Blame - ssh-agent.c - platform/external/openssh

blob: 2ef8367b94d18943b655475208520925dcd3662a [file] [log] [blame]

djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	1	/* $OpenBSD: ssh-agent.c,v 1.221 2017/04/30 23:29:10 djm Exp $ */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	2	/*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
				4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				5	* All rights reserved
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	6	* The authentication agent program.
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	7	*
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	8	* As far as I am concerned, the code I have written for this software
				9	* can be used freely for any purpose. Any derived versions of this
				10	* software must be clearly marked as such, and if the derived work is
				11	* incompatible with the protocol description in the RFC file, it must be
				12	* called by a name other than "ssh" or "Secure Shell".
				13	*
Ben Lindstrom	4469723	2001-07-04 03:32:30 +0000	[diff] [blame]	14	* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	15	*
				16	* Redistribution and use in source and binary forms, with or without
				17	* modification, are permitted provided that the following conditions
				18	* are met:
				19	* 1. Redistributions of source code must retain the above copyright
				20	* notice, this list of conditions and the following disclaimer.
				21	* 2. Redistributions in binary form must reproduce the above copyright
				22	* notice, this list of conditions and the following disclaimer in the
				23	* documentation and/or other materials provided with the distribution.
				24	*
				25	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
				26	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
				27	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
				28	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
				29	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
				30	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
				31	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
				32	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
				33	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
				34	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	35	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	36
				37	#include "includes.h"
Damien Miller	574c41f	2006-03-15 11:40:10 +1100	[diff] [blame]	38
				39	#include <sys/types.h>
Damien Miller	8dbffe7	2006-08-05 11:02:17 +1000	[diff] [blame]	40	#include <sys/param.h>
				41	#include <sys/resource.h>
Damien Miller	42fb068	2006-03-15 14:03:06 +1100	[diff] [blame]	42	#include <sys/stat.h>
Damien Miller	e3b60b5	2006-07-10 21:08:03 +1000	[diff] [blame]	43	#include <sys/socket.h>
Damien Miller	9aec919	2006-08-05 10:57:45 +1000	[diff] [blame]	44	#ifdef HAVE_SYS_TIME_H
				45	# include <sys/time.h>
				46	#endif
Damien Miller	574c41f	2006-03-15 11:40:10 +1100	[diff] [blame]	47	#ifdef HAVE_SYS_UN_H
				48	# include <sys/un.h>
				49	#endif
Damien Miller	9b48151	2002-09-12 10:43:29 +1000	[diff] [blame]	50	#include "openbsd-compat/sys-queue.h"
Damien Miller	e3b60b5	2006-07-10 21:08:03 +1000	[diff] [blame]	51
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	52	#ifdef WITH_OPENSSL
Damien Miller	e3476ed	2006-07-24 14:13:33 +1000	[diff] [blame]	53	#include <openssl/evp.h>
Darren Tucker	bfaaf96	2008-02-28 19:13:52 +1100	[diff] [blame]	54	#include "openbsd-compat/openssl-compat.h"
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	55	#endif
Damien Miller	e3476ed	2006-07-24 14:13:33 +1000	[diff] [blame]	56
Darren Tucker	3997249	2006-07-12 22:22:46 +1000	[diff] [blame]	57	#include <errno.h>
Damien Miller	57cf638	2006-07-10 21:13:46 +1000	[diff] [blame]	58	#include <fcntl.h>
deraadt@openbsd.org	2ae4f33	2015-01-16 06:40:12 +0000	[diff] [blame]	59	#include <limits.h>
Damien Miller	03e2003	2006-03-15 11:16:59 +1100	[diff] [blame]	60	#ifdef HAVE_PATHS_H
Damien Miller	a9263d0	2006-03-15 11:18:26 +1100	[diff] [blame]	61	# include <paths.h>
Damien Miller	03e2003	2006-03-15 11:16:59 +1100	[diff] [blame]	62	#endif
Damien Miller	6ff3cad	2006-03-15 11:52:09 +1100	[diff] [blame]	63	#include <signal.h>
Damien Miller	ded319c	2006-09-01 15:38:36 +1000	[diff] [blame]	64	#include <stdarg.h>
Damien Miller	a7a73ee	2006-08-05 11:37:59 +1000	[diff] [blame]	65	#include <stdio.h>
Damien Miller	e7a1e5c	2006-08-05 11:34:19 +1000	[diff] [blame]	66	#include <stdlib.h>
Damien Miller	5598b4f	2006-07-24 14:09:40 +1000	[diff] [blame]	67	#include <time.h>
Damien Miller	e3476ed	2006-07-24 14:13:33 +1000	[diff] [blame]	68	#include <string.h>
Damien Miller	e6b3b61	2006-07-24 14:01:23 +1000	[diff] [blame]	69	#include <unistd.h>
Damien Miller	e97201f	2015-05-21 17:55:15 +1000	[diff] [blame]	70	#ifdef HAVE_UTIL_H
				71	# include <util.h>
				72	#endif
Damien Miller	6ff3cad	2006-03-15 11:52:09 +1100	[diff] [blame]	73
Damien Miller	d783435	2006-08-05 12:39:39 +1000	[diff] [blame]	74	#include "xmalloc.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	75	#include "ssh.h"
				76	#include "rsa.h"
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	77	#include "sshbuf.h"
				78	#include "sshkey.h"
Damien Miller	994cf14	2000-07-21 10:19:44 +1000	[diff] [blame]	79	#include "authfd.h"
Damien Miller	62cee00	2000-09-23 17:15:56 +1100	[diff] [blame]	80	#include "compat.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	81	#include "log.h"
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	82	#include "misc.h"
Damien Miller	4a1c7aa	2014-02-04 11:03:36 +1100	[diff] [blame]	83	#include "digest.h"
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	84	#include "ssherr.h"
djm@openbsd.org	786d599	2016-11-30 03:07:37 +0000	[diff] [blame]	85	#include "match.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	86
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	87	#ifdef ENABLE_PKCS11
				88	#include "ssh-pkcs11.h"
Ben Lindstrom	bcc1808	2001-08-06 21:59:25 +0000	[diff] [blame]	89	#endif
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	90
djm@openbsd.org	786d599	2016-11-30 03:07:37 +0000	[diff] [blame]	91	#ifndef DEFAULT_PKCS11_WHITELIST
djm@openbsd.org	b108ce9	2017-01-04 02:21:43 +0000	[diff] [blame]	92	# define DEFAULT_PKCS11_WHITELIST "/usr/lib/,/usr/local/lib/"
djm@openbsd.org	786d599	2016-11-30 03:07:37 +0000	[diff] [blame]	93	#endif
				94
Ben Lindstrom	65366a8	2001-12-06 16:32:47 +0000	[diff] [blame]	95	typedef enum {
				96	AUTH_UNUSED,
				97	AUTH_SOCKET,
				98	AUTH_CONNECTION
				99	} sock_type;
				100
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	101	typedef struct {
				102	int fd;
Ben Lindstrom	65366a8	2001-12-06 16:32:47 +0000	[diff] [blame]	103	sock_type type;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	104	struct sshbuf *input;
				105	struct sshbuf *output;
				106	struct sshbuf *request;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	107	} SocketEntry;
				108
Ben Lindstrom	46c1622	2000-12-22 01:43:59 +0000	[diff] [blame]	109	u_int sockets_alloc = 0;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	110	SocketEntry *sockets = NULL;
				111
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	112	typedef struct identity {
				113	TAILQ_ENTRY(identity) next;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	114	struct sshkey *key;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	115	char *comment;
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	116	char *provider;
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	117	time_t death;
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	118	u_int confirm;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	119	} Identity;
				120
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	121	struct idtable {
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	122	int nentries;
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	123	TAILQ_HEAD(idqueue, identity) idlist;
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	124	};
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	125
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	126	/* private key table */
				127	struct idtable *idtab;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	128
				129	int max_fd = 0;
				130
				131	/* pid of shell == parent of agent */
Damien Miller	166fca8	2000-04-20 07:42:21 +1000	[diff] [blame]	132	pid_t parent_pid = -1;
Darren Tucker	073f795	2013-06-02 23:47:11 +1000	[diff] [blame]	133	time_t parent_alive_interval = 0;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	134
Damien Miller	b1e967c	2014-07-03 21:22:40 +1000	[diff] [blame]	135	/* pid of process for which cleanup_socket is applicable */
				136	pid_t cleanup_pid = 0;
				137
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	138	/* pathname and directory for AUTH_SOCKET */
deraadt@openbsd.org	2ae4f33	2015-01-16 06:40:12 +0000	[diff] [blame]	139	char socket_name[PATH_MAX];
				140	char socket_dir[PATH_MAX];
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	141
djm@openbsd.org	786d599	2016-11-30 03:07:37 +0000	[diff] [blame]	142	/* PKCS#11 path whitelist */
				143	static char *pkcs11_whitelist;
				144
