diff options
Diffstat (limited to 'authfd.c')
-rw-r--r-- | authfd.c | 142 |
1 files changed, 31 insertions, 111 deletions
@@ -14,7 +14,7 @@ | |||
14 | */ | 14 | */ |
15 | 15 | ||
16 | #include "includes.h" | 16 | #include "includes.h" |
17 | RCSID("$OpenBSD: authfd.c,v 1.20 2000/06/20 01:39:38 markus Exp $"); | 17 | RCSID("$OpenBSD: authfd.c,v 1.21 2000/06/26 09:22:29 markus Exp $"); |
18 | 18 | ||
19 | #include "ssh.h" | 19 | #include "ssh.h" |
20 | #include "rsa.h" | 20 | #include "rsa.h" |
@@ -26,6 +26,9 @@ RCSID("$OpenBSD: authfd.c,v 1.20 2000/06/20 01:39:38 markus Exp $"); | |||
26 | 26 | ||
27 | #include <openssl/rsa.h> | 27 | #include <openssl/rsa.h> |
28 | 28 | ||
29 | /* helper */ | ||
30 | int ssh_agent_get_reply(AuthenticationConnection *auth); | ||
31 | |||
29 | /* Returns the number of the authentication fd, or -1 if there is none. */ | 32 | /* Returns the number of the authentication fd, or -1 if there is none. */ |
30 | 33 | ||
31 | int | 34 | int |
@@ -344,7 +347,7 @@ ssh_add_identity(AuthenticationConnection *auth, | |||
344 | { | 347 | { |
345 | Buffer buffer; | 348 | Buffer buffer; |
346 | unsigned char buf[8192]; | 349 | unsigned char buf[8192]; |
347 | int len, l, type; | 350 | int len; |
348 | 351 | ||
349 | /* Format a message to the agent. */ | 352 | /* Format a message to the agent. */ |
350 | buffer_init(&buffer); | 353 | buffer_init(&buffer); |
@@ -368,57 +371,11 @@ ssh_add_identity(AuthenticationConnection *auth, | |||
368 | atomicio(write, auth->fd, buffer_ptr(&buffer), | 371 | atomicio(write, auth->fd, buffer_ptr(&buffer), |
369 | buffer_len(&buffer)) != buffer_len(&buffer)) { | 372 | buffer_len(&buffer)) != buffer_len(&buffer)) { |
370 | error("Error writing to authentication socket."); | 373 | error("Error writing to authentication socket."); |
371 | error_cleanup: | ||
372 | buffer_free(&buffer); | 374 | buffer_free(&buffer); |
373 | return 0; | 375 | return 0; |
374 | } | 376 | } |
375 | /* Wait for response from the agent. First read the length of the | 377 | buffer_free(&buffer); |
376 | response packet. */ | 378 | return ssh_agent_get_reply(auth); |
377 | len = 4; | ||
378 | while (len > 0) { | ||
379 | l = read(auth->fd, buf + 4 - len, len); | ||
380 | if (l <= 0) { | ||
381 | error("Error reading response length from authentication socket."); | ||
382 | goto error_cleanup; | ||
383 | } | ||
384 | len -= l; | ||
385 | } | ||
386 | |||
387 | /* Extract the length, and check it for sanity. */ | ||
388 | len = GET_32BIT(buf); | ||
389 | if (len > 256 * 1024) | ||
390 | fatal("Add identity response too long: %d", len); | ||
391 | |||
392 | /* Read the rest of the response in tothe buffer. */ | ||
393 | buffer_clear(&buffer); | ||
394 | while (len > 0) { | ||
395 | l = len; | ||
396 | if (l > sizeof(buf)) | ||
397 | l = sizeof(buf); | ||
398 | l = read(auth->fd, buf, l); | ||
399 | if (l <= 0) { | ||
400 | error("Error reading response from authentication socket."); | ||
401 | goto error_cleanup; | ||
402 | } | ||
403 | buffer_append(&buffer, (char *) buf, l); | ||
404 | len -= l; | ||
405 | } | ||
406 | |||
407 | /* Get the type of the packet. */ | ||
408 | type = buffer_get_char(&buffer); | ||
409 | switch (type) { | ||
410 | case SSH_AGENT_FAILURE: | ||
411 | buffer_free(&buffer); | ||
412 | return 0; | ||
