From 302270174d8173be35e8c1b464a0d9e731650c15 Mon Sep 17 00:00:00 2001
From: Michael Stucki <michael@stucki.io>
Date: Sun, 1 Jul 2018 18:20:34 +0200
Subject: Use existing ssh-agent when invoking a sudo shell (#3891)

When invoking a shell as root using ```sudo -s```, the ssh-agent plugin
starts a new agent although it already exists.

The problem boils down to a check if ssh-agent is running using
```ps x```. If that is extended to ```ps ax``` for root, then the
existing ssh-agent will still work.
---
 plugins/ssh-agent/ssh-agent.plugin.zsh | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'plugins/ssh-agent/ssh-agent.plugin.zsh')

diff --git a/plugins/ssh-agent/ssh-agent.plugin.zsh b/plugins/ssh-agent/ssh-agent.plugin.zsh
index 20f97c6f1..fe4946c6d 100644
--- a/plugins/ssh-agent/ssh-agent.plugin.zsh
+++ b/plugins/ssh-agent/ssh-agent.plugin.zsh
@@ -30,7 +30,12 @@ if [[ $_agent_forwarding == "yes" && -n "$SSH_AUTH_SOCK" ]]; then
 elif [[ -f "$_ssh_env_cache" ]]; then
 	# Source SSH settings, if applicable
 	. $_ssh_env_cache > /dev/null
-	ps x | grep ssh-agent | grep -q $SSH_AGENT_PID || {
+	if [[ $USER == "root" ]]; then
+		FILTER="ax"
+	else
+		FILTER="x"
+	fi
+	ps $FILTER | grep ssh-agent | grep -q $SSH_AGENT_PID || {
 		_start_agent
 	}
 else
-- 
cgit v1.2.3-70-g09d2


From fabee55948776e2e4c210e9dcd75e7bc38c02bec Mon Sep 17 00:00:00 2001
From: Marc Cornellà <marc.cornella@live.com>
Date: Wed, 9 Jan 2019 21:19:52 +0100
Subject: ssh-agent: autoload identities not already loaded (#7174)

With this PR the ssh-agent plugin checks the `ssh-add -l` output for the
identities added, and adds all those specified by the user that haven't been
added yet.

We also decouple the logic of starting ssh-agent from the logic of adding
identities, meaning that even if ssh-agent has been started by some other means
(like launchd) we can still ssh-add the user's identities.

Fixes #3019
Fixes #6979
---
 plugins/ssh-agent/ssh-agent.plugin.zsh | 23 ++++++++++++++++-------
 1 file changed, 16 insertions(+), 7 deletions(-)

(limited to 'plugins/ssh-agent/ssh-agent.plugin.zsh')

diff --git a/plugins/ssh-agent/ssh-agent.plugin.zsh b/plugins/ssh-agent/ssh-agent.plugin.zsh
index fe4946c6d..a688855d0 100644
--- a/plugins/ssh-agent/ssh-agent.plugin.zsh
+++ b/plugins/ssh-agent/ssh-agent.plugin.zsh
@@ -2,20 +2,27 @@ typeset _agent_forwarding _ssh_env_cache
 
 function _start_agent() {
 	local lifetime
-	local -a identities
-
-	# start ssh-agent and setup environment
 	zstyle -s :omz:plugins:ssh-agent lifetime lifetime
 
+	# start ssh-agent and setup environment
+	echo starting ssh-agent...
 	ssh-agent -s ${lifetime:+-t} ${lifetime} | sed 's/^echo/#echo/' >! $_ssh_env_cache
 	chmod 600 $_ssh_env_cache
 	. $_ssh_env_cache > /dev/null
+}
 
-	# load identies
+function _add_identities() {
+	local id line
+	local -a identities ids
 	zstyle -a :omz:plugins:ssh-agent identities identities
 
-	echo starting ssh-agent...
