1*856ea928SPeter Avalos /* $OpenBSD: ssh-agent.c,v 1.166 2010/04/16 01:47:26 djm Exp $ */ 218de8d7fSPeter Avalos /* 318de8d7fSPeter Avalos * Author: Tatu Ylonen <ylo@cs.hut.fi> 418de8d7fSPeter Avalos * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 518de8d7fSPeter Avalos * All rights reserved 618de8d7fSPeter Avalos * The authentication agent program. 718de8d7fSPeter Avalos * 818de8d7fSPeter Avalos * As far as I am concerned, the code I have written for this software 918de8d7fSPeter Avalos * can be used freely for any purpose. Any derived versions of this 1018de8d7fSPeter Avalos * software must be clearly marked as such, and if the derived work is 1118de8d7fSPeter Avalos * incompatible with the protocol description in the RFC file, it must be 1218de8d7fSPeter Avalos * called by a name other than "ssh" or "Secure Shell". 1318de8d7fSPeter Avalos * 1418de8d7fSPeter Avalos * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 1518de8d7fSPeter Avalos * 1618de8d7fSPeter Avalos * Redistribution and use in source and binary forms, with or without 1718de8d7fSPeter Avalos * modification, are permitted provided that the following conditions 1818de8d7fSPeter Avalos * are met: 1918de8d7fSPeter Avalos * 1. Redistributions of source code must retain the above copyright 2018de8d7fSPeter Avalos * notice, this list of conditions and the following disclaimer. 2118de8d7fSPeter Avalos * 2. Redistributions in binary form must reproduce the above copyright 2218de8d7fSPeter Avalos * notice, this list of conditions and the following disclaimer in the 2318de8d7fSPeter Avalos * documentation and/or other materials provided with the distribution. 2418de8d7fSPeter Avalos * 2518de8d7fSPeter Avalos * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 2618de8d7fSPeter Avalos * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 2718de8d7fSPeter Avalos * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 2818de8d7fSPeter Avalos * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, 2918de8d7fSPeter Avalos * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 3018de8d7fSPeter Avalos * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 3118de8d7fSPeter Avalos * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 3218de8d7fSPeter Avalos * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 3318de8d7fSPeter Avalos * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 3418de8d7fSPeter Avalos * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 3518de8d7fSPeter Avalos */ 3618de8d7fSPeter Avalos 3718de8d7fSPeter Avalos #include "includes.h" 3818de8d7fSPeter Avalos 3918de8d7fSPeter Avalos #include <sys/types.h> 4018de8d7fSPeter Avalos #include <sys/param.h> 4118de8d7fSPeter Avalos #include <sys/resource.h> 4218de8d7fSPeter Avalos #include <sys/stat.h> 4318de8d7fSPeter Avalos #include <sys/socket.h> 4418de8d7fSPeter Avalos #ifdef HAVE_SYS_TIME_H 4518de8d7fSPeter Avalos # include <sys/time.h> 4618de8d7fSPeter Avalos #endif 4718de8d7fSPeter Avalos #ifdef HAVE_SYS_UN_H 4818de8d7fSPeter Avalos # include <sys/un.h> 4918de8d7fSPeter Avalos #endif 5018de8d7fSPeter Avalos #include "openbsd-compat/sys-queue.h" 5118de8d7fSPeter Avalos 5218de8d7fSPeter Avalos #include <openssl/evp.h> 5318de8d7fSPeter Avalos #include <openssl/md5.h> 5418de8d7fSPeter Avalos #include "openbsd-compat/openssl-compat.h" 5518de8d7fSPeter Avalos 5618de8d7fSPeter Avalos #include <errno.h> 5718de8d7fSPeter Avalos #include <fcntl.h> 5818de8d7fSPeter Avalos #ifdef HAVE_PATHS_H 5918de8d7fSPeter Avalos # include <paths.h> 6018de8d7fSPeter Avalos #endif 6118de8d7fSPeter Avalos #include <signal.h> 6218de8d7fSPeter Avalos #include <stdarg.h> 6318de8d7fSPeter Avalos #include <stdio.h> 6418de8d7fSPeter Avalos #include <stdlib.h> 6518de8d7fSPeter Avalos #include <time.h> 6618de8d7fSPeter Avalos #include <string.h> 6718de8d7fSPeter Avalos #include <unistd.h> 6818de8d7fSPeter Avalos 6918de8d7fSPeter Avalos #include "xmalloc.h" 7018de8d7fSPeter Avalos #include "ssh.h" 7118de8d7fSPeter Avalos #include "rsa.h" 7218de8d7fSPeter Avalos #include "buffer.h" 7318de8d7fSPeter Avalos #include "key.h" 7418de8d7fSPeter Avalos #include "authfd.h" 7518de8d7fSPeter Avalos #include "compat.h" 7618de8d7fSPeter Avalos #include "log.h" 7718de8d7fSPeter Avalos #include "misc.h" 7818de8d7fSPeter Avalos 79*856ea928SPeter Avalos #ifdef ENABLE_PKCS11 80*856ea928SPeter Avalos #include "ssh-pkcs11.h" 8118de8d7fSPeter Avalos #endif 8218de8d7fSPeter Avalos 8318de8d7fSPeter Avalos #if defined(HAVE_SYS_PRCTL_H) 8418de8d7fSPeter Avalos #include <sys/prctl.h> /* For prctl() and PR_SET_DUMPABLE */ 8518de8d7fSPeter Avalos #endif 8618de8d7fSPeter Avalos 8718de8d7fSPeter Avalos typedef enum { 8818de8d7fSPeter Avalos AUTH_UNUSED, 8918de8d7fSPeter Avalos AUTH_SOCKET, 9018de8d7fSPeter Avalos AUTH_CONNECTION 9118de8d7fSPeter Avalos } sock_type; 9218de8d7fSPeter Avalos 9318de8d7fSPeter Avalos typedef struct { 9418de8d7fSPeter Avalos int fd; 9518de8d7fSPeter Avalos sock_type type; 9618de8d7fSPeter Avalos Buffer input; 9718de8d7fSPeter Avalos Buffer output; 9818de8d7fSPeter Avalos Buffer request; 9918de8d7fSPeter Avalos } SocketEntry; 10018de8d7fSPeter Avalos 10118de8d7fSPeter Avalos u_int sockets_alloc = 0; 10218de8d7fSPeter Avalos SocketEntry *sockets = NULL; 10318de8d7fSPeter Avalos 10418de8d7fSPeter Avalos typedef struct identity { 10518de8d7fSPeter Avalos TAILQ_ENTRY(identity) next; 10618de8d7fSPeter Avalos Key *key; 10718de8d7fSPeter Avalos char *comment; 108*856ea928SPeter Avalos char *provider; 10918de8d7fSPeter Avalos u_int death; 11018de8d7fSPeter Avalos u_int confirm; 11118de8d7fSPeter Avalos } Identity; 11218de8d7fSPeter Avalos 11318de8d7fSPeter Avalos typedef struct { 11418de8d7fSPeter Avalos int nentries; 11518de8d7fSPeter Avalos TAILQ_HEAD(idqueue, identity) idlist; 11618de8d7fSPeter Avalos } Idtab; 11718de8d7fSPeter Avalos 11818de8d7fSPeter Avalos /* private key table, one per protocol version */ 11918de8d7fSPeter Avalos Idtab idtable[3]; 12018de8d7fSPeter Avalos 12118de8d7fSPeter Avalos int max_fd = 0; 12218de8d7fSPeter Avalos 12318de8d7fSPeter Avalos /* pid of shell == parent of agent */ 12418de8d7fSPeter Avalos pid_t parent_pid = -1; 12518de8d7fSPeter Avalos u_int parent_alive_interval = 0; 12618de8d7fSPeter Avalos 12718de8d7fSPeter Avalos /* pathname and directory for AUTH_SOCKET */ 12818de8d7fSPeter Avalos char socket_name[MAXPATHLEN]; 12918de8d7fSPeter Avalos char socket_dir[MAXPATHLEN]; 13018de8d7fSPeter Avalos 13118de8d7fSPeter Avalos /* locking */ 13218de8d7fSPeter Avalos int locked = 0; 13318de8d7fSPeter Avalos char *lock_passwd = NULL; 13418de8d7fSPeter Avalos 13518de8d7fSPeter Avalos extern char *__progname; 13618de8d7fSPeter Avalos 13718de8d7fSPeter Avalos /* Default lifetime (0 == forever) */ 13818de8d7fSPeter Avalos static int lifetime = 0; 13918de8d7fSPeter Avalos 14018de8d7fSPeter Avalos static void 14118de8d7fSPeter Avalos close_socket(SocketEntry *e) 14218de8d7fSPeter Avalos { 14318de8d7fSPeter Avalos close(e->fd); 14418de8d7fSPeter Avalos e->fd = -1; 14518de8d7fSPeter Avalos e->type = AUTH_UNUSED; 14618de8d7fSPeter Avalos buffer_free(&e->input); 14718de8d7fSPeter Avalos buffer_free(&e->output); 14818de8d7fSPeter Avalos buffer_free(&e->request); 14918de8d7fSPeter Avalos } 15018de8d7fSPeter Avalos 15118de8d7fSPeter Avalos static void 15218de8d7fSPeter Avalos idtab_init(void) 15318de8d7fSPeter Avalos { 15418de8d7fSPeter Avalos int i; 15518de8d7fSPeter Avalos 15618de8d7fSPeter Avalos for (i = 0; i <=2; i++) { 15718de8d7fSPeter Avalos TAILQ_INIT(&idtable[i].idlist); 15818de8d7fSPeter Avalos idtable[i].nentries = 0; 15918de8d7fSPeter Avalos } 16018de8d7fSPeter Avalos } 16118de8d7fSPeter Avalos 16218de8d7fSPeter Avalos /* return private key table for requested protocol version */ 16318de8d7fSPeter Avalos static Idtab * 16418de8d7fSPeter Avalos idtab_lookup(int version) 16518de8d7fSPeter Avalos { 16618de8d7fSPeter Avalos if (version < 1 || version > 2) 16718de8d7fSPeter Avalos fatal("internal error, bad protocol version %d", version); 16818de8d7fSPeter Avalos return &idtable[version]; 16918de8d7fSPeter Avalos } 17018de8d7fSPeter Avalos 17118de8d7fSPeter Avalos static void 17218de8d7fSPeter Avalos free_identity(Identity *id) 17318de8d7fSPeter Avalos { 17418de8d7fSPeter Avalos key_free(id->key); 175*856ea928SPeter Avalos if (id->provider != NULL) 176*856ea928SPeter Avalos xfree(id->provider); 17718de8d7fSPeter Avalos xfree(id->comment); 17818de8d7fSPeter Avalos xfree(id); 17918de8d7fSPeter Avalos } 18018de8d7fSPeter Avalos 18118de8d7fSPeter Avalos /* return matching private key for given public key */ 18218de8d7fSPeter Avalos static Identity * 18318de8d7fSPeter Avalos lookup_identity(Key *key, int version) 18418de8d7fSPeter Avalos { 18518de8d7fSPeter Avalos Identity *id; 18618de8d7fSPeter Avalos 18718de8d7fSPeter Avalos Idtab *tab = idtab_lookup(version); 18818de8d7fSPeter Avalos TAILQ_FOREACH(id, &tab->idlist, next) { 18918de8d7fSPeter Avalos if (key_equal(key, id->key)) 19018de8d7fSPeter Avalos return (id); 19118de8d7fSPeter Avalos } 19218de8d7fSPeter Avalos return (NULL); 19318de8d7fSPeter Avalos } 19418de8d7fSPeter Avalos 19518de8d7fSPeter Avalos /* Check confirmation of keysign request */ 19618de8d7fSPeter Avalos static int 19718de8d7fSPeter Avalos confirm_key(Identity *id) 19818de8d7fSPeter Avalos { 19918de8d7fSPeter Avalos char *p; 20018de8d7fSPeter Avalos int ret = -1; 20118de8d7fSPeter Avalos 20218de8d7fSPeter Avalos p = key_fingerprint(id->key, SSH_FP_MD5, SSH_FP_HEX); 20318de8d7fSPeter Avalos if (ask_permission("Allow use of key %s?\nKey fingerprint %s.", 20418de8d7fSPeter Avalos id->comment, p)) 20518de8d7fSPeter Avalos ret = 0; 20618de8d7fSPeter Avalos xfree(p); 20718de8d7fSPeter Avalos 20818de8d7fSPeter Avalos return (ret); 20918de8d7fSPeter Avalos } 21018de8d7fSPeter Avalos 21118de8d7fSPeter Avalos /* send list of supported public keys to 'client' */ 21218de8d7fSPeter Avalos static void 21318de8d7fSPeter Avalos process_request_identities(SocketEntry *e, int version) 21418de8d7fSPeter Avalos { 21518de8d7fSPeter Avalos Idtab *tab = idtab_lookup(version); 21618de8d7fSPeter Avalos Identity *id; 21718de8d7fSPeter Avalos Buffer msg; 21818de8d7fSPeter Avalos 21918de8d7fSPeter Avalos buffer_init(&msg); 22018de8d7fSPeter Avalos buffer_put_char(&msg, (version == 1) ? 22118de8d7fSPeter Avalos SSH_AGENT_RSA_IDENTITIES_ANSWER : SSH2_AGENT_IDENTITIES_ANSWER); 22218de8d7fSPeter Avalos buffer_put_int(&msg, tab->nentries); 22318de8d7fSPeter Avalos TAILQ_FOREACH(id, &tab->idlist, next) { 22418de8d7fSPeter Avalos if (id->key->type == KEY_RSA1) { 22518de8d7fSPeter Avalos buffer_put_int(&msg, BN_num_bits(id->key->rsa->n)); 22618de8d7fSPeter Avalos buffer_put_bignum(&msg, id->key->rsa->e); 22718de8d7fSPeter Avalos buffer_put_bignum(&msg, id->key->rsa->n); 22818de8d7fSPeter Avalos } else { 22918de8d7fSPeter Avalos u_char *blob; 23018de8d7fSPeter Avalos u_int blen; 23118de8d7fSPeter Avalos key_to_blob(id->key, &blob, &blen); 23218de8d7fSPeter Avalos buffer_put_string(&msg, blob, blen); 23318de8d7fSPeter Avalos xfree(blob); 23418de8d7fSPeter Avalos } 23518de8d7fSPeter Avalos buffer_put_cstring(&msg, id->comment); 23618de8d7fSPeter Avalos } 23718de8d7fSPeter Avalos buffer_put_int(&e->output, buffer_len(&msg)); 23818de8d7fSPeter Avalos buffer_append(&e->output, buffer_ptr(&msg), buffer_len(&msg)); 23918de8d7fSPeter Avalos buffer_free(&msg); 24018de8d7fSPeter Avalos } 24118de8d7fSPeter Avalos 24218de8d7fSPeter Avalos /* ssh1 only */ 24318de8d7fSPeter Avalos static void 24418de8d7fSPeter Avalos process_authentication_challenge1(SocketEntry *e) 24518de8d7fSPeter Avalos { 24618de8d7fSPeter Avalos u_char buf[32], mdbuf[16], session_id[16]; 24718de8d7fSPeter Avalos u_int response_type; 24818de8d7fSPeter Avalos BIGNUM *challenge; 24918de8d7fSPeter Avalos Identity *id; 25018de8d7fSPeter Avalos int i, len; 25118de8d7fSPeter Avalos Buffer msg; 25218de8d7fSPeter Avalos MD5_CTX md; 25318de8d7fSPeter Avalos Key *key; 25418de8d7fSPeter Avalos 25518de8d7fSPeter Avalos buffer_init(&msg); 25618de8d7fSPeter Avalos key = key_new(KEY_RSA1); 25718de8d7fSPeter Avalos if ((challenge = BN_new()) == NULL) 25818de8d7fSPeter Avalos fatal("process_authentication_challenge1: BN_new failed"); 25918de8d7fSPeter Avalos 26018de8d7fSPeter Avalos (void) buffer_get_int(&e->request); /* ignored */ 26118de8d7fSPeter Avalos buffer_get_bignum(&e->request, key->rsa->e); 26218de8d7fSPeter Avalos buffer_get_bignum(&e->request, key->rsa->n); 26318de8d7fSPeter Avalos buffer_get_bignum(&e->request, challenge); 26418de8d7fSPeter Avalos 26518de8d7fSPeter Avalos /* Only protocol 1.1 is supported */ 26618de8d7fSPeter Avalos if (buffer_len(&e->request) == 0) 26718de8d7fSPeter Avalos goto failure; 26818de8d7fSPeter Avalos buffer_get(&e->request, session_id, 16); 26918de8d7fSPeter Avalos response_type = buffer_get_int(&e->request); 27018de8d7fSPeter Avalos if (response_type != 1) 27118de8d7fSPeter Avalos goto failure; 27218de8d7fSPeter Avalos 27318de8d7fSPeter Avalos id = lookup_identity(key, 1); 27418de8d7fSPeter Avalos if (id != NULL && (!id->confirm || confirm_key(id) == 0)) { 27518de8d7fSPeter Avalos Key *private = id->key; 27618de8d7fSPeter Avalos /* Decrypt the challenge using the private key. */ 27718de8d7fSPeter Avalos if (rsa_private_decrypt(challenge, challenge, private->rsa) <= 0) 27818de8d7fSPeter Avalos goto failure; 27918de8d7fSPeter Avalos 28018de8d7fSPeter Avalos /* The response is MD5 of decrypted challenge plus session id. */ 28118de8d7fSPeter Avalos len = BN_num_bytes(challenge); 28218de8d7fSPeter Avalos if (len <= 0 || len > 32) { 28318de8d7fSPeter Avalos logit("process_authentication_challenge: bad challenge length %d", len); 28418de8d7fSPeter Avalos goto failure; 28518de8d7fSPeter Avalos } 28618de8d7fSPeter Avalos memset(buf, 0, 32); 28718de8d7fSPeter Avalos BN_bn2bin(challenge, buf + 32 - len); 28818de8d7fSPeter Avalos MD5_Init(&md); 28918de8d7fSPeter Avalos MD5_Update(&md, buf, 32); 29018de8d7fSPeter Avalos MD5_Update(&md, session_id, 16); 29118de8d7fSPeter Avalos MD5_Final(mdbuf, &md); 29218de8d7fSPeter Avalos 29318de8d7fSPeter Avalos /* Send the response. */ 29418de8d7fSPeter Avalos buffer_put_char(&msg, SSH_AGENT_RSA_RESPONSE); 29518de8d7fSPeter Avalos for (i = 0; i < 16; i++) 29618de8d7fSPeter Avalos buffer_put_char(&msg, mdbuf[i]); 29718de8d7fSPeter Avalos goto send; 29818de8d7fSPeter Avalos } 29918de8d7fSPeter Avalos 30018de8d7fSPeter Avalos failure: 30118de8d7fSPeter Avalos /* Unknown identity or protocol error. Send failure. */ 30218de8d7fSPeter Avalos buffer_put_char(&msg, SSH_AGENT_FAILURE); 30318de8d7fSPeter Avalos send: 30418de8d7fSPeter Avalos buffer_put_int(&e->output, buffer_len(&msg)); 30518de8d7fSPeter Avalos buffer_append(&e->output, buffer_ptr(&msg), buffer_len(&msg)); 30618de8d7fSPeter Avalos key_free(key); 30718de8d7fSPeter Avalos BN_clear_free(challenge); 30818de8d7fSPeter Avalos buffer_free(&msg); 30918de8d7fSPeter Avalos } 31018de8d7fSPeter Avalos 31118de8d7fSPeter Avalos /* ssh2 only */ 31218de8d7fSPeter Avalos static void 31318de8d7fSPeter Avalos process_sign_request2(SocketEntry *e) 31418de8d7fSPeter Avalos { 31518de8d7fSPeter Avalos u_char *blob, *data, *signature = NULL; 31618de8d7fSPeter Avalos u_int blen, dlen, slen = 0; 31718de8d7fSPeter Avalos extern int datafellows; 31818de8d7fSPeter Avalos int odatafellows; 31918de8d7fSPeter Avalos int ok = -1, flags; 32018de8d7fSPeter Avalos Buffer msg; 32118de8d7fSPeter Avalos Key *key; 32218de8d7fSPeter Avalos 32318de8d7fSPeter Avalos datafellows = 0; 32418de8d7fSPeter Avalos 32518de8d7fSPeter Avalos blob = buffer_get_string(&e->request, &blen); 32618de8d7fSPeter Avalos data = buffer_get_string(&e->request, &dlen); 32718de8d7fSPeter Avalos 32818de8d7fSPeter Avalos flags = buffer_get_int(&e->request); 32918de8d7fSPeter Avalos odatafellows = datafellows; 33018de8d7fSPeter Avalos if (flags & SSH_AGENT_OLD_SIGNATURE) 33118de8d7fSPeter Avalos datafellows = SSH_BUG_SIGBLOB; 33218de8d7fSPeter Avalos 33318de8d7fSPeter Avalos key = key_from_blob(blob, blen); 33418de8d7fSPeter Avalos if (key != NULL) { 33518de8d7fSPeter Avalos Identity *id = lookup_identity(key, 2); 33618de8d7fSPeter Avalos if (id != NULL && (!id->confirm || confirm_key(id) == 0)) 33718de8d7fSPeter Avalos ok = key_sign(id->key, &signature, &slen, data, dlen); 33818de8d7fSPeter Avalos key_free(key); 33918de8d7fSPeter Avalos } 34018de8d7fSPeter Avalos buffer_init(&msg); 34118de8d7fSPeter Avalos if (ok == 0) { 34218de8d7fSPeter Avalos buffer_put_char(&msg, SSH2_AGENT_SIGN_RESPONSE); 34318de8d7fSPeter Avalos buffer_put_string(&msg, signature, slen); 34418de8d7fSPeter Avalos } else { 34518de8d7fSPeter Avalos buffer_put_char(&msg, SSH_AGENT_FAILURE); 34618de8d7fSPeter Avalos } 34718de8d7fSPeter Avalos buffer_put_int(&e->output, buffer_len(&msg)); 34818de8d7fSPeter Avalos buffer_append(&e->output, buffer_ptr(&msg), 34918de8d7fSPeter Avalos buffer_len(&msg)); 35018de8d7fSPeter Avalos buffer_free(&msg); 35118de8d7fSPeter Avalos xfree(data); 35218de8d7fSPeter Avalos xfree(blob); 35318de8d7fSPeter Avalos if (signature != NULL) 35418de8d7fSPeter Avalos xfree(signature); 35518de8d7fSPeter Avalos datafellows = odatafellows; 35618de8d7fSPeter Avalos } 35718de8d7fSPeter Avalos 35818de8d7fSPeter Avalos /* shared */ 35918de8d7fSPeter Avalos static void 36018de8d7fSPeter Avalos process_remove_identity(SocketEntry *e, int version) 36118de8d7fSPeter Avalos { 36218de8d7fSPeter Avalos u_int blen, bits; 36318de8d7fSPeter Avalos int success = 0; 36418de8d7fSPeter Avalos Key *key = NULL; 36518de8d7fSPeter Avalos u_char *blob; 36618de8d7fSPeter Avalos 36718de8d7fSPeter Avalos switch (version) { 36818de8d7fSPeter Avalos case 1: 36918de8d7fSPeter Avalos key = key_new(KEY_RSA1); 37018de8d7fSPeter Avalos bits = buffer_get_int(&e->request); 37118de8d7fSPeter Avalos buffer_get_bignum(&e->request, key->rsa->e); 37218de8d7fSPeter Avalos buffer_get_bignum(&e->request, key->rsa->n); 37318de8d7fSPeter Avalos 37418de8d7fSPeter Avalos if (bits != key_size(key)) 37518de8d7fSPeter Avalos logit("Warning: identity keysize mismatch: actual %u, announced %u", 37618de8d7fSPeter Avalos key_size(key), bits); 37718de8d7fSPeter Avalos break; 37818de8d7fSPeter Avalos case 2: 37918de8d7fSPeter Avalos blob = buffer_get_string(&e->request, &blen); 38018de8d7fSPeter Avalos key = key_from_blob(blob, blen); 38118de8d7fSPeter Avalos xfree(blob); 38218de8d7fSPeter Avalos break; 38318de8d7fSPeter Avalos } 38418de8d7fSPeter Avalos if (key != NULL) { 38518de8d7fSPeter Avalos Identity *id = lookup_identity(key, version); 38618de8d7fSPeter Avalos if (id != NULL) { 38718de8d7fSPeter Avalos /* 38818de8d7fSPeter Avalos * We have this key. Free the old key. Since we 38918de8d7fSPeter Avalos * don't want to leave empty slots in the middle of 39018de8d7fSPeter Avalos * the array, we actually free the key there and move 39118de8d7fSPeter Avalos * all the entries between the empty slot and the end 39218de8d7fSPeter Avalos * of the array. 39318de8d7fSPeter Avalos */ 39418de8d7fSPeter Avalos Idtab *tab = idtab_lookup(version); 39518de8d7fSPeter Avalos if (tab->nentries < 1) 39618de8d7fSPeter Avalos fatal("process_remove_identity: " 39718de8d7fSPeter Avalos "internal error: tab->nentries %d", 39818de8d7fSPeter Avalos tab->nentries); 39918de8d7fSPeter Avalos TAILQ_REMOVE(&tab->idlist, id, next); 40018de8d7fSPeter Avalos free_identity(id); 40118de8d7fSPeter Avalos tab->nentries--; 40218de8d7fSPeter Avalos success = 1; 40318de8d7fSPeter Avalos } 40418de8d7fSPeter Avalos key_free(key); 40518de8d7fSPeter Avalos } 40618de8d7fSPeter Avalos buffer_put_int(&e->output, 1); 40718de8d7fSPeter Avalos buffer_put_char(&e->output, 40818de8d7fSPeter Avalos success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); 40918de8d7fSPeter Avalos } 41018de8d7fSPeter Avalos 41118de8d7fSPeter Avalos static void 41218de8d7fSPeter Avalos process_remove_all_identities(SocketEntry *e, int version) 41318de8d7fSPeter Avalos { 41418de8d7fSPeter Avalos Idtab *tab = idtab_lookup(version); 41518de8d7fSPeter Avalos Identity *id; 41618de8d7fSPeter Avalos 41718de8d7fSPeter Avalos /* Loop over all identities and clear the keys. */ 41818de8d7fSPeter Avalos for (id = TAILQ_FIRST(&tab->idlist); id; 41918de8d7fSPeter Avalos id = TAILQ_FIRST(&tab->idlist)) { 42018de8d7fSPeter Avalos TAILQ_REMOVE(&tab->idlist, id, next); 42118de8d7fSPeter Avalos free_identity(id); 42218de8d7fSPeter Avalos } 42318de8d7fSPeter Avalos 42418de8d7fSPeter Avalos /* Mark that there are no identities. */ 42518de8d7fSPeter Avalos tab->nentries = 0; 42618de8d7fSPeter Avalos 42718de8d7fSPeter Avalos /* Send success. */ 42818de8d7fSPeter Avalos buffer_put_int(&e->output, 1); 42918de8d7fSPeter Avalos buffer_put_char(&e->output, SSH_AGENT_SUCCESS); 43018de8d7fSPeter Avalos } 43118de8d7fSPeter Avalos 43218de8d7fSPeter Avalos /* removes expired keys and returns number of seconds until the next expiry */ 43318de8d7fSPeter Avalos static u_int 43418de8d7fSPeter Avalos reaper(void) 43518de8d7fSPeter Avalos { 43618de8d7fSPeter Avalos u_int deadline = 0, now = time(NULL); 43718de8d7fSPeter Avalos Identity *id, *nxt; 43818de8d7fSPeter Avalos int version; 43918de8d7fSPeter Avalos Idtab *tab; 44018de8d7fSPeter Avalos 44118de8d7fSPeter Avalos for (version = 1; version < 3; version++) { 44218de8d7fSPeter Avalos tab = idtab_lookup(version); 44318de8d7fSPeter Avalos for (id = TAILQ_FIRST(&tab->idlist); id; id = nxt) { 44418de8d7fSPeter Avalos nxt = TAILQ_NEXT(id, next); 44518de8d7fSPeter Avalos if (id->death == 0) 44618de8d7fSPeter Avalos continue; 44718de8d7fSPeter Avalos if (now >= id->death) { 44818de8d7fSPeter Avalos debug("expiring key '%s'", id->comment); 44918de8d7fSPeter Avalos TAILQ_REMOVE(&tab->idlist, id, next); 45018de8d7fSPeter Avalos free_identity(id); 45118de8d7fSPeter Avalos tab->nentries--; 45218de8d7fSPeter Avalos } else 45318de8d7fSPeter Avalos deadline = (deadline == 0) ? id->death : 45418de8d7fSPeter Avalos MIN(deadline, id->death); 45518de8d7fSPeter Avalos } 45618de8d7fSPeter Avalos } 45718de8d7fSPeter Avalos if (deadline == 0 || deadline <= now) 45818de8d7fSPeter Avalos return 0; 45918de8d7fSPeter Avalos else 46018de8d7fSPeter Avalos return (deadline - now); 46118de8d7fSPeter Avalos } 46218de8d7fSPeter Avalos 46318de8d7fSPeter Avalos static void 46418de8d7fSPeter Avalos process_add_identity(SocketEntry *e, int version) 46518de8d7fSPeter Avalos { 46618de8d7fSPeter Avalos Idtab *tab = idtab_lookup(version); 46718de8d7fSPeter Avalos Identity *id; 46818de8d7fSPeter Avalos int type, success = 0, death = 0, confirm = 0; 46918de8d7fSPeter Avalos char *type_name, *comment; 47018de8d7fSPeter Avalos Key *k = NULL; 471*856ea928SPeter Avalos u_char *cert; 472*856ea928SPeter Avalos u_int len; 47318de8d7fSPeter Avalos 47418de8d7fSPeter Avalos switch (version) { 47518de8d7fSPeter Avalos case 1: 47618de8d7fSPeter Avalos k = key_new_private(KEY_RSA1); 47718de8d7fSPeter Avalos (void) buffer_get_int(&e->request); /* ignored */ 47818de8d7fSPeter Avalos buffer_get_bignum(&e->request, k->rsa->n); 47918de8d7fSPeter Avalos buffer_get_bignum(&e->request, k->rsa->e); 48018de8d7fSPeter Avalos buffer_get_bignum(&e->request, k->rsa->d); 48118de8d7fSPeter Avalos buffer_get_bignum(&e->request, k->rsa->iqmp); 48218de8d7fSPeter Avalos 48318de8d7fSPeter Avalos /* SSH and SSL have p and q swapped */ 48418de8d7fSPeter Avalos buffer_get_bignum(&e->request, k->rsa->q); /* p */ 48518de8d7fSPeter Avalos buffer_get_bignum(&e->request, k->rsa->p); /* q */ 48618de8d7fSPeter Avalos 48718de8d7fSPeter Avalos /* Generate additional parameters */ 48818de8d7fSPeter Avalos rsa_generate_additional_parameters(k->rsa); 48918de8d7fSPeter Avalos break; 49018de8d7fSPeter Avalos case 2: 49118de8d7fSPeter Avalos