Add some error-handling when adding SSH keyfiles
This commit is contained in:
parent
45c3b61476
commit
1ec3dd24e6
GPG Key ID:
784AA8DF0CCDF625
|
|
@ -840,42 +840,47 @@ This is `db-light' and `solarized-light'."
|
||||||
"Synchronously add key in KEY-FILE to currently running ssh-agent.
|
"Synchronously add key in KEY-FILE to currently running ssh-agent.
|
||||||
|
|
||||||
PASSWORD-FN is supposed to be a function returning the password
|
PASSWORD-FN is supposed to be a function returning the password
|
||||||
for KEY-FILE; PASSWORD-FN is called on demand.
|
for KEY-FILE; PASSWORD-FN is called on demand. If KEY-FILE is
|
||||||
|
not readable, this function errors out.
|
||||||
|
|
||||||
This function uses ssh-add to add the key to the currently
|
This function uses ssh-add to add the key to the currently
|
||||||
running ssh-agent and waits for the process to finish."
|
running ssh-agent and waits for the process to finish."
|
||||||
(with-environment-variables (("SSH_ASKPASS_REQUIRE" "never"))
|
(let ((key-file (expand-file-name key-file)))
|
||||||
(let* ((key-file (expand-file-name key-file))
|
|
||||||
(proc (make-process :name "ssh-add"
|
(unless (file-readable-p key-file)
|
||||||
:buffer nil
|
(user-error "SSH key %s does not exist, aborting" key-file))
|
||||||
:command (list "ssh-add" key-file)
|
|
||||||
:filter #'(lambda (process output)
|
(with-environment-variables (("SSH_ASKPASS_REQUIRE" "never"))
|
||||||
(cond
|
(let ((proc (make-process :name "ssh-add"
|
||||||
((string= (format "Enter passphrase for %s: "
|
:buffer nil
|
||||||
key-file)
|
:command (list "ssh-add" key-file)
|
||||||
output)
|
:filter #'(lambda (process output)
|
||||||
(process-send-string process (funcall password-fn))
|
(cond
|
||||||
(process-send-string process "\n"))
|
((string= (format "Enter passphrase for %s: "
|
||||||
((or (save-match-data
|
key-file)
|
||||||
(string-match (format "^Identity added: %s" key-file)
|
output)
|
||||||
output))
|
(process-send-string process (funcall password-fn))
|
||||||
(string= output "\n"))
|
(process-send-string process "\n"))
|
||||||
;; Ignore harmless output
|
((or (save-match-data
|
||||||
t)
|
(string-match (format "^Identity added: %s" key-file)
|
||||||
(t (message "Unknown output received from ssh-agent: %s" output))))
|
output))
|
||||||
:sentinel #'(lambda (_ event)
|
(string= output "\n"))
|
||||||
(cond
|
;; Ignore harmless output
|
||||||
((string= event "finished\n")
|
t)
|
||||||
(message "Successfully added %s to local SSH agent"
|
(t (message "Unknown output received from ssh-agent: %s" output))))
|
||||||
key-file))
|
:sentinel #'(lambda (_ event)
|
||||||
(t (message "Adding SSH key %s failed, ssh-add process reached state %s"
|
(cond
|
||||||
key-file
|
((string= event "finished\n")
|
||||||
event)))))))
|
(message "Successfully added %s to local SSH agent"
|
||||||
;; We are waiting for the process to finish, to not let its output
|
key-file))
|
||||||
;; intermingle with others. XXX: is there a more standard way to wait for
|
(t (message "Adding SSH key %s failed, ssh-add process reached state %s"
|
||||||
;; a process to finish?
|
key-file
|
||||||
(while (process-live-p proc)
|
event)))))))
|
||||||
(sit-for 0.2)))))
|
;; We are waiting for the process to finish, to not let its output
|
||||||
|
;; intermingle with others. XXX: is there a more standard way to wait for
|
||||||
|
;; a process to finish?
|
||||||
|
(while (process-live-p proc)
|
||||||
|
(sit-for 0.2))))))
|
||||||
|
|
||||||
(defun db/ssh-key-hash-from-filename (key-file)
|
(defun db/ssh-key-hash-from-filename (key-file)
|
||||||
"Return the SHA256 hash value of the SSH key located in KEY-FILE.
|
"Return the SHA256 hash value of the SSH key located in KEY-FILE.
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue