Blame - ssh-agent.c - platform/external/openssh

blob: c38906d94278e2388cabb621472b01d7ca88a00e [file] [log] [blame]

dtucker@openbsd.org	ffb1e7e	2016-02-15 09:47:49 +0000	[diff] [blame]	1	/* $OpenBSD: ssh-agent.c,v 1.212 2016/02/15 09:47:49 dtucker Exp $ */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	2	/*
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
				4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
				5	* All rights reserved
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	6	* The authentication agent program.
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	7	*
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	8	* As far as I am concerned, the code I have written for this software
				9	* can be used freely for any purpose. Any derived versions of this
				10	* software must be clearly marked as such, and if the derived work is
				11	* incompatible with the protocol description in the RFC file, it must be
				12	* called by a name other than "ssh" or "Secure Shell".
				13	*
Ben Lindstrom	4469723	2001-07-04 03:32:30 +0000	[diff] [blame]	14	* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	15	*
				16	* Redistribution and use in source and binary forms, with or without
				17	* modification, are permitted provided that the following conditions
				18	* are met:
				19	* 1. Redistributions of source code must retain the above copyright
				20	* notice, this list of conditions and the following disclaimer.
				21	* 2. Redistributions in binary form must reproduce the above copyright
				22	* notice, this list of conditions and the following disclaimer in the
				23	* documentation and/or other materials provided with the distribution.
				24	*
				25	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
				26	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
				27	* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
				28	* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
				29	* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
				30	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
				31	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
				32	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
				33	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
				34	* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	35	*/
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	36
				37	#include "includes.h"
Damien Miller	574c41f	2006-03-15 11:40:10 +1100	[diff] [blame]	38
deraadt@openbsd.org	2ae4f33	2015-01-16 06:40:12 +0000	[diff] [blame]	39	#include <sys/param.h> /* MIN MAX */
Damien Miller	574c41f	2006-03-15 11:40:10 +1100	[diff] [blame]	40	#include <sys/types.h>
Damien Miller	8dbffe7	2006-08-05 11:02:17 +1000	[diff] [blame]	41	#include <sys/param.h>
				42	#include <sys/resource.h>
Damien Miller	42fb068	2006-03-15 14:03:06 +1100	[diff] [blame]	43	#include <sys/stat.h>
Damien Miller	e3b60b5	2006-07-10 21:08:03 +1000	[diff] [blame]	44	#include <sys/socket.h>
Damien Miller	9aec919	2006-08-05 10:57:45 +1000	[diff] [blame]	45	#ifdef HAVE_SYS_TIME_H
				46	# include <sys/time.h>
				47	#endif
Damien Miller	574c41f	2006-03-15 11:40:10 +1100	[diff] [blame]	48	#ifdef HAVE_SYS_UN_H
				49	# include <sys/un.h>
				50	#endif
Damien Miller	9b48151	2002-09-12 10:43:29 +1000	[diff] [blame]	51	#include "openbsd-compat/sys-queue.h"
Damien Miller	e3b60b5	2006-07-10 21:08:03 +1000	[diff] [blame]	52
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	53	#ifdef WITH_OPENSSL
Damien Miller	e3476ed	2006-07-24 14:13:33 +1000	[diff] [blame]	54	#include <openssl/evp.h>
Darren Tucker	bfaaf96	2008-02-28 19:13:52 +1100	[diff] [blame]	55	#include "openbsd-compat/openssl-compat.h"
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	56	#endif
Damien Miller	e3476ed	2006-07-24 14:13:33 +1000	[diff] [blame]	57
Darren Tucker	3997249	2006-07-12 22:22:46 +1000	[diff] [blame]	58	#include <errno.h>
Damien Miller	57cf638	2006-07-10 21:13:46 +1000	[diff] [blame]	59	#include <fcntl.h>
deraadt@openbsd.org	2ae4f33	2015-01-16 06:40:12 +0000	[diff] [blame]	60	#include <limits.h>
Damien Miller	03e2003	2006-03-15 11:16:59 +1100	[diff] [blame]	61	#ifdef HAVE_PATHS_H
Damien Miller	a9263d0	2006-03-15 11:18:26 +1100	[diff] [blame]	62	# include <paths.h>
Damien Miller	03e2003	2006-03-15 11:16:59 +1100	[diff] [blame]	63	#endif
Damien Miller	6ff3cad	2006-03-15 11:52:09 +1100	[diff] [blame]	64	#include <signal.h>
Damien Miller	ded319c	2006-09-01 15:38:36 +1000	[diff] [blame]	65	#include <stdarg.h>
Damien Miller	a7a73ee	2006-08-05 11:37:59 +1000	[diff] [blame]	66	#include <stdio.h>
Damien Miller	e7a1e5c	2006-08-05 11:34:19 +1000	[diff] [blame]	67	#include <stdlib.h>
Damien Miller	5598b4f	2006-07-24 14:09:40 +1000	[diff] [blame]	68	#include <time.h>
Damien Miller	e3476ed	2006-07-24 14:13:33 +1000	[diff] [blame]	69	#include <string.h>
Damien Miller	e6b3b61	2006-07-24 14:01:23 +1000	[diff] [blame]	70	#include <unistd.h>
Damien Miller	e97201f	2015-05-21 17:55:15 +1000	[diff] [blame]	71	#ifdef HAVE_UTIL_H
				72	# include <util.h>
				73	#endif
Damien Miller	6ff3cad	2006-03-15 11:52:09 +1100	[diff] [blame]	74
Damien Miller	d783435	2006-08-05 12:39:39 +1000	[diff] [blame]	75	#include "xmalloc.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	76	#include "ssh.h"
				77	#include "rsa.h"
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	78	#include "sshbuf.h"
				79	#include "sshkey.h"
Damien Miller	994cf14	2000-07-21 10:19:44 +1000	[diff] [blame]	80	#include "authfd.h"
Damien Miller	62cee00	2000-09-23 17:15:56 +1100	[diff] [blame]	81	#include "compat.h"
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	82	#include "log.h"
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	83	#include "misc.h"
Damien Miller	4a1c7aa	2014-02-04 11:03:36 +1100	[diff] [blame]	84	#include "digest.h"
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	85	#include "ssherr.h"
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	86
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	87	#ifdef ENABLE_PKCS11