413 | case SSH_AGENT_SUCCESS: | ||
414 | buffer_free(&buffer); | ||
415 | return 1; | ||
416 | default: | ||
417 | fatal("Bad response to add identity from authentication agent: %d", | ||
418 | type); | ||
419 | } | ||
420 | /* NOTREACHED */ | ||
421 | return 0; | ||
422 | } | 379 | } |
423 | 380 | ||
424 | /* | 381 | /* |
@@ -430,8 +387,8 @@ int | |||
430 | ssh_remove_identity(AuthenticationConnection *auth, RSA *key) | 387 | ssh_remove_identity(AuthenticationConnection *auth, RSA *key) |
431 | { | 388 | { |
432 | Buffer buffer; | 389 | Buffer buffer; |
433 | unsigned char buf[8192]; | 390 | unsigned char buf[5]; |
434 | int len, l, type; | 391 | int len; |
435 | 392 | ||
436 | /* Format a message to the agent. */ | 393 | /* Format a message to the agent. */ |
437 | buffer_init(&buffer); | 394 | buffer_init(&buffer); |
@@ -449,59 +406,11 @@ ssh_remove_identity(AuthenticationConnection *auth, RSA *key) | |||
449 | atomicio(write, auth->fd, buffer_ptr(&buffer), | 406 | atomicio(write, auth->fd, buffer_ptr(&buffer), |
450 | buffer_len(&buffer)) != buffer_len(&buffer)) { | 407 | buffer_len(&buffer)) != buffer_len(&buffer)) { |
451 | error("Error writing to authentication socket."); | 408 | error("Error writing to authentication socket."); |
452 | error_cleanup: | ||
453 | buffer_free(&buffer); | 409 | buffer_free(&buffer); |
454 | return 0; | 410 | return 0; |
455 | } | 411 | } |
456 | /* | 412 | buffer_free(&buffer); |
457 | * Wait for response from the agent. First read the length of the | 413 | return ssh_agent_get_reply(auth); |
458 | * response packet. | ||
459 | */ | ||
460 | len = 4; | ||
461 | while (len > 0) { | ||
462 | l = read(auth->fd, buf + 4 - len, len); | ||
463 | if (l <= 0) { | ||
464 | error("Error reading response length from authentication socket."); | ||
465 | goto error_cleanup; | ||
466 | } | ||
467 | len -= l; | ||
468 | } | ||
469 | |||
470 | /* Extract the length, and check it for sanity. */ | ||
471 | len = GET_32BIT(buf); | ||
472 | if (len > 256 * 1024) | ||
473 | fatal("Remove identity response too long: %d", len); | ||
474 | |||
475 | /* Read the rest of the response in tothe buffer. */ | ||
476 | buffer_clear(&buffer); | ||
477 | while (len > 0) { | ||
478 | l = len; | ||
479 | if (l > sizeof(buf)) | ||
480 | l = sizeof(buf); | ||
481 | l = read(auth->fd, buf, l); | ||
482 | if (l <= 0) { | ||
483 | error("Error reading response from authentication socket."); | ||
484 | goto error_cleanup; | ||
485 | } | ||
486 | buffer_append(&buffer, (char *) buf, l); | ||
487 | len -= l; | ||
488 | } | ||
489 | |||
490 | /* Get the type of the packet. */ | ||
491 | type = buffer_get_char(&buffer); | ||
492 | switch (type) { | ||
493 | case SSH_AGENT_FAILURE: | ||
494 | buffer_free(&buffer); | ||
495 | return 0; | ||
496 | case SSH_AGENT_SUCCESS: | ||
497 | buffer_free(&buffer); | ||
498 | return 1; | ||
499 | default: | ||
500 | fatal("Bad response to remove identity from authentication agent: %d", | ||
501 | type); | ||
502 | } | ||
503 | /* NOTREACHED */ | ||
504 | return 0; | ||
505 | } | 414 | } |
506 | 415 | ||
507 | /* | 416 | /* |
@@ -512,9 +421,7 @@ error_cleanup: | |||
512 | int | 421 | int |
513 | ssh_remove_all_identities(AuthenticationConnection *auth) | 422 | ssh_remove_all_identities(AuthenticationConnection *auth) |
514 | { | 423 | { |