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	145	/* locking */
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	146	#define LOCK_SIZE 32
				147	#define LOCK_SALT_SIZE 16
				148	#define LOCK_ROUNDS 1
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	149	int locked = 0;
djm@openbsd.org	1a31d02	2016-05-02 08:49:03 +0000	[diff] [blame]	150	u_char lock_pwhash[LOCK_SIZE];
				151	u_char lock_salt[LOCK_SALT_SIZE];
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	152
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	153	extern char *__progname;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	154
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	155	/* Default lifetime in seconds (0 == forever) */
				156	static long lifetime = 0;
Damien Miller	53d8148	2003-01-22 11:47:19 +1100	[diff] [blame]	157
djm@openbsd.org	56d1c83	2014-12-21 22:27:55 +0000	[diff] [blame]	158	static int fingerprint_hash = SSH_FP_HASH_DEFAULT;
				159
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	160	static void
Damien Miller	58f3486	2002-09-04 16:31:21 +1000	[diff] [blame]	161	close_socket(SocketEntry *e)
				162	{
Damien Miller	58f3486	2002-09-04 16:31:21 +1000	[diff] [blame]	163	close(e->fd);
				164	e->fd = -1;
				165	e->type = AUTH_UNUSED;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	166	sshbuf_free(e->input);
				167	sshbuf_free(e->output);
				168	sshbuf_free(e->request);
Damien Miller	58f3486	2002-09-04 16:31:21 +1000	[diff] [blame]	169	}
				170
				171	static void
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	172	idtab_init(void)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	173	{
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	174	idtab = xcalloc(1, sizeof(*idtab));
				175	TAILQ_INIT(&idtab->idlist);
				176	idtab->nentries = 0;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	177	}
				178
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	179	static void
				180	free_identity(Identity *id)
				181	{
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	182	sshkey_free(id->key);
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	183	free(id->provider);
				184	free(id->comment);
				185	free(id);
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	186	}
				187
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	188	/* return matching private key for given public key */
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	189	static Identity *
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	190	lookup_identity(struct sshkey *key)
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	191	{
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	192	Identity *id;
				193
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	194	TAILQ_FOREACH(id, &idtab->idlist, next) {
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	195	if (sshkey_equal(key, id->key))
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	196	return (id);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	197	}
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	198	return (NULL);
				199	}
				200
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	201	/* Check confirmation of keysign request */
				202	static int
				203	confirm_key(Identity *id)
				204	{
Darren Tucker	ce327b6	2004-11-05 20:38:03 +1100	[diff] [blame]	205	char *p;
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	206	int ret = -1;
				207
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	208	p = sshkey_fingerprint(id->key, fingerprint_hash, SSH_FP_DEFAULT);
djm@openbsd.org	9ce86c9	2015-01-28 22:36:00 +0000	[diff] [blame]	209	if (p != NULL &&
				210	ask_permission("Allow use of key %s?\nKey fingerprint %s.",
Darren Tucker	ce327b6	2004-11-05 20:38:03 +1100	[diff] [blame]	211	id->comment, p))
				212	ret = 0;
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	213	free(p);
Darren Tucker	ce327b6	2004-11-05 20:38:03 +1100	[diff] [blame]	214
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	215	return (ret);
				216	}
				217
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	218	static void
				219	send_status(SocketEntry *e, int success)
				220	{
				221	int r;
				222
				223	if ((r = sshbuf_put_u32(e->output, 1)) != 0 \|\|
				224	(r = sshbuf_put_u8(e->output, success ?
				225	SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE)) != 0)
				226	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				227	}
				228
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	229	/* send list of supported public keys to 'client' */
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	230	static void
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	231	process_request_identities(SocketEntry *e)
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	232	{
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	233	Identity *id;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	234	struct sshbuf *msg;
				235	int r;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	236
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	237	if ((msg = sshbuf_new()) == NULL)
				238	fatal("%s: sshbuf_new failed", __func__);
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	239	if ((r = sshbuf_put_u8(msg, SSH2_AGENT_IDENTITIES_ANSWER)) != 0 \|\|
				240	(r = sshbuf_put_u32(msg, idtab->nentries)) != 0)
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	241	fatal("%s: buffer error: %s", __func__, ssh_err(r));
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	242	TAILQ_FOREACH(id, &idtab->idlist, next) {
				243	if ((r = sshkey_puts(id->key, msg)) != 0 \|\|
				244	(r = sshbuf_put_cstring(msg, id->comment)) != 0) {
				245	error("%s: put key/comment: %s", __func__,
djm@openbsd.org	873d3e7	2017-04-30 23:18:44 +0000	[diff] [blame]	246	ssh_err(r));
				247	continue;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	248	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	249	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	250	if ((r = sshbuf_put_stringb(e->output, msg)) != 0)
				251	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				252	sshbuf_free(msg);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	253	}
				254
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	255
markus@openbsd.org	76c9fbb	2015-12-04 16:41:28 +0000	[diff] [blame]	256	static char *
				257	agent_decode_alg(struct sshkey *key, u_int flags)
				258	{
				259	if (key->type == KEY_RSA) {
				260	if (flags & SSH_AGENT_RSA_SHA2_256)
				261	return "rsa-sha2-256";
				262	else if (flags & SSH_AGENT_RSA_SHA2_512)
				263	return "rsa-sha2-512";
				264	}
				265	return NULL;
				266	}
				267
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	268	/* ssh2 only */
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	269	static void
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	270	process_sign_request2(SocketEntry *e)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	271	{
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	272	const u_char *data;
				273	u_char *signature = NULL;
				274	size_t dlen, slen = 0;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	275	u_int compat = 0, flags;
				276	int r, ok = -1;
				277	struct sshbuf *msg;
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	278	struct sshkey *key = NULL;
djm@openbsd.org	0088c57	2015-01-14 19:33:41 +0000	[diff] [blame]	279	struct identity *id;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	280
djm@openbsd.org	0088c57	2015-01-14 19:33:41 +0000	[diff] [blame]	281	if ((msg = sshbuf_new()) == NULL)
				282	fatal("%s: sshbuf_new failed", __func__);
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	283	if ((r = sshkey_froms(e->request, &key)) != 0 \|\|
				284	(r = sshbuf_get_string_direct(e->request, &data, &dlen)) != 0 \|\|
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	285	(r = sshbuf_get_u32(e->request, &flags)) != 0)
				286	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Damien Miller	62cee00	2000-09-23 17:15:56 +1100	[diff] [blame]	287	if (flags & SSH_AGENT_OLD_SIGNATURE)
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	288	compat = SSH_BUG_SIGBLOB;
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	289	if ((id = lookup_identity(key)) == NULL) {
djm@openbsd.org	0088c57	2015-01-14 19:33:41 +0000	[diff] [blame]	290	verbose("%s: %s key not found", __func__, sshkey_type(key));
				291	goto send;
				292	}
				293	if (id->confirm && confirm_key(id) != 0) {
				294	verbose("%s: user refused key", __func__);
				295	goto send;
				296	}
				297	if ((r = sshkey_sign(id->key, &signature, &slen,
markus@openbsd.org	76c9fbb	2015-12-04 16:41:28 +0000	[diff] [blame]	298	data, dlen, agent_decode_alg(key, flags), compat)) != 0) {
djm@openbsd.org	39736be	2015-12-11 02:20:28 +0000	[diff] [blame]	299	error("%s: sshkey_sign: %s", __func__, ssh_err(r));
djm@openbsd.org	0088c57	2015-01-14 19:33:41 +0000	[diff] [blame]	300	goto send;
				301	}
				302	/* Success */
				303	ok = 0;
				304	send:
				305	sshkey_free(key);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	306	if (ok == 0) {
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	307	if ((r = sshbuf_put_u8(msg, SSH2_AGENT_SIGN_RESPONSE)) != 0 \|\|
				308	(r = sshbuf_put_string(msg, signature, slen)) != 0)