type_name = buffer_get_string(&e->request, NULL); 49218de8d7fSPeter Avalos type = key_type_from_name(type_name); 49318de8d7fSPeter Avalos xfree(type_name); 49418de8d7fSPeter Avalos switch (type) { 49518de8d7fSPeter Avalos case KEY_DSA: 49618de8d7fSPeter Avalos k = key_new_private(type); 49718de8d7fSPeter Avalos buffer_get_bignum2(&e->request, k->dsa->p); 49818de8d7fSPeter Avalos buffer_get_bignum2(&e->request, k->dsa->q); 49918de8d7fSPeter Avalos buffer_get_bignum2(&e->request, k->dsa->g); 50018de8d7fSPeter Avalos buffer_get_bignum2(&e->request, k->dsa->pub_key); 50118de8d7fSPeter Avalos buffer_get_bignum2(&e->request, k->dsa->priv_key); 50218de8d7fSPeter Avalos break; 503*856ea928SPeter Avalos case KEY_DSA_CERT_V00: 504*856ea928SPeter Avalos case KEY_DSA_CERT: 505*856ea928SPeter Avalos cert = buffer_get_string(&e->request, &len); 506*856ea928SPeter Avalos if ((k = key_from_blob(cert, len)) == NULL) 507*856ea928SPeter Avalos fatal("Certificate parse failed"); 508*856ea928SPeter Avalos xfree(cert); 509*856ea928SPeter Avalos key_add_private(k); 510*856ea928SPeter Avalos buffer_get_bignum2(&e->request, k->dsa->priv_key); 511*856ea928SPeter Avalos break; 51218de8d7fSPeter Avalos case KEY_RSA: 51318de8d7fSPeter Avalos k = key_new_private(type); 51418de8d7fSPeter Avalos buffer_get_bignum2(&e->request, k->rsa->n); 51518de8d7fSPeter Avalos buffer_get_bignum2(&e->request, k->rsa->e); 51618de8d7fSPeter Avalos buffer_get_bignum2(&e->request, k->rsa->d); 51718de8d7fSPeter Avalos buffer_get_bignum2(&e->request, k->rsa->iqmp); 51818de8d7fSPeter Avalos buffer_get_bignum2(&e->request, k->rsa->p); 51918de8d7fSPeter Avalos buffer_get_bignum2(&e->request, k->rsa->q); 52018de8d7fSPeter Avalos 52118de8d7fSPeter Avalos /* Generate additional parameters */ 52218de8d7fSPeter Avalos rsa_generate_additional_parameters(k->rsa); 52318de8d7fSPeter Avalos break; 524*856ea928SPeter Avalos case KEY_RSA_CERT_V00: 525*856ea928SPeter Avalos case KEY_RSA_CERT: 526*856ea928SPeter Avalos cert = buffer_get_string(&e->request, &len); 527*856ea928SPeter Avalos if ((k = key_from_blob(cert, len)) == NULL) 528*856ea928SPeter Avalos fatal("Certificate parse failed"); 529*856ea928SPeter Avalos xfree(cert); 530*856ea928SPeter Avalos key_add_private(k); 531*856ea928SPeter Avalos buffer_get_bignum2(&e->request, k->rsa->d); 532*856ea928SPeter Avalos buffer_get_bignum2(&e->request, k->rsa->iqmp); 533*856ea928SPeter Avalos buffer_get_bignum2(&e->request, k->rsa->p); 534*856ea928SPeter Avalos buffer_get_bignum2(&e->request, k->rsa->q); 535*856ea928SPeter Avalos break; 53618de8d7fSPeter Avalos default: 53718de8d7fSPeter Avalos buffer_clear(&e->request); 53818de8d7fSPeter Avalos goto send; 53918de8d7fSPeter Avalos } 54018de8d7fSPeter Avalos break; 54118de8d7fSPeter Avalos } 54218de8d7fSPeter Avalos /* enable blinding */ 54318de8d7fSPeter Avalos switch (k->type) { 54418de8d7fSPeter Avalos case KEY_RSA: 545*856ea928SPeter Avalos case KEY_RSA_CERT_V00: 546*856ea928SPeter Avalos case KEY_RSA_CERT: 54718de8d7fSPeter Avalos case KEY_RSA1: 54818de8d7fSPeter Avalos if (RSA_blinding_on(k->rsa, NULL) != 1) { 54918de8d7fSPeter Avalos error("process_add_identity: RSA_blinding_on failed"); 55018de8d7fSPeter Avalos key_free(k); 55118de8d7fSPeter Avalos goto send; 55218de8d7fSPeter Avalos } 55318de8d7fSPeter Avalos break; 55418de8d7fSPeter Avalos } 55518de8d7fSPeter Avalos comment = buffer_get_string(&e->request, NULL); 55618de8d7fSPeter Avalos if (k == NULL) { 55718de8d7fSPeter Avalos xfree(comment); 55818de8d7fSPeter Avalos goto send; 55918de8d7fSPeter Avalos } 56018de8d7fSPeter Avalos while (buffer_len(&e->request)) { 56118de8d7fSPeter Avalos switch ((type = buffer_get_char(&e->request))) { 56218de8d7fSPeter Avalos case SSH_AGENT_CONSTRAIN_LIFETIME: 56318de8d7fSPeter Avalos death = time(NULL) + buffer_get_int(&e->request); 56418de8d7fSPeter Avalos break; 56518de8d7fSPeter Avalos case SSH_AGENT_CONSTRAIN_CONFIRM: 56618de8d7fSPeter Avalos confirm = 1; 56718de8d7fSPeter Avalos break; 56818de8d7fSPeter Avalos default: 56918de8d7fSPeter Avalos error("process_add_identity: " 57018de8d7fSPeter Avalos "Unknown constraint type %d", type); 57118de8d7fSPeter Avalos xfree(comment); 57218de8d7fSPeter Avalos key_free(k); 57318de8d7fSPeter Avalos goto send; 57418de8d7fSPeter Avalos } 57518de8d7fSPeter Avalos } 57618de8d7fSPeter Avalos success = 1; 57718de8d7fSPeter Avalos if (lifetime && !death) 57818de8d7fSPeter Avalos death = time(NULL) + lifetime; 57918de8d7fSPeter Avalos if ((id = lookup_identity(k, version)) == NULL) { 580*856ea928SPeter Avalos id = xcalloc(1, sizeof(Identity)); 58118de8d7fSPeter Avalos id->key = k; 58218de8d7fSPeter Avalos TAILQ_INSERT_TAIL(&tab->idlist, id, next); 58318de8d7fSPeter Avalos /* Increment the number of identities. */ 58418de8d7fSPeter Avalos tab->nentries++; 58518de8d7fSPeter Avalos } else { 58618de8d7fSPeter Avalos key_free(k); 58718de8d7fSPeter Avalos xfree(id->comment); 58818de8d7fSPeter Avalos } 58918de8d7fSPeter Avalos id->comment = comment; 59018de8d7fSPeter Avalos id->death = death; 59118de8d7fSPeter Avalos id->confirm = confirm; 59218de8d7fSPeter Avalos send: 59318de8d7fSPeter Avalos buffer_put_int(&e->output, 1); 59418de8d7fSPeter Avalos buffer_put_char(&e->output, 59518de8d7fSPeter Avalos success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); 59618de8d7fSPeter Avalos } 59718de8d7fSPeter Avalos 59818de8d7fSPeter Avalos /* XXX todo: encrypt sensitive data with passphrase */ 59918de8d7fSPeter Avalos static void 60018de8d7fSPeter Avalos process_lock_agent(SocketEntry *e, int lock) 60118de8d7fSPeter Avalos { 60218de8d7fSPeter Avalos int success = 0; 60318de8d7fSPeter Avalos char *passwd; 60418de8d7fSPeter Avalos 60518de8d7fSPeter Avalos passwd = buffer_get_string(&e->request, NULL); 60618de8d7fSPeter Avalos if (locked && !lock && strcmp(passwd, lock_passwd) == 0) { 60718de8d7fSPeter Avalos locked = 0; 60818de8d7fSPeter Avalos memset(lock_passwd, 0, strlen(lock_passwd)); 60918de8d7fSPeter Avalos xfree(lock_passwd); 61018de8d7fSPeter Avalos lock_passwd = NULL; 61118de8d7fSPeter Avalos success = 1; 61218de8d7fSPeter Avalos } else if (!locked && lock) { 61318de8d7fSPeter Avalos locked = 1; 61418de8d7fSPeter Avalos lock_passwd = xstrdup(passwd); 61518de8d7fSPeter Avalos success = 1; 61618de8d7fSPeter Avalos } 61718de8d7fSPeter Avalos memset(passwd, 0, strlen(passwd)); 61818de8d7fSPeter Avalos xfree(passwd); 61918de8d7fSPeter Avalos 62018de8d7fSPeter Avalos buffer_put_int(&e->output, 1); 62118de8d7fSPeter Avalos buffer_put_char(&e->output, 62218de8d7fSPeter Avalos success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); 62318de8d7fSPeter Avalos } 62418de8d7fSPeter Avalos 62518de8d7fSPeter Avalos static void 62618de8d7fSPeter Avalos no_identities(SocketEntry *e, u_int type) 62718de8d7fSPeter Avalos { 62818de8d7fSPeter Avalos Buffer msg; 62918de8d7fSPeter Avalos 63018de8d7fSPeter Avalos buffer_init(&msg); 63118de8d7fSPeter Avalos buffer_put_char(&msg, 63218de8d7fSPeter Avalos (type == SSH_AGENTC_REQUEST_RSA_IDENTITIES) ? 