Hopefully things did not get mixed around too much. It compiles under

Linux and works.  So that is at least a good sign. =)
20010122
 - (bal) OpenBSD Resync
   - markus@cvs.openbsd.org 2001/01/19 12:45:26 GMT 2001 by markus
     [servconf.c ssh.h sshd.c]
     only auth-chall.c needs #ifdef SKEY
   - markus@cvs.openbsd.org 2001/01/19 15:55:10 GMT 2001 by markus
     [auth-krb4.c auth-options.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth1.c auth2.c channels.c clientloop.c dh.c dispatch.c nchan.c
      packet.c pathname.h readconf.c scp.c servconf.c serverloop.c
      session.c ssh-add.c ssh-keygen.c ssh-keyscan.c ssh.c ssh.h
      ssh1.h sshconnect1.c sshd.c ttymodes.c]
     move ssh1 definitions to ssh1.h, pathnames to pathnames.h
   - markus@cvs.openbsd.org 2001/01/19 16:48:14
     [sshd.8]
     fix typo; from stevesk@
   - markus@cvs.openbsd.org 2001/01/19 16:50:58
     [ssh-dss.c]
     clear and free digest, make consistent with other code (use dlen); from
     stevesk@
   - markus@cvs.openbsd.org 2001/01/20 15:55:20 GMT 2001 by markus
     [auth-options.c auth-options.h auth-rsa.c auth2.c]
     pass the filename to auth_parse_options()
   - markus@cvs.openbsd.org 2001/01/20 17:59:40 GMT 2001
     [readconf.c]
     fix SIGSEGV from -o ""; problem noted by jehsom@togetherweb.com
   - stevesk@cvs.openbsd.org 2001/01/20 18:20:29
     [sshconnect2.c]
     dh_new_group() does not return NULL.  ok markus@
   - markus@cvs.openbsd.org 2001/01/20 21:33:42
     [ssh-add.c]
     do not loop forever if askpass does not exist; from
     andrew@pimlott.ne.mediaone.net
   - djm@cvs.openbsd.org 2001/01/20 23:00:56
     [servconf.c]
     Check for NULL return from strdelim; ok markus
   - djm@cvs.openbsd.org 2001/01/20 23:02:07
     [readconf.c]
     KNF; ok markus
   - jakob@cvs.openbsd.org 2001/01/21 9:00:33
     [ssh-keygen.1]
     remove -R flag; ok markus@
   - markus@cvs.openbsd.org 2001/01/21 19:05:40
     [atomicio.c automicio.h auth-chall.c auth-krb4.c auth-options.c
      auth-options.h auth-passwd.c auth-rh-rsa.c auth-rhosts.c auth-rsa.c
      auth.c auth.h auth1.c auth2-chall.c auth2.c authfd.c authfile.c
      bufaux.c  bufaux.h buffer.c canahost.c canahost.h channels.c
      cipher.c cli.c clientloop.c clientloop.h compat.c compress.c
      deattack.c dh.c dispatch.c groupaccess.c hmac.c hostfile.c kex.c
      key.c key.h log-client.c log-server.c log.c log.h login.c login.h
      match.c misc.c misc.h nchan.c packet.c pty.c radix.h readconf.c
      readpass.c readpass.h rsa.c scp.c servconf.c serverloop.c serverloop.h
      session.c sftp-server.c ssh-add.c ssh-agent.c ssh-dss.c ssh-keygen.c
      ssh-keyscan.c ssh-rsa.c ssh.c ssh.h sshconnect.c sshconnect.h
      sshconnect1.c sshconnect2.c sshd.c tildexpand.c tildexpand.h
      ttysmodes.c uidswap.c xmalloc.c]
     split ssh.h and try to cleanup the #include mess. remove unnecessary
     #includes.  rename util.[ch] -> misc.[ch]
 - (bal) renamed 'PIDDIR' to '_PATH_SSH_PIDDIR' to match OpenBSD tree
 - (bal) Moved #ifdef KRB4 in auth-krb4.c above the #include to resolve
   conflict when compiling for non-kerb install
 - (bal) removed the #ifdef SKEY in auth1.c to match Markus' changes
   on 1/19.

