diff options
author | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-06 21:48:57 +0000 |
---|---|---|
committer | Ben Lindstrom <mouring@eviladmin.org> | 2002-06-06 21:48:57 +0000 |
commit | 21d1ed8303c0d766b5bb1b3f0e54a7e28ae3c577 (patch) | |
tree | e79b9c2f4b1086baaec1ecebe8dd9acbe2a06cc1 | |
parent | b7788f3ebee920d6b14b37034f7f769788b6dff6 (diff) |
- markus@cvs.openbsd.org 2002/06/05 16:48:54
[ssh-agent.c]
copy current request into an extra buffer and just flush this
request on errors, ok provos@
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | ssh-agent.c | 97 |
2 files changed, 60 insertions, 43 deletions
@@ -106,6 +106,10 @@ | |||
106 | [ssh-agent.1 ssh-agent.c] | 106 | [ssh-agent.1 ssh-agent.c] |
107 | '-a bind_address' binds the agent to user-specified unix-domain | 107 | '-a bind_address' binds the agent to user-specified unix-domain |
108 | socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago). | 108 | socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago). |
109 | - markus@cvs.openbsd.org 2002/06/05 16:48:54 | ||
110 | [ssh-agent.c] | ||
111 | copy current request into an extra buffer and just flush this | ||
112 | request on errors, ok provos@ | ||
109 | 113 | ||
110 | 20020604 | 114 | 20020604 |
111 | - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed | 115 | - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed |
@@ -790,4 +794,4 @@ | |||
790 | - (stevesk) entropy.c: typo in debug message | 794 | - (stevesk) entropy.c: typo in debug message |
791 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ | 795 | - (djm) ssh-keygen -i needs seeded RNG; report from markus@ |
792 | 796 | ||
793 | $Id: ChangeLog,v 1.2172 2002/06/06 21:46:57 mouring Exp $ | 797 | $Id: ChangeLog,v 1.2173 2002/06/06 21:48:57 mouring Exp $ |
diff --git a/ssh-agent.c b/ssh-agent.c index d3321478b..13a88afd9 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -35,7 +35,7 @@ | |||
35 | 35 | ||
36 | #include "includes.h" | 36 | #include "includes.h" |
37 | #include "openbsd-compat/fake-queue.h" | 37 | #include "openbsd-compat/fake-queue.h" |
38 | RCSID("$OpenBSD: ssh-agent.c,v 1.86 2002/06/05 16:08:07 markus Exp $"); | 38 | RCSID("$OpenBSD: ssh-agent.c,v 1.87 2002/06/05 16:48:54 markus Exp $"); |
39 | 39 | ||
40 | #include <openssl/evp.h> | 40 | #include <openssl/evp.h> |
41 | #include <openssl/md5.h> | 41 | #include <openssl/md5.h> |
@@ -66,6 +66,7 @@ typedef struct { | |||
66 | sock_type type; | 66 | sock_type type; |
67 | Buffer input; | 67 | Buffer input; |
68 | Buffer output; | 68 | Buffer output; |
69 | Buffer request; | ||
69 | } SocketEntry; | 70 | } SocketEntry; |
70 | 71 | ||
71 | u_int sockets_alloc = 0; | 72 | u_int sockets_alloc = 0; |
@@ -190,16 +191,16 @@ process_authentication_challenge1(SocketEntry *e) | |||
190 | if ((challenge = BN_new()) == NULL) | 191 | if ((challenge = BN_new()) == NULL) |
191 | fatal("process_authentication_challenge1: BN_new failed"); | 192 | fatal("process_authentication_challenge1: BN_new failed"); |
192 | 193 | ||
193 | buffer_get_int(&e->input); /* ignored */ | 194 | buffer_get_int(&e->request); /* ignored */ |
194 | buffer_get_bignum(&e->input, key->rsa->e); | 195 | buffer_get_bignum(&e->request, key->rsa->e); |
195 | buffer_get_bignum(&e->input, key->rsa->n); | 196 | buffer_get_bignum(&e->request, key->rsa->n); |
196 | buffer_get_bignum(&e->input, challenge); | 197 | buffer_get_bignum(&e->request, challenge); |
197 | 198 | ||
198 | /* Only protocol 1.1 is supported */ | 199 | /* Only protocol 1.1 is supported */ |
199 | if (buffer_len(&e->input) == 0) | 200 | if (buffer_len(&e->request) == 0) |