63318de8d7fSPeter Avalos SSH_AGENT_RSA_IDENTITIES_ANSWER : SSH2_AGENT_IDENTITIES_ANSWER); 63418de8d7fSPeter Avalos buffer_put_int(&msg, 0); 63518de8d7fSPeter Avalos buffer_put_int(&e->output, buffer_len(&msg)); 63618de8d7fSPeter Avalos buffer_append(&e->output, buffer_ptr(&msg), buffer_len(&msg)); 63718de8d7fSPeter Avalos buffer_free(&msg); 63818de8d7fSPeter Avalos } 63918de8d7fSPeter Avalos 640*856ea928SPeter Avalos #ifdef ENABLE_PKCS11 64118de8d7fSPeter Avalos static void 64218de8d7fSPeter Avalos process_add_smartcard_key(SocketEntry *e) 64318de8d7fSPeter Avalos { 644*856ea928SPeter Avalos char *provider = NULL, *pin; 645*856ea928SPeter Avalos int i, type, version, count = 0, success = 0, death = 0, confirm = 0; 646*856ea928SPeter Avalos Key **keys = NULL, *k; 64718de8d7fSPeter Avalos Identity *id; 64818de8d7fSPeter Avalos Idtab *tab; 64918de8d7fSPeter Avalos 650*856ea928SPeter Avalos provider = buffer_get_string(&e->request, NULL); 65118de8d7fSPeter Avalos pin = buffer_get_string(&e->request, NULL); 65218de8d7fSPeter Avalos 65318de8d7fSPeter Avalos while (buffer_len(&e->request)) { 65418de8d7fSPeter Avalos switch ((type = buffer_get_char(&e->request))) { 65518de8d7fSPeter Avalos case SSH_AGENT_CONSTRAIN_LIFETIME: 65618de8d7fSPeter Avalos death = time(NULL) + buffer_get_int(&e->request); 65718de8d7fSPeter Avalos break; 65818de8d7fSPeter Avalos case SSH_AGENT_CONSTRAIN_CONFIRM: 65918de8d7fSPeter Avalos confirm = 1; 66018de8d7fSPeter Avalos break; 66118de8d7fSPeter Avalos default: 66218de8d7fSPeter Avalos error("process_add_smartcard_key: " 66318de8d7fSPeter Avalos "Unknown constraint type %d", type); 66418de8d7fSPeter Avalos goto send; 66518de8d7fSPeter Avalos } 66618de8d7fSPeter Avalos } 66718de8d7fSPeter Avalos if (lifetime && !death) 66818de8d7fSPeter Avalos death = time(NULL) + lifetime; 66918de8d7fSPeter Avalos 670*856ea928SPeter Avalos count = pkcs11_add_provider(provider, pin, &keys); 671*856ea928SPeter Avalos for (i = 0; i < count; i++) { 67218de8d7fSPeter Avalos k = keys[i]; 67318de8d7fSPeter Avalos version = k->type == KEY_RSA1 ? 1 : 2; 67418de8d7fSPeter Avalos tab = idtab_lookup(version); 67518de8d7fSPeter Avalos if (lookup_identity(k, version) == NULL) { 676*856ea928SPeter Avalos id = xcalloc(1, sizeof(Identity)); 67718de8d7fSPeter Avalos id->key = k; 678*856ea928SPeter Avalos id->provider = xstrdup(provider); 679*856ea928SPeter Avalos id->comment = xstrdup(provider); /* XXX */ 68018de8d7fSPeter Avalos id->death = death; 68118de8d7fSPeter Avalos id->confirm = confirm; 68218de8d7fSPeter Avalos TAILQ_INSERT_TAIL(&tab->idlist, id, next); 68318de8d7fSPeter Avalos tab->nentries++; 68418de8d7fSPeter Avalos success = 1; 68518de8d7fSPeter Avalos } else { 68618de8d7fSPeter Avalos key_free(k); 68718de8d7fSPeter Avalos } 68818de8d7fSPeter Avalos keys[i] = NULL; 68918de8d7fSPeter Avalos } 69018de8d7fSPeter Avalos send: 691*856ea928SPeter Avalos if (pin) 692*856ea928SPeter Avalos xfree(pin); 693*856ea928SPeter Avalos if (provider) 694*856ea928SPeter Avalos xfree(provider); 695*856ea928SPeter Avalos if (keys) 696*856ea928SPeter Avalos xfree(keys); 69718de8d7fSPeter Avalos buffer_put_int(&e->output, 1); 69818de8d7fSPeter Avalos buffer_put_char(&e->output, 69918de8d7fSPeter Avalos success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); 70018de8d7fSPeter Avalos } 70118de8d7fSPeter Avalos 70218de8d7fSPeter Avalos static void 70318de8d7fSPeter Avalos process_remove_smartcard_key(SocketEntry *e) 70418de8d7fSPeter Avalos { 705*856ea928SPeter Avalos char *provider = NULL, *pin = NULL; 706*856ea928SPeter Avalos int version, success = 0; 707*856ea928SPeter Avalos Identity *id, *nxt; 70818de8d7fSPeter Avalos Idtab *tab; 70918de8d7fSPeter Avalos 710*856ea928SPeter Avalos provider = buffer_get_string(&e->request, NULL); 71118de8d7fSPeter Avalos pin = buffer_get_string(&e->request, NULL); 71218de8d7fSPeter Avalos xfree(pin); 71318de8d7fSPeter Avalos 714*856ea928SPeter Avalos for (version = 1; version < 3; version++) { 71518de8d7fSPeter Avalos tab = idtab_lookup(version); 716*856ea928SPeter Avalos for (id = TAILQ_FIRST(&tab->idlist); id; id = nxt) { 717*856ea928SPeter Avalos nxt = TAILQ_NEXT(id, next); 718*856ea928SPeter Avalos if (!strcmp(provider, id->provider)) { 71918de8d7fSPeter Avalos TAILQ_REMOVE(&tab->idlist, id, next); 72018de8d7fSPeter Avalos free_identity(id); 721*856ea928SPeter Avalos tab->nentries--; 722*856ea928SPeter Avalos } 723*856ea928SPeter Avalos } 724*856ea928SPeter Avalos } 725*856ea928SPeter Avalos if (pkcs11_del_provider(provider) == 0) 72618de8d7fSPeter Avalos success = 1; 727*856ea928SPeter Avalos else 728*856ea928SPeter Avalos error("process_remove_smartcard_key:" 729*856ea928SPeter Avalos " pkcs11_del_provider failed"); 730*856ea928SPeter Avalos xfree(provider); 73118de8d7fSPeter Avalos buffer_put_int(&e->output, 1); 73218de8d7fSPeter Avalos buffer_put_char(&e->output, 73318de8d7fSPeter Avalos success ? SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE); 73418de8d7fSPeter Avalos } 735*856ea928SPeter Avalos #endif /* ENABLE_PKCS11 */ 73618de8d7fSPeter Avalos 73718de8d7fSPeter Avalos /* dispatch incoming messages */ 73818de8d7fSPeter Avalos 73918de8d7fSPeter Avalos static void 74018de8d7fSPeter Avalos process_message(SocketEntry *e) 74118de8d7fSPeter Avalos { 74218de8d7fSPeter Avalos u_int msg_len, type; 74318de8d7fSPeter Avalos u_char *cp; 74418de8d7fSPeter Avalos 74518de8d7fSPeter Avalos if (buffer_len(&e->input) < 5) 74618de8d7fSPeter Avalos return; /* Incomplete message. */ 74718de8d7fSPeter Avalos cp = buffer_ptr(&e->input); 74818de8d7fSPeter Avalos msg_len = get_u32(cp); 74918de8d7fSPeter Avalos if (msg_len > 256 * 1024) { 75018de8d7fSPeter Avalos close_socket(e); 75118de8d7fSPeter Avalos return; 75218de8d7fSPeter Avalos } 75318de8d7fSPeter Avalos if (buffer_len(&e->input) < msg_len + 4) 75418de8d7fSPeter Avalos return; 75518de8d7fSPeter Avalos 75618de8d7fSPeter Avalos /* move the current input to e->request */ 75718de8d7fSPeter Avalos buffer_consume(&e->input, 4); 75818de8d7fSPeter Avalos buffer_clear(&e->request); 75918de8d7fSPeter Avalos buffer_append(&e->request, buffer_ptr(&e->input), msg_len); 76018de8d7fSPeter Avalos buffer_consume(&e->input, msg_len); 76118de8d7fSPeter Avalos type = buffer_get_char(&e->request); 76218de8d7fSPeter Avalos 76318de8d7fSPeter Avalos /* check wheter agent is locked */ 76418de8d7fSPeter Avalos if (locked && type != SSH_AGENTC_UNLOCK) { 76518de8d7fSPeter Avalos buffer_clear(&e->request); 76618de8d7fSPeter Avalos switch (type) { 76718de8d7fSPeter Avalos case SSH_AGENTC_REQUEST_RSA_IDENTITIES: 76818de8d7fSPeter Avalos case SSH2_AGENTC_REQUEST_IDENTITIES: 76918de8d7fSPeter Avalos /* send empty lists */ 77018de8d7fSPeter Avalos no_identities(e, type); 77118de8d7fSPeter Avalos break; 77218de8d7fSPeter Avalos default: 77318de8d7fSPeter Avalos /* send a fail message for all other request types */ 77418de8d7fSPeter Avalos buffer_put_int(&e->output, 1); 77518de8d7fSPeter Avalos buffer_put_char(&e->output, SSH_AGENT_FAILURE); 77618de8d7fSPeter Avalos } 77718de8d7fSPeter Avalos return; 77818de8d7fSPeter Avalos } 77918de8d7fSPeter Avalos 78018de8d7fSPeter Avalos debug("type %d", type); 78118de8d7fSPeter Avalos switch (type) { 78218de8d7fSPeter Avalos case SSH_AGENTC_LOCK: 78318de8d7fSPeter Avalos case SSH_AGENTC_UNLOCK: 78418de8d7fSPeter Avalos process_lock_agent(e, type == SSH_AGENTC_LOCK); 78518de8d7fSPeter Avalos break; 78618de8d7fSPeter Avalos /* ssh1 */ 78718de8d7fSPeter Avalos case SSH_AGENTC_RSA_CHALLENGE: 78818de8d7fSPeter Avalos process_authentication_challenge1(e); 78918de8d7fSPeter Avalos break; 79018de8d7fSPeter Avalos case SSH_AGENTC_REQUEST_RSA_IDENTITIES: 79118de8d7fSPeter Avalos process_request_identities(e, 1); 79218de8d7fSPeter Avalos break; 79318de8d7fSPeter Avalos case SSH_AGENTC_ADD_RSA_IDENTITY: 79418de8d7fSPeter Avalos case SSH_AGENTC_ADD_RSA_ID_CONSTRAINED: 79518de8d7fSPeter Avalos process_add_identity(e, 1); 79618de8d7fSPeter Avalos break; 79718de8d7fSPeter Avalos case SSH_AGENTC_REMOVE_RSA_IDENTITY: 79818de8d7fSPeter Avalos process_remove_identity(e, 1); 79918de8d7fSPeter Avalos break; 80018de8d7fSPeter Avalos case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES: 80118de8d7fSPeter Avalos process_remove_all_identities(e, 1); 80218de8d7fSPeter Avalos break; 80318de8d7fSPeter Avalos /* ssh2 */ 80418de8d7fSPeter Avalos case SSH2_AGENTC_SIGN_REQUEST: 80518de8d7fSPeter Avalos process_sign_request2(e); 80618de8d7fSPeter Avalos break; 80718de8d7fSPeter Avalos case SSH2_AGENTC_REQUEST_IDENTITIES: 80818de8d7fSPeter Avalos process_request_identities(e, 2); 80918de8d7fSPeter Avalos break; 81018de8d7fSPeter Avalos case SSH2_AGENTC_ADD_IDENTITY: 81118de8d7fSPeter Avalos case SSH2_AGENTC_ADD_ID_CONSTRAINED: 81218de8d7fSPeter Avalos