				309	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				310	} else if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0)
				311	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				312
				313	if ((r = sshbuf_put_stringb(e->output, msg)) != 0)
				314	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				315
				316	sshbuf_free(msg);
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	317	free(signature);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	318	}
				319
				320	/* shared */
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	321	static void
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	322	process_remove_identity(SocketEntry *e)
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	323	{
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	324	int r, success = 0;
				325	struct sshkey *key = NULL;
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	326	Identity *id;
Damien Miller	7e8e820	1999-11-16 13:37:16 +1100	[diff] [blame]	327
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	328	if ((r = sshkey_froms(e->request, &key)) != 0) {
				329	error("%s: get key: %s", __func__, ssh_err(r));
				330	goto done;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	331	}
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	332	if ((id = lookup_identity(key)) == NULL) {
				333	debug("%s: key not found", __func__);
				334	goto done;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	335	}
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	336	/* We have this key, free it. */
				337	if (idtab->nentries < 1)
				338	fatal("%s: internal error: nentries %d",
				339	__func__, idtab->nentries);
				340	TAILQ_REMOVE(&idtab->idlist, id, next);
				341	free_identity(id);
				342	idtab->nentries--;
				343	sshkey_free(key);
				344	success = 1;
				345	done:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	346	send_status(e, success);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	347	}
				348
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	349	static void
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	350	process_remove_all_identities(SocketEntry *e)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	351	{
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	352	Identity *id;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	353
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	354	/* Loop over all identities and clear the keys. */
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	355	for (id = TAILQ_FIRST(&idtab->idlist); id;
				356	id = TAILQ_FIRST(&idtab->idlist)) {
				357	TAILQ_REMOVE(&idtab->idlist, id, next);
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	358	free_identity(id);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	359	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	360
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	361	/* Mark that there are no identities. */
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	362	idtab->nentries = 0;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	363
				364	/* Send success. */
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	365	send_status(e, 1);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	366	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	367
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	368	/* removes expired keys and returns number of seconds until the next expiry */
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	369	static time_t
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	370	reaper(void)
				371	{
Darren Tucker	b759c9c	2013-06-02 07:46:16 +1000	[diff] [blame]	372	time_t deadline = 0, now = monotime();
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	373	Identity id, nxt;
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	374
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	375	for (id = TAILQ_FIRST(&idtab->idlist); id; id = nxt) {
				376	nxt = TAILQ_NEXT(id, next);
				377	if (id->death == 0)
				378	continue;
				379	if (now >= id->death) {
				380	debug("expiring key '%s'", id->comment);
				381	TAILQ_REMOVE(&idtab->idlist, id, next);
				382	free_identity(id);
				383	idtab->nentries--;
				384	} else
				385	deadline = (deadline == 0) ? id->death :
				386	MINIMUM(deadline, id->death);
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	387	}
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	388	if (deadline == 0 \|\| deadline <= now)
				389	return 0;
				390	else
				391	return (deadline - now);
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	392	}
				393
				394	static void
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	395	process_add_identity(SocketEntry *e)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	396	{
Damien Miller	4c7728c	2007-10-26 14:25:31 +1000	[diff] [blame]	397	Identity *id;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	398	int success = 0, confirm = 0;
				399	u_int seconds;
				400	char *comment = NULL;
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	401	time_t death = 0;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	402	struct sshkey *k = NULL;
				403	u_char ctype;
				404	int r = SSH_ERR_INTERNAL_ERROR;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	405
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	406	if ((r = sshkey_private_deserialize(e->request, &k)) != 0 \|\|
				407	k == NULL \|\|
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	408	(r = sshbuf_get_cstring(e->request, &comment, NULL)) != 0) {
				409	error("%s: decode private key: %s", __func__, ssh_err(r));
				410	goto err;
				411	}
Damien Miller	8668706	2014-07-02 15:28:02 +1000	[diff] [blame]	412
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	413	while (sshbuf_len(e->request)) {
				414	if ((r = sshbuf_get_u8(e->request, &ctype)) != 0) {
				415	error("%s: buffer error: %s", __func__, ssh_err(r));
				416	goto err;
				417	}
				418	switch (ctype) {
Ben Lindstrom	c90f8a9	2002-06-21 00:06:54 +0000	[diff] [blame]	419	case SSH_AGENT_CONSTRAIN_LIFETIME:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	420	if ((r = sshbuf_get_u32(e->request, &seconds)) != 0) {
				421	error("%s: bad lifetime constraint: %s",
				422	__func__, ssh_err(r));
				423	goto err;
				424	}
				425	death = monotime() + seconds;
Ben Lindstrom	4eb4c4e	2002-06-21 00:04:48 +0000	[diff] [blame]	426	break;
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	427	case SSH_AGENT_CONSTRAIN_CONFIRM:
				428	confirm = 1;
				429	break;
Ben Lindstrom	4eb4c4e	2002-06-21 00:04:48 +0000	[diff] [blame]	430	default:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	431	error("%s: Unknown constraint %d", __func__, ctype);
				432	err:
				433	sshbuf_reset(e->request);
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	434	free(comment);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	435	sshkey_free(k);
Damien Miller	1cfadab	2008-06-30 00:05:21 +1000	[diff] [blame]	436	goto send;
Ben Lindstrom	4eb4c4e	2002-06-21 00:04:48 +0000	[diff] [blame]	437	}
				438	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	439
Damien Miller	1cfadab	2008-06-30 00:05:21 +1000	[diff] [blame]	440	success = 1;
Damien Miller	53d8148	2003-01-22 11:47:19 +1100	[diff] [blame]	441	if (lifetime && !death)
Darren Tucker	b759c9c	2013-06-02 07:46:16 +1000	[diff] [blame]	442	death = monotime() + lifetime;
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	443	if ((id = lookup_identity(k)) == NULL) {
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	444	id = xcalloc(1, sizeof(Identity));
Ben Lindstrom	2b266b7	2002-06-21 00:08:39 +0000	[diff] [blame]	445	id->key = k;
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	446	TAILQ_INSERT_TAIL(&idtab->idlist, id, next);
Ben Lindstrom	2b266b7	2002-06-21 00:08:39 +0000	[diff] [blame]	447	/* Increment the number of identities. */
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	448	idtab->nentries++;
Ben Lindstrom	2b266b7	2002-06-21 00:08:39 +0000	[diff] [blame]	449	} else {
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	450	sshkey_free(k);
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	451	free(id->comment);
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	452	}
Damien Miller	4c7728c	2007-10-26 14:25:31 +1000	[diff] [blame]	453	id->comment = comment;
				454	id->death = death;
				455	id->confirm = confirm;
Ben Lindstrom	2b266b7	2002-06-21 00:08:39 +0000	[diff] [blame]	456	send:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	457	send_status(e, success);
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	458	}
				459
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	460	/* XXX todo: encrypt sensitive data with passphrase */
				461	static void
				462	process_lock_agent(SocketEntry *e, int lock)
				463	{
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	464	int r, success = 0, delay;
djm@openbsd.org	1a31d02	2016-05-02 08:49:03 +0000	[diff] [blame]	465	char *passwd;
				466	u_char passwdhash[LOCK_SIZE];
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	467	static u_int fail_count = 0;
				468	size_t pwlen;
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	469
