Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / openssh / 3702396526a2569402696ff7d7c6d0fe2e5a447b^! / . / authfd.c
commit3702396526a2569402696ff7d7c6d0fe2e5a447b[log] [tgz]
authorDamien Miller <djm@mindrot.org>Tue Jul 11 17:31:38 2000 +1000
committerDamien Miller <djm@mindrot.org>Tue Jul 11 17:31:38 2000 +1000
tree3ab056c59cd0c732ec179bd91be88d4e05b087fa
parentbc33bd44a2ef165dea1d974fc2d80b822ae08c2a [diff] [blame]
 - (djm) OpenBSD CVS updates:
   - markus@cvs.openbsd.org  2000/06/26 03:22:29
     [authfd.c]
     cleanup, less cut&paste
   - markus@cvs.openbsd.org  2000/06/26 15:59:19
     [servconf.c servconf.h session.c sshd.8 sshd.c]
     MaxStartups: limit number of unauthenticated connections, work by
     theo and me
   - deraadt@cvs.openbsd.org 2000/07/05 14:18:07
     [session.c]
     use no_x11_forwarding_flag correctly; provos ok
   - provos@cvs.openbsd.org  2000/07/05 15:35:57
     [sshd.c]
     typo
   - aaron@cvs.openbsd.org   2000/07/05 22:06:58
     [scp.1 ssh-agent.1 ssh-keygen.1 sshd.8]
     Insert more missing .El directives. Our troff really should identify
     these and spit out a warning.
   - todd@cvs.openbsd.org    2000/07/06 21:55:04
     [auth-rsa.c auth2.c ssh-keygen.c]
     clean code is good code
   - deraadt@cvs.openbsd.org 2000/07/07 02:14:29
     [serverloop.c]
     sense of port forwarding flag test was backwards
   - provos@cvs.openbsd.org  2000/07/08 17:17:31
     [compat.c readconf.c]
     replace strtok with strsep; from David Young <dyoung@onthejob.net>
   - deraadt@cvs.openbsd.org 2000/07/08 19:21:15
     [auth.h]
     KNF
   - ho@cvs.openbsd.org      2000/07/08 19:27:33
     [compat.c readconf.c]
     Better conditions for strsep() ending.
   - ho@cvs.openbsd.org      2000/07/10 10:27:05
     [readconf.c]
     Get the correct message on errors. (niels@ ok)
   - ho@cvs.openbsd.org      2000/07/10 10:30:25
     [cipher.c kex.c servconf.c]
     strtok() --> strsep(). (niels@ ok)

diff --git a/authfd.c b/authfd.c
index 69d77d7..69fe2ae 100644
--- a/authfd.c
+++ b/authfd.c

@@ -14,7 +14,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: authfd.c,v 1.20 2000/06/20 01:39:38 markus Exp $");
+RCSID("$OpenBSD: authfd.c,v 1.21 2000/06/26 09:22:29 markus Exp $");
 
 #include "ssh.h"
 #include "rsa.h"
@@ -26,6 +26,9 @@
 
 #include <openssl/rsa.h>
 
+/* helper */
+int ssh_agent_get_reply(AuthenticationConnection *auth);
+
 /* Returns the number of the authentication fd, or -1 if there is none. */
 
 int
@@ -344,7 +347,7 @@
 {
 	Buffer buffer;
 	unsigned char buf[8192];
-	int len, l, type;
+	int len;
 
 	/* Format a message to the agent. */
 	buffer_init(&buffer);
@@ -368,57 +371,11 @@
 	    atomicio(write, auth->fd, buffer_ptr(&buffer),
 	    buffer_len(&buffer)) != buffer_len(&buffer)) {
 		error("Error writing to authentication socket.");
-error_cleanup:
 		buffer_free(&buffer);
 		return 0;
 	}
-	/* Wait for response from the agent.  First read the length of the
-	   response packet. */
-	len = 4;
-	while (len > 0) {
-		l = read(auth->fd, buf + 4 - len, len);
-		if (l <= 0) {
-			error("Error reading response length from authentication socket.");
-			goto error_cleanup;
-		}
-		len -= l;
-	}
-
-	/* Extract the length, and check it for sanity. */
-	len = GET_32BIT(buf);
-	if (len > 256 * 1024)
-		fatal("Add identity response too long: %d", len);
-
-	/* Read the rest of the response in tothe buffer. */
-	buffer_clear(&buffer);
-	while (len > 0) {
-		l = len;
-		if (l > sizeof(buf))
-			l = sizeof(buf);
-		l = read(auth->fd, buf, l);
-		if (l <= 0) {
-			error("Error reading response from authentication socket.");
-			goto error_cleanup;
-		}
-		buffer_append(&buffer, (char *) buf, l);
-		len -= l;
-	}
-
-	/* Get the type of the packet. */
-	type = buffer_get_char(&buffer);
-	switch (type) {
-	case SSH_AGENT_FAILURE:
-		buffer_free(&buffer);
-		return 0;
-	case SSH_AGENT_SUCCESS:
-		buffer_free(&buffer);
-		return 1;
-	default:
-		fatal("Bad response to add identity from authentication agent: %d",
-		      type);
-	}
-	/* NOTREACHED */
-	return 0;
+	buffer_free(&buffer);
+	return ssh_agent_get_reply(auth);
 }
 
