1 files changed, 42 insertions, 2 deletions
diff --git a/clientloop.c b/clientloop.c
index d3a32a81a..e7a7d9fa7 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -59,7 +59,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.114 2003/09/23 20:17:11 markus Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.115 2003/09/23 20:41:11 markus Exp $");
 #include "ssh.h"
 #include "ssh1.h"
@@ -1125,6 +1125,46 @@ client_input_exit_status(int type, u_int32_t seq, void *ctxt)
        /* Flag that we want to exit. */
        quit_pending = 1;
 }
+static void
+client_input_agent_open(int type, u_int32_t seq, void *ctxt)
+{
+        Channel *c = NULL;
+        int remote_id, sock;
+        /* Read the remote channel number from the message. */
+        remote_id = packet_get_int();
+        packet_check_eom();
+        /*
+         * Get a connection to the local authentication agent (this may again
+         * get forwarded).
+         */
+        sock = ssh_get_authentication_socket();
+        /*
+         * If we could not connect the agent, send an error message back to
+         * the server. This should never happen unless the agent dies,
+         * because authentication forwarding is only enabled if we have an
+         * agent.
+         */
+        if (sock >= 0) {
+                c = channel_new("", SSH_CHANNEL_OPEN, sock, sock,
+                    -1, 0, 0, 0, "authentication agent connection", 1);
+                c->remote_id = remote_id;
+                c->force_drain = 1;
+        }
+        if (c == NULL) {
+                packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
+                packet_put_int(remote_id);
+        } else {
+                /* Send a confirmation to the remote host. */
+                debug("Forwarding authentication connection.");
+                packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION);
+                packet_put_int(remote_id);
+                packet_put_int(c->self);
+        }
+        packet_send();
+}
 static Channel *
 client_request_forwarded_tcpip(const char *request_type, int rchan)
@@ -1360,7 +1400,7 @@ client_init_dispatch_13(void)
        dispatch_set(SSH_SMSG_STDOUT_DATA, &client_input_stdout_data);
        dispatch_set(SSH_SMSG_AGENT_OPEN, options.forward_agent ?
-            &auth_input_open_request : &deny_input_open);
+            &client_input_agent_open : &deny_input_open);
        dispatch_set(SSH_SMSG_X11_OPEN, options.forward_x11 ?
            &x11_input_open : &deny_input_open);
 }

diff --git a/clientloop.c b/clientloop.c index d3a32a81a..e7a7d9fa7 100644 --- a/clientloop.c +++ b/clientloop.c
@@ -59,7 +59,7 @@
59	*/	59	*/
60		60
61	#include "includes.h"	61	#include "includes.h"
62	RCSID("$OpenBSD: clientloop.c,v 1.114 2003/09/23 20:17:11 markus Exp $");	62	RCSID("$OpenBSD: clientloop.c,v 1.115 2003/09/23 20:41:11 markus Exp $");
63		63
64	#include "ssh.h"	64	#include "ssh.h"
65	#include "ssh1.h"	65	#include "ssh1.h"
@@ -1125,6 +1125,46 @@ client_input_exit_status(int type, u_int32_t seq, void *ctxt)
1125	/* Flag that we want to exit. */	1125	/* Flag that we want to exit. */
1126	quit_pending = 1;	1126	quit_pending = 1;
1127	}	1127	}
		1128	static void
		1129	client_input_agent_open(int type, u_int32_t seq, void *ctxt)
		1130	{
		1131	Channel *c = NULL;
		1132	int remote_id, sock;
		1133
		1134	/* Read the remote channel number from the message. */
		1135	remote_id = packet_get_int();
		1136	packet_check_eom();
		1137
		1138	/*
		1139	* Get a connection to the local authentication agent (this may again
		1140	* get forwarded).
		1141	*/
		1142	sock = ssh_get_authentication_socket();
		1143
		1144	/*
		1145	* If we could not connect the agent, send an error message back to
		1146	* the server. This should never happen unless the agent dies,
		1147	* because authentication forwarding is only enabled if we have an
		1148	* agent.
		1149	*/
		1150	if (sock >= 0) {
		1151	c = channel_new("", SSH_CHANNEL_OPEN, sock, sock,
		1152	-1, 0, 0, 0, "authentication agent connection", 1);
		1153	c->remote_id = remote_id;
		1154	c->force_drain = 1;
		1155	}
		1156	if (c == NULL) {
		1157	packet_start(SSH_MSG_CHANNEL_OPEN_FAILURE);
		1158	packet_put_int(remote_id);
		1159	} else {
		1160	/* Send a confirmation to the remote host. */
		1161	debug("Forwarding authentication connection.");
		1162	packet_start(SSH_MSG_CHANNEL_OPEN_CONFIRMATION);
		1163	packet_put_int(remote_id);
		1164	packet_put_int(c->self);
		1165	}
		1166	packet_send();
		1167	}
1128		1168
1129	static Channel *	1169	static Channel *
1130	client_request_forwarded_tcpip(const char *request_type, int rchan)	1170	client_request_forwarded_tcpip(const char *request_type, int rchan)
@@ -1360,7 +1400,7 @@ client_init_dispatch_13(void)
1360	dispatch_set(SSH_SMSG_STDOUT_DATA, &client_input_stdout_data);	1400	dispatch_set(SSH_SMSG_STDOUT_DATA, &client_input_stdout_data);
1361		1401
1362	dispatch_set(SSH_SMSG_AGENT_OPEN, options.forward_agent ?	1402	dispatch_set(SSH_SMSG_AGENT_OPEN, options.forward_agent ?
1363	&auth_input_open_request : &deny_input_open);	1403	&client_input_agent_open : &deny_input_open);
1364	dispatch_set(SSH_SMSG_X11_OPEN, options.forward_x11 ?	1404	dispatch_set(SSH_SMSG_X11_OPEN, options.forward_x11 ?
1365	&x11_input_open : &deny_input_open);	1405	&x11_input_open : &deny_input_open);
1366	}	1406	}