515 | Buffer buffer; | 424 | unsigned char buf[5]; |
516 | unsigned char buf[8192]; | ||
517 | int len, l, type; | ||
518 | 425 | ||
519 | /* Get the length of the message, and format it in the buffer. */ | 426 | /* Get the length of the message, and format it in the buffer. */ |
520 | PUT_32BIT(buf, 1); | 427 | PUT_32BIT(buf, 1); |
@@ -525,6 +432,20 @@ ssh_remove_all_identities(AuthenticationConnection *auth) | |||
525 | error("Error writing to authentication socket."); | 432 | error("Error writing to authentication socket."); |
526 | return 0; | 433 | return 0; |
527 | } | 434 | } |
435 | return ssh_agent_get_reply(auth); | ||
436 | } | ||
437 | |||
438 | /* | ||
439 | * Read for reply from agent. returns 1 for success, 0 on error | ||
440 | */ | ||
441 | |||
442 | int | ||
443 | ssh_agent_get_reply(AuthenticationConnection *auth) | ||
444 | { | ||
445 | Buffer buffer; | ||
446 | unsigned char buf[8192]; | ||
447 | int len, l, type; | ||
448 | |||
528 | /* | 449 | /* |
529 | * Wait for response from the agent. First read the length of the | 450 | * Wait for response from the agent. First read the length of the |
530 | * response packet. | 451 | * response packet. |
@@ -534,6 +455,7 @@ ssh_remove_all_identities(AuthenticationConnection *auth) | |||
534 | l = read(auth->fd, buf + 4 - len, len); | 455 | l = read(auth->fd, buf + 4 - len, len); |
535 | if (l <= 0) { | 456 | if (l <= 0) { |
536 | error("Error reading response length from authentication socket."); | 457 | error("Error reading response length from authentication socket."); |
458 | buffer_free(&buffer); | ||
537 | return 0; | 459 | return 0; |
538 | } | 460 | } |
539 | len -= l; | 461 | len -= l; |
@@ -542,9 +464,9 @@ ssh_remove_all_identities(AuthenticationConnection *auth) | |||
542 | /* Extract the length, and check it for sanity. */ | 464 | /* Extract the length, and check it for sanity. */ |
543 | len = GET_32BIT(buf); | 465 | len = GET_32BIT(buf); |
544 | if (len > 256 * 1024) | 466 | if (len > 256 * 1024) |
545 | fatal("Remove identity response too long: %d", len); | 467 | fatal("Response from agent too long: %d", len); |
546 | 468 | ||
547 | /* Read the rest of the response into the buffer. */ | 469 | /* Read the rest of the response in to the buffer. */ |
548 | buffer_init(&buffer); | 470 | buffer_init(&buffer); |
549 | while (len > 0) { | 471 | while (len > 0) { |
550 | l = len; | 472 | l = len; |
@@ -562,16 +484,14 @@ ssh_remove_all_identities(AuthenticationConnection *auth) | |||
562 | 484 | ||
563 | /* Get the type of the packet. */ | 485 | /* Get the type of the packet. */ |
564 | type = buffer_get_char(&buffer); | 486 | type = buffer_get_char(&buffer); |
487 | buffer_free(&buffer); | ||
565 | switch (type) { | 488 | switch (type) { |
566 | case SSH_AGENT_FAILURE: | 489 | case SSH_AGENT_FAILURE: |
567 | buffer_free(&buffer); | ||
568 | return 0; | 490 | return 0; |
569 | case SSH_AGENT_SUCCESS: | 491 | case SSH_AGENT_SUCCESS: |
570 | buffer_free(&buffer); | ||
571 | return 1; | 492 | return 1; |
572 | default: | 493 | default: |
573 | fatal("Bad response to remove identity from authentication agent: %d", | 494 | fatal("Bad response from authentication agent: %d", type); |
574 | type); | ||
575 | } | 495 | } |
576 | /* NOTREACHED */ | 496 | /* NOTREACHED */ |
577 | return 0; | 497 | return 0; |