-	ssh-add $HOME/.ssh/${^identities}
+	# get list of loaded identities
+	for line in ${(f)"$(ssh-add -l)"}; do ids+=${${(z)line}[3]}; done
+
+	# add identities if not already loaded
+	for id in ${^identities}; do
+		[[ ${ids[(I)$HOME/.ssh/$id]} -le 0 ]] && ssh-add $HOME/.ssh/$id
+	done
 }
 
 # Get the filename to store/lookup the environment from
@@ -42,6 +49,8 @@ else
 	_start_agent
 fi
 
+_add_identities
+
 # tidy up after ourselves
 unset _agent_forwarding _ssh_env_cache
-unfunction _start_agent
+unfunction _start_agent _add_identities
-- 
cgit v1.2.3-70-g09d2


From 2a603856598eafc3c8a0bde80f8a885d2a81dfee Mon Sep 17 00:00:00 2001
From: François Scala <github@arcenik.net>
Date: Mon, 14 Jan 2019 16:38:45 +0100
Subject: ssh-agent: use key signatures to check loaded ids (#7504)

Use fingerprint of ssh key instead of file name to control if the key is already loaded.

Also check for .ssh folder presence (#5128)
---
 plugins/ssh-agent/ssh-agent.plugin.zsh | 24 ++++++++++++++++++------
 1 file changed, 18 insertions(+), 6 deletions(-)

(limited to 'plugins/ssh-agent/ssh-agent.plugin.zsh')

diff --git a/plugins/ssh-agent/ssh-agent.plugin.zsh b/plugins/ssh-agent/ssh-agent.plugin.zsh
index a688855d0..2a860f3aa 100644
--- a/plugins/ssh-agent/ssh-agent.plugin.zsh
+++ b/plugins/ssh-agent/ssh-agent.plugin.zsh
@@ -12,16 +12,28 @@ function _start_agent() {
 }
 
 function _add_identities() {
-	local id line
-	local -a identities ids
+	local id line sig
+	local -a identities loaded signatures
 	zstyle -a :omz:plugins:ssh-agent identities identities
 
-	# get list of loaded identities
-	for line in ${(f)"$(ssh-add -l)"}; do ids+=${${(z)line}[3]}; done
+	# check for .ssh folder presence
+	if [[ ! -d $HOME/.ssh ]]; then
+		return
+	fi
+
+	# get list of loaded identities' signatures
+	for line in ${(f)"$(ssh-add -l)"}; do loaded+=${${(z)line}[2]}; done
+
+	# get signatures of private keys
+	for id in $identities; do
+		signatures+="$(ssh-keygen -lf "$HOME/.ssh/$id" | awk '{print $2}')	$id"
+	done
 
 	# add identities if not already loaded
-	for id in ${^identities}; do
-		[[ ${ids[(I)$HOME/.ssh/$id]} -le 0 ]] && ssh-add $HOME/.ssh/$id
+	for sig in $signatures; do
+		id="$(cut -f2 <<< $sig)"
+		sig="$(cut -f1 <<< $sig)"
+		[[ ${loaded[(I)$sig]} -le 0 ]] && ssh-add $HOME/.ssh/$id
 	done
 }
 
-- 
cgit v1.2.3-70-g09d2


From 9329efd2522b3eaba5f6d9d53e41c090eb6b3c92 Mon Sep 17 00:00:00 2001
From: Andreas <andreas@galauner.de>
Date: Mon, 14 Jan 2019 16:42:14 +0100
Subject: ssh-agent: autoload identities in one go (#7507)

With this PR the ssh-agent plugin loads all identities which are not yet
loaded in a single call to ssh-add. If a passphrase is shared between
loaded identities it only needs to be entered once.

