- markus@cvs.openbsd.org 2002/06/05 16:08:07

     [ssh-agent.1 ssh-agent.c]
     '-a bind_address' binds the agent to user-specified unix-domain
     socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).

4 files changed, 37 insertions, 14 deletions

diff --git a/ChangeLog b/ChangeLog
index 288783ac3..3f127b6ba 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -102,6 +102,10 @@
      [ssh-agent.1 ssh-agent.c]
      '-a bind_address' binds the agent to user-specified unix-domain
      socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
+   - markus@cvs.openbsd.org 2002/06/05 16:08:07
+     [ssh-agent.1 ssh-agent.c]
+     '-a bind_address' binds the agent to user-specified unix-domain
+     socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
 
 20020604
  - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
@@ -786,4 +790,4 @@
  - (stevesk) entropy.c: typo in debug message
  - (djm) ssh-keygen -i needs seeded RNG; report from markus@
 
-$Id: ChangeLog,v 1.2171 2002/06/06 21:46:07 mouring Exp $
+$Id: ChangeLog,v 1.2172 2002/06/06 21:46:57 mouring Exp $
diff --git a/ssh-add.1 b/ssh-add.1
index 41d5def6f..163fc45ed 100644
--- a/ssh-add.1
+++ b/ssh-add.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-add.1,v 1.30 2002/02/04 20:41:16 stevesk Exp $
+.\"     $OpenBSD: ssh-add.1,v 1.31 2002/06/05 16:35:45 markus Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -129,6 +129,9 @@ or related script.
 may be necessary to redirect the input from
 .Pa /dev/null
 to make this work.)
+.It Ev SSH_AUTH_SOCK
+Identifies the path of a unix-domain socket used to communicate with the
+agent.
 .El
 .Sh DIAGNOSTICS
 Exit status is 0 on success, 1 if the specified command fails,
diff --git a/ssh-agent.1 b/ssh-agent.1
index 9909ef590..5f498b7e3 100644
--- a/ssh-agent.1
+++ b/ssh-agent.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-agent.1,v 1.31 2002/02/04 20:41:16 stevesk Exp $
+.\" $OpenBSD: ssh-agent.1,v 1.32 2002/06/05 16:08:07 markus Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -42,6 +42,7 @@
 .Nd authentication agent
 .Sh SYNOPSIS
 .Nm ssh-agent
+.Op Fl a Ar bind_address
 .Op Fl c Li | Fl s
 .Op Fl d
 .Op Ar command Op Ar args ...
@@ -64,6 +65,11 @@ machines using
 .Pp
 The options are as follows:
 .Bl -tag -width Ds
+.It Fl a Ar bind_address
+Bind the agent to the unix-domain socket
+.Ar bind_address .
+The default is
+.Pa /tmp/ssh-XXXXXXXX/agent.<pid> .
 .It Fl c
 Generate C-shell commands on
 .Dv stdout .
@@ -135,7 +141,6 @@ by the agent, and the result will be returned to the requester.
 This way, private keys are not exposed to clients using the agent.
 .Pp
 A unix-domain socket is created
-.Pq Pa /tmp/ssh-XXXXXXXX/agent.<pid> ,
 and the name of this socket is stored in the
 .Ev SSH_AUTH_SOCK
 environment
diff --git a/ssh-agent.c b/ssh-agent.c
index 33596c47a..d3321478b 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -35,7 +35,7 @@
 
 #include "includes.h"
 #include "openbsd-compat/fake-queue.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.85 2002/04/02 11:49:39 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.86 2002/06/05 16:08:07 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/md5.h>
@@ -803,6 +803,7 @@ usage(void)
         fprintf(stderr, "  -s          Generate Bourne shell commands on stdout.\n");
         fprintf(stderr, "  -k          Kill the current agent.\n");
         fprintf(stderr, "  -d          Debug mode.\n");
+        fprintf(stderr, "  -a socket   Bind agent socket to given name.\n");
         exit(1);
 }
 
@@ -819,6 +820,7 @@ main(int ac, char **av)
 #endif
         pid_t pid;
         char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
+        char *agentsocket = NULL;
         extern int optind;
         fd_set *readsetp = NULL, *writesetp = NULL;
 
@@ -829,9 +831,9 @@ main(int ac, char **av)
         seed_rng();
 
 #ifdef __GNU_LIBRARY__
-        while ((ch = getopt(ac, av, "+cdks")) != -1) {
+        while ((ch = getopt(ac, av, "+cdksa:")) != -1) {
 #else /* __GNU_LIBRARY__ */
-        while ((ch = getopt(ac, av, "cdks")) != -1) {
+        while ((ch = getopt(ac, av, "cdksa:")) != -1) {
 #endif /* __GNU_LIBRARY__ */
                 switch (ch) {
                 case 'c':
@@ -852,6 +854,9 @@ main(int ac, char **av)
                                 usage();
                         d_flag++;
                         break;
+                case 'a':
+                        agentsocket = optarg;
+                        break;
                 default:
                         usage();
                 }
@@ -892,14 +897,20 @@ main(int ac, char **av)
         }
         parent_pid = getpid();
 
-        /* Create private directory for agent socket */
-        strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir);
-        if (mkdtemp(socket_dir) == NULL) {
-                perror("mkdtemp: private socket dir");
-                exit(1);
+        if (agentsocket == NULL) {
+                /* Create private directory for agent socket */
+                strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir);
+                if (mkdtemp(socket_dir) == NULL) {
+                        perror("mkdtemp: private socket dir");
+                        exit(1);
+                }
+                snprintf(socket_name, sizeof socket_name, "%s/agent.%d", socket_dir,
+                    parent_pid);
+        } else {
+                /* Try to use specified agent socket */
+                socket_dir[0] = '\0';
+                strlcpy(socket_name, agentsocket, sizeof socket_name);
         }
-        snprintf(socket_name, sizeof socket_name, "%s/agent.%d", socket_dir,
-            parent_pid);
 
         /*
          * Create socket early so it will exist before command gets run from