				88	#include "ssh-pkcs11.h"
Ben Lindstrom	bcc1808	2001-08-06 21:59:25 +0000	[diff] [blame]	89	#endif
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	90
Damien Miller	6c4914a	2004-03-03 11:08:59 +1100	[diff] [blame]	91	#if defined(HAVE_SYS_PRCTL_H)
				92	#include <sys/prctl.h> /* For prctl() and PR_SET_DUMPABLE */
				93	#endif
				94
Ben Lindstrom	65366a8	2001-12-06 16:32:47 +0000	[diff] [blame]	95	typedef enum {
				96	AUTH_UNUSED,
				97	AUTH_SOCKET,
				98	AUTH_CONNECTION
				99	} sock_type;
				100
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	101	typedef struct {
				102	int fd;
Ben Lindstrom	65366a8	2001-12-06 16:32:47 +0000	[diff] [blame]	103	sock_type type;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	104	struct sshbuf *input;
				105	struct sshbuf *output;
				106	struct sshbuf *request;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	107	} SocketEntry;
				108
Ben Lindstrom	46c1622	2000-12-22 01:43:59 +0000	[diff] [blame]	109	u_int sockets_alloc = 0;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	110	SocketEntry *sockets = NULL;
				111
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	112	typedef struct identity {
				113	TAILQ_ENTRY(identity) next;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	114	struct sshkey *key;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	115	char *comment;
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	116	char *provider;
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	117	time_t death;
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	118	u_int confirm;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	119	} Identity;
				120
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	121	typedef struct {
				122	int nentries;
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	123	TAILQ_HEAD(idqueue, identity) idlist;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	124	} Idtab;
				125
				126	/* private key table, one per protocol version */
				127	Idtab idtable[3];
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	128
				129	int max_fd = 0;
				130
				131	/* pid of shell == parent of agent */
Damien Miller	166fca8	2000-04-20 07:42:21 +1000	[diff] [blame]	132	pid_t parent_pid = -1;
Darren Tucker	073f795	2013-06-02 23:47:11 +1000	[diff] [blame]	133	time_t parent_alive_interval = 0;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	134
Damien Miller	b1e967c	2014-07-03 21:22:40 +1000	[diff] [blame]	135	/* pid of process for which cleanup_socket is applicable */
				136	pid_t cleanup_pid = 0;
				137
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	138	/* pathname and directory for AUTH_SOCKET */
deraadt@openbsd.org	2ae4f33	2015-01-16 06:40:12 +0000	[diff] [blame]	139	char socket_name[PATH_MAX];
				140	char socket_dir[PATH_MAX];
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	141
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	142	/* locking */
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	143	#define LOCK_SIZE 32
				144	#define LOCK_SALT_SIZE 16
				145	#define LOCK_ROUNDS 1
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	146	int locked = 0;
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	147	char lock_passwd[LOCK_SIZE];
				148	char lock_salt[LOCK_SALT_SIZE];
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	149
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	150	extern char *__progname;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	151
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	152	/* Default lifetime in seconds (0 == forever) */
				153	static long lifetime = 0;
Damien Miller	53d8148	2003-01-22 11:47:19 +1100	[diff] [blame]	154
djm@openbsd.org	56d1c83	2014-12-21 22:27:55 +0000	[diff] [blame]	155	static int fingerprint_hash = SSH_FP_HASH_DEFAULT;
				156
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	157	static void
Damien Miller	58f3486	2002-09-04 16:31:21 +1000	[diff] [blame]	158	close_socket(SocketEntry *e)
				159	{
Damien Miller	58f3486	2002-09-04 16:31:21 +1000	[diff] [blame]	160	close(e->fd);
				161	e->fd = -1;
				162	e->type = AUTH_UNUSED;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	163	sshbuf_free(e->input);
				164	sshbuf_free(e->output);
				165	sshbuf_free(e->request);
Damien Miller	58f3486	2002-09-04 16:31:21 +1000	[diff] [blame]	166	}
				167
				168	static void
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	169	idtab_init(void)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	170	{
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	171	int i;
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	172
Ben Lindstrom	1c37c6a	2001-12-06 18:00:18 +0000	[diff] [blame]	173	for (i = 0; i <=2; i++) {
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	174	TAILQ_INIT(&idtable[i].idlist);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	175	idtable[i].nentries = 0;
				176	}
				177	}
				178
				179	/* return private key table for requested protocol version */
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	180	static Idtab *
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	181	idtab_lookup(int version)
				182	{
				183	if (version < 1 \|\| version > 2)
				184	fatal("internal error, bad protocol version %d", version);
				185	return &idtable[version];
				186	}
				187
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	188	static void
				189	free_identity(Identity *id)
				190	{
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	191	sshkey_free(id->key);
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	192	free(id->provider);
				193	free(id->comment);
				194	free(id);
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	195	}
				196
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	197	/* return matching private key for given public key */
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	198	static Identity *
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	199	lookup_identity(struct sshkey *key, int version)