process_add_identity(e, 2); 81318de8d7fSPeter Avalos break; 81418de8d7fSPeter Avalos case SSH2_AGENTC_REMOVE_IDENTITY: 81518de8d7fSPeter Avalos process_remove_identity(e, 2); 81618de8d7fSPeter Avalos break; 81718de8d7fSPeter Avalos case SSH2_AGENTC_REMOVE_ALL_IDENTITIES: 81818de8d7fSPeter Avalos process_remove_all_identities(e, 2); 81918de8d7fSPeter Avalos break; 820*856ea928SPeter Avalos #ifdef ENABLE_PKCS11 82118de8d7fSPeter Avalos case SSH_AGENTC_ADD_SMARTCARD_KEY: 82218de8d7fSPeter Avalos case SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED: 82318de8d7fSPeter Avalos process_add_smartcard_key(e); 82418de8d7fSPeter Avalos break; 82518de8d7fSPeter Avalos case SSH_AGENTC_REMOVE_SMARTCARD_KEY: 82618de8d7fSPeter Avalos process_remove_smartcard_key(e); 82718de8d7fSPeter Avalos break; 828*856ea928SPeter Avalos #endif /* ENABLE_PKCS11 */ 82918de8d7fSPeter Avalos default: 83018de8d7fSPeter Avalos /* Unknown message. Respond with failure. */ 83118de8d7fSPeter Avalos error("Unknown message %d", type); 83218de8d7fSPeter Avalos buffer_clear(&e->request); 83318de8d7fSPeter Avalos buffer_put_int(&e->output, 1); 83418de8d7fSPeter Avalos buffer_put_char(&e->output, SSH_AGENT_FAILURE); 83518de8d7fSPeter Avalos break; 83618de8d7fSPeter Avalos } 83718de8d7fSPeter Avalos } 83818de8d7fSPeter Avalos 83918de8d7fSPeter Avalos static void 84018de8d7fSPeter Avalos new_socket(sock_type type, int fd) 84118de8d7fSPeter Avalos { 84218de8d7fSPeter Avalos u_int i, old_alloc, new_alloc; 84318de8d7fSPeter Avalos 84418de8d7fSPeter Avalos set_nonblock(fd); 84518de8d7fSPeter Avalos 84618de8d7fSPeter Avalos if (fd > max_fd) 84718de8d7fSPeter Avalos max_fd = fd; 84818de8d7fSPeter Avalos 84918de8d7fSPeter Avalos for (i = 0; i < sockets_alloc; i++) 85018de8d7fSPeter Avalos if (sockets[i].type == AUTH_UNUSED) { 85118de8d7fSPeter Avalos sockets[i].fd = fd; 85218de8d7fSPeter Avalos buffer_init(&sockets[i].input); 85318de8d7fSPeter Avalos buffer_init(&sockets[i].output); 85418de8d7fSPeter Avalos buffer_init(&sockets[i].request); 85518de8d7fSPeter Avalos sockets[i].type = type; 85618de8d7fSPeter Avalos return; 85718de8d7fSPeter Avalos } 85818de8d7fSPeter Avalos old_alloc = sockets_alloc; 85918de8d7fSPeter Avalos new_alloc = sockets_alloc + 10; 86018de8d7fSPeter Avalos sockets = xrealloc(sockets, new_alloc, sizeof(sockets[0])); 86118de8d7fSPeter Avalos for (i = old_alloc; i < new_alloc; i++) 86218de8d7fSPeter Avalos sockets[i].type = AUTH_UNUSED; 86318de8d7fSPeter Avalos sockets_alloc = new_alloc; 86418de8d7fSPeter Avalos sockets[old_alloc].fd = fd; 86518de8d7fSPeter Avalos buffer_init(&sockets[old_alloc].input); 86618de8d7fSPeter Avalos buffer_init(&sockets[old_alloc].output); 86718de8d7fSPeter Avalos buffer_init(&sockets[old_alloc].request); 86818de8d7fSPeter Avalos sockets[old_alloc].type = type; 86918de8d7fSPeter Avalos } 87018de8d7fSPeter Avalos 87118de8d7fSPeter Avalos static int 87218de8d7fSPeter Avalos prepare_select(fd_set **fdrp, fd_set **fdwp, int *fdl, u_int *nallocp, 87318de8d7fSPeter Avalos struct timeval **tvpp) 87418de8d7fSPeter Avalos { 87518de8d7fSPeter Avalos u_int i, sz, deadline; 87618de8d7fSPeter Avalos int n = 0; 87718de8d7fSPeter Avalos static struct timeval tv; 87818de8d7fSPeter Avalos 87918de8d7fSPeter Avalos for (i = 0; i < sockets_alloc; i++) { 88018de8d7fSPeter Avalos switch (sockets[i].type) { 88118de8d7fSPeter Avalos case AUTH_SOCKET: 88218de8d7fSPeter Avalos case AUTH_CONNECTION: 88318de8d7fSPeter Avalos n = MAX(n, sockets[i].fd); 88418de8d7fSPeter Avalos break; 88518de8d7fSPeter Avalos case AUTH_UNUSED: 88618de8d7fSPeter Avalos break; 88718de8d7fSPeter Avalos default: 88818de8d7fSPeter Avalos fatal("Unknown socket type %d", sockets[i].type); 88918de8d7fSPeter Avalos break; 89018de8d7fSPeter Avalos } 89118de8d7fSPeter Avalos } 89218de8d7fSPeter Avalos 89318de8d7fSPeter Avalos sz = howmany(n+1, NFDBITS) * sizeof(fd_mask); 89418de8d7fSPeter Avalos if (*fdrp == NULL || sz > *nallocp) { 89518de8d7fSPeter Avalos if (*fdrp) 89618de8d7fSPeter Avalos xfree(*fdrp); 89718de8d7fSPeter Avalos if (*fdwp) 89818de8d7fSPeter Avalos xfree(*fdwp); 89918de8d7fSPeter Avalos *fdrp = xmalloc(sz); 90018de8d7fSPeter Avalos *fdwp = xmalloc(sz); 90118de8d7fSPeter Avalos *nallocp = sz; 90218de8d7fSPeter Avalos } 90318de8d7fSPeter Avalos if (n < *fdl) 90418de8d7fSPeter Avalos debug("XXX shrink: %d < %d", n, *fdl); 90518de8d7fSPeter Avalos *fdl = n; 90618de8d7fSPeter Avalos memset(*fdrp, 0, sz); 90718de8d7fSPeter Avalos memset(*fdwp, 0, sz); 90818de8d7fSPeter Avalos 90918de8d7fSPeter Avalos for (i = 0; i < sockets_alloc; i++) { 91018de8d7fSPeter Avalos switch (sockets[i].type) { 91118de8d7fSPeter Avalos case AUTH_SOCKET: 91218de8d7fSPeter Avalos case AUTH_CONNECTION: 91318de8d7fSPeter Avalos FD_SET(sockets[i].fd, *fdrp); 91418de8d7fSPeter Avalos if (buffer_len(&sockets[i].output) > 0) 91518de8d7fSPeter Avalos FD_SET(sockets[i].fd, *fdwp); 91618de8d7fSPeter Avalos break; 91718de8d7fSPeter Avalos default: 91818de8d7fSPeter Avalos break; 91918de8d7fSPeter Avalos } 92018de8d7fSPeter Avalos } 92118de8d7fSPeter Avalos deadline = reaper(); 92218de8d7fSPeter Avalos if (parent_alive_interval != 0) 92318de8d7fSPeter Avalos deadline = (deadline == 0) ? parent_alive_interval : 92418de8d7fSPeter Avalos MIN(deadline, parent_alive_interval); 92518de8d7fSPeter Avalos if (deadline == 0) { 92618de8d7fSPeter Avalos *tvpp = NULL; 92718de8d7fSPeter Avalos } else { 92818de8d7fSPeter Avalos tv.tv_sec = deadline; 92918de8d7fSPeter Avalos tv.tv_usec = 0; 93018de8d7fSPeter Avalos *tvpp = &tv; 93118de8d7fSPeter Avalos } 93218de8d7fSPeter Avalos return (1); 93318de8d7fSPeter Avalos } 93418de8d7fSPeter Avalos 93518de8d7fSPeter Avalos static void 93618de8d7fSPeter Avalos after_select(fd_set *readset, fd_set *writeset) 93718de8d7fSPeter Avalos { 93818de8d7fSPeter Avalos struct sockaddr_un sunaddr; 93918de8d7fSPeter Avalos socklen_t slen; 94018de8d7fSPeter Avalos char buf[1024]; 94118de8d7fSPeter Avalos int len, sock; 942*856ea928SPeter Avalos u_int i, orig_alloc; 94318de8d7fSPeter Avalos uid_t euid; 94418de8d7fSPeter Avalos gid_t egid; 94518de8d7fSPeter Avalos 946*856ea928SPeter Avalos for (i = 0, orig_alloc = sockets_alloc; i < orig_alloc; i++) 94718de8d7fSPeter Avalos switch (sockets[i].type) { 94818de8d7fSPeter Avalos case AUTH_UNUSED: 94918de8d7fSPeter Avalos break; 95018de8d7fSPeter Avalos case AUTH_SOCKET: 95118de8d7fSPeter Avalos if (FD_ISSET(sockets[i].fd, readset)) { 95218de8d7fSPeter Avalos slen = sizeof(sunaddr); 95318de8d7fSPeter Avalos sock = accept(sockets[i].fd, 95418de8d7fSPeter Avalos (struct sockaddr *)&sunaddr, &slen); 95518de8d7fSPeter Avalos if (sock < 0) { 95618de8d7fSPeter Avalos error("accept from AUTH_SOCKET: %s", 95718de8d7fSPeter Avalos strerror(errno)); 95818de8d7fSPeter Avalos break; 95918de8d7fSPeter Avalos } 96018de8d7fSPeter Avalos if (getpeereid(sock, &euid, &egid) < 0) { 96118de8d7fSPeter Avalos error("getpeereid %d failed: %s", 96218de8d7fSPeter Avalos sock, strerror(errno)); 96318de8d7fSPeter Avalos close(sock); 96418de8d7fSPeter Avalos break; 96518de8d7fSPeter Avalos } 96618de8d7fSPeter Avalos if ((euid != 0) && (getuid() != euid)) { 96718de8d7fSPeter Avalos error("uid mismatch: " 96818de8d7fSPeter Avalos "peer euid %u != uid %u", 96918de8d7fSPeter Avalos (u_int) euid, (u_int) getuid()); 97018de8d7fSPeter Avalos close(sock); 97118de8d7fSPeter Avalos break; 97218de8d7fSPeter Avalos } 97318de8d7fSPeter Avalos new_socket(AUTH_CONNECTION, sock); 97418de8d7fSPeter Avalos } 97518de8d7fSPeter Avalos break; 97618de8d7fSPeter Avalos case AUTH_CONNECTION: 97718de8d7fSPeter Avalos if (buffer_len(&sockets[i].output) > 0 && 97818de8d7fSPeter Avalos FD_ISSET(sockets[i].fd, writeset)) { 97918de8d7fSPeter Avalos len = write(sockets[i].fd, 98018de8d7fSPeter Avalos buffer_ptr(&sockets[i].output), 98118de8d7fSPeter Avalos buffer_len(&sockets[i].output)); 98218de8d7fSPeter Avalos if (len == -1 && (errno == EAGAIN || 983*856ea928SPeter Avalos errno == EWOULDBLOCK || 984*856ea928SPeter Avalos errno == EINTR)) 98518de8d7fSPeter Avalos continue; 98618de8d7fSPeter Avalos if (len <= 0) { 98718de8d7fSPeter Avalos close_socket(&sockets[i]); 98818de8d7fSPeter Avalos break; 98918de8d7fSPeter Avalos } 99018de8d7fSPeter Avalos buffer_consume(&sockets[i].output, len); 99118de8d7fSPeter Avalos } 99218de8d7fSPeter Avalos if (FD_ISSET(sockets[i].fd, readset)) { 99318de8d7fSPeter Avalos len = read(sockets[i].fd, buf, sizeof(buf)); 99418de8d7fSPeter Avalos if (len == -1 && (errno == EAGAIN || 995*856ea928SPeter Avalos errno == EWOULDBLOCK || 996*856ea928SPeter Avalos errno == EINTR)) 99718de8d7fSPeter Avalos continue; 99818de8d7fSPeter Avalos if (len <= 0) { 99918de8d7fSPeter Avalos close_socket(&sockets[i]); 100018de8d7fSPeter Avalos break; 100118de8d7fSPeter Avalos } 100218de8d7fSPeter Avalos buffer_append(&sockets[i].input, buf, len); 100318de8d7fSPeter Avalos process_message(&sockets[i]); 100418de8d7fSPeter Avalos } 100518de8d7fSPeter Avalos break; 100618de8d7fSPeter Avalos default: 100718de8d7fSPeter Avalos fatal("Unknown type %d", sockets[i].type); 100818de8d7fSPeter Avalos } 100918de8d7fSPeter Avalos } 101018de8d7fSPeter Avalos 101118de8d7fSPeter Avalos static void 101218de8d7fSPeter Avalos cleanup_socket(void) 101318de8d7fSPeter Avalos { 101418de8d7fSPeter Avalos if (socket_name[0]) 101518de8d7fSPeter Avalos unlink(socket_name); 101618de8d7fSPeter Avalos if (socket_dir[0]) 101718de8d7fSPeter Avalos rmdir(socket_dir); 101818de8d7fSPeter Avalos } 101918de8d7fSPeter Avalos 102018de8d7fSPeter Avalos void 102118de8d7fSPeter Avalos cleanup_exit(int i) 102218de8d7fSPeter Avalos { 102318de8d7fSPeter Avalos cleanup_socket(); 102418de8d7fSPeter Avalos _exit(i); 102518de8d7fSPeter Avalos } 102618de8d7fSPeter Avalos 102718de8d7fSPeter Avalos /*ARGSUSED*/ 102818de8d7fSPeter Avalos static void 102918de8d7fSPeter Avalos cleanup_handler(int sig) 103018de8d7fSPeter Avalos { 103118de8d7fSPeter Avalos cleanup_socket(); 1032*856ea928SPeter Avalos #ifdef ENABLE_PKCS11 1033*856ea928SPeter Avalos pkcs11_terminate(); 1034*856ea928SPeter Avalos #endif 103518de8d7fSPeter Avalos _exit(2); 103618de8d7fSPeter Avalos } 103718de8d7fSPeter Avalos 103818de8d7fSPeter Avalos static void 103918de8d7fSPeter Avalos check_parent_exists(void) 104018de8d7fSPeter Avalos { 104118de8d7fSPeter Avalos if (parent_pid != -1 && kill(parent_pid, 0) < 0) { 104218de8d7fSPeter Avalos /* printf("Parent has died - Authentication agent exiting.\n"); */ 104318de8d7fSPeter Avalos cleanup_socket(); 104418de8d7fSPeter Avalos _exit(2); 104518de8d7fSPeter Avalos } 104618de8d7fSPeter Avalos } 104718de8d7fSPeter Avalos 104818de8d7fSPeter Avalos static void 104918de8d7fSPeter Avalos usage(void) 105018de8d7fSPeter Avalos { 105118de8d7fSPeter Avalos fprintf(stderr, "usage: %s [options] [command [arg ...]]\n", 105218de8d7fSPeter Avalos __progname); 105318de8d7fSPeter Avalos fprintf(stderr, "Options:\n"); 105418de8d7fSPeter Avalos fprintf(stderr, " -c Generate C-shell commands on stdout.\n"); 105518de8d7fSPeter Avalos fprintf(stderr, " -s Generate Bourne shell commands on stdout.\n"); 105618de8d7fSPeter Avalos fprintf(stderr, " -k Kill the current agent.\n"); 105718de8d7fSPeter Avalos fprintf(stderr, " -d Debug mode.\n"); 105818de8d7fSPeter Avalos fprintf(stderr, " -a socket Bind agent socket to given name.\n"); 105918de8d7fSPeter Avalos fprintf(stderr, " -t life Default identity lifetime (seconds).\n"); 106018de8d7fSPeter Avalos exit(1); 106118de8d7fSPeter Avalos } 106218de8d7fSPeter Avalos 106318de8d7fSPeter Avalos int 106418de8d7fSPeter Avalos main(int ac, char **av) 106518de8d7fSPeter Avalos { 106618de8d7fSPeter Avalos int c_flag = 0, d_flag = 0, k_flag = 0, s_flag = 0; 106718de8d7fSPeter Avalos int sock, fd, ch, result, saved_errno; 106818de8d7fSPeter Avalos u_int nalloc; 106918de8d7fSPeter Avalos char *shell, *format, *pidstr, *agentsocket = NULL; 107018de8d7fSPeter Avalos fd_set *readsetp = NULL, *writesetp = NULL; 107118de8d7fSPeter Avalos struct sockaddr_un sunaddr; 107218de8d7fSPeter Avalos #ifdef HAVE_SETRLIMIT 107318de8d7fSPeter Avalos struct rlimit rlim; 107418de8d7fSPeter Avalos #endif 107518de8d7fSPeter Avalos int prev_mask; 107618de8d7fSPeter Avalos extern int optind; 107718de8d7fSPeter Avalos extern char *optarg; 107818de8d7fSPeter Avalos pid_t pid; 107918de8d7fSPeter Avalos char pidstrbuf[1 + 3 * sizeof pid]; 108018de8d7fSPeter Avalos struct timeval *tvp = NULL; 108140c002afSPeter Avalos size_t len; 108218de8d7fSPeter Avalos 108318de8d7fSPeter Avalos /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ 108418de8d7fSPeter Avalos sanitise_stdfd(); 108518de8d7fSPeter Avalos 108618de8d7fSPeter Avalos /* drop */ 108718de8d7fSPeter Avalos setegid(getgid()); 108818de8d7fSPeter Avalos setgid(getgid()); 108918de8d7fSPeter Avalos 109018de8d7fSPeter Avalos #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE) 109118de8d7fSPeter Avalos /* Disable ptrace on Linux without sgid bit */ 109218de8d7fSPeter Avalos prctl(PR_SET_DUMPABLE, 0); 109318de8d7fSPeter Avalos #endif 109418de8d7fSPeter Avalos 109518de8d7fSPeter Avalos SSLeay_add_all_algorithms(); 109618de8d7fSPeter Avalos 109718de8d7fSPeter Avalos __progname = ssh_get_progname(av[0]); 109818de8d7fSPeter Avalos init_rng(); 109918de8d7fSPeter Avalos seed_rng(); 110018de8d7fSPeter Avalos 110118de8d7fSPeter Avalos while ((ch = getopt(ac, av, "cdksa:t:")) != -1) { 110218de8d7fSPeter Avalos switch (ch) { 110318de8d7fSPeter Avalos case 'c': 110418de8d7fSPeter Avalos if (s_flag) 110518de8d7fSPeter Avalos usage(); 110618de8d7fSPeter Avalos c_flag++; 110718de8d7fSPeter Avalos break; 110818de8d7fSPeter Avalos case 'k': 110918de8d7fSPeter Avalos k_flag++; 111018de8d7fSPeter Avalos break; 111118de8d7fSPeter Avalos case 's': 111218de8d7fSPeter Avalos if (c_flag) 111318de8d7fSPeter Avalos usage(); 111418de8d7fSPeter Avalos s_flag++; 111518de8d7fSPeter Avalos break; 111618de8d7fSPeter Avalos case 'd': 111718de8d7fSPeter Avalos if (d_flag) 111818de8d7fSPeter Avalos usage(); 111918de8d7fSPeter Avalos d_flag++; 112018de8d7fSPeter Avalos break; 112118de8d7fSPeter Avalos case 'a': 112218de8d7fSPeter Avalos agentsocket = optarg; 112318de8d7fSPeter Avalos break; 112418de8d7fSPeter Avalos case 't': 112518de8d7fSPeter Avalos if ((lifetime = convtime(optarg)) == -1) { 112618de8d7fSPeter Avalos fprintf(stderr, "Invalid lifetime\n"); 112718de8d7fSPeter Avalos usage(); 112818de8d7fSPeter Avalos } 112918de8d7fSPeter Avalos break; 113018de8d7fSPeter Avalos default: 113118de8d7fSPeter Avalos usage(); 113218de8d7fSPeter Avalos } 113318de8d7fSPeter Avalos } 113418de8d7fSPeter Avalos ac -= optind; 113518de8d7fSPeter Avalos av += optind; 113618de8d7fSPeter Avalos 113718de8d7fSPeter Avalos if (ac > 0 && (c_flag || k_flag || s_flag || d_flag)) 113818de8d7fSPeter Avalos usage(); 113918de8d7fSPeter Avalos 114018de8d7fSPeter Avalos if (ac == 0 && !c_flag && !s_flag) { 114118de8d7fSPeter Avalos shell = getenv("SHELL"); 114240c002afSPeter Avalos if (shell != NULL && (len = strlen(shell)) > 2 && 114340c002afSPeter Avalos strncmp(shell + len - 3, "csh", 3) == 0) 114418de8d7fSPeter Avalos c_flag = 1; 114518de8d7fSPeter Avalos } 114618de8d7fSPeter Avalos if (k_flag) { 114718de8d7fSPeter Avalos const char *errstr = NULL; 114818de8d7fSPeter Avalos 114918de8d7fSPeter Avalos pidstr = getenv(SSH_AGENTPID_ENV_NAME); 115018de8d7fSPeter Avalos if (pidstr == NULL) { 115118de8d7fSPeter Avalos fprintf(stderr, "%s not set, cannot kill agent\n", 115218de8d7fSPeter Avalos SSH_AGENTPID_ENV_NAME); 115318de8d7fSPeter Avalos exit(1); 115418de8d7fSPeter Avalos } 115518de8d7fSPeter Avalos pid = (int)strtonum(pidstr, 2, INT_MAX, &errstr); 115618de8d7fSPeter Avalos if (errstr) { 115718de8d7fSPeter Avalos fprintf(stderr, 115818de8d7fSPeter Avalos "%s=\"%s\", which is not a good PID: %s\n", 115918de8d7fSPeter Avalos SSH_AGENTPID_ENV_NAME, pidstr, errstr); 116018de8d7fSPeter Avalos exit(1); 116118de8d7fSPeter Avalos } 116218de8d7fSPeter Avalos if (kill(pid, SIGTERM) == -1) { 116318de8d7fSPeter Avalos perror("kill"); 116418de8d7fSPeter Avalos exit(1); 116518de8d7fSPeter Avalos } 116618de8d7fSPeter Avalos format = c_flag ? "unsetenv %s;\n" : "unset %s;\n"; 116718de8d7fSPeter Avalos printf(format, SSH_AUTHSOCKET_ENV_NAME); 116818de8d7fSPeter Avalos printf(format, SSH_AGENTPID_ENV_NAME); 116918de8d7fSPeter Avalos printf("echo Agent pid %ld killed;\n", (long)pid); 117018de8d7fSPeter Avalos exit(0); 117118de8d7fSPeter Avalos } 117218de8d7fSPeter Avalos parent_pid = getpid(); 117318de8d7fSPeter Avalos 117418de8d7fSPeter Avalos if (agentsocket == NULL) { 117518de8d7fSPeter Avalos /* Create private directory for agent socket */ 117618de8d7fSPeter Avalos strlcpy(socket_dir, "/tmp/ssh-XXXXXXXXXX", sizeof socket_dir); 117718de8d7fSPeter Avalos if (mkdtemp(socket_dir) == NULL) { 117818de8d7fSPeter Avalos perror("mkdtemp: private socket dir"); 117918de8d7fSPeter Avalos exit(1); 118018de8d7fSPeter Avalos } 118118de8d7fSPeter Avalos snprintf(socket_name, sizeof socket_name, "%s/agent.