From cc38a9f569ce51e8ccdd092f19cc1ce7d1afa060 Mon Sep 17 00:00:00 2001 From: martti Date: Fri, 9 Nov 2001 09:56:27 +0000 Subject: Updated keychain to version 1.7. Changes since 1.2: * Use procmail's lockfile to serialize the execution of critical parts of keychain, thus avoiding multiple ssh-agent processes being started if you happen to have multiple xterms open automatically when you log in. Keychain will now auto-detect whether lockfile is installed; if it is, keychain will automatically use it * No longer "kill -9" our ssh-agent processes * Added argument "--quiet | -q" * Added "-h" as alias for "--help", added "-k" as alias for "--stop" * Add /usr/ucb to path for Solaris systems * Try to add multiple keys using ssh-add; avoid typing in identical passphrases more than once. * Misc. compatibility, signal handling, cleanup fixes * We now use .ssh-agent-[hostname] instead of .ssh-agent * "source" to "." shell-compatibility fixes. * "rm -f $pidf" after stopping ssh-agent fix --- security/keychain/Makefile | 6 +- security/keychain/distinfo | 8 +-- security/keychain/patches/patch-aa | 113 ++++++++----------------------------- 3 files changed, 32 insertions(+), 95 deletions(-) (limited to 'security') diff --git a/security/keychain/Makefile b/security/keychain/Makefile index 68bb63fb16a..3e341c38d64 100644 --- a/security/keychain/Makefile +++ b/security/keychain/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.3 2001/09/27 23:18:38 jlam Exp $ +# $NetBSD: Makefile,v 1.4 2001/11/09 09:56:27 martti Exp $ -DISTNAME= keychain-1.2 -PKGNAME= ${DISTNAME}nb1 +DISTNAME= keychain-1.7 +PKGNAME= ${DISTNAME} CATEGORIES= security MASTER_SITES= http://www.ibiblio.org/gentoo/distfiles/ EXTRACT_SUFX= .tar.bz2 diff --git a/security/keychain/distinfo b/security/keychain/distinfo index 15157d60151..10e2a45f2e4 100644 --- a/security/keychain/distinfo +++ b/security/keychain/distinfo @@ -1,5 +1,5 @@ -$NetBSD: distinfo,v 1.2 2001/09/19 13:48:00 wiz Exp $ +$NetBSD: distinfo,v 1.3 2001/11/09 09:56:27 martti Exp $ -SHA1 (keychain-1.2.tar.bz2) = d9e59623332aa5f40f2448eaf614dc5b3513cac8 -Size (keychain-1.2.tar.bz2) = 3229 bytes -SHA1 (patch-aa) = 6b34cd020fc8696881ba271c812293e3e765f806 +SHA1 (keychain-1.7.tar.bz2) = a2acc49a3f1872fa22aead37fb4635e2f836bbf2 +Size (keychain-1.7.tar.bz2) = 6290 bytes +SHA1 (patch-aa) = b9736c89148872a1ae19aa2462a9b4724b1f9d98 diff --git a/security/keychain/patches/patch-aa b/security/keychain/patches/patch-aa index 42f5e14f9ca..c802e196b2a 100644 --- a/security/keychain/patches/patch-aa +++ b/security/keychain/patches/patch-aa @@ -1,104 +1,41 @@ -$NetBSD: patch-aa,v 1.2 2001/09/19 13:48:01 wiz Exp $ +$NetBSD: patch-aa,v 1.3 2001/11/09 09:56:28 martti Exp $ ---- keychain.orig Mon Sep 10 04:42:47 2001 -+++ keychain Wed Sep 19 13:17:34 2001 +--- keychain.orig Mon Oct 22 17:19:57 2001 ++++ keychain Fri Nov 9 10:42:37 2001 @@ -6,7 +6,7 @@ - version=1.2 + version=1.7 --trap "" INT +-trap "" INT || { echo "$0: warning: trapping signal 2 instead of INT" 1>&2; trap "" 2; } +trap "" 2 - PATH="/sbin:/usr/sbin:${PATH}"; export PATH; + PATH="/sbin:/usr/sbin:${PATH}:/usr/ucb"; export