Fixes #7506
---
 plugins/ssh-agent/ssh-agent.plugin.zsh | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

(limited to 'plugins/ssh-agent/ssh-agent.plugin.zsh')

diff --git a/plugins/ssh-agent/ssh-agent.plugin.zsh b/plugins/ssh-agent/ssh-agent.plugin.zsh
index 2a860f3aa..1cc5630e1 100644
--- a/plugins/ssh-agent/ssh-agent.plugin.zsh
+++ b/plugins/ssh-agent/ssh-agent.plugin.zsh
@@ -13,7 +13,7 @@ function _start_agent() {
 
 function _add_identities() {
 	local id line sig
-	local -a identities loaded signatures
+	local -a identities loaded not_loaded signatures
 	zstyle -a :omz:plugins:ssh-agent identities identities
 
 	# check for .ssh folder presence
@@ -33,8 +33,10 @@ function _add_identities() {
 	for sig in $signatures; do
 		id="$(cut -f2 <<< $sig)"
 		sig="$(cut -f1 <<< $sig)"
-		[[ ${loaded[(I)$sig]} -le 0 ]] && ssh-add $HOME/.ssh/$id
+		[[ ${loaded[(I)$sig]} -le 0 ]] && not_loaded+="$HOME/.ssh/$id"
 	done
+
+	if [[ -n "$not_loaded" ]] && ssh-add ${^not_loaded}
 }
 
 # Get the filename to store/lookup the environment from
-- 
cgit v1.2.3-70-g09d2


From 9d1dd24e3568ebbcce093bb351ea776a0bf2c0ff Mon Sep 17 00:00:00 2001
From: Marc Cornellà <marc.cornella@live.com>
Date: Sat, 19 Jan 2019 18:00:04 +0100
Subject: ssh-agent: add default keys if no zstyle identities were set (#7520)

---
 plugins/ssh-agent/ssh-agent.plugin.zsh | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'plugins/ssh-agent/ssh-agent.plugin.zsh')

diff --git a/plugins/ssh-agent/ssh-agent.plugin.zsh b/plugins/ssh-agent/ssh-agent.plugin.zsh
index 1cc5630e1..0a204309e 100644
--- a/plugins/ssh-agent/ssh-agent.plugin.zsh
+++ b/plugins/ssh-agent/ssh-agent.plugin.zsh
@@ -21,6 +21,16 @@ function _add_identities() {
 		return
 	fi
 
+	# add default keys if no identities were set up via zstyle
+	# this is to mimic the call to ssh-add with no identities
+	if [[ ${#identities} -eq 0 ]]; then
+		# key list found on `ssh-add` man page's DESCRIPTION section
+		for id in id_rsa id_dsa id_ecdsa id_ed25519 identity; do
+			# check if file exists
+			[[ -f "$HOME/.ssh/$id" ]] && identities+=$id
+		done
+	fi
+
 	# get list of loaded identities' signatures
 	for line in ${(f)"$(ssh-add -l)"}; do loaded+=${${(z)line}[2]}; done
 
@@ -36,7 +46,7 @@ function _add_identities() {
 		[[ ${loaded[(I)$sig]} -le 0 ]] && not_loaded+="$HOME/.ssh/$id"
 	done
 
-	if [[ -n "$not_loaded" ]] && ssh-add ${^not_loaded}
+	[[ -n "$not_loaded" ]] && ssh-add ${^not_loaded}
 }
 
 # Get the filename to store/lookup the environment from
-- 
cgit v1.2.3-70-g09d2


From c4948696328eab3b954932eb940ec8ec97b12906 Mon Sep 17 00:00:00 2001
From: Marc Cornellà <marc.cornella@live.com>
Date: Mon, 21 Jan 2019 20:31:30 +0100
Subject: ssh-agent: check for loaded id filenames first (#7521)

This change makes the plugin check if an identity is loaded by looking
first at the key filename reported by `ssh-add -l`. This fixes the use
case where ssh-keygen is not able to output the fingerprint of a key,
such as the one reported on #7516.

Now, for an identity to be passed onto ssh-add, it has to fail the
match for a loaded identity, both filename and signature.
