(ctx *cli.Context)
| 76 | } |
| 77 | |
| 78 | func logoutAction(ctx *cli.Context) error { |
| 79 | if err := errs.MinMaxNumberOfArguments(ctx, 0, 1); err != nil { |
| 80 | return err |
| 81 | } |
| 82 | |
| 83 | all := ctx.Bool("all") |
| 84 | subject := ctx.Args().First() |
| 85 | if subject == "" { |
| 86 | subject = ctx.String("identity") |
| 87 | } |
| 88 | |
| 89 | agent, err := sshutil.DialAgent() |
| 90 | if err != nil { |
| 91 | return err |
| 92 | } |
| 93 | defer agent.Close() |
| 94 | |
| 95 | // Remove all |
| 96 | if all && ctx.NArg() == 0 { |
| 97 | if err := agent.RemoveAll(); err != nil { |
| 98 | return errors.Wrap(err, "error removing all keys") |
| 99 | } |
| 100 | fmt.Println("All identities removed.") |
| 101 | return nil |
| 102 | } |
| 103 | |
| 104 | var opts []sshutil.AgentOption |
| 105 | if !all { |
| 106 | // Remove only keys signed by the CA. If we cannot get the list of |
| 107 | // roots, remove only the ssh certificates. |
| 108 | client, err := cautils.NewClient(ctx) |
| 109 | if err != nil { |
| 110 | return err |
| 111 | } |
| 112 | if roots, err := client.SSHRoots(); err == nil && len(roots.UserKeys) > 0 { |
| 113 | userKeys := make([]ssh.PublicKey, len(roots.UserKeys)) |
| 114 | for i, uk := range roots.UserKeys { |
| 115 | userKeys[i] = uk.PublicKey |
| 116 | } |
| 117 | opts = append(opts, sshutil.WithSignatureKey(userKeys)) |
| 118 | } else { |
| 119 | opts = append(opts, sshutil.WithCertsOnly()) |
| 120 | } |
| 121 | } |
| 122 | |
| 123 | found, err := removeSSHKeys(agent, subject, opts...) |
| 124 | if err != nil { |
| 125 | return err |
| 126 | } |
| 127 | |
| 128 | switch { |
| 129 | case !found: |
| 130 | fmt.Printf("Identity not found") |
| 131 | case all: |
| 132 | fmt.Printf("All identities removed") |
| 133 | default: |
| 134 | fmt.Printf("Identity removed") |
| 135 | } |
nothing calls this directly
no test coverage detected
searching dependent graphs…