1 files changed, 67 insertions, 34 deletions

diff --git a/ssh-agent.c b/ssh-agent.c
index 55704e492..bc577e76a 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: ssh-agent.c,v 1.45 2000/12/19 23:17:58 markus Exp $   */
+/*      $OpenBSD: ssh-agent.c,v 1.47 2001/01/21 19:05:56 markus Exp $   */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -37,7 +37,10 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.45 2000/12/19 23:17:58 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.47 2001/01/21 19:05:56 markus Exp $");
+
+#include <openssl/evp.h>
+#include <openssl/md5.h>
 
 #include "ssh.h"
 #include "rsa.h"
@@ -47,15 +50,12 @@ RCSID("$OpenBSD: ssh-agent.c,v 1.45 2000/12/19 23:17:58 markus Exp $");
 #include "packet.h"
 #include "getput.h"
 #include "mpaux.h"
-
-#include <openssl/evp.h>
-#include <openssl/md5.h>
-#include <openssl/dsa.h>
-#include <openssl/rsa.h>
 #include "key.h"
 #include "authfd.h"
+#include "cipher.h"
 #include "kex.h"
 #include "compat.h"
+#include "log.h"
 
 typedef struct {
         int fd;
@@ -97,6 +97,8 @@ extern char *__progname;
 char *__progname;
 #endif
 
+int     prepare_select(fd_set **, fd_set **, int *);
+
 void
 idtab_init(void)
 {
@@ -293,7 +295,7 @@ process_remove_identity(SocketEntry *e, int version)
 
                 if (bits != key_size(key))
                         log("Warning: identity keysize mismatch: actual %d, announced %d",
-                              key_size(key), bits);
+                            key_size(key), bits);
                 break;
         case 2:
                 blob = buffer_get_string(&e->input, &blen);
@@ -388,7 +390,7 @@ process_add_identity(SocketEntry *e, int version)
         switch (version) {
         case 1:
                 k = key_new_private(KEY_RSA1);
-                buffer_get_int(&e->input);                      /* ignored */
+                buffer_get_int(&e->input);                      /* ignored */
                 buffer_get_bignum(&e->input, k->rsa->n);
                 buffer_get_bignum(&e->input, k->rsa->e);
                 buffer_get_bignum(&e->input, k->rsa->d);
@@ -403,7 +405,7 @@ process_add_identity(SocketEntry *e, int version)
                 break;
         case 2:
                 type_name = buffer_get_string(&e->input, NULL);
-                type = key_type_from_name(type_name);
+                type = key_type_from_name(type_name);
                 xfree(type_name);
                 switch(type) {
                 case KEY_DSA:
@@ -556,17 +558,17 @@ new_socket(int type, int fd)
         buffer_init(&sockets[old_alloc].output);
 }
 
-void
-prepare_select(fd_set *readset, fd_set *writeset)
+int
+prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl)
 {
-        u_int i;
-        for (i = 0; i < sockets_alloc; i++)
+        u_int i, sz;
+        int n = 0;
+
+        for (i = 0; i < sockets_alloc; i++) {
                 switch (sockets[i].type) {
                 case AUTH_SOCKET:
                 case AUTH_CONNECTION:
-                        FD_SET(sockets[i].fd, readset);
-                        if (buffer_len(&sockets[i].output) > 0)
-                                FD_SET(sockets[i].fd, writeset);
+                        n = MAX(n, sockets[i].fd);
                         break;
                 case AUTH_UNUSED:
                         break;
@@ -574,6 +576,34 @@ prepare_select(fd_set *readset, fd_set *writeset)
                         fatal("Unknown socket type %d", sockets[i].type);
                         break;
                 }
+        }
+
+        sz = howmany(n+1, NFDBITS) * sizeof(fd_mask);
+        if (*fdrp == NULL || n > *fdl) {
+                if (*fdrp)
+                        free(*fdrp);
+                if (*fdwp)
+                        free(*fdwp);
+                *fdrp = xmalloc(sz);
+                *fdwp = xmalloc(sz);
+                *fdl = n;
+        }
+        memset(*fdrp, 0, sz);
+        memset(*fdwp, 0, sz);
+
+        for (i = 0; i < sockets_alloc; i++) {
+                switch (sockets[i].type) {
+                case AUTH_SOCKET:
+                case AUTH_CONNECTION:
+                        FD_SET(sockets[i].fd, *fdrp);
+                        if (buffer_len(&sockets[i].output) > 0)
+                                FD_SET(sockets[i].fd, *fdwp);
+                        break;
+                default:
+                        break;
+                }
+        }
+        return (1);
 }
 