PATH; KEYCHAIN_KEYS="" - for x in ${*} -@@ -19,10 +19,11 @@ - fi - done --BLUE="\033[34;01m" --GREEN="\033[32;01m" --OFF="\033[0m" --CYAN="\033[36;01m" -+# Some terminals don't support colors -+BLUE= -+GREEN= -+OFF= -+CYAN= - echo - echo -e "${GREEN}KeyChain ${version}; ${BLUE}http://www.gentoo.org/projects/keychain${OFF}\n Copyright 2001 Gentoo Technologies, Inc.; Distributed under the GPL" +@@ -24,7 +24,7 @@ + lockf="${HOME}/.keychain-lock-${hostname}" -@@ -46,20 +47,20 @@ + # perform lock if we have lockfile available +-[ -z "$lockfile" ] || $lockfile -1 "$lockf" ++[ -x "$lockfile" ] && $lockfile -1 "$lockf" - Keychain is an OpenSSH key manager, typically run from ~/.bash_profile. When - run, it will make sure ssh-agent is running; if not, it will start ssh-agent. -- It will redirect ssh-agent's output to ~/.ssh-agent, so that cron jobs that -- need to use ssh-agent keys can simply source this file and make the necessary -- passwordless ssh connections. In addition, when keychain runs, it will check -- with ssh-agent and make sure that the ssh RSA/DSA keys that you specified on -- the keychain command line have actually been added to ssh-agent. If not, you -- are prompted for the appropriate passphrases so that they can be added by -- keychain. -+ It will redirect ssh-agent's output to ~/.ssh-agent-\`hostname\`, so that cron -+ jobs that need to use ssh-agent keys can simply source this file and make the -+ necessary passwordless ssh connections. In addition, when keychain runs, it -+ will check with ssh-agent and make sure that the ssh RSA/DSA keys that you -+ specified on the keychain command line have actually been added to ssh-agent. -+ If not, you are prompted for the appropriate passphrases so that they can be -+ added by keychain. - - Typically, one uses keychain by adding the following to the top of their - ~/.bash_profile (or ~/.zshrc, in case of zsh): - - EOHELP - echo -e " ${CYAN}keychain ~/.ssh/id_rsa ~/.ssh/id_dsa" --echo -e " source ~/.ssh-agent > /dev/null${OFF}" -+echo -e " . ~/.ssh-agent-\`hostname\` > /dev/null${OFF}" - echo -e " # the > /dev/null eliminates the redundant agent PID output" - echo - cat <&2 && exit 1 ) -- chmod 0600 ~/.ssh-agent -+ echo -e " ${GREEN}*${OFF} Initializing ~/.ssh-agent-`hostname` file..." -+ touch ~/.ssh-agent-`hostname` || ( echo "$0: Cannot create ~/.ssh-agent-`hostname`, exiting." 1>&2 && exit 1 ) -+ chmod 0600 ~/.ssh-agent-`hostname` - SSH_AGENT_PID="NULL" - else -- source ~/.ssh-agent > /dev/null -+ . ~/.ssh-agent-`hostname` > /dev/null +@@ -246,7 +249,7 @@ fi - match="no" -@@ -127,10 +129,10 @@ + #now that keys are potentially cleared, it's safe to be aborted by ^C +-trap - INT || trap - 2 ++trap - 2 - if [ "$match" = "no" ] + if [ -n "`echo $* | grep '\-\-noask'`" ] then -- chmod 0600 ~/.ssh-agent -+ chmod 0600 ~/.ssh-agent-`hostname` - echo -e " ${GREEN}*${OFF} starting new ssh-agent" -- nohup ssh-agent > ~/.ssh-agent -- source ~/.ssh-agent > /dev/null -+ nohup ssh-agent > ~/.ssh-agent-`hostname` -+ . ~/.ssh-agent-`hostname` > /dev/null - fi - - if [ -n "`echo $* | grep '\-\-clear'`" ] -- cgit v1.2.3