 /*
@@ -430,8 +387,8 @@
 ssh_remove_identity(AuthenticationConnection *auth, RSA *key)
 {
 	Buffer buffer;
-	unsigned char buf[8192];
-	int len, l, type;
+	unsigned char buf[5];
+	int len;
 
 	/* Format a message to the agent. */
 	buffer_init(&buffer);
@@ -449,59 +406,11 @@
 	    atomicio(write, auth->fd, buffer_ptr(&buffer),
 	    buffer_len(&buffer)) != buffer_len(&buffer)) {
 		error("Error writing to authentication socket.");
-error_cleanup:
 		buffer_free(&buffer);
 		return 0;
 	}
-	/*
-	 * Wait for response from the agent.  First read the length of the
-	 * response packet.
-	 */
-	len = 4;
-	while (len > 0) {
-		l = read(auth->fd, buf + 4 - len, len);
-		if (l <= 0) {
-			error("Error reading response length from authentication socket.");
-			goto error_cleanup;
-		}
-		len -= l;
-	}
-
-	/* Extract the length, and check it for sanity. */
-	len = GET_32BIT(buf);
-	if (len > 256 * 1024)
-		fatal("Remove identity response too long: %d", len);
-
-	/* Read the rest of the response in tothe buffer. */
-	buffer_clear(&buffer);
-	while (len > 0) {
-		l = len;
-		if (l > sizeof(buf))
-			l = sizeof(buf);
-		l = read(auth->fd, buf, l);
-		if (l <= 0) {
-			error("Error reading response from authentication socket.");
-			goto error_cleanup;
-		}
-		buffer_append(&buffer, (char *) buf, l);
-		len -= l;
-	}
-
-	/* Get the type of the packet. */
-	type = buffer_get_char(&buffer);
-	switch (type) {
-	case SSH_AGENT_FAILURE:
-		buffer_free(&buffer);
-		return 0;
-	case SSH_AGENT_SUCCESS:
-		buffer_free(&buffer);
-		return 1;
-	default:
-		fatal("Bad response to remove identity from authentication agent: %d",
-		      type);
-	}
-	/* NOTREACHED */
-	return 0;
+	buffer_free(&buffer);
+	return ssh_agent_get_reply(auth);
 }
 
 /*
@@ -512,9 +421,7 @@
 int
 ssh_remove_all_identities(AuthenticationConnection *auth)
 {
-	Buffer buffer;
-	unsigned char buf[8192];
-	int len, l, type;
+	unsigned char buf[5];
 
 	/* Get the length of the message, and format it in the buffer. */
 	PUT_32BIT(buf, 1);
@@ -525,6 +432,20 @@
 		error("Error writing to authentication socket.");
 		return 0;
 	}
+	return ssh_agent_get_reply(auth);
+}
+
+/*
+ * Read for reply from agent. returns 1 for success, 0 on error
+ */
+
+int 
+ssh_agent_get_reply(AuthenticationConnection *auth)
+{
+	Buffer buffer;
+	unsigned char buf[8192];
+	int len, l, type;
+
 	/*
 	 * Wait for response from the agent.  First read the length of the
 	 * response packet.
@@ -534,6 +455,7 @@
 		l = read(auth->fd, buf + 4 - len, len);
 		if (l <= 0) {
 			error("Error reading response length from authentication socket.");
+			buffer_free(&buffer);
 			return 0;
 		}
 		len -= l;
@@ -542,9 +464,9 @@
 	/* Extract the length, and check it for sanity. */
 	len = GET_32BIT(buf);
 	if (len > 256 * 1024)
-		fatal("Remove identity response too long: %d", len);
+		fatal("Response from agent too long: %d", len);
 
-	/* Read the rest of the response into the buffer. */
+	/* Read the rest of the response in to the buffer. */
 	buffer_init(&buffer);
 	while (len > 0) {
 		l = len;
@@ -562,16 +484,14 @@
 
 	/* Get the type of the packet. */
 	type = buffer_get_char(&buffer);
+	buffer_free(&buffer);
 	switch (type) {
 	case SSH_AGENT_FAILURE:
-		buffer_free(&buffer);
 		return 0;
 	case SSH_AGENT_SUCCESS:
-		buffer_free(&buffer);
 		return 1;
 	default:
-		fatal("Bad response to remove identity from authentication agent: %d",
-		      type);
+		fatal("Bad response from authentication agent: %d", type);
 	}
 	/* NOTREACHED */
 	return 0;