---
 plugins/ssh-agent/ssh-agent.plugin.zsh | 22 +++++++++++-----------
 1 file changed, 11 insertions(+), 11 deletions(-)

(limited to 'plugins/ssh-agent/ssh-agent.plugin.zsh')

diff --git a/plugins/ssh-agent/ssh-agent.plugin.zsh b/plugins/ssh-agent/ssh-agent.plugin.zsh
index 0a204309e..a7a4ee33a 100644
--- a/plugins/ssh-agent/ssh-agent.plugin.zsh
+++ b/plugins/ssh-agent/ssh-agent.plugin.zsh
@@ -13,7 +13,7 @@ function _start_agent() {
 
 function _add_identities() {
 	local id line sig
-	local -a identities loaded not_loaded signatures
+	local -a identities loaded_sigs loaded_ids not_loaded
 	zstyle -a :omz:plugins:ssh-agent identities identities
 
 	# check for .ssh folder presence
@@ -31,19 +31,19 @@ function _add_identities() {
 		done
 	fi
 
-	# get list of loaded identities' signatures
-	for line in ${(f)"$(ssh-add -l)"}; do loaded+=${${(z)line}[2]}; done
-
-	# get signatures of private keys
-	for id in $identities; do
-		signatures+="$(ssh-keygen -lf "$HOME/.ssh/$id" | awk '{print $2}')	$id"
+	# get list of loaded identities' signatures and filenames
+	for line in ${(f)"$(ssh-add -l)"}; do
+		loaded_sigs+=${${(z)line}[2]}
+		loaded_ids+=${${(z)line}[3]}
 	done
 
 	# add identities if not already loaded
-	for sig in $signatures; do
-		id="$(cut -f2 <<< $sig)"
-		sig="$(cut -f1 <<< $sig)"
-		[[ ${loaded[(I)$sig]} -le 0 ]] && not_loaded+="$HOME/.ssh/$id"
+	for id in $identities; do
+		# check for filename match, otherwise try for signature match
+		if [[ ${loaded_ids[(I)$HOME/.ssh/$id]} -le 0 ]]; then
+			sig="$(ssh-keygen -lf "$HOME/.ssh/$id" | awk '{print $2}')"
+			[[ ${loaded_sigs[(I)$sig]} -le 0 ]] && not_loaded+="$HOME/.ssh/$id"
+		fi
 	done
 
 	[[ -n "$not_loaded" ]] && ssh-add ${^not_loaded}
-- 
cgit v1.2.3-70-g09d2


From 0f0448fa6c431cb9894e82741ec5b4dd90872ba8 Mon Sep 17 00:00:00 2001
From: Jannik <6362150+janniks@users.noreply.github.com>
Date: Tue, 7 May 2019 21:21:55 +0200
Subject: ssh-agent: consolidate uppercase message (#7834)

---
 plugins/ssh-agent/ssh-agent.plugin.zsh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'plugins/ssh-agent/ssh-agent.plugin.zsh')

diff --git a/plugins/ssh-agent/ssh-agent.plugin.zsh b/plugins/ssh-agent/ssh-agent.plugin.zsh
index a7a4ee33a..9471ff49c 100644
--- a/plugins/ssh-agent/ssh-agent.plugin.zsh
+++ b/plugins/ssh-agent/ssh-agent.plugin.zsh
@@ -5,7 +5,7 @@ function _start_agent() {
 	zstyle -s :omz:plugins:ssh-agent lifetime lifetime
 
 	# start ssh-agent and setup environment
-	echo starting ssh-agent...
+	echo Starting ssh-agent...
 	ssh-agent -s ${lifetime:+-t} ${lifetime} | sed 's/^echo/#echo/' >! $_ssh_env_cache
 	chmod 600 $_ssh_env_cache
 	. $_ssh_env_cache > /dev/null
-- 
cgit v1.2.3-70-g09d2