200 | goto failure; | 201 | goto failure; |
201 | buffer_get(&e->input, session_id, 16); | 202 | buffer_get(&e->request, session_id, 16); |
202 | response_type = buffer_get_int(&e->input); | 203 | response_type = buffer_get_int(&e->request); |
203 | if (response_type != 1) | 204 | if (response_type != 1) |
204 | goto failure; | 205 | goto failure; |
205 | 206 | ||
@@ -255,10 +256,10 @@ process_sign_request2(SocketEntry *e) | |||
255 | 256 | ||
256 | datafellows = 0; | 257 | datafellows = 0; |
257 | 258 | ||
258 | blob = buffer_get_string(&e->input, &blen); | 259 | blob = buffer_get_string(&e->request, &blen); |
259 | data = buffer_get_string(&e->input, &dlen); | 260 | data = buffer_get_string(&e->request, &dlen); |
260 | 261 | ||
261 | flags = buffer_get_int(&e->input); | 262 | flags = buffer_get_int(&e->request); |
262 | if (flags & SSH_AGENT_OLD_SIGNATURE) | 263 | if (flags & SSH_AGENT_OLD_SIGNATURE) |
263 | datafellows = SSH_BUG_SIGBLOB; | 264 | datafellows = SSH_BUG_SIGBLOB; |
264 | 265 | ||
@@ -299,16 +300,16 @@ process_remove_identity(SocketEntry *e, int version) | |||
299 | switch (version) { | 300 | switch (version) { |
300 | case 1: | 301 | case 1: |
301 | key = key_new(KEY_RSA1); | 302 | key = key_new(KEY_RSA1); |
302 | bits = buffer_get_int(&e->input); | 303 | bits = buffer_get_int(&e->request); |
303 | buffer_get_bignum(&e->input, key->rsa->e); | 304 | buffer_get_bignum(&e->request, key->rsa->e); |
304 | buffer_get_bignum(&e->input, key->rsa->n); | 305 | buffer_get_bignum(&e->request, key->rsa->n); |
305 | 306 | ||
306 | if (bits != key_size(key)) | 307 | if (bits != key_size(key)) |
307 | log("Warning: identity keysize mismatch: actual %d, announced %d", | 308 | log("Warning: identity keysize mismatch: actual %d, announced %d", |
308 | key_size(key), bits); | 309 | key_size(key), bits); |
309 | break; | 310 | break; |
310 | case 2: | 311 | case 2: |
311 | blob = buffer_get_string(&e->input, &blen); | 312 | blob = buffer_get_string(&e->request, &blen); |
312 | key = key_from_blob(blob, blen); | 313 | key = key_from_blob(blob, blen); |
313 | xfree(blob); | 314 | xfree(blob); |
314 | break; | 315 | break; |
@@ -374,51 +375,51 @@ process_add_identity(SocketEntry *e, int version) | |||
374 | switch (version) { | 375 | switch (version) { |
375 | case 1: | 376 | case 1: |
376 | k = key_new_private(KEY_RSA1); | 377 | k = key_new_private(KEY_RSA1); |
377 | buffer_get_int(&e->input); /* ignored */ | 378 | buffer_get_int(&e->request); /* ignored */ |
378 | buffer_get_bignum(&e->input, k->rsa->n); | 379 | buffer_get_bignum(&e->request, k->rsa->n); |
379 | buffer_get_bignum(&e->input, k->rsa->e); | 380 | buffer_get_bignum(&e->request, k->rsa->e); |
380 | buffer_get_bignum(&e->input, k->rsa->d); | 381 | buffer_get_bignum(&e->request, k->rsa->d); |
381 | buffer_get_bignum(&e->input, k->rsa->iqmp); | 382 | buffer_get_bignum(&e->request, k->rsa->iqmp); |
382 | 383 | ||
383 | /* SSH and SSL have p and q swapped */ | 384 | /* SSH and SSL have p and q swapped */ |
384 | buffer_get_bignum(&e->input, k->rsa->q); /* p */ | 385 | buffer_get_bignum(&e->request, k->rsa->q); /* p */ |
385 | buffer_get_bignum(&e->input, k->rsa->p); /* q */ | 386 | buffer_get_bignum(&e->request, k->rsa->p); /* q */ |
386 | 387 | ||
387 | /* Generate additional parameters */ | 388 | /* Generate additional parameters */ |
388 | rsa_generate_additional_parameters(k->rsa); | 389 | rsa_generate_additional_parameters(k->rsa); |
389 | break; | 390 | break; |
390 | case 2: | 391 | case 2: |
391 | type_name = buffer_get_string(&e->input, NULL); | 392 | type_name = buffer_get_string(&e->request, NULL); |