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	200	{
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	201	Identity *id;
				202
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	203	Idtab *tab = idtab_lookup(version);
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	204	TAILQ_FOREACH(id, &tab->idlist, next) {
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	205	if (sshkey_equal(key, id->key))
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	206	return (id);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	207	}
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	208	return (NULL);
				209	}
				210
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	211	/* Check confirmation of keysign request */
				212	static int
				213	confirm_key(Identity *id)
				214	{
Darren Tucker	ce327b6	2004-11-05 20:38:03 +1100	[diff] [blame]	215	char *p;
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	216	int ret = -1;
				217
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	218	p = sshkey_fingerprint(id->key, fingerprint_hash, SSH_FP_DEFAULT);
djm@openbsd.org	9ce86c9	2015-01-28 22:36:00 +0000	[diff] [blame]	219	if (p != NULL &&
				220	ask_permission("Allow use of key %s?\nKey fingerprint %s.",
Darren Tucker	ce327b6	2004-11-05 20:38:03 +1100	[diff] [blame]	221	id->comment, p))
				222	ret = 0;
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	223	free(p);
Darren Tucker	ce327b6	2004-11-05 20:38:03 +1100	[diff] [blame]	224
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	225	return (ret);
				226	}
				227
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	228	static void
				229	send_status(SocketEntry *e, int success)
				230	{
				231	int r;
				232
				233	if ((r = sshbuf_put_u32(e->output, 1)) != 0 \|\|
				234	(r = sshbuf_put_u8(e->output, success ?
				235	SSH_AGENT_SUCCESS : SSH_AGENT_FAILURE)) != 0)
				236	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				237	}
				238
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	239	/* send list of supported public keys to 'client' */
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	240	static void
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	241	process_request_identities(SocketEntry *e, int version)
				242	{
				243	Idtab *tab = idtab_lookup(version);
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	244	Identity *id;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	245	struct sshbuf *msg;
				246	int r;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	247
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	248	if ((msg = sshbuf_new()) == NULL)
				249	fatal("%s: sshbuf_new failed", __func__);
				250	if ((r = sshbuf_put_u8(msg, (version == 1) ?
				251	SSH_AGENT_RSA_IDENTITIES_ANSWER :
				252	SSH2_AGENT_IDENTITIES_ANSWER)) != 0 \|\|
				253	(r = sshbuf_put_u32(msg, tab->nentries)) != 0)
				254	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	255	TAILQ_FOREACH(id, &tab->idlist, next) {
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	256	if (id->key->type == KEY_RSA1) {
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	257	#ifdef WITH_SSH1
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	258	if ((r = sshbuf_put_u32(msg,
				259	BN_num_bits(id->key->rsa->n))) != 0 \|\|
				260	(r = sshbuf_put_bignum1(msg,
				261	id->key->rsa->e)) != 0 \|\|
				262	(r = sshbuf_put_bignum1(msg,
				263	id->key->rsa->n)) != 0)
				264	fatal("%s: buffer error: %s",
				265	__func__, ssh_err(r));
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	266	#endif
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	267	} else {
Ben Lindstrom	46c1622	2000-12-22 01:43:59 +0000	[diff] [blame]	268	u_char *blob;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	269	size_t blen;
				270
				271	if ((r = sshkey_to_blob(id->key, &blob, &blen)) != 0) {
				272	error("%s: sshkey_to_blob: %s", __func__,
				273	ssh_err(r));
				274	continue;
				275	}
				276	if ((r = sshbuf_put_string(msg, blob, blen)) != 0)
				277	fatal("%s: buffer error: %s",
				278	__func__, ssh_err(r));
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	279	free(blob);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	280	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	281	if ((r = sshbuf_put_cstring(msg, id->comment)) != 0)
				282	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	283	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	284	if ((r = sshbuf_put_stringb(e->output, msg)) != 0)
				285	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				286	sshbuf_free(msg);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	287	}
				288
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	289	#ifdef WITH_SSH1
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	290	/* ssh1 only */
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	291	static void
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	292	process_authentication_challenge1(SocketEntry *e)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	293	{
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	294	u_char buf[32], mdbuf[16], session_id[16];
				295	u_int response_type;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	296	BIGNUM *challenge;
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	297	Identity *id;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	298	int r, len;
				299	struct sshbuf *msg;
Damien Miller	4a1c7aa	2014-02-04 11:03:36 +1100	[diff] [blame]	300	struct ssh_digest_ctx *md;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	301	struct sshkey *key;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	302
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	303	if ((msg = sshbuf_new()) == NULL)
				304	fatal("%s: sshbuf_new failed", __func__);
				305	if ((key = sshkey_new(KEY_RSA1)) == NULL)
				306	fatal("%s: sshkey_new failed", __func__);
Damien Miller	da75516	2002-01-22 23:09:22 +1100	[diff] [blame]	307	if ((challenge = BN_new()) == NULL)