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	470	if ((r = sshbuf_get_cstring(e->request, &passwd, &pwlen)) != 0)
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	471	fatal("%s: buffer error: %s", __func__, ssh_err(r));
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	472	if (pwlen == 0) {
				473	debug("empty password not supported");
				474	} else if (locked && !lock) {
				475	if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt),
				476	passwdhash, sizeof(passwdhash), LOCK_ROUNDS) < 0)
				477	fatal("bcrypt_pbkdf");
djm@openbsd.org	1a31d02	2016-05-02 08:49:03 +0000	[diff] [blame]	478	if (timingsafe_bcmp(passwdhash, lock_pwhash, LOCK_SIZE) == 0) {
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	479	debug("agent unlocked");
				480	locked = 0;
				481	fail_count = 0;
djm@openbsd.org	1a31d02	2016-05-02 08:49:03 +0000	[diff] [blame]	482	explicit_bzero(lock_pwhash, sizeof(lock_pwhash));
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	483	success = 1;
				484	} else {
				485	/* delay in 0.1s increments up to 10s */
				486	if (fail_count < 100)
				487	fail_count++;
				488	delay = 100000 * fail_count;
				489	debug("unlock failed, delaying %0.1lf seconds",
				490	(double)delay/1000000);
				491	usleep(delay);
				492	}
				493	explicit_bzero(passwdhash, sizeof(passwdhash));
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	494	} else if (!locked && lock) {
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	495	debug("agent locked");
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	496	locked = 1;
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	497	arc4random_buf(lock_salt, sizeof(lock_salt));
				498	if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt),
djm@openbsd.org	1a31d02	2016-05-02 08:49:03 +0000	[diff] [blame]	499	lock_pwhash, sizeof(lock_pwhash), LOCK_ROUNDS) < 0)
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	500	fatal("bcrypt_pbkdf");
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	501	success = 1;
				502	}
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	503	explicit_bzero(passwd, pwlen);
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	504	free(passwd);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	505	send_status(e, success);
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	506	}
				507
				508	static void
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	509	no_identities(SocketEntry *e)
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	510	{
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	511	struct sshbuf *msg;
				512	int r;
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	513
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	514	if ((msg = sshbuf_new()) == NULL)
				515	fatal("%s: sshbuf_new failed", __func__);
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	516	if ((r = sshbuf_put_u8(msg, SSH2_AGENT_IDENTITIES_ANSWER)) != 0 \|\|
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	517	(r = sshbuf_put_u32(msg, 0)) != 0 \|\|
				518	(r = sshbuf_put_stringb(e->output, msg)) != 0)
				519	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				520	sshbuf_free(msg);
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	521	}
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	522
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	523	#ifdef ENABLE_PKCS11
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	524	static void
Damien Miller	1cfadab	2008-06-30 00:05:21 +1000	[diff] [blame]	525	process_add_smartcard_key(SocketEntry *e)
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	526	{
djm@openbsd.org	786d599	2016-11-30 03:07:37 +0000	[diff] [blame]	527	char provider = NULL, pin, canonical_provider[PATH_MAX];
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	528	int r, i, count = 0, success = 0, confirm = 0;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	529	u_int seconds;
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	530	time_t death = 0;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	531	u_char type;
				532	struct sshkey *keys = NULL, k;
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	533	Identity *id;
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	534
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	535	if ((r = sshbuf_get_cstring(e->request, &provider, NULL)) != 0 \|\|
				536	(r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0)
				537	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	538
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	539	while (sshbuf_len(e->request)) {
				540	if ((r = sshbuf_get_u8(e->request, &type)) != 0)
				541	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				542	switch (type) {
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	543	case SSH_AGENT_CONSTRAIN_LIFETIME:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	544	if ((r = sshbuf_get_u32(e->request, &seconds)) != 0)
				545	fatal("%s: buffer error: %s",
				546	__func__, ssh_err(r));
				547	death = monotime() + seconds;
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	548	break;
				549	case SSH_AGENT_CONSTRAIN_CONFIRM:
				550	confirm = 1;
				551	break;
				552	default:
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	553	error("%s: Unknown constraint type %d", __func__, type);
Damien Miller	1cfadab	2008-06-30 00:05:21 +1000	[diff] [blame]	554	goto send;
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	555	}
				556	}
djm@openbsd.org	786d599	2016-11-30 03:07:37 +0000	[diff] [blame]	557	if (realpath(provider, canonical_provider) == NULL) {
				558	verbose("failed PKCS#11 add of \"%.100s\": realpath: %s",
				559	provider, strerror(errno));
				560	goto send;
				561	}
				562	if (match_pattern_list(canonical_provider, pkcs11_whitelist, 0) != 1) {
				563	verbose("refusing PKCS#11 add of \"%.100s\": "
				564	"provider not whitelisted", canonical_provider);
				565	goto send;
				566	}
				567	debug("%s: add %.100s", __func__, canonical_provider);
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	568	if (lifetime && !death)
Darren Tucker	b759c9c	2013-06-02 07:46:16 +1000	[diff] [blame]	569	death = monotime() + lifetime;
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	570
djm@openbsd.org	786d599	2016-11-30 03:07:37 +0000	[diff] [blame]	571	count = pkcs11_add_provider(canonical_provider, pin, &keys);
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	572	for (i = 0; i < count; i++) {
Ben Lindstrom	0936a5b	2002-03-26 03:17:42 +0000	[diff] [blame]	573	k = keys[i];
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	574	if (lookup_identity(k) == NULL) {
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	575	id = xcalloc(1, sizeof(Identity));
Ben Lindstrom	0936a5b	2002-03-26 03:17:42 +0000	[diff] [blame]	576	id->key = k;
djm@openbsd.org	786d599	2016-11-30 03:07:37 +0000	[diff] [blame]	577	id->provider = xstrdup(canonical_provider);
				578	id->comment = xstrdup(canonical_provider); /* XXX */
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	579	id->death = death;
				580	id->confirm = confirm;
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	581	TAILQ_INSERT_TAIL(&idtab->idlist, id, next);
				582	idtab->nentries++;
Ben Lindstrom	0936a5b	2002-03-26 03:17:42 +0000	[diff] [blame]	583	success = 1;
				584	} else {
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	585	sshkey_free(k);
Ben Lindstrom	0936a5b	2002-03-26 03:17:42 +0000	[diff] [blame]	586	}
				587	keys[i] = NULL;
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	588	}
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	589	send:
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	590	free(pin);
				591	free(provider);
				592	free(keys);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	593	send_status(e, success);
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	594	}
				595
				596	static void
				597	process_remove_smartcard_key(SocketEntry *e)
				598	{
djm@openbsd.org	25f8376	2017-03-15 02:25:09 +0000	[diff] [blame]	599	char provider = NULL, pin = NULL, canonical_provider[PATH_MAX];
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	600	int r, success = 0;
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	601	Identity id, nxt;
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	602
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	603	if ((r = sshbuf_get_cstring(e->request, &provider, NULL)) != 0 \|\|
				604	(r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0)
				605	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	606	free(pin);
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	607
djm@openbsd.org	25f8376	2017-03-15 02:25:09 +0000	[diff] [blame]	608	if (realpath(provider, canonical_provider) == NULL) {
				609	verbose("failed PKCS#11 add of \"%.100s\": realpath: %s",
				610	provider, strerror(errno));
				611	goto send;
				612	}
				613
				614	debug("%s: remove %.100s", __func__, canonical_provider);
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	615	for (id = TAILQ_FIRST(&idtab->idlist); id; id = nxt) {
				616	nxt = TAILQ_NEXT(id, next);
				617	/* Skip file--based keys */
				618	if (id->provider == NULL)
				619	continue;
				620	if (!strcmp(canonical_provider, id->provider)) {