%ld", socket_dir, 118218de8d7fSPeter Avalos (long)parent_pid); 118318de8d7fSPeter Avalos } else { 118418de8d7fSPeter Avalos /* Try to use specified agent socket */ 118518de8d7fSPeter Avalos socket_dir[0] = '\0'; 118618de8d7fSPeter Avalos strlcpy(socket_name, agentsocket, sizeof socket_name); 118718de8d7fSPeter Avalos } 118818de8d7fSPeter Avalos 118918de8d7fSPeter Avalos /* 119018de8d7fSPeter Avalos * Create socket early so it will exist before command gets run from 119118de8d7fSPeter Avalos * the parent. 119218de8d7fSPeter Avalos */ 119318de8d7fSPeter Avalos sock = socket(AF_UNIX, SOCK_STREAM, 0); 119418de8d7fSPeter Avalos if (sock < 0) { 119518de8d7fSPeter Avalos perror("socket"); 119618de8d7fSPeter Avalos *socket_name = '\0'; /* Don't unlink any existing file */ 119718de8d7fSPeter Avalos cleanup_exit(1); 119818de8d7fSPeter Avalos } 119918de8d7fSPeter Avalos memset(&sunaddr, 0, sizeof(sunaddr)); 120018de8d7fSPeter Avalos sunaddr.sun_family = AF_UNIX; 120118de8d7fSPeter Avalos strlcpy(sunaddr.sun_path, socket_name, sizeof(sunaddr.sun_path)); 120218de8d7fSPeter Avalos prev_mask = umask(0177); 120318de8d7fSPeter Avalos if (bind(sock, (struct sockaddr *) &sunaddr, sizeof(sunaddr)) < 0) { 120418de8d7fSPeter Avalos perror("bind"); 120518de8d7fSPeter Avalos *socket_name = '\0'; /* Don't unlink any existing file */ 120618de8d7fSPeter Avalos umask(prev_mask); 120718de8d7fSPeter Avalos cleanup_exit(1); 120818de8d7fSPeter Avalos } 120918de8d7fSPeter Avalos umask(prev_mask); 121018de8d7fSPeter Avalos if (listen(sock, SSH_LISTEN_BACKLOG) < 0) { 121118de8d7fSPeter Avalos perror("listen"); 121218de8d7fSPeter Avalos cleanup_exit(1); 121318de8d7fSPeter Avalos } 121418de8d7fSPeter Avalos 121518de8d7fSPeter Avalos /* 121618de8d7fSPeter Avalos * Fork, and have the parent execute the command, if any, or present 121718de8d7fSPeter Avalos * the socket data. The child continues as the authentication agent. 121818de8d7fSPeter Avalos */ 121918de8d7fSPeter Avalos if (d_flag) { 122018de8d7fSPeter Avalos log_init(__progname, SYSLOG_LEVEL_DEBUG1, SYSLOG_FACILITY_AUTH, 1); 122118de8d7fSPeter Avalos format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n"; 122218de8d7fSPeter Avalos printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name, 122318de8d7fSPeter Avalos SSH_AUTHSOCKET_ENV_NAME); 122418de8d7fSPeter Avalos printf("echo Agent pid %ld;\n", (long)parent_pid); 122518de8d7fSPeter Avalos goto skip; 122618de8d7fSPeter Avalos } 122718de8d7fSPeter Avalos pid = fork(); 122818de8d7fSPeter Avalos if (pid == -1) { 122918de8d7fSPeter Avalos perror("fork"); 123018de8d7fSPeter Avalos cleanup_exit(1); 123118de8d7fSPeter Avalos } 123218de8d7fSPeter Avalos if (pid != 0) { /* Parent - execute the given command. */ 123318de8d7fSPeter Avalos close(sock); 123418de8d7fSPeter Avalos snprintf(pidstrbuf, sizeof pidstrbuf, "%ld", (long)pid); 123518de8d7fSPeter Avalos if (ac == 0) { 123618de8d7fSPeter Avalos format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n"; 123718de8d7fSPeter Avalos printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name, 123818de8d7fSPeter Avalos SSH_AUTHSOCKET_ENV_NAME); 123918de8d7fSPeter Avalos printf(format, SSH_AGENTPID_ENV_NAME, pidstrbuf, 124018de8d7fSPeter Avalos SSH_AGENTPID_ENV_NAME); 124118de8d7fSPeter Avalos printf("echo Agent pid %ld;\n", (long)pid); 124218de8d7fSPeter Avalos exit(0); 124318de8d7fSPeter Avalos } 124418de8d7fSPeter Avalos if (setenv(SSH_AUTHSOCKET_ENV_NAME, socket_name, 1) == -1 || 124518de8d7fSPeter Avalos setenv(SSH_AGENTPID_ENV_NAME, pidstrbuf, 1) == -1) { 124618de8d7fSPeter Avalos perror("setenv"); 124718de8d7fSPeter Avalos exit(1); 124818de8d7fSPeter Avalos } 124918de8d7fSPeter Avalos execvp(av[0], av); 125018de8d7fSPeter Avalos perror(av[0]); 125118de8d7fSPeter Avalos exit(1); 125218de8d7fSPeter Avalos } 125318de8d7fSPeter Avalos /* child */ 125418de8d7fSPeter Avalos log_init(__progname, SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_AUTH, 0); 125518de8d7fSPeter Avalos 125618de8d7fSPeter Avalos if (setsid() == -1) { 125718de8d7fSPeter Avalos error("setsid: %s", strerror(errno)); 125818de8d7fSPeter Avalos cleanup_exit(1); 125918de8d7fSPeter Avalos } 126018de8d7fSPeter Avalos 126118de8d7fSPeter Avalos (void)chdir("/"); 126218de8d7fSPeter Avalos if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { 126318de8d7fSPeter Avalos /* XXX might close listen socket */ 126418de8d7fSPeter Avalos (void)dup2(fd, STDIN_FILENO); 126518de8d7fSPeter Avalos (void)dup2(fd, STDOUT_FILENO); 126618de8d7fSPeter Avalos (void)dup2(fd, STDERR_FILENO); 126718de8d7fSPeter Avalos if (fd > 2) 126818de8d7fSPeter Avalos close(fd); 126918de8d7fSPeter Avalos } 127018de8d7fSPeter Avalos 127118de8d7fSPeter Avalos #ifdef HAVE_SETRLIMIT 127218de8d7fSPeter Avalos /* deny core dumps, since memory contains unencrypted private keys */ 127318de8d7fSPeter Avalos rlim.rlim_cur = rlim.rlim_max = 0; 127418de8d7fSPeter Avalos if (setrlimit(RLIMIT_CORE, &rlim) < 0) { 127518de8d7fSPeter Avalos error("setrlimit RLIMIT_CORE: %s", strerror(errno)); 127618de8d7fSPeter Avalos cleanup_exit(1); 127718de8d7fSPeter Avalos } 127818de8d7fSPeter Avalos #endif 127918de8d7fSPeter Avalos 128018de8d7fSPeter Avalos skip: 1281*856ea928SPeter Avalos 1282*856ea928SPeter Avalos #ifdef ENABLE_PKCS11 1283*856ea928SPeter Avalos pkcs11_init(0); 1284*856ea928SPeter Avalos #endif 128518de8d7fSPeter Avalos new_socket(AUTH_SOCKET, sock); 128618de8d7fSPeter Avalos if (ac > 0) 128718de8d7fSPeter Avalos parent_alive_interval = 10; 128818de8d7fSPeter Avalos idtab_init(); 128918de8d7fSPeter Avalos if (!d_flag) 129018de8d7fSPeter Avalos signal(SIGINT, SIG_IGN); 129118de8d7fSPeter Avalos signal(SIGPIPE, SIG_IGN); 129218de8d7fSPeter Avalos signal(SIGHUP, cleanup_handler); 129318de8d7fSPeter Avalos signal(SIGTERM, cleanup_handler); 129418de8d7fSPeter Avalos nalloc = 0; 129518de8d7fSPeter Avalos 129618de8d7fSPeter Avalos while (1) { 129718de8d7fSPeter Avalos prepare_select(&readsetp, &writesetp, &max_fd, &nalloc, &tvp); 129818de8d7fSPeter Avalos result = select(max_fd + 1, readsetp, writesetp, NULL, tvp); 129918de8d7fSPeter Avalos saved_errno = errno; 130018de8d7fSPeter Avalos if (parent_alive_interval != 0) 130118de8d7fSPeter Avalos check_parent_exists(); 130218de8d7fSPeter Avalos (void) reaper(); /* remove expired keys */ 130318de8d7fSPeter Avalos if (result < 0) { 130418de8d7fSPeter Avalos if (saved_errno == EINTR) 130518de8d7fSPeter Avalos continue; 130618de8d7fSPeter Avalos fatal("select: %s", strerror(saved_errno)); 130718de8d7fSPeter Avalos } else if (result > 0) 130818de8d7fSPeter Avalos after_select(readsetp, writesetp); 130918de8d7fSPeter Avalos } 131018de8d7fSPeter Avalos /* NOTREACHED */ 131118de8d7fSPeter Avalos } 1312