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	308	fatal("%s: BN_new failed", __func__);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	309
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	310	if ((r = sshbuf_get_u32(e->request, NULL)) != 0 \|\| /* ignored */
				311	(r = sshbuf_get_bignum1(e->request, key->rsa->e)) != 0 \|\|
				312	(r = sshbuf_get_bignum1(e->request, key->rsa->n)) != 0 \|\|
				313	(r = sshbuf_get_bignum1(e->request, challenge)))
				314	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	315
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	316	/* Only protocol 1.1 is supported */
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	317	if (sshbuf_len(e->request) == 0)
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	318	goto failure;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	319	if ((r = sshbuf_get(e->request, session_id, sizeof(session_id))) != 0 \|\|
				320	(r = sshbuf_get_u32(e->request, &response_type)) != 0)
				321	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	322	if (response_type != 1)
				323	goto failure;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	324
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	325	id = lookup_identity(key, 1);
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	326	if (id != NULL && (!id->confirm \|\| confirm_key(id) == 0)) {
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	327	struct sshkey *private = id->key;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	328	/* Decrypt the challenge using the private key. */
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	329	if ((r = rsa_private_decrypt(challenge, challenge,
				330	private->rsa) != 0)) {
				331	fatal("%s: rsa_public_encrypt: %s", __func__,
				332	ssh_err(r));
				333	goto failure; /* XXX ? */
				334	}
Damien Miller	fd7c911	1999-11-08 16:15:55 +1100	[diff] [blame]	335
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	336	/* The response is MD5 of decrypted challenge plus session id */
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	337	len = BN_num_bytes(challenge);
				338	if (len <= 0 \|\| len > 32) {
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	339	logit("%s: bad challenge length %d", __func__, len);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	340	goto failure;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	341	}
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	342	memset(buf, 0, 32);
				343	BN_bn2bin(challenge, buf + 32 - len);
Damien Miller	4a1c7aa	2014-02-04 11:03:36 +1100	[diff] [blame]	344	if ((md = ssh_digest_start(SSH_DIGEST_MD5)) == NULL \|\|
				345	ssh_digest_update(md, buf, 32) < 0 \|\|
				346	ssh_digest_update(md, session_id, 16) < 0 \|\|
				347	ssh_digest_final(md, mdbuf, sizeof(mdbuf)) < 0)
				348	fatal("%s: md5 failed", __func__);
				349	ssh_digest_free(md);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	350
				351	/* Send the response. */
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	352	if ((r = sshbuf_put_u8(msg, SSH_AGENT_RSA_RESPONSE)) != 0 \|\|
				353	(r = sshbuf_put(msg, mdbuf, sizeof(mdbuf))) != 0)
				354	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	355	goto send;
				356	}
				357
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	358	failure:
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	359	/* Unknown identity or protocol error. Send failure. */
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	360	if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0)
				361	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				362	send:
				363	if ((r = sshbuf_put_stringb(e->output, msg)) != 0)
				364	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				365	sshkey_free(key);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	366	BN_clear_free(challenge);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	367	sshbuf_free(msg);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	368	}
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	369	#endif
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	370
markus@openbsd.org	76c9fbb	2015-12-04 16:41:28 +0000	[diff] [blame]	371	static char *
				372	agent_decode_alg(struct sshkey *key, u_int flags)
				373	{
				374	if (key->type == KEY_RSA) {
				375	if (flags & SSH_AGENT_RSA_SHA2_256)
				376	return "rsa-sha2-256";
				377	else if (flags & SSH_AGENT_RSA_SHA2_512)
				378	return "rsa-sha2-512";
				379	}
				380	return NULL;
				381	}
				382
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	383	/* ssh2 only */
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	384	static void
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	385	process_sign_request2(SocketEntry *e)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	386	{
Ben Lindstrom	46c1622	2000-12-22 01:43:59 +0000	[diff] [blame]	387	u_char blob, data, *signature = NULL;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	388	size_t blen, dlen, slen = 0;
				389	u_int compat = 0, flags;
				390	int r, ok = -1;
				391	struct sshbuf *msg;
				392	struct sshkey *key;
djm@openbsd.org	0088c57	2015-01-14 19:33:41 +0000	[diff] [blame]	393	struct identity *id;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	394
djm@openbsd.org	0088c57	2015-01-14 19:33:41 +0000	[diff] [blame]	395	if ((msg = sshbuf_new()) == NULL)
				396	fatal("%s: sshbuf_new failed", __func__);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	397	if ((r = sshbuf_get_string(e->request, &blob, &blen)) != 0 \|\|
				398	(r = sshbuf_get_string(e->request, &data, &dlen)) != 0 \|\|
				399	(r = sshbuf_get_u32(e->request, &flags)) != 0)
				400	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Damien Miller	62cee00	2000-09-23 17:15:56 +1100	[diff] [blame]	401	if (flags & SSH_AGENT_OLD_SIGNATURE)
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	402	compat = SSH_BUG_SIGBLOB;
djm@openbsd.org	0088c57	2015-01-14 19:33:41 +0000	[diff] [blame]	403	if ((r = sshkey_from_blob(blob, blen, &key)) != 0) {