				621	TAILQ_REMOVE(&idtab->idlist, id, next);
				622	free_identity(id);
				623	idtab->nentries--;
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	624	}
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	625	}
djm@openbsd.org	25f8376	2017-03-15 02:25:09 +0000	[diff] [blame]	626	if (pkcs11_del_provider(canonical_provider) == 0)
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	627	success = 1;
				628	else
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	629	error("%s: pkcs11_del_provider failed", __func__);
deraadt@openbsd.org	1a321bf	2017-03-15 03:52:30 +0000	[diff] [blame]	630	send:
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	631	free(provider);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	632	send_status(e, success);
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	633	}
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	634	#endif /* ENABLE_PKCS11 */
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	635
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	636	/* dispatch incoming messages */
				637
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	638	static void
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	639	process_message(SocketEntry *e)
				640	{
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	641	u_int msg_len;
				642	u_char type;
				643	const u_char *cp;
				644	int r;
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	645
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	646	if (sshbuf_len(e->input) < 5)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	647	return; /* Incomplete message. */
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	648	cp = sshbuf_ptr(e->input);
				649	msg_len = PEEK_U32(cp);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	650	if (msg_len > 256 * 1024) {
Damien Miller	58f3486	2002-09-04 16:31:21 +1000	[diff] [blame]	651	close_socket(e);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	652	return;
				653	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	654	if (sshbuf_len(e->input) < msg_len + 4)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	655	return;
Ben Lindstrom	21d1ed8	2002-06-06 21:48:57 +0000	[diff] [blame]	656
				657	/* move the current input to e->request */
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	658	sshbuf_reset(e->request);
				659	if ((r = sshbuf_get_stringb(e->input, e->request)) != 0 \|\|
				660	(r = sshbuf_get_u8(e->request, &type)) != 0)
				661	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	662
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	663	/* check wheter agent is locked */
				664	if (locked && type != SSH_AGENTC_UNLOCK) {
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	665	sshbuf_reset(e->request);
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	666	switch (type) {
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	667	case SSH2_AGENTC_REQUEST_IDENTITIES:
				668	/* send empty lists */
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	669	no_identities(e);
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	670	break;
				671	default:
				672	/* send a fail message for all other request types */
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	673	send_status(e, 0);
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	674	}
				675	return;
				676	}
				677
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	678	debug("type %d", type);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	679	switch (type) {
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	680	case SSH_AGENTC_LOCK:
				681	case SSH_AGENTC_UNLOCK:
				682	process_lock_agent(e, type == SSH_AGENTC_LOCK);
				683	break;
djm@openbsd.org	2f04af9	2015-03-04 21:12:59 +0000	[diff] [blame]	684	case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES:
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	685	process_remove_all_identities(e); /* safe for !WITH_SSH1 */
djm@openbsd.org	2f04af9	2015-03-04 21:12:59 +0000	[diff] [blame]	686	break;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	687	/* ssh2 */
				688	case SSH2_AGENTC_SIGN_REQUEST:
				689	process_sign_request2(e);
				690	break;
				691	case SSH2_AGENTC_REQUEST_IDENTITIES:
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	692	process_request_identities(e);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	693	break;
				694	case SSH2_AGENTC_ADD_IDENTITY:
Ben Lindstrom	2b266b7	2002-06-21 00:08:39 +0000	[diff] [blame]	695	case SSH2_AGENTC_ADD_ID_CONSTRAINED:
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	696	process_add_identity(e);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	697	break;
				698	case SSH2_AGENTC_REMOVE_IDENTITY:
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	699	process_remove_identity(e);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	700	break;
				701	case SSH2_AGENTC_REMOVE_ALL_IDENTITIES:
djm@openbsd.org	f4a6a88	2017-04-30 23:29:10 +0000	[diff] [blame]	702	process_remove_all_identities(e);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	703	break;
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	704	#ifdef ENABLE_PKCS11
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	705	case SSH_AGENTC_ADD_SMARTCARD_KEY:
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	706	case SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED:
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	707	process_add_smartcard_key(e);
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	708	break;
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	709	case SSH_AGENTC_REMOVE_SMARTCARD_KEY:
				710	process_remove_smartcard_key(e);
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	711	break;
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	712	#endif /* ENABLE_PKCS11 */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	713	default:
				714	/* Unknown message. Respond with failure. */
				715	error("Unknown message %d", type);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	716	sshbuf_reset(e->request);
				717	send_status(e, 0);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	718	break;
				719	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	720	}
				721
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	722	static void
Ben Lindstrom	65366a8	2001-12-06 16:32:47 +0000	[diff] [blame]	723	new_socket(sock_type type, int fd)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	724	{
Darren Tucker	fb16b24	2003-09-22 21:04:23 +1000	[diff] [blame]	725	u_int i, old_alloc, new_alloc;
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	726
Damien Miller	232711f	2004-06-15 10:35:30 +1000	[diff] [blame]	727	set_nonblock(fd);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	728
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	729	if (fd > max_fd)
				730	max_fd = fd;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	731
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	732	for (i = 0; i < sockets_alloc; i++)
				733	if (sockets[i].type == AUTH_UNUSED) {
				734	sockets[i].fd = fd;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	735	if ((sockets[i].input = sshbuf_new()) == NULL)
				736	fatal("%s: sshbuf_new failed", __func__);
				737	if ((sockets[i].output = sshbuf_new()) == NULL)
				738	fatal("%s: sshbuf_new failed", __func__);
				739	if ((sockets[i].request = sshbuf_new()) == NULL)
				740	fatal("%s: sshbuf_new failed", __func__);
Darren Tucker	fb16b24	2003-09-22 21:04:23 +1000	[diff] [blame]	741	sockets[i].type = type;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	742	return;
				743	}
				744	old_alloc = sockets_alloc;
Darren Tucker	fb16b24	2003-09-22 21:04:23 +1000	[diff] [blame]	745	new_alloc = sockets_alloc + 10;
deraadt@openbsd.org	657a5fb	2015-04-24 01:36:00 +0000	[diff] [blame]	746	sockets = xreallocarray(sockets, new_alloc, sizeof(sockets[0]));
Darren Tucker	fb16b24	2003-09-22 21:04:23 +1000	[diff] [blame]	747	for (i = old_alloc; i < new_alloc; i++)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	748	sockets[i].type = AUTH_UNUSED;
Darren Tucker	fb16b24	2003-09-22 21:04:23 +1000	[diff] [blame]	749	sockets_alloc = new_alloc;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	750	sockets[old_alloc].fd = fd;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	751	if ((sockets[old_alloc].input = sshbuf_new()) == NULL)
				752	fatal("%s: sshbuf_new failed", __func__);
				753	if ((sockets[old_alloc].output = sshbuf_new()) == NULL)
				754	fatal("%s: sshbuf_new failed", __func__);
				755	if ((sockets[old_alloc].request = sshbuf_new()) == NULL)
				756	fatal("%s: sshbuf_new failed", __func__);
Darren Tucker	fb16b24	2003-09-22 21:04:23 +1000	[diff] [blame]	757	sockets[old_alloc].type = type;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	758	}
				759
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	760	static int
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	761	prepare_select(fd_set fdrp, fd_set fdwp, int fdl, u_int nallocp,
				762	struct timeval **tvpp)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	763	{
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	764	u_int i, sz;
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	765	int n = 0;
