diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2019-12-21 02:19:13 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-12-21 13:22:07 +1100 |
| commit | 40be78f503277bd91c958fa25ea9ef918a2ffd3d (patch) | |
| tree | b17303fad21f97437b44cf3264a03abfd503ebdf /authfd.c | |
| parent | 416f15372bfb5be1709a0ad1d00ef5d8ebfb9e0e (diff) | |
upstream: Allow forwarding a different agent socket to the path
specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent option to
accepting an explicit path or the name of an environment variable in addition
to yes/no.
Patch by Eric Chiang, manpage by me; ok markus@
OpenBSD-Commit-ID: 98f2ed80bf34ea54d8b2ddd19ac14ebbf40e9265
Diffstat (limited to 'authfd.c')
| -rw-r--r-- | authfd.c | 36 |
1 files changed, 25 insertions, 11 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: authfd.c,v 1.120 2019/11/13 04:47:52 deraadt Exp $ */ | 1 | /* $OpenBSD: authfd.c,v 1.121 2019/12/21 02:19:13 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -82,21 +82,16 @@ decode_reply(u_char type) | |||
| 82 | return SSH_ERR_INVALID_FORMAT; | 82 | return SSH_ERR_INVALID_FORMAT; |
| 83 | } | 83 | } |
| 84 | 84 | ||
| 85 | /* Returns the number of the authentication fd, or -1 if there is none. */ | 85 | /* |
| 86 | * Opens an authentication socket at the provided path and stores the file | ||
| 87 | * descriptor in fdp. Returns 0 on success and an error on failure. | ||
| 88 | */ | ||
| 86 | int | 89 | int |
| 87 | ssh_get_authentication_socket(int *fdp) | 90 | ssh_get_authentication_socket_path(const char *authsocket, int *fdp) |
| 88 | { | 91 | { |
| 89 | const char *authsocket; | ||
| 90 | int sock, oerrno; | 92 | int sock, oerrno; |
| 91 | struct sockaddr_un sunaddr; | 93 | struct sockaddr_un sunaddr; |
| 92 | 94 | ||
| 93 | if (fdp != NULL) | ||
| 94 | *fdp = -1; | ||
| 95 | |||
| 96 | authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME); | ||
| 97 | if (authsocket == NULL || *authsocket == '\0') | ||
| 98 | return SSH_ERR_AGENT_NOT_PRESENT; | ||
| 99 | |||
| 100 | memset(&sunaddr, 0, sizeof(sunaddr)); | 95 | memset(&sunaddr, 0, sizeof(sunaddr)); |
| 101 | sunaddr.sun_family = AF_UNIX; | 96 | sunaddr.sun_family = AF_UNIX; |
| 102 | strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); | 97 | strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); |
| @@ -119,6 +114,25 @@ ssh_get_authentication_socket(int *fdp) | |||
| 119 | return 0; | 114 | return 0; |
| 120 | } | 115 | } |
| 121 | 116 | ||
| 117 | /* | ||
| 118 | * Opens the default authentication socket and stores the file descriptor in | ||
| 119 | * fdp. Returns 0 on success and an error on failure. | ||
| 120 | */ | ||
| 121 | int | ||
| 122 | ssh_get_authentication_socket(int *fdp) | ||
| 123 | { | ||
| 124 | const char *authsocket; | ||
| 125 | |||
| 126 | if (fdp != NULL) | ||
| 127 | *fdp = -1; | ||
| 128 | |||
| 129 | authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME); | ||
| 130 | if (authsocket == NULL || *authsocket == '\0') | ||
| 131 | return SSH_ERR_AGENT_NOT_PRESENT; | ||
| 132 | |||
| 133 | return ssh_get_authentication_socket_path(authsocket, fdp); | ||
| 134 | } | ||
| 135 | |||
| 122 | /* Communicate with agent: send request and read reply */ | 136 | /* Communicate with agent: send request and read reply */ |
| 123 | static int | 137 | static int |
| 124 | ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply) | 138 | ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply) |