djm@openbsd.org	39736be	2015-12-11 02:20:28 +0000	[diff] [blame]	404	error("%s: cannot parse key blob: %s", __func__, ssh_err(r));
djm@openbsd.org	0088c57	2015-01-14 19:33:41 +0000	[diff] [blame]	405	goto send;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	406	}
djm@openbsd.org	0088c57	2015-01-14 19:33:41 +0000	[diff] [blame]	407	if ((id = lookup_identity(key, 2)) == NULL) {
				408	verbose("%s: %s key not found", __func__, sshkey_type(key));
				409	goto send;
				410	}
				411	if (id->confirm && confirm_key(id) != 0) {
				412	verbose("%s: user refused key", __func__);
				413	goto send;
				414	}
				415	if ((r = sshkey_sign(id->key, &signature, &slen,
markus@openbsd.org	76c9fbb	2015-12-04 16:41:28 +0000	[diff] [blame]	416	data, dlen, agent_decode_alg(key, flags), compat)) != 0) {
djm@openbsd.org	39736be	2015-12-11 02:20:28 +0000	[diff] [blame]	417	error("%s: sshkey_sign: %s", __func__, ssh_err(r));
djm@openbsd.org	0088c57	2015-01-14 19:33:41 +0000	[diff] [blame]	418	goto send;
				419	}
				420	/* Success */
				421	ok = 0;
				422	send:
				423	sshkey_free(key);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	424	if (ok == 0) {
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	425	if ((r = sshbuf_put_u8(msg, SSH2_AGENT_SIGN_RESPONSE)) != 0 \|\|
				426	(r = sshbuf_put_string(msg, signature, slen)) != 0)
				427	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				428	} else if ((r = sshbuf_put_u8(msg, SSH_AGENT_FAILURE)) != 0)
				429	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				430
				431	if ((r = sshbuf_put_stringb(e->output, msg)) != 0)
				432	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				433
				434	sshbuf_free(msg);
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	435	free(data);
				436	free(blob);
				437	free(signature);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	438	}
				439
				440	/* shared */
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	441	static void
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	442	process_remove_identity(SocketEntry *e, int version)
				443	{
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	444	size_t blen;
				445	int r, success = 0;
				446	struct sshkey *key = NULL;
Ben Lindstrom	46c1622	2000-12-22 01:43:59 +0000	[diff] [blame]	447	u_char *blob;
Damien Miller	8668706	2014-07-02 15:28:02 +1000	[diff] [blame]	448	#ifdef WITH_SSH1
				449	u_int bits;
				450	#endif /* WITH_SSH1 */
Damien Miller	7e8e820	1999-11-16 13:37:16 +1100	[diff] [blame]	451
Ben Lindstrom	1c37c6a	2001-12-06 18:00:18 +0000	[diff] [blame]	452	switch (version) {
Damien Miller	8668706	2014-07-02 15:28:02 +1000	[diff] [blame]	453	#ifdef WITH_SSH1
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	454	case 1:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	455	if ((key = sshkey_new(KEY_RSA1)) == NULL) {
				456	error("%s: sshkey_new failed", __func__);
				457	return;
				458	}
				459	if ((r = sshbuf_get_u32(e->request, &bits)) != 0 \|\|
				460	(r = sshbuf_get_bignum1(e->request, key->rsa->e)) != 0 \|\|
				461	(r = sshbuf_get_bignum1(e->request, key->rsa->n)) != 0)
				462	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	463
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	464	if (bits != sshkey_size(key))
				465	logit("Warning: identity keysize mismatch: "
				466	"actual %u, announced %u",
				467	sshkey_size(key), bits);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	468	break;
Damien Miller	8668706	2014-07-02 15:28:02 +1000	[diff] [blame]	469	#endif /* WITH_SSH1 */
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	470	case 2:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	471	if ((r = sshbuf_get_string(e->request, &blob, &blen)) != 0)
				472	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				473	if ((r = sshkey_from_blob(blob, blen, &key)) != 0)
				474	error("%s: sshkey_from_blob failed: %s",
				475	__func__, ssh_err(r));
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	476	free(blob);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	477	break;
				478	}
				479	if (key != NULL) {
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	480	Identity *id = lookup_identity(key, version);
				481	if (id != NULL) {
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	482	/*
				483	* We have this key. Free the old key. Since we
Damien Miller	788f212	2005-11-05 15:14:59 +1100	[diff] [blame]	484	* don't want to leave empty slots in the middle of
Ben Lindstrom	1492029	2000-11-21 21:24:55 +0000	[diff] [blame]	485	* the array, we actually free the key there and move
				486	* all the entries between the empty slot and the end
				487	* of the array.
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	488	*/
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	489	Idtab *tab = idtab_lookup(version);
Damien Miller	0bc1bd8	2000-11-13 22:57:25 +1100	[diff] [blame]	490	if (tab->nentries < 1)
				491	fatal("process_remove_identity: "
				492	"internal error: tab->nentries %d",
				493	tab->nentries);
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	494	TAILQ_REMOVE(&tab->idlist, id, next);
				495	free_identity(id);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	496	tab->nentries--;
				497	success = 1;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	498	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	499	sshkey_free(key);
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	500	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	501	send_status(e, success);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	502	}
				503
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	504	static void
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	505	process_remove_all_identities(SocketEntry *e, int version)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	506	{
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	507	Idtab *tab = idtab_lookup(version);