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	766	static struct timeval tv;
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	767	time_t deadline;
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	768
				769	for (i = 0; i < sockets_alloc; i++) {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	770	switch (sockets[i].type) {
				771	case AUTH_SOCKET:
				772	case AUTH_CONNECTION:
deraadt@openbsd.org	9136ec1	2016-09-12 01:22:38 +0000	[diff] [blame]	773	n = MAXIMUM(n, sockets[i].fd);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	774	break;
				775	case AUTH_UNUSED:
				776	break;
				777	default:
				778	fatal("Unknown socket type %d", sockets[i].type);
				779	break;
				780	}
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	781	}
				782
				783	sz = howmany(n+1, NFDBITS) * sizeof(fd_mask);
Ben Lindstrom	a3d5a4c	2001-07-18 15:58:08 +0000	[diff] [blame]	784	if (fdrp == NULL \|\| sz > nallocp) {
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	785	free(*fdrp);
				786	free(*fdwp);
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	787	*fdrp = xmalloc(sz);
				788	*fdwp = xmalloc(sz);
Ben Lindstrom	a3d5a4c	2001-07-18 15:58:08 +0000	[diff] [blame]	789	*nallocp = sz;
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	790	}
Ben Lindstrom	a3d5a4c	2001-07-18 15:58:08 +0000	[diff] [blame]	791	if (n < *fdl)
				792	debug("XXX shrink: %d < %d", n, *fdl);
				793	*fdl = n;
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	794	memset(*fdrp, 0, sz);
				795	memset(*fdwp, 0, sz);
				796
				797	for (i = 0; i < sockets_alloc; i++) {
				798	switch (sockets[i].type) {
				799	case AUTH_SOCKET:
				800	case AUTH_CONNECTION:
				801	FD_SET(sockets[i].fd, *fdrp);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	802	if (sshbuf_len(sockets[i].output) > 0)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	803	FD_SET(sockets[i].fd, *fdwp);
				804	break;
				805	default:
				806	break;
				807	}
				808	}
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	809	deadline = reaper();
				810	if (parent_alive_interval != 0)
				811	deadline = (deadline == 0) ? parent_alive_interval :
deraadt@openbsd.org	9136ec1	2016-09-12 01:22:38 +0000	[diff] [blame]	812	MINIMUM(deadline, parent_alive_interval);
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	813	if (deadline == 0) {
				814	*tvpp = NULL;
				815	} else {
				816	tv.tv_sec = deadline;
				817	tv.tv_usec = 0;
				818	*tvpp = &tv;
				819	}
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	820	return (1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	821	}
				822
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	823	static void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	824	after_select(fd_set readset, fd_set writeset)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	825	{
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	826	struct sockaddr_un sunaddr;
Damien Miller	7684ee1	2000-03-17 23:40:15 +1100	[diff] [blame]	827	socklen_t slen;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	828	char buf[1024];
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	829	int len, sock, r;
Darren Tucker	72473c6	2009-10-07 09:01:03 +1100	[diff] [blame]	830	u_int i, orig_alloc;
Damien Miller	538f181	2002-09-12 09:51:10 +1000	[diff] [blame]	831	uid_t euid;
				832	gid_t egid;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	833
Darren Tucker	72473c6	2009-10-07 09:01:03 +1100	[diff] [blame]	834	for (i = 0, orig_alloc = sockets_alloc; i < orig_alloc; i++)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	835	switch (sockets[i].type) {
				836	case AUTH_UNUSED:
				837	break;
				838	case AUTH_SOCKET:
				839	if (FD_ISSET(sockets[i].fd, readset)) {
Damien Miller	7684ee1	2000-03-17 23:40:15 +1100	[diff] [blame]	840	slen = sizeof(sunaddr);
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	841	sock = accept(sockets[i].fd,
Damien Miller	9096740	2006-03-26 14:07:26 +1100	[diff] [blame]	842	(struct sockaddr *)&sunaddr, &slen);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	843	if (sock < 0) {
Damien Miller	c653b89	2002-02-08 22:05:41 +1100	[diff] [blame]	844	error("accept from AUTH_SOCKET: %s",
				845	strerror(errno));
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	846	break;
				847	}
Damien Miller	538f181	2002-09-12 09:51:10 +1000	[diff] [blame]	848	if (getpeereid(sock, &euid, &egid) < 0) {
				849	error("getpeereid %d failed: %s",
				850	sock, strerror(errno));
				851	close(sock);
				852	break;
				853	}
Damien Miller	af9de38	2002-10-03 11:54:35 +1000	[diff] [blame]	854	if ((euid != 0) && (getuid() != euid)) {
Damien Miller	538f181	2002-09-12 09:51:10 +1000	[diff] [blame]	855	error("uid mismatch: "
Damien Miller	db30b12	2002-09-19 11:46:58 +1000	[diff] [blame]	856	"peer euid %u != uid %u",
				857	(u_int) euid, (u_int) getuid());
Damien Miller	538f181	2002-09-12 09:51:10 +1000	[diff] [blame]	858	close(sock);
				859	break;
				860	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	861	new_socket(AUTH_CONNECTION, sock);
				862	}
				863	break;
				864	case AUTH_CONNECTION:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	865	if (sshbuf_len(sockets[i].output) > 0 &&
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	866	FD_ISSET(sockets[i].fd, writeset)) {
Darren Tucker	72473c6	2009-10-07 09:01:03 +1100	[diff] [blame]	867	len = write(sockets[i].fd,
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	868	sshbuf_ptr(sockets[i].output),
				869	sshbuf_len(sockets[i].output));
Darren Tucker	72473c6	2009-10-07 09:01:03 +1100	[diff] [blame]	870	if (len == -1 && (errno == EAGAIN \|\|
				871	errno == EWOULDBLOCK \|\|
				872	errno == EINTR))
				873	continue;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	874	if (len <= 0) {
Damien Miller	58f3486	2002-09-04 16:31:21 +1000	[diff] [blame]	875	close_socket(&sockets[i]);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	876	break;
				877	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	878	if ((r = sshbuf_consume(sockets[i].output,
				879	len)) != 0)
				880	fatal("%s: buffer error: %s",
				881	__func__, ssh_err(r));
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	882	}
				883	if (FD_ISSET(sockets[i].fd, readset)) {
Darren Tucker	72473c6	2009-10-07 09:01:03 +1100	[diff] [blame]	884	len = read(sockets[i].fd, buf, sizeof(buf));
				885	if (len == -1 && (errno == EAGAIN \|\|
				886	errno == EWOULDBLOCK \|\|
				887	errno == EINTR))
				888	continue;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	889	if (len <= 0) {
Damien Miller	58f3486	2002-09-04 16:31:21 +1000	[diff] [blame]	890	close_socket(&sockets[i]);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	891	break;
				892	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	893	if ((r = sshbuf_put(sockets[i].input,
				894	buf, len)) != 0)
				895	fatal("%s: buffer error: %s",
				896	__func__, ssh_err(r));
Damien Miller	f497794	2014-07-30 12:32:46 +1000	[diff] [blame]	897	explicit_bzero(buf, sizeof(buf));
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	898	process_message(&sockets[i]);
				899	}
				900	break;
				901	default:
				902	fatal("Unknown type %d", sockets[i].type);
				903	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	904	}
				905
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	906	static void
Darren Tucker	6fa8abd	2003-09-22 21:10:21 +1000	[diff] [blame]	907	cleanup_socket(void)
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	908	{
Damien Miller	b1e967c	2014-07-03 21:22:40 +1000	[diff] [blame]	909	if (cleanup_pid != 0 && getpid() != cleanup_pid)
				910	return;
				911	debug("%s: cleanup", __func__);
Ben Lindstrom	77808ab	2001-01-26 05:10:34 +0000	[diff] [blame]	912	if (socket_name[0])
				913	unlink(socket_name);
				914	if (socket_dir[0])
				915	rmdir(socket_dir);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	916	}
				917
Darren Tucker	3e33cec	2003-10-02 16:12:36 +1000	[diff] [blame]	918	void
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	919	cleanup_exit(int i)
				920	{
Darren Tucker	6fa8abd	2003-09-22 21:10:21 +1000	[diff] [blame]	921	cleanup_socket();
				922	_exit(i);
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	923	}
				924
Damien Miller	1c13bd8	2006-03-26 14:28:14 +1100	[diff] [blame]	925	/ARGSUSED/
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	926	static void
Ben Lindstrom	77808ab	2001-01-26 05:10:34 +0000	[diff] [blame]	927	cleanup_handler(int sig)
				928	{
Darren Tucker	6fa8abd	2003-09-22 21:10:21 +1000	[diff] [blame]	929	cleanup_socket();
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	930	#ifdef ENABLE_PKCS11
				931	pkcs11_terminate();
				932	#endif
Ben Lindstrom	77808ab	2001-01-26 05:10:34 +0000	[diff] [blame]	933	_exit(2);
				934	}
				935
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	936	static void
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	937	check_parent_exists(void)
Ben Lindstrom	0250da0	2001-07-22 20:44:00 +0000	[diff] [blame]	938	{
Darren Tucker	3e78a51	2011-06-03 14:14:16 +1000	[diff] [blame]	939	/*
				940	* If our parent has exited then getppid() will return (pid_t)1,
				941	* so testing for that should be safe.
