From 678ec69ebea107f2993c78bec7e819ebb910bdf8 Mon Sep 17 00:00:00 2001
From: Michael Jumper <mike.jumper@guac-dev.org>
Date: Wed, 30 Oct 2013 15:46:13 -0700
Subject: [PATCH] Read private key, if any.

---
 src/protocols/ssh/client.c        | 39 +++++++++++++++++++++++++++++++
 src/protocols/ssh/client.h        |  7 ++++++
 src/protocols/ssh/guac_handlers.c |  6 +++++
 3 files changed, 52 insertions(+)

diff --git a/src/protocols/ssh/client.c b/src/protocols/ssh/client.c
index e2b469b9..df3b3027 100644
--- a/src/protocols/ssh/client.c
+++ b/src/protocols/ssh/client.c
@@ -66,6 +66,10 @@ const char* GUAC_CLIENT_ARGS[] = {
     "font-name",
     "font-size",
     "enable-sftp",
+#ifdef ENABLE_SSH_PUBLIC_KEY
+    "private-key",
+    "passphrase",
+#endif
     NULL
 };
 
@@ -106,6 +110,18 @@ enum __SSH_ARGS_IDX {
      */
     IDX_ENABLE_SFTP,
 
+#ifdef ENABLE_SSH_PUBLIC_KEY
+    /**
+     * The private key to use for authentication, if any.
+     */
+    IDX_PRIVATE_KEY,
+
+    /**
+     * The passphrase required to decrypt the private key, if any.
+     */
+    IDX_PASSPHRASE,
+#endif
+
     SSH_ARGS_COUNT
 };
 
@@ -133,6 +149,29 @@ int guac_client_init(guac_client* client, int argc, char** argv) {
     strcpy(client_data->username,  argv[IDX_USERNAME]);
     strcpy(client_data->password,  argv[IDX_PASSWORD]);
 
+#ifdef ENABLE_SSH_PUBLIC_KEY
+
+    client_data->key = NULL;
+
+    /* Read private key, if given */
+    if (argv[IDX_PRIVATE_KEY][0] != 0) {
+
+        /* Pull parameters */
+        const char* private_key = argv[IDX_PRIVATE_KEY];
+        const char* passphrase = argv[IDX_PASSPHRASE];
+        if (passphrase[0] == 0)
+            passphrase = NULL;
+
+        /* Read key */
+        if (ssh_pki_import_privkey_base64(private_key, passphrase,
+                NULL, NULL, &client_data->key) == SSH_OK)
+            guac_client_log_info(client, "Auth key successfully imported.");
+        else
+            guac_client_log_error(client, "Auth key import failed.");
+
+    }
+#endif
+
     /* Read font name */
     if (argv[IDX_FONT_NAME][0] != 0)
         strcpy(client_data->font_name, argv[IDX_FONT_NAME]);
diff --git a/src/protocols/ssh/client.h b/src/protocols/ssh/client.h
index f35b25b0..74b06567 100644
--- a/src/protocols/ssh/client.h
+++ b/src/protocols/ssh/client.h
@@ -72,6 +72,13 @@ typedef struct ssh_guac_client_data {
      */
     char password[1024];
 
+#ifdef ENABLE_SSH_PUBLIC_KEY
+    /**
+     * The private key to use for authentication, if any.
+     */
+    ssh_key key;
+#endif
+
     /**
      * The name of the font to use for display rendering.
      */
diff --git a/src/protocols/ssh/guac_handlers.c b/src/protocols/ssh/guac_handlers.c
index 51fbefc2..100215b7 100644
--- a/src/protocols/ssh/guac_handlers.c
+++ b/src/protocols/ssh/guac_handlers.c
@@ -443,6 +443,12 @@ int ssh_guac_client_free_handler(guac_client* client) {
     /* Free session */
     ssh_free(guac_client_data->session);
 
+#ifdef ENABLE_SSH_PUBLIC_KEY
+    /* Free auth key */
+    if (guac_client_data->key != NULL)
+        ssh_key_free(guac_client_data->key);
+#endif
+
     /* Free clipboard data */
     free(guac_client_data->clipboard_data);