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	508	Identity *id;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	509
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	510	/* Loop over all identities and clear the keys. */
Damien Miller	1a534ae	2002-01-22 23:26:13 +1100	[diff] [blame]	511	for (id = TAILQ_FIRST(&tab->idlist); id;
				512	id = TAILQ_FIRST(&tab->idlist)) {
				513	TAILQ_REMOVE(&tab->idlist, id, next);
				514	free_identity(id);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	515	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	516
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	517	/* Mark that there are no identities. */
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	518	tab->nentries = 0;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	519
				520	/* Send success. */
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	521	send_status(e, 1);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	522	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	523
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	524	/* removes expired keys and returns number of seconds until the next expiry */
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	525	static time_t
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	526	reaper(void)
				527	{
Darren Tucker	b759c9c	2013-06-02 07:46:16 +1000	[diff] [blame]	528	time_t deadline = 0, now = monotime();
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	529	Identity id, nxt;
				530	int version;
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	531	Idtab *tab;
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	532
				533	for (version = 1; version < 3; version++) {
				534	tab = idtab_lookup(version);
				535	for (id = TAILQ_FIRST(&tab->idlist); id; id = nxt) {
				536	nxt = TAILQ_NEXT(id, next);
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	537	if (id->death == 0)
				538	continue;
				539	if (now >= id->death) {
Darren Tucker	cf0d2db	2007-02-28 21:19:58 +1100	[diff] [blame]	540	debug("expiring key '%s'", id->comment);
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	541	TAILQ_REMOVE(&tab->idlist, id, next);
				542	free_identity(id);
				543	tab->nentries--;
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	544	} else
				545	deadline = (deadline == 0) ? id->death :
				546	MIN(deadline, id->death);
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	547	}
				548	}
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	549	if (deadline == 0 \|\| deadline <= now)
				550	return 0;
				551	else
				552	return (deadline - now);
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	553	}
				554
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	555	/*
				556	* XXX this and the corresponding serialisation function probably belongs
				557	* in key.c
				558	*/
djm@openbsd.org	111dfb2	2015-03-03 21:21:13 +0000	[diff] [blame]	559	#ifdef WITH_SSH1
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	560	static int
				561	agent_decode_rsa1(struct sshbuf m, struct sshkey *kp)
				562	{
				563	struct sshkey *k = NULL;
				564	int r = SSH_ERR_INTERNAL_ERROR;
				565
				566	*kp = NULL;
				567	if ((k = sshkey_new_private(KEY_RSA1)) == NULL)
				568	return SSH_ERR_ALLOC_FAIL;
				569
				570	if ((r = sshbuf_get_u32(m, NULL)) != 0 \|\| /* ignored */
				571	(r = sshbuf_get_bignum1(m, k->rsa->n)) != 0 \|\|
				572	(r = sshbuf_get_bignum1(m, k->rsa->e)) != 0 \|\|
				573	(r = sshbuf_get_bignum1(m, k->rsa->d)) != 0 \|\|
				574	(r = sshbuf_get_bignum1(m, k->rsa->iqmp)) != 0 \|\|
				575	/* SSH1 and SSL have p and q swapped */
				576	(r = sshbuf_get_bignum1(m, k->rsa->q)) != 0 \|\| /* p */
				577	(r = sshbuf_get_bignum1(m, k->rsa->p)) != 0) /* q */
				578	goto out;
				579
				580	/* Generate additional parameters */
				581	if ((r = rsa_generate_additional_parameters(k->rsa)) != 0)
				582	goto out;
				583	/* enable blinding */
				584	if (RSA_blinding_on(k->rsa, NULL) != 1) {
				585	r = SSH_ERR_LIBCRYPTO_ERROR;
				586	goto out;
				587	}
				588
				589	r = 0; /* success */
				590	out:
				591	if (r == 0)
				592	*kp = k;
				593	else
				594	sshkey_free(k);
				595	return r;
				596	}
Damien Miller	6c20392	2015-03-03 13:48:48 -0800	[diff] [blame]	597	#endif /* WITH_SSH1 */
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	598
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	599	static void
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	600	process_add_identity(SocketEntry *e, int version)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	601	{
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	602	Idtab *tab = idtab_lookup(version);
Damien Miller	4c7728c	2007-10-26 14:25:31 +1000	[diff] [blame]	603	Identity *id;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	604	int success = 0, confirm = 0;
				605	u_int seconds;
				606	char *comment = NULL;
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	607	time_t death = 0;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	608	struct sshkey *k = NULL;
				609	u_char ctype;
				610	int r = SSH_ERR_INTERNAL_ERROR;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	611
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	612	switch (version) {
Damien Miller	8668706	2014-07-02 15:28:02 +1000	[diff] [blame]	613	#ifdef WITH_SSH1
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	614	case 1:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	615	r = agent_decode_rsa1(e->request, &k);
Damien Miller	c51d073	2003-03-15 11:37:09 +1100	[diff] [blame]	616	break;
Damien Miller	8668706	2014-07-02 15:28:02 +1000	[diff] [blame]	617	#endif /* WITH_SSH1 */
Damien Miller	f0e9060	2013-12-07 10:40:26 +1100	[diff] [blame]	618	case 2:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	619	r = sshkey_private_deserialize(e->request, &k);
Damien Miller	f0e9060	2013-12-07 10:40:26 +1100	[diff] [blame]	620	break;
Damien Miller	c51d073	2003-03-15 11:37:09 +1100	[diff] [blame]	621	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	622	if (r != 0 \|\| k == NULL \|\|