				942	*/
				943	if (parent_pid != -1 && getppid() != parent_pid) {
Ben Lindstrom	0250da0	2001-07-22 20:44:00 +0000	[diff] [blame]	944	/* printf("Parent has died - Authentication agent exiting.\n"); */
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	945	cleanup_socket();
				946	_exit(2);
Ben Lindstrom	0250da0	2001-07-22 20:44:00 +0000	[diff] [blame]	947	}
Ben Lindstrom	0250da0	2001-07-22 20:44:00 +0000	[diff] [blame]	948	}
				949
				950	static void
Ben Lindstrom	28072eb	2001-02-10 23:13:41 +0000	[diff] [blame]	951	usage(void)
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	952	{
Damien Miller	f0858de	2014-04-20 13:01:30 +1000	[diff] [blame]	953	fprintf(stderr,
jmc@openbsd.org	b7ca276	2015-04-24 06:26:49 +0000	[diff] [blame]	954	"usage: ssh-agent [-c \| -s] [-Dd] [-a bind_address] [-E fingerprint_hash]\n"
djm@openbsd.org	786d599	2016-11-30 03:07:37 +0000	[diff] [blame]	955	" [-P pkcs11_whitelist] [-t life] [command [arg ...]]\n"
Damien Miller	f0858de	2014-04-20 13:01:30 +1000	[diff] [blame]	956	" ssh-agent [-c \| -s] -k\n");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	957	exit(1);
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	958	}
				959
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	960	int
				961	main(int ac, char **av)
				962	{
djm@openbsd.org	2ea9746	2015-04-24 05:26:44 +0000	[diff] [blame]	963	int c_flag = 0, d_flag = 0, D_flag = 0, k_flag = 0, s_flag = 0;
Darren Tucker	cf0d2db	2007-02-28 21:19:58 +1100	[diff] [blame]	964	int sock, fd, ch, result, saved_errno;
Darren Tucker	c7a6fc4	2004-08-13 21:18:00 +1000	[diff] [blame]	965	u_int nalloc;
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	966	char shell, format, pidstr, agentsocket = NULL;
				967	fd_set readsetp = NULL, writesetp = NULL;
Ben Lindstrom	2c467a2	2000-12-27 04:57:41 +0000	[diff] [blame]	968	#ifdef HAVE_SETRLIMIT
Ben Lindstrom	c72745a	2000-12-02 19:03:54 +0000	[diff] [blame]	969	struct rlimit rlim;
Ben Lindstrom	2c467a2	2000-12-27 04:57:41 +0000	[diff] [blame]	970	#endif
Damien Miller	615f939	2000-05-17 22:53:33 +1000	[diff] [blame]	971	extern int optind;
Ben Lindstrom	883844d	2002-06-23 00:20:50 +0000	[diff] [blame]	972	extern char *optarg;
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	973	pid_t pid;
				974	char pidstrbuf[1 + 3 * sizeof pid];
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	975	struct timeval *tvp = NULL;
Darren Tucker	9013323	2009-06-21 17:50:15 +1000	[diff] [blame]	976	size_t len;
Damien Miller	ab2ec58	2014-07-18 15:04:47 +1000	[diff] [blame]	977	mode_t prev_mask;
Kevin Steves	de41bc6	2000-12-14 00:04:08 +0000	[diff] [blame]	978
dtucker@openbsd.org	ffb1e7e	2016-02-15 09:47:49 +0000	[diff] [blame]	979	ssh_malloc_init(); /* must be called before any mallocs */
Darren Tucker	ce321d8	2005-10-03 18:11:24 +1000	[diff] [blame]	980	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
				981	sanitise_stdfd();
				982
Damien Miller	6cffb9a	2002-09-04 16:20:26 +1000	[diff] [blame]	983	/* drop */
				984	setegid(getgid());
				985	setgid(getgid());
				986
Darren Tucker	0fb7f59	2016-06-09 16:23:07 +1000	[diff] [blame]	987	platform_disable_tracing(0); /* strict=no */
Damien Miller	6c4914a	2004-03-03 11:08:59 +1100	[diff] [blame]	988
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	989	#ifdef WITH_OPENSSL
Damien Miller	4314c2b	2010-09-10 11:12:09 +1000	[diff] [blame]	990	OpenSSL_add_all_algorithms();
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	991	#endif
Ben Lindstrom	d09fcf5	2001-03-29 00:29:54 +0000	[diff] [blame]	992
Damien Miller	59d3d5b	2003-08-22 09:34:41 +1000	[diff] [blame]	993	__progname = ssh_get_progname(av[0]);
Damien Miller	60bc517	2001-03-19 09:38:15 +1100	[diff] [blame]	994	seed_rng();
Kevin Steves	ef4eea9	2001-02-05 12:42:17 +0000	[diff] [blame]	995
djm@openbsd.org	786d599	2016-11-30 03:07:37 +0000	[diff] [blame]	996	while ((ch = getopt(ac, av, "cDdksE:a:P:t:")) != -1) {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	997	switch (ch) {
djm@openbsd.org	56d1c83	2014-12-21 22:27:55 +0000	[diff] [blame]	998	case 'E':
				999	fingerprint_hash = ssh_digest_alg_by_name(optarg);
				1000	if (fingerprint_hash == -1)
				1001	fatal("Invalid hash algorithm \"%s\"", optarg);
				1002	break;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1003	case 'c':
				1004	if (s_flag)
				1005	usage();
				1006	c_flag++;
				1007	break;
				1008	case 'k':
				1009	k_flag++;
				1010	break;
djm@openbsd.org	786d599	2016-11-30 03:07:37 +0000	[diff] [blame]	1011	case 'P':
				1012	if (pkcs11_whitelist != NULL)
				1013	fatal("-P option already specified");
				1014	pkcs11_whitelist = xstrdup(optarg);
				1015	break;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1016	case 's':
				1017	if (c_flag)
				1018	usage();
				1019	s_flag++;
				1020	break;
Ben Lindstrom	d94580c	2001-07-04 03:48:02 +0000	[diff] [blame]	1021	case 'd':
djm@openbsd.org	2ea9746	2015-04-24 05:26:44 +0000	[diff] [blame]	1022	if (d_flag \|\| D_flag)
Ben Lindstrom	d94580c	2001-07-04 03:48:02 +0000	[diff] [blame]	1023	usage();
				1024	d_flag++;
				1025	break;
djm@openbsd.org	2ea9746	2015-04-24 05:26:44 +0000	[diff] [blame]	1026	case 'D':
				1027	if (d_flag \|\| D_flag)
				1028	usage();
				1029	D_flag++;
				1030	break;
Ben Lindstrom	b7788f3	2002-06-06 21:46:08 +0000	[diff] [blame]	1031	case 'a':
				1032	agentsocket = optarg;
				1033	break;
Damien Miller	53d8148	2003-01-22 11:47:19 +1100	[diff] [blame]	1034	case 't':
				1035	if ((lifetime = convtime(optarg)) == -1) {
				1036	fprintf(stderr, "Invalid lifetime\n");
				1037	usage();
				1038	}
				1039	break;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1040	default:
				1041	usage();
				1042	}
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1043	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1044	ac -= optind;
				1045	av += optind;
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1046
djm@openbsd.org	2ea9746	2015-04-24 05:26:44 +0000	[diff] [blame]	1047	if (ac > 0 && (c_flag \|\| k_flag \|\| s_flag \|\| d_flag \|\| D_flag))
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1048	usage();
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1049
djm@openbsd.org	786d599	2016-11-30 03:07:37 +0000	[diff] [blame]	1050	if (pkcs11_whitelist == NULL)
				1051	pkcs11_whitelist = xstrdup(DEFAULT_PKCS11_WHITELIST);
				1052
Ben Lindstrom	eecdf23	2002-04-02 21:03:51 +0000	[diff] [blame]	1053	if (ac == 0 && !c_flag && !s_flag) {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1054	shell = getenv("SHELL");
Darren Tucker	9013323	2009-06-21 17:50:15 +1000	[diff] [blame]	1055	if (shell != NULL && (len = strlen(shell)) > 2 &&
				1056	strncmp(shell + len - 3, "csh", 3) == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1057	c_flag = 1;
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1058	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1059	if (k_flag) {
Damien Miller	89c3fe4	2006-03-31 23:11:28 +1100	[diff] [blame]	1060	const char *errstr = NULL;
				1061
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1062	pidstr = getenv(SSH_AGENTPID_ENV_NAME);
				1063	if (pidstr == NULL) {
				1064	fprintf(stderr, "%s not set, cannot kill agent\n",
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1065	SSH_AGENTPID_ENV_NAME);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1066	exit(1);
				1067	}
Damien Miller	89c3fe4	2006-03-31 23:11:28 +1100	[diff] [blame]	1068	pid = (int)strtonum(pidstr, 2, INT_MAX, &errstr);
				1069	if (errstr) {
				1070	fprintf(stderr,
				1071	"%s=\"%s\", which is not a good PID: %s\n",
				1072	SSH_AGENTPID_ENV_NAME, pidstr, errstr);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1073	exit(1);
				1074	}
				1075	if (kill(pid, SIGTERM) == -1) {
				1076	perror("kill");
				1077	exit(1);
				1078	}
				1079	format = c_flag ? "unsetenv %s;\n" : "unset %s;\n";
				1080	printf(format, SSH_AUTHSOCKET_ENV_NAME);
				1081	printf(format, SSH_AGENTPID_ENV_NAME);
Ben Lindstrom	ce0f634	2002-06-11 16:42:49 +0000	[diff] [blame]	1082	printf("echo Agent pid %ld killed;\n", (long)pid);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1083	exit(0);
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1084	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1085	parent_pid = getpid();
				1086
Ben Lindstrom	b7788f3	2002-06-06 21:46:08 +0000	[diff] [blame]	1087	if (agentsocket == NULL) {
				1088	/* Create private directory for agent socket */
Damien Miller	2cd6293	2010-12-01 11:50:35 +1100	[diff] [blame]	1089	mktemp_proto(socket_dir, sizeof(socket_dir));
Ben Lindstrom	b7788f3	2002-06-06 21:46:08 +0000	[diff] [blame]	1090	if (mkdtemp(socket_dir) == NULL) {
				1091	perror("mkdtemp: private socket dir");
				1092	exit(1);
				1093	}
Ben Lindstrom	ce0f634	2002-06-11 16:42:49 +0000	[diff] [blame]	1094	snprintf(socket_name, sizeof socket_name, "%s/agent.%ld", socket_dir,
				1095	(long)parent_pid);
Ben Lindstrom	b7788f3	2002-06-06 21:46:08 +0000	[diff] [blame]	1096	} else {
				1097	/* Try to use specified agent socket */
				1098	socket_dir[0] = '\0';
				1099	strlcpy(socket_name, agentsocket, sizeof socket_name);
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1100	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1101
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	1102	/*
				1103	* Create socket early so it will exist before command gets run from
				1104	* the parent.
