff options
author | halex@openbsd.org <halex@openbsd.org> | 2015-02-21 21:46:57 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2015-02-22 09:04:58 +1100 |
commit | 1797f49b1ba31e8700231cd6b1d512d80bb50d2c (patch) | |
tree | b1f21c886e527e1fc81ff251cd30ea0d3b016157 /ssh-add.c | |
parent | 7faaa32da83a609059d95dbfcb0649fdb04caaf6 (diff) | |
download | openssh-git-1797f49b1ba31e8700231cd6b1d512d80bb50d2c.tar.gz |
upstream commit
make "ssh-add -d" properly remove a corresponding
certificate, and also not whine and fail if there is none
ok djm@
Diffstat (limited to 'ssh-add.c')
-rw-r--r-- | ssh-add.c | 14 |
1 files changed, 10 insertions, 4 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.119 2015/02/03 00:34:14 halex Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.120 2015/02/21 21:46:57 halex Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -128,18 +128,24 @@ delete_file(int agent_fd, const char *filename, int key_only) free(comment); comment = NULL; xasprintf(&certpath, "%s-cert.pub", filename); - if ((r = sshkey_load_public(certpath, &cert, &comment)) == 0) + if ((r = sshkey_load_public(certpath, &cert, &comment)) != 0) { + if (r != SSH_ERR_SYSTEM_ERROR || errno != ENOENT) + error("Failed to load certificate \"%s\": %s", + certpath, ssh_err(r)); goto out; + } + if (!sshkey_equal_public(cert, public)) fatal("Certificate %s does not match private key %s", certpath, filename); - if (ssh_remove_identity(agent_fd, cert)) { + if ((r = ssh_remove_identity(agent_fd, cert)) == 0) { fprintf(stderr, "Identity removed: %s (%s)\n", certpath, comment); ret = 0; } else - fprintf(stderr, "Could not remove identity: %s\n", certpath); + fprintf(stderr, "Could not remove identity \"%s\": %s\n", + certpath, ssh_err(r)); out: if (cert != NULL) |