392 | type = key_type_from_name(type_name); | 393 | type = key_type_from_name(type_name); |
393 | xfree(type_name); | 394 | xfree(type_name); |
394 | switch (type) { | 395 | switch (type) { |
395 | case KEY_DSA: | 396 | case KEY_DSA: |
396 | k = key_new_private(type); | 397 | k = key_new_private(type); |
397 | buffer_get_bignum2(&e->input, k->dsa->p); | 398 | buffer_get_bignum2(&e->request, k->dsa->p); |
398 | buffer_get_bignum2(&e->input, k->dsa->q); | 399 | buffer_get_bignum2(&e->request, k->dsa->q); |
399 | buffer_get_bignum2(&e->input, k->dsa->g); | 400 | buffer_get_bignum2(&e->request, k->dsa->g); |
400 | buffer_get_bignum2(&e->input, k->dsa->pub_key); | 401 | buffer_get_bignum2(&e->request, k->dsa->pub_key); |
401 | buffer_get_bignum2(&e->input, k->dsa->priv_key); | 402 | buffer_get_bignum2(&e->request, k->dsa->priv_key); |
402 | break; | 403 | break; |
403 | case KEY_RSA: | 404 | case KEY_RSA: |
404 | k = key_new_private(type); | 405 | k = key_new_private(type); |
405 | buffer_get_bignum2(&e->input, k->rsa->n); | 406 | buffer_get_bignum2(&e->request, k->rsa->n); |
406 | buffer_get_bignum2(&e->input, k->rsa->e); | 407 | buffer_get_bignum2(&e->request, k->rsa->e); |
407 | buffer_get_bignum2(&e->input, k->rsa->d); | 408 | buffer_get_bignum2(&e->request, k->rsa->d); |
408 | buffer_get_bignum2(&e->input, k->rsa->iqmp); | 409 | buffer_get_bignum2(&e->request, k->rsa->iqmp); |
409 | buffer_get_bignum2(&e->input, k->rsa->p); | 410 | buffer_get_bignum2(&e->request, k->rsa->p); |
410 | buffer_get_bignum2(&e->input, k->rsa->q); | 411 | buffer_get_bignum2(&e->request, k->rsa->q); |
411 | 412 | ||
412 | /* Generate additional parameters */ | 413 | /* Generate additional parameters */ |
413 | rsa_generate_additional_parameters(k->rsa); | 414 | rsa_generate_additional_parameters(k->rsa); |
414 | break; | 415 | break; |
415 | default: | 416 | default: |
416 | buffer_clear(&e->input); | 417 | buffer_clear(&e->request); |
417 | goto send; | 418 | goto send; |
418 | } | 419 | } |
419 | break; | 420 | break; |
420 | } | 421 | } |
421 | comment = buffer_get_string(&e->input, NULL); | 422 | comment = buffer_get_string(&e->request, NULL); |
422 | if (k == NULL) { | 423 | if (k == NULL) { |
423 | xfree(comment); | 424 | xfree(comment); |
424 | goto send; | 425 | goto send; |
@@ -452,8 +453,8 @@ process_add_smartcard_key (SocketEntry *e) | |||
452 | char *sc_reader_id = NULL, *pin; | 453 | char *sc_reader_id = NULL, *pin; |
453 | int i, version, success = 0; | 454 | int i, version, success = 0; |
454 | 455 | ||
455 | sc_reader_id = buffer_get_string(&e->input, NULL); | 456 | sc_reader_id = buffer_get_string(&e->request, NULL); |
456 | pin = buffer_get_string(&e->input, NULL); | 457 | pin = buffer_get_string(&e->request, NULL); |
457 | keys = sc_get_keys(sc_reader_id, pin); | 458 | keys = sc_get_keys(sc_reader_id, pin); |
458 | xfree(sc_reader_id); | 459 | xfree(sc_reader_id); |
459 | xfree(pin); | 460 | xfree(pin); |
@@ -494,8 +495,8 @@ process_remove_smartcard_key(SocketEntry *e) | |||
494 | char *sc_reader_id = NULL, *pin; | 495 | char *sc_reader_id = NULL, *pin; |
495 | int i, version, success = 0; | 496 | int i, version, success = 0; |
496 | 497 | ||
497 | sc_reader_id = buffer_get_string(&e->input, NULL); | 498 | sc_reader_id = buffer_get_string(&e->request, NULL); |
498 | pin = buffer_get_string(&e->input, NULL); | 499 | pin = buffer_get_string(&e->request, NULL); |
499 | keys = sc_get_keys(sc_reader_id, pin); | 500 | keys = sc_get_keys(sc_reader_id, pin); |
500 | xfree(sc_reader_id); | 501 | xfree(sc_reader_id); |
