try to read for modules for pkcs11

2023-02-23 10:02:59 +01:00 · 2023-02-23 10:02:59 +01:00 · 6726c262bb
commit 6726c262bb
parent 91f4bc89bd
1 changed files with 9 additions and 4 deletions
--- a/bin/startagent
+++ b/bin/startagent
@ -291,16 +291,19 @@ agent_load_identity_keys () {
                    #[ -e "${P11M-x}" ] || [ "$(readlink - f $key)" == "$P11M" ] || key="$P11M"
                    #[ "$(readlink - f $key)" == "$P11M" ] || key="$P11M"
                    [ "$(readlink -f $key)" != "$PKCS11_MODULE" -a "${PKCS11_MODULE:-x}" != "x" ] && key="$PKCS11_MODULE"
+                    export PKCS11_MODULE=$(readlink -f $key)
+                    export P11M=$PKCS11_MODULE
                    logdebug "PKCS11_MODULE: ${PKCS11_MODULE:-not set} - key: $key"
-                    grep "export PKCS11_MODULE" ${agentfile} && sed -e '/export PKCS11_MODULE/d' ${agentfile}
-                    echo "export PKCS11_MODULE=$(readlink -f $key)" | tee -a "${agentfile}"
+                    grep -q "PKCS11_MODULE" "${agentfile}" >/dev/null 2>&1 && sed -i -e '/PKCS11_MODULE/d' "${agentfile}"
+                    echo "PKCS11_MODULE=$(readlink -f $key)" | tee -a "${agentfile}"

                    tokenfingerprints=($(ssh-keygen -l -D $key|tr -s ' '|awk '{print $2}'))

                    logtrace "fingerprints: ${fingerprints[*]}"
                    logtrace "tokenfingerprints count: ${#tokenfingerprints[@]}"
                    if [ ${#tokenfingerprints[@]} -gt 1 ]; then
-                        logerr "Found ${#tokenfingerprints[@]} in p11-kit-proxy! Check if only one token is plugged into your computer"
+                        logerr "Found ${#tokenfingerprints[@]} in $key! Check if only one token is plugged into your computer"
+                        
                    else
                        tokenfingerprint=${tokenfingerprints[0]}
                        logtrace "tokenfingerprint: ${tokenfingerprint}"
@ -310,7 +313,7 @@ agent_load_identity_keys () {
                            if  $readd || $remove ; then
                                $readd && logdebug "re-add token $key"
                                $remove && logdebug "remove token $key"
-                            echo agentfile1 $agentfile \$SSH_ADD_OPTIONS $key >&2
+                                logtrace "agentfile1 $agentfile \$SSH_ADD_OPTIONS $key "
                                logdebug "$(ssh_runinagent $agentfile ssh-add ${SSH_ADD_OPTIONS} -e "${key}" 2>&1)"
                                ssh_runinagent $agentfile echo $SSH_AUTH_SOCK >&2
                                $remove || logdebug "$(ssh_runinagent $agentfile ssh-add ${SSH_ADD_OPTIONS} -s "${key}" 2>&1)"
@ -338,6 +341,8 @@ agent_load_identity_keys () {
 function check_pubkeysonly () { 
    if [ ${#pubkeysonly[*]} -gt 0 ] ; then
        for p in ${pubkeysonly[@]}; do
+            logtrace "pubkeyonly: $p"
+            logtrace "$(ssh_runinagent $agentfile ssh-add -T ${p} 2>&1)"
            ssh_runinagent $agentfile ssh-add -T ${p} 2>&1 || { $remove || readd=true; break; }
        done
    else