 void
@@ -592,7 +622,8 @@ after_select(fd_set *readset, fd_set *writeset)
                 case AUTH_SOCKET:
                         if (FD_ISSET(sockets[i].fd, readset)) {
                                 slen = sizeof(sunaddr);
-                                sock = accept(sockets[i].fd, (struct sockaddr *) & sunaddr, &slen);
+                                sock = accept(sockets[i].fd,
+                                    (struct sockaddr *) &sunaddr, &slen);
                                 if (sock < 0) {
                                         perror("accept from AUTH_SOCKET");
                                         break;
@@ -603,8 +634,9 @@ after_select(fd_set *readset, fd_set *writeset)
                 case AUTH_CONNECTION:
                         if (buffer_len(&sockets[i].output) > 0 &&
                             FD_ISSET(sockets[i].fd, writeset)) {
-                                len = write(sockets[i].fd, buffer_ptr(&sockets[i].output),
-                                         buffer_len(&sockets[i].output));
+                                len = write(sockets[i].fd,
+                                    buffer_ptr(&sockets[i].output),
+                                    buffer_len(&sockets[i].output));
                                 if (len <= 0) {
                                         shutdown(sockets[i].fd, SHUT_RDWR);
                                         close(sockets[i].fd);
@@ -637,12 +669,15 @@ after_select(fd_set *readset, fd_set *writeset)
 void
 check_parent_exists(int sig)
 {
+        int save_errno = errno;
+
         if (parent_pid != -1 && kill(parent_pid, 0) < 0) {
                 /* printf("Parent has died - Authentication agent exiting.\n"); */
                 exit(1);
         }
         signal(SIGALRM, check_parent_exists);
         alarm(10);
+        errno = save_errno;
 }
 
 void
@@ -664,14 +699,13 @@ usage()
 {
         fprintf(stderr, "ssh-agent version %s\n", SSH_VERSION);
         fprintf(stderr, "Usage: %s [-c | -s] [-k] [command {args...]]\n",
-                __progname);
+            __progname);
         exit(1);
 }
 
 int
 main(int ac, char **av)
 {
-        fd_set readset, writeset;
         int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch;
         struct sockaddr_un sunaddr;
 #ifdef HAVE_SETRLIMIT
@@ -680,6 +714,7 @@ main(int ac, char **av)
         pid_t pid;
         char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
         extern int optind;
+        fd_set *readsetp = NULL, *writesetp = NULL;
 
         __progname = get_progname(av[0]);
         init_rng();
@@ -722,14 +757,13 @@ main(int ac, char **av)
                 pidstr = getenv(SSH_AGENTPID_ENV_NAME);
                 if (pidstr == NULL) {
                         fprintf(stderr, "%s not set, cannot kill agent\n",
-                                SSH_AGENTPID_ENV_NAME);
+                            SSH_AGENTPID_ENV_NAME);
                         exit(1);
                 }
                 pid = atoi(pidstr);
-                if (pid < 1) {  /* XXX PID_MAX check too */
-                /* Yes, PID_MAX check please */
+                if (pid < 1) {
                         fprintf(stderr, "%s=\"%s\", which is not a good PID\n",
-                                SSH_AGENTPID_ENV_NAME, pidstr);
+                            SSH_AGENTPID_ENV_NAME, pidstr);
                         exit(1);
                 }
                 if (kill(pid, SIGTERM) == -1) {
@@ -751,7 +785,7 @@ main(int ac, char **av)
                 exit(1);
         }
         snprintf(socket_name, sizeof socket_name, "%s/agent.%d", socket_dir,
-                 parent_pid);
+            parent_pid);
 
         /*
          * Create socket early so it will exist before command gets run from
@@ -773,6 +807,7 @@ main(int ac, char **av)
                 perror("listen");
                 cleanup_exit(1);
         }
+
         /*
          * Fork, and have the parent execute the command, if any, or present
          * the socket data.  The child continues as the authentication agent.
@@ -788,9 +823,9 @@ main(int ac, char **av)
                 if (ac == 0) {
                         format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n";
                         printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name,
-                               SSH_AUTHSOCKET_ENV_NAME);
+                            SSH_AUTHSOCKET_ENV_NAME);
                         printf(format, SSH_AGENTPID_ENV_NAME, pidstrbuf,
-                               SSH_AGENTPID_ENV_NAME);
+                            SSH_AGENTPID_ENV_NAME);
                         printf("echo Agent pid %d;\n", pid);
                         exit(0);
                 }
@@ -834,15 +869,13 @@ main(int ac, char **av)
         signal(SIGHUP, cleanup_exit);
         signal(SIGTERM, cleanup_exit);
         while (1) {
-                FD_ZERO(&readset);
-                FD_ZERO(&writeset);
-                prepare_select(&readset, &writeset);
-                if (select(max_fd + 1, &readset, &writeset, NULL, NULL) < 0) {
+                prepare_select(&readsetp, &writesetp, &max_fd);
+                if (select(max_fd + 1, readsetp, writesetp, NULL, NULL) < 0) {
                         if (errno == EINTR)
                                 continue;
                         exit(1);
                 }
-                after_select(&readset, &writeset);
+                after_select(readsetp, writesetp);
         }
         /* NOTREACHED */
 }