diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-12-21 02:19:13 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-12-21 13:22:07 +1100 |
commit | 40be78f503277bd91c958fa25ea9ef918a2ffd3d (patch) | |
tree | b17303fad21f97437b44cf3264a03abfd503ebdf /authfd.c | |
parent | 416f15372bfb5be1709a0ad1d00ef5d8ebfb9e0e (diff) |
upstream: Allow forwarding a different agent socket to the path
specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent option to
accepting an explicit path or the name of an environment variable in addition
to yes/no.
Patch by Eric Chiang, manpage by me; ok markus@
OpenBSD-Commit-ID: 98f2ed80bf34ea54d8b2ddd19ac14ebbf40e9265
Diffstat (limited to 'authfd.c')
-rw-r--r-- | authfd.c | 36 |
1 files changed, 25 insertions, 11 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: authfd.c,v 1.120 2019/11/13 04:47:52 deraadt Exp $ */ | 1 | /* $OpenBSD: authfd.c,v 1.121 2019/12/21 02:19:13 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -82,21 +82,16 @@ decode_reply(u_char type) | |||
82 | return SSH_ERR_INVALID_FORMAT; | 82 | return SSH_ERR_INVALID_FORMAT; |
83 | } | 83 | } |
84 | 84 | ||
85 | /* Returns the number of the authentication fd, or -1 if there is none. */ | 85 | /* |
86 | * Opens an authentication socket at the provided path and stores the file | ||
87 | * descriptor in fdp. Returns 0 on success and an error on failure. | ||
88 | */ | ||
86 | int | 89 | int |
87 | ssh_get_authentication_socket(int *fdp) | 90 | ssh_get_authentication_socket_path(const char *authsocket, int *fdp) |
88 | { | 91 | { |
89 | const char *authsocket; | ||
90 | int sock, oerrno; | 92 | int sock, oerrno; |
91 | struct sockaddr_un sunaddr; | 93 | struct sockaddr_un sunaddr; |
92 | 94 | ||
93 | if (fdp != NULL) | ||
94 | *fdp = -1; | ||
95 | |||
96 | authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME); | ||
97 | if (authsocket == NULL || *authsocket == '\0') | ||
98 | return SSH_ERR_AGENT_NOT_PRESENT; | ||
99 | |||
100 | memset(&sunaddr, 0, sizeof(sunaddr)); | 95 | memset(&sunaddr, 0, sizeof(sunaddr)); |
101 | sunaddr.sun_family = AF_UNIX; | 96 | sunaddr.sun_family = AF_UNIX; |
102 | strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); | 97 | strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path)); |
@@ -119,6 +114,25 @@ ssh_get_authentication_socket(int *fdp) | |||
119 | return 0; | 114 | return 0; |
120 | } | 115 | } |
121 | 116 | ||
117 | /* | ||
118 | * Opens the default authentication socket and stores the file descriptor in | ||
119 | * fdp. Returns 0 on success and an error on failure. | ||
120 | */ | ||
121 | int | ||
122 | ssh_get_authentication_socket(int *fdp) | ||
123 | { | ||
124 | const char *authsocket; | ||
125 | |||
126 | if (fdp != NULL) | ||
127 | *fdp = -1; | ||
128 | |||
129 | authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME); | ||
130 | if (authsocket == NULL || *authsocket == '\0') | ||
131 | return SSH_ERR_AGENT_NOT_PRESENT; | ||
132 | |||
133 | return ssh_get_authentication_socket_path(authsocket, fdp); | ||
134 | } | ||
135 | |||
122 | /* Communicate with agent: send request and read reply */ | 136 | /* Communicate with agent: send request and read reply */ |
123 | static int | 137 | static int |
124 | ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply) | 138 | ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply) |