				1105	*/
Damien Miller	ab2ec58	2014-07-18 15:04:47 +1000	[diff] [blame]	1106	prev_mask = umask(0177);
Damien Miller	7acefbb	2014-07-18 14:11:24 +1000	[diff] [blame]	1107	sock = unix_listener(socket_name, SSH_LISTEN_BACKLOG, 0);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1108	if (sock < 0) {
Damien Miller	7acefbb	2014-07-18 14:11:24 +1000	[diff] [blame]	1109	/* XXX - unix_listener() calls error() not perror() */
Darren Tucker	1dee868	2004-11-05 20:26:49 +1100	[diff] [blame]	1110	socket_name = '\0'; / Don't unlink any existing file */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1111	cleanup_exit(1);
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1112	}
Damien Miller	ab2ec58	2014-07-18 15:04:47 +1000	[diff] [blame]	1113	umask(prev_mask);
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1114
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	1115	/*
				1116	* Fork, and have the parent execute the command, if any, or present
				1117	* the socket data. The child continues as the authentication agent.
				1118	*/
djm@openbsd.org	2ea9746	2015-04-24 05:26:44 +0000	[diff] [blame]	1119	if (D_flag \|\| d_flag) {
				1120	log_init(__progname,
				1121	d_flag ? SYSLOG_LEVEL_DEBUG3 : SYSLOG_LEVEL_INFO,
				1122	SYSLOG_FACILITY_AUTH, 1);
Ben Lindstrom	d94580c	2001-07-04 03:48:02 +0000	[diff] [blame]	1123	format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n";
				1124	printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name,
				1125	SSH_AUTHSOCKET_ENV_NAME);
Ben Lindstrom	ce0f634	2002-06-11 16:42:49 +0000	[diff] [blame]	1126	printf("echo Agent pid %ld;\n", (long)parent_pid);
dtucker@openbsd.org	79394ed	2015-12-11 02:29:03 +0000	[diff] [blame]	1127	fflush(stdout);
Ben Lindstrom	d94580c	2001-07-04 03:48:02 +0000	[diff] [blame]	1128	goto skip;
				1129	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1130	pid = fork();
				1131	if (pid == -1) {
				1132	perror("fork");
Damien Miller	c653b89	2002-02-08 22:05:41 +1100	[diff] [blame]	1133	cleanup_exit(1);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1134	}
				1135	if (pid != 0) { /* Parent - execute the given command. */
				1136	close(sock);
Ben Lindstrom	ce0f634	2002-06-11 16:42:49 +0000	[diff] [blame]	1137	snprintf(pidstrbuf, sizeof pidstrbuf, "%ld", (long)pid);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1138	if (ac == 0) {
				1139	format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n";
				1140	printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name,
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1141	SSH_AUTHSOCKET_ENV_NAME);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1142	printf(format, SSH_AGENTPID_ENV_NAME, pidstrbuf,
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1143	SSH_AGENTPID_ENV_NAME);
Ben Lindstrom	ce0f634	2002-06-11 16:42:49 +0000	[diff] [blame]	1144	printf("echo Agent pid %ld;\n", (long)pid);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1145	exit(0);
				1146	}
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	1147	if (setenv(SSH_AUTHSOCKET_ENV_NAME, socket_name, 1) == -1 \|\|
				1148	setenv(SSH_AGENTPID_ENV_NAME, pidstrbuf, 1) == -1) {
				1149	perror("setenv");
				1150	exit(1);
				1151	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1152	execvp(av[0], av);
				1153	perror(av[0]);
				1154	exit(1);
				1155	}
Damien Miller	c653b89	2002-02-08 22:05:41 +1100	[diff] [blame]	1156	/* child */
				1157	log_init(__progname, SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_AUTH, 0);
Ben Lindstrom	3fdf876	2001-07-22 20:40:24 +0000	[diff] [blame]	1158
				1159	if (setsid() == -1) {
Damien Miller	c653b89	2002-02-08 22:05:41 +1100	[diff] [blame]	1160	error("setsid: %s", strerror(errno));
Ben Lindstrom	3fdf876	2001-07-22 20:40:24 +0000	[diff] [blame]	1161	cleanup_exit(1);
				1162	}
				1163
				1164	(void)chdir("/");
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	1165	if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
				1166	/* XXX might close listen socket */
				1167	(void)dup2(fd, STDIN_FILENO);
				1168	(void)dup2(fd, STDOUT_FILENO);
				1169	(void)dup2(fd, STDERR_FILENO);
				1170	if (fd > 2)
				1171	close(fd);
				1172	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1173
Ben Lindstrom	2c467a2	2000-12-27 04:57:41 +0000	[diff] [blame]	1174	#ifdef HAVE_SETRLIMIT
Ben Lindstrom	c72745a	2000-12-02 19:03:54 +0000	[diff] [blame]	1175	/* deny core dumps, since memory contains unencrypted private keys */
				1176	rlim.rlim_cur = rlim.rlim_max = 0;
				1177	if (setrlimit(RLIMIT_CORE, &rlim) < 0) {
Damien Miller	c653b89	2002-02-08 22:05:41 +1100	[diff] [blame]	1178	error("setrlimit RLIMIT_CORE: %s", strerror(errno));
Ben Lindstrom	c72745a	2000-12-02 19:03:54 +0000	[diff] [blame]	1179	cleanup_exit(1);
				1180	}
Ben Lindstrom	2c467a2	2000-12-27 04:57:41 +0000	[diff] [blame]	1181	#endif
Ben Lindstrom	d94580c	2001-07-04 03:48:02 +0000	[diff] [blame]	1182
				1183	skip:
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	1184
Damien Miller	b1e967c	2014-07-03 21:22:40 +1000	[diff] [blame]	1185	cleanup_pid = getpid();
				1186
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	1187	#ifdef ENABLE_PKCS11
				1188	pkcs11_init(0);
				1189	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1190	new_socket(AUTH_SOCKET, sock);
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	1191	if (ac > 0)
				1192	parent_alive_interval = 10;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	1193	idtab_init();
Damien Miller	48bfa9c	2001-07-14 12:12:55 +1000	[diff] [blame]	1194	signal(SIGPIPE, SIG_IGN);
djm@openbsd.org	2ea9746	2015-04-24 05:26:44 +0000	[diff] [blame]	1195	signal(SIGINT, (d_flag \| D_flag) ? cleanup_handler : SIG_IGN);
Ben Lindstrom	77808ab	2001-01-26 05:10:34 +0000	[diff] [blame]	1196	signal(SIGHUP, cleanup_handler);
				1197	signal(SIGTERM, cleanup_handler);
Ben Lindstrom	a3d5a4c	2001-07-18 15:58:08 +0000	[diff] [blame]	1198	nalloc = 0;
				1199
djm@openbsd.org	786d599	2016-11-30 03:07:37 +0000	[diff] [blame]	1200	if (pledge("stdio rpath cpath unix id proc exec", NULL) == -1)
djm@openbsd.org	d952162	2015-12-01 23:29:24 +0000	[diff] [blame]	1201	fatal("%s: pledge: %s", __progname, strerror(errno));
Damien Miller	4626cba	2016-01-08 14:24:56 +1100	[diff] [blame]	1202	platform_pledge_agent();
djm@openbsd.org	d952162	2015-12-01 23:29:24 +0000	[diff] [blame]	1203
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1204	while (1) {
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	1205	prepare_select(&readsetp, &writesetp, &max_fd, &nalloc, &tvp);
				1206	result = select(max_fd + 1, readsetp, writesetp, NULL, tvp);
Darren Tucker	cf0d2db	2007-02-28 21:19:58 +1100	[diff] [blame]	1207	saved_errno = errno;
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	1208	if (parent_alive_interval != 0)
				1209	check_parent_exists();
				1210	(void) reaper(); /* remove expired keys */
Darren Tucker	cf0d2db	2007-02-28 21:19:58 +1100	[diff] [blame]	1211	if (result < 0) {
				1212	if (saved_errno == EINTR)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1213	continue;
Darren Tucker	cf0d2db	2007-02-28 21:19:58 +1100	[diff] [blame]	1214	fatal("select: %s", strerror(saved_errno));
				1215	} else if (result > 0)
				1216	after_select(readsetp, writesetp);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1217	}
				1218	/* NOTREACHED */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1219	}