CVSROOT: /cvs
Module name: src
Changes by: [email protected] 2010/02/08 03:50:20
Modified files:
usr.bin/ssh : Makefile Makefile.inc pathnames.h readconf.c
readconf.h scp.1 sftp.1 ssh-add.1 ssh-add.c
ssh-agent.c ssh-keygen.1 ssh-keygen.c ssh.1
ssh.c ssh_config.5
usr.bin/ssh/lib: Makefile
usr.bin/ssh/ssh-agent: Makefile
Added files:
usr.bin/ssh : pkcs11.h ssh-pkcs11-client.c
ssh-pkcs11-helper.c ssh-pkcs11.c ssh-pkcs11.h
usr.bin/ssh/ssh-pkcs11-helper: Makefile
Log message:
replace our obsolete smartcard code with PKCS#11.
ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-11/v2-20/pkcs-11v2-20.pdf
ssh(1) and ssh-keygen(1) use dlopen(3) directly to talk to a PKCS#11
provider (shared library) while ssh-agent(1) delegates PKCS#11 to
a forked a ssh-pkcs11-helper process.
PKCS#11 is currently a compile time option.
feedback and ok djm@; inspired by patches from Alon Bar-Lev