				623	(r = sshbuf_get_cstring(e->request, &comment, NULL)) != 0) {
				624	error("%s: decode private key: %s", __func__, ssh_err(r));
				625	goto err;
				626	}
Damien Miller	8668706	2014-07-02 15:28:02 +1000	[diff] [blame]	627
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	628	while (sshbuf_len(e->request)) {
				629	if ((r = sshbuf_get_u8(e->request, &ctype)) != 0) {
				630	error("%s: buffer error: %s", __func__, ssh_err(r));
				631	goto err;
				632	}
				633	switch (ctype) {
Ben Lindstrom	c90f8a9	2002-06-21 00:06:54 +0000	[diff] [blame]	634	case SSH_AGENT_CONSTRAIN_LIFETIME:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	635	if ((r = sshbuf_get_u32(e->request, &seconds)) != 0) {
				636	error("%s: bad lifetime constraint: %s",
				637	__func__, ssh_err(r));
				638	goto err;
				639	}
				640	death = monotime() + seconds;
Ben Lindstrom	4eb4c4e	2002-06-21 00:04:48 +0000	[diff] [blame]	641	break;
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	642	case SSH_AGENT_CONSTRAIN_CONFIRM:
				643	confirm = 1;
				644	break;
Ben Lindstrom	4eb4c4e	2002-06-21 00:04:48 +0000	[diff] [blame]	645	default:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	646	error("%s: Unknown constraint %d", __func__, ctype);
				647	err:
				648	sshbuf_reset(e->request);
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	649	free(comment);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	650	sshkey_free(k);
Damien Miller	1cfadab	2008-06-30 00:05:21 +1000	[diff] [blame]	651	goto send;
Ben Lindstrom	4eb4c4e	2002-06-21 00:04:48 +0000	[diff] [blame]	652	}
				653	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	654
Damien Miller	1cfadab	2008-06-30 00:05:21 +1000	[diff] [blame]	655	success = 1;
Damien Miller	53d8148	2003-01-22 11:47:19 +1100	[diff] [blame]	656	if (lifetime && !death)
Darren Tucker	b759c9c	2013-06-02 07:46:16 +1000	[diff] [blame]	657	death = monotime() + lifetime;
Damien Miller	4c7728c	2007-10-26 14:25:31 +1000	[diff] [blame]	658	if ((id = lookup_identity(k, version)) == NULL) {
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	659	id = xcalloc(1, sizeof(Identity));
Ben Lindstrom	2b266b7	2002-06-21 00:08:39 +0000	[diff] [blame]	660	id->key = k;
Ben Lindstrom	2b266b7	2002-06-21 00:08:39 +0000	[diff] [blame]	661	TAILQ_INSERT_TAIL(&tab->idlist, id, next);
				662	/* Increment the number of identities. */
				663	tab->nentries++;
				664	} else {
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	665	sshkey_free(k);
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	666	free(id->comment);
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	667	}
Damien Miller	4c7728c	2007-10-26 14:25:31 +1000	[diff] [blame]	668	id->comment = comment;
				669	id->death = death;
				670	id->confirm = confirm;
Ben Lindstrom	2b266b7	2002-06-21 00:08:39 +0000	[diff] [blame]	671	send:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	672	send_status(e, success);
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	673	}
				674
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	675	/* XXX todo: encrypt sensitive data with passphrase */
				676	static void
				677	process_lock_agent(SocketEntry *e, int lock)
				678	{
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	679	int r, success = 0, delay;
				680	char *passwd, passwdhash[LOCK_SIZE];
				681	static u_int fail_count = 0;
				682	size_t pwlen;
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	683
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	684	if ((r = sshbuf_get_cstring(e->request, &passwd, &pwlen)) != 0)
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	685	fatal("%s: buffer error: %s", __func__, ssh_err(r));
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	686	if (pwlen == 0) {
				687	debug("empty password not supported");
				688	} else if (locked && !lock) {
				689	if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt),
				690	passwdhash, sizeof(passwdhash), LOCK_ROUNDS) < 0)
				691	fatal("bcrypt_pbkdf");
				692	if (timingsafe_bcmp(passwdhash, lock_passwd, LOCK_SIZE) == 0) {
				693	debug("agent unlocked");
				694	locked = 0;
				695	fail_count = 0;
				696	explicit_bzero(lock_passwd, sizeof(lock_passwd));
				697	success = 1;
				698	} else {
				699	/* delay in 0.1s increments up to 10s */
				700	if (fail_count < 100)
				701	fail_count++;
				702	delay = 100000 * fail_count;
				703	debug("unlock failed, delaying %0.1lf seconds",
				704	(double)delay/1000000);
				705	usleep(delay);
				706	}
				707	explicit_bzero(passwdhash, sizeof(passwdhash));
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	708	} else if (!locked && lock) {
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	709	debug("agent locked");
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	710	locked = 1;
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	711	arc4random_buf(lock_salt, sizeof(lock_salt));
				712	if (bcrypt_pbkdf(passwd, pwlen, lock_salt, sizeof(lock_salt),
				713	lock_passwd, sizeof(lock_passwd), LOCK_ROUNDS) < 0)
				714	fatal("bcrypt_pbkdf");
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	715	success = 1;
				716	}
dtucker@openbsd.org	9173d0f	2015-05-15 05:44:21 +0000	[diff] [blame]	717	explicit_bzero(passwd, pwlen);
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	718	free(passwd);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	719	send_status(e, success);
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	720	}
				721
				722	static void
				723	no_identities(SocketEntry *e, u_int type)
				724	{
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	725	struct sshbuf *msg;
				726	int r;
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	727
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	728	if ((msg = sshbuf_new()) == NULL)
				729	fatal("%s: sshbuf_new failed", __func__);
				730	if ((r = sshbuf_put_u8(msg,
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	731	(type == SSH_AGENTC_REQUEST_RSA_IDENTITIES) ?
