mirror of
https://github.com/keepassxreboot/keepassxc.git
synced 2025-04-04 21:17:43 +03:00
Toni Spets
Jonathan White
parent
c07a57d141
commit
860fcfd78d
10 changed files with 183 additions and 19 deletions
|
|
@ -61,11 +61,21 @@ QString SSHAgent::authSockOverride() const
|
|||
return config()->get(Config::SSHAgent_AuthSockOverride).toString();
|
||||
}
|
||||
|
||||
QString SSHAgent::securityKeyProviderOverride() const
|
||||
{
|
||||
return config()->get(Config::SSHAgent_SecurityKeyProviderOverride).toString();
|
||||
}
|
||||
|
||||
void SSHAgent::setAuthSockOverride(QString& authSockOverride)
|
||||
{
|
||||
config()->set(Config::SSHAgent_AuthSockOverride, authSockOverride);
|
||||
}
|
||||
|
||||
void SSHAgent::setSecurityKeyProviderOverride(QString& securityKeyProviderOverride)
|
||||
{
|
||||
config()->set(Config::SSHAgent_SecurityKeyProviderOverride, securityKeyProviderOverride);
|
||||
}
|
||||
|
||||
#ifdef Q_OS_WIN
|
||||
bool SSHAgent::useOpenSSH() const
|
||||
{
|
||||
|
|
@ -109,6 +119,21 @@ QString SSHAgent::socketPath(bool allowOverride) const
|
|||
return socketPath;
|
||||
}
|
||||
|
||||
QString SSHAgent::securityKeyProvider(bool allowOverride) const
|
||||
{
|
||||
QString skProvider;
|
||||
|
||||
if (allowOverride) {
|
||||
skProvider = securityKeyProviderOverride();
|
||||
}
|
||||
|
||||
if (skProvider.isEmpty()) {
|
||||
skProvider = QProcessEnvironment::systemEnvironment().value("SSH_SK_PROVIDER", "internal");
|
||||
}
|
||||
|
||||
return skProvider;
|
||||
}
|
||||
|
||||
const QString SSHAgent::errorString() const
|
||||
{
|
||||
return m_error;
|
||||
|
|
@ -257,10 +282,12 @@ bool SSHAgent::addIdentity(OpenSSHKey& key, const KeeAgentSettings& settings, co
|
|||
|
||||
QByteArray requestData;
|
||||
BinaryStream request(&requestData);
|
||||
bool isSecurityKey = key.type().startsWith("sk-");
|
||||
|
||||
request.write((settings.useLifetimeConstraintWhenAdding() || settings.useConfirmConstraintWhenAdding())
|
||||
? SSH_AGENTC_ADD_ID_CONSTRAINED
|
||||
: SSH_AGENTC_ADD_IDENTITY);
|
||||
request.write(
|
||||
(settings.useLifetimeConstraintWhenAdding() || settings.useConfirmConstraintWhenAdding() || isSecurityKey)
|
||||
? SSH_AGENTC_ADD_ID_CONSTRAINED
|
||||
: SSH_AGENTC_ADD_IDENTITY);
|
||||
key.writePrivate(request);
|
||||
|
||||
if (settings.useLifetimeConstraintWhenAdding()) {
|
||||
|
|
@ -272,6 +299,12 @@ bool SSHAgent::addIdentity(OpenSSHKey& key, const KeeAgentSettings& settings, co
|
|||
request.write(SSH_AGENT_CONSTRAIN_CONFIRM);
|
||||
}
|
||||
|
||||
if (isSecurityKey) {
|
||||
request.write(SSH_AGENT_CONSTRAIN_EXTENSION);
|
||||
request.writeString(QString("sk-provider@openssh.com"));
|
||||
request.writeString(securityKeyProvider());
|
||||
}
|
||||
|
||||
QByteArray responseData;
|
||||
if (!sendMessage(requestData, responseData)) {
|
||||
return false;
|
||||
|
|
@ -289,6 +322,11 @@ bool SSHAgent::addIdentity(OpenSSHKey& key, const KeeAgentSettings& settings, co
|
|||
m_error += "\n" + tr("A confirmation request is not supported by the agent (check options).");
|
||||
}
|
||||
|
||||
if (isSecurityKey) {
|
||||
m_error +=
|
||||
"\n" + tr("Security keys are not supported by the agent or the security key provider is unavailable.");
|
||||
}
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue