Re-Add keys on database unlock

* Keys that were previously added do not show an error message (they are most likely still in the agent) * Shifted to using the KeeAgentSettings class to guide behavior of addIdentity function * Fixes #2902
2025-02-17 13:02:49 -05:00 · 2019-04-11 10:17:18 -04:00 · 2019-04-11 10:17:18 -04:00 · c195452c54
commit c195452c54
parent 2ffefc95ae
3 changed files with 22 additions and 25 deletions
--- a/src/gui/entry/EditEntryWidget.cpp
+++ b/src/gui/entry/EditEntryWidget.cpp
@ -597,15 +597,14 @@ void EditEntryWidget::addKeyToAgent()
    m_sshAgentUi->commentTextLabel->setText(key.comment());
    m_sshAgentUi->publicKeyEdit->document()->setPlainText(key.publicKey());

-    int lifetime = 0;
-    bool confirm = m_sshAgentUi->requireUserConfirmationCheckBox->isChecked();
+    KeeAgentSettings settings;

-    if (m_sshAgentUi->lifetimeCheckBox->isChecked()) {
-        lifetime = m_sshAgentUi->lifetimeSpinBox->value();
-    }
+    settings.setRemoveAtDatabaseClose(m_sshAgentUi->removeKeyFromAgentCheckBox->isChecked());
+    settings.setUseConfirmConstraintWhenAdding(m_sshAgentUi->requireUserConfirmationCheckBox->isChecked());
+    settings.setUseLifetimeConstraintWhenAdding(m_sshAgentUi->lifetimeCheckBox->isChecked());
+    settings.setLifetimeConstraintDuration(m_sshAgentUi->lifetimeSpinBox->value());

-    if (!SSHAgent::instance()->addIdentity(
-            key, m_sshAgentUi->removeKeyFromAgentCheckBox->isChecked(), static_cast<quint32>(lifetime), confirm)) {
+    if (!SSHAgent::instance()->addIdentity(key, settings)) {
        showMessage(SSHAgent::instance()->errorString(), MessageWidget::Error);
        return;
    }
--- a/src/sshagent/SSHAgent.cpp
+++ b/src/sshagent/SSHAgent.cpp
@ -187,7 +187,7 @@ bool SSHAgent::sendMessagePageant(const QByteArray& in, QByteArray& out)
 * @param removeOnLock autoremove from agent when the Database is locked
 * @return true on success
 */
-bool SSHAgent::addIdentity(OpenSSHKey& key, bool removeOnLock, quint32 lifetime, bool confirm)
+bool SSHAgent::addIdentity(OpenSSHKey& key, KeeAgentSettings& settings)
 {
    if (!isAgentRunning()) {
        m_error = tr("No agent running, cannot add identity.");
@ -197,15 +197,17 @@ bool SSHAgent::addIdentity(OpenSSHKey& key, bool removeOnLock, quint32 lifetime,
    QByteArray requestData;
    BinaryStream request(&requestData);

-    request.write((lifetime > 0 || confirm) ? SSH_AGENTC_ADD_ID_CONSTRAINED : SSH_AGENTC_ADD_IDENTITY);
+    request.write((settings.useLifetimeConstraintWhenAdding() || settings.useConfirmConstraintWhenAdding())
+                      ? SSH_AGENTC_ADD_ID_CONSTRAINED
+                      : SSH_AGENTC_ADD_IDENTITY);
    key.writePrivate(request);

-    if (lifetime > 0) {
+    if (settings.useLifetimeConstraintWhenAdding()) {
        request.write(SSH_AGENT_CONSTRAIN_LIFETIME);
-        request.write(lifetime);
+        request.write(static_cast<quint32>(settings.lifetimeConstraintDuration()));
    }

-    if (confirm) {
+    if (settings.useConfirmConstraintWhenAdding()) {
        request.write(SSH_AGENT_CONSTRAIN_CONFIRM);
    }

@ -218,11 +220,11 @@ bool SSHAgent::addIdentity(OpenSSHKey& key, bool removeOnLock, quint32 lifetime,
        m_error =
            tr("Agent refused this identity. Possible reasons include:") + "\n" + tr("The key has already been added.");

-        if (lifetime > 0) {
+        if (settings.useLifetimeConstraintWhenAdding()) {
            m_error += "\n" + tr("Restricted lifetime is not supported by the agent (check options).");
        }

-        if (confirm) {
+        if (settings.useConfirmConstraintWhenAdding()) {
            m_error += "\n" + tr("A confirmation request is not supported by the agent (check options).");
        }

@ -231,7 +233,7 @@ bool SSHAgent::addIdentity(OpenSSHKey& key, bool removeOnLock, quint32 lifetime,

    OpenSSHKey keyCopy = key;
    keyCopy.clearPrivate();
-    m_addedKeys[keyCopy] = removeOnLock;
+    m_addedKeys[keyCopy] = settings.removeAtDatabaseClose();
    return true;
 }

@ -364,15 +366,10 @@ void SSHAgent::databaseModeChanged()
            key.setComment(fileName);
        }

-        if (!m_addedKeys.contains(key) && settings.addAtDatabaseOpen()) {
-            quint32 lifetime = 0;
-
-            if (settings.useLifetimeConstraintWhenAdding()) {
-                lifetime = static_cast<quint32>(settings.lifetimeConstraintDuration());
-            }
-
-            if (!addIdentity(
-                    key, settings.removeAtDatabaseClose(), lifetime, settings.useConfirmConstraintWhenAdding())) {
+        if (settings.addAtDatabaseOpen()) {
+            // Add key to agent; ignore errors if we have previously added the key
+            bool known_key = m_addedKeys.contains(key);
+            if (!addIdentity(key, settings) && !known_key) {
                emit error(m_error);
            }
        }
--- a/src/sshagent/SSHAgent.h
+++ b/src/sshagent/SSHAgent.h
@ -25,6 +25,7 @@

 #include "crypto/ssh/OpenSSHKey.h"
 #include "gui/DatabaseWidget.h"
+#include "sshagent/KeeAgentSettings.h"

 class SSHAgent : public QObject
 {
@ -36,7 +37,7 @@ public:

    const QString errorString() const;
    bool isAgentRunning() const;
-    bool addIdentity(OpenSSHKey& key, bool removeOnLock, quint32 lifetime, bool confirm);
+    bool addIdentity(OpenSSHKey& key, KeeAgentSettings& settings);
    bool removeIdentity(OpenSSHKey& key);
    void setAutoRemoveOnLock(const OpenSSHKey& key, bool autoRemove);