search for: cert_on

...+static int add_file(int agent_fd, const char *filename, int key_only) { struct sshkey *private, *cert; @@ -445,13 +488,16 @@ lock_agent(int agent_fd, int lock) } static int -do_file(int agent_fd, int deleting, int key_only, char *file) +do_file(int agent_fd, int deleting, int key_only, int cert_only, char *file) { if (deleting) { if (delete_file(agent_fd, file, key_only) == -1) return -1; } else { - if (add_file(agent_fd, file, key_only) == -1) + if (cert_only) { + if (add_certificate_only(agent_fd, file) == -1) + return -1; + } else if (add_file(agent_fd, file, key_only)...

...ll identities from the agent. so that all certificate identities were removed from the agent. However, testing reveals that with "ssh-add -D", the presence of the "-C" option does not make any difference, and looking at the code, the delete_all() function does not take a "cert_only" argument, and the SSH protocol message exchanged is a "delete all identities" message (with no conditionals), so in effect "-D" does *just* what "-D" documents, and is not influenced by the presence (or absence) of the "-C" option. Looking around a l...

...endly) + return 0; /* no identities; nothing to do */ else printf("The agent has no identities.\n"); return -1; @@ -814,7 +816,7 @@ main(int argc, char **argv) char **dest_constraint_strings = NULL, **hostkey_files = NULL; int r, i, ch, deleting = 0, ret = 0, key_only = 0, cert_only = 0; int do_download = 0, xflag = 0, lflag = 0, Dflag = 0; - int qflag = 0, Tflag = 0; + int pflag = 0, qflag = 0, Tflag = 0; SyslogFacility log_facility = SYSLOG_FACILITY_AUTH; LogLevel log_level = SYSLOG_LEVEL_INFO; struct sshkey *k, **certs = NULL; @@ -846,7 +848,7 @@ main(int argc, ch...