501 | xfree(pin); | 502 | xfree(pin); |
@@ -541,12 +542,20 @@ process_message(SocketEntry *e) | |||
541 | shutdown(e->fd, SHUT_RDWR); | 542 | shutdown(e->fd, SHUT_RDWR); |
542 | close(e->fd); | 543 | close(e->fd); |
543 | e->type = AUTH_UNUSED; | 544 | e->type = AUTH_UNUSED; |
545 | buffer_free(&e->input); | ||
546 | buffer_free(&e->output); | ||
547 | buffer_free(&e->request); | ||
544 | return; | 548 | return; |
545 | } | 549 | } |
546 | if (buffer_len(&e->input) < msg_len + 4) | 550 | if (buffer_len(&e->input) < msg_len + 4) |
547 | return; | 551 | return; |
552 | |||
553 | /* move the current input to e->request */ | ||
548 | buffer_consume(&e->input, 4); | 554 | buffer_consume(&e->input, 4); |
549 | type = buffer_get_char(&e->input); | 555 | buffer_clear(&e->request); |
556 | buffer_append(&e->request, buffer_ptr(&e->input), msg_len); | ||
557 | buffer_consume(&e->input, msg_len); | ||
558 | type = buffer_get_char(&e->request); | ||
550 | 559 | ||
551 | debug("type %d", type); | 560 | debug("type %d", type); |
552 | switch (type) { | 561 | switch (type) { |
@@ -593,7 +602,7 @@ process_message(SocketEntry *e) | |||
593 | default: | 602 | default: |
594 | /* Unknown message. Respond with failure. */ | 603 | /* Unknown message. Respond with failure. */ |
595 | error("Unknown message %d", type); | 604 | error("Unknown message %d", type); |
596 | buffer_clear(&e->input); | 605 | buffer_clear(&e->request); |
597 | buffer_put_int(&e->output, 1); | 606 | buffer_put_int(&e->output, 1); |
598 | buffer_put_char(&e->output, SSH_AGENT_FAILURE); | 607 | buffer_put_char(&e->output, SSH_AGENT_FAILURE); |
599 | break; | 608 | break; |
@@ -616,6 +625,7 @@ new_socket(sock_type type, int fd) | |||
616 | sockets[i].type = type; | 625 | sockets[i].type = type; |
617 | buffer_init(&sockets[i].input); | 626 | buffer_init(&sockets[i].input); |
618 | buffer_init(&sockets[i].output); | 627 | buffer_init(&sockets[i].output); |
628 | buffer_init(&sockets[i].request); | ||
619 | return; | 629 | return; |
620 | } | 630 | } |
621 | old_alloc = sockets_alloc; | 631 | old_alloc = sockets_alloc; |
@@ -630,6 +640,7 @@ new_socket(sock_type type, int fd) | |||
630 | sockets[old_alloc].fd = fd; | 640 | sockets[old_alloc].fd = fd; |
631 | buffer_init(&sockets[old_alloc].input); | 641 | buffer_init(&sockets[old_alloc].input); |
632 | buffer_init(&sockets[old_alloc].output); | 642 | buffer_init(&sockets[old_alloc].output); |
643 | buffer_init(&sockets[old_alloc].request); | ||
633 | } | 644 | } |
634 | 645 | ||
635 | static int | 646 | static int |
@@ -727,6 +738,7 @@ after_select(fd_set *readset, fd_set *writeset) | |||
727 | sockets[i].type = AUTH_UNUSED; | 738 | sockets[i].type = AUTH_UNUSED; |
728 | buffer_free(&sockets[i].input); | 739 | buffer_free(&sockets[i].input); |
729 | buffer_free(&sockets[i].output); | 740 | buffer_free(&sockets[i].output); |
741 | buffer_free(&sockets[i].request); | ||
730 | break; | 742 | break; |
731 | } | 743 | } |
732 | buffer_consume(&sockets[i].output, len); | 744 | buffer_consume(&sockets[i].output, len); |
@@ -745,6 +757,7 @@ after_select(fd_set *readset, fd_set *writeset) | |||
745 | sockets[i].type = AUTH_UNUSED; | 757 | sockets[i].type = AUTH_UNUSED; |
746 | buffer_free(&sockets[i].input); | 758 | buffer_free(&sockets[i].input); |
747 | buffer_free(&sockets[i].output); | 759 | buffer_free(&sockets[i].output); |
760 | buffer_free(&sockets[i].request); | ||
748 | break; | 761 | break; |
749 | } | 762 | } |
750 | buffer_append(&sockets[i].input, buf, len); | 763 | buffer_append(&sockets[i].input, buf, len); |