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	732	SSH_AGENT_RSA_IDENTITIES_ANSWER :
				733	SSH2_AGENT_IDENTITIES_ANSWER)) != 0 \|\|
				734	(r = sshbuf_put_u32(msg, 0)) != 0 \|\|
				735	(r = sshbuf_put_stringb(e->output, msg)) != 0)
				736	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				737	sshbuf_free(msg);
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	738	}
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	739
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	740	#ifdef ENABLE_PKCS11
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	741	static void
Damien Miller	1cfadab	2008-06-30 00:05:21 +1000	[diff] [blame]	742	process_add_smartcard_key(SocketEntry *e)
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	743	{
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	744	char provider = NULL, pin;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	745	int r, i, version, count = 0, success = 0, confirm = 0;
				746	u_int seconds;
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	747	time_t death = 0;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	748	u_char type;
				749	struct sshkey *keys = NULL, k;
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	750	Identity *id;
				751	Idtab *tab;
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	752
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	753	if ((r = sshbuf_get_cstring(e->request, &provider, NULL)) != 0 \|\|
				754	(r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0)
				755	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	756
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	757	while (sshbuf_len(e->request)) {
				758	if ((r = sshbuf_get_u8(e->request, &type)) != 0)
				759	fatal("%s: buffer error: %s", __func__, ssh_err(r));
				760	switch (type) {
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	761	case SSH_AGENT_CONSTRAIN_LIFETIME:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	762	if ((r = sshbuf_get_u32(e->request, &seconds)) != 0)
				763	fatal("%s: buffer error: %s",
				764	__func__, ssh_err(r));
				765	death = monotime() + seconds;
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	766	break;
				767	case SSH_AGENT_CONSTRAIN_CONFIRM:
				768	confirm = 1;
				769	break;
				770	default:
Damien Miller	1cfadab	2008-06-30 00:05:21 +1000	[diff] [blame]	771	error("process_add_smartcard_key: "
				772	"Unknown constraint type %d", type);
Damien Miller	1cfadab	2008-06-30 00:05:21 +1000	[diff] [blame]	773	goto send;
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	774	}
				775	}
				776	if (lifetime && !death)
Darren Tucker	b759c9c	2013-06-02 07:46:16 +1000	[diff] [blame]	777	death = monotime() + lifetime;
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	778
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	779	count = pkcs11_add_provider(provider, pin, &keys);
				780	for (i = 0; i < count; i++) {
Ben Lindstrom	0936a5b	2002-03-26 03:17:42 +0000	[diff] [blame]	781	k = keys[i];
				782	version = k->type == KEY_RSA1 ? 1 : 2;
				783	tab = idtab_lookup(version);
				784	if (lookup_identity(k, version) == NULL) {
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	785	id = xcalloc(1, sizeof(Identity));
Ben Lindstrom	0936a5b	2002-03-26 03:17:42 +0000	[diff] [blame]	786	id->key = k;
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	787	id->provider = xstrdup(provider);
				788	id->comment = xstrdup(provider); /* XXX */
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	789	id->death = death;
				790	id->confirm = confirm;
Ben Lindstrom	0936a5b	2002-03-26 03:17:42 +0000	[diff] [blame]	791	TAILQ_INSERT_TAIL(&tab->idlist, id, next);
				792	tab->nentries++;
				793	success = 1;
				794	} else {
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	795	sshkey_free(k);
Ben Lindstrom	0936a5b	2002-03-26 03:17:42 +0000	[diff] [blame]	796	}
				797	keys[i] = NULL;
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	798	}
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	799	send:
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	800	free(pin);
				801	free(provider);
				802	free(keys);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	803	send_status(e, success);
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	804	}
				805
				806	static void
				807	process_remove_smartcard_key(SocketEntry *e)
				808	{
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	809	char provider = NULL, pin = NULL;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	810	int r, version, success = 0;
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	811	Identity id, nxt;
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	812	Idtab *tab;
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	813
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	814	if ((r = sshbuf_get_cstring(e->request, &provider, NULL)) != 0 \|\|
				815	(r = sshbuf_get_cstring(e->request, &pin, NULL)) != 0)
				816	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	817	free(pin);
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	818
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	819	for (version = 1; version < 3; version++) {
				820	tab = idtab_lookup(version);
				821	for (id = TAILQ_FIRST(&tab->idlist); id; id = nxt) {
				822	nxt = TAILQ_NEXT(id, next);
Damien Miller	0b36c83	2013-12-29 17:45:51 +1100	[diff] [blame]	823	/* Skip file--based keys */
				824	if (id->provider == NULL)
				825	continue;
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	826	if (!strcmp(provider, id->provider)) {
				827	TAILQ_REMOVE(&tab->idlist, id, next);
				828	free_identity(id);
				829	tab->nentries--;
				830	}
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	831	}
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	832	}
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	833	if (pkcs11_del_provider(provider) == 0)
				834	success = 1;
				835	else
				836	error("process_remove_smartcard_key:"
				837	" pkcs11_del_provider failed");
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	838	free(provider);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	839	send_status(e, success);
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	840	}
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	841	#endif /* ENABLE_PKCS11 */
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	842
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	843	/* dispatch incoming messages */
				844
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	845	static void
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	846	process_message(SocketEntry *e)
				847	{
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	848	u_int msg_len;
				849	u_char type;
				850	const u_char *cp;
				851	int r;
Ben Lindstrom	61d328a	2002-06-06 21:54:57 +0000	[diff] [blame]	852
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	853	if (sshbuf_len(e->input) < 5)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	854	return; /* Incomplete message. */
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	855	cp = sshbuf_ptr(e->input);
				856	msg_len = PEEK_U32(cp);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	857	if (msg_len > 256 * 1024) {
Damien Miller	58f3486	2002-09-04 16:31:21 +1000	[diff] [blame]	858	close_socket(e);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	859	return;
				860	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	861	if (sshbuf_len(e->input) < msg_len + 4)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	862	return;
Ben Lindstrom	21d1ed8	2002-06-06 21:48:57 +0000	[diff] [blame]	863
				864	/* move the current input to e->request */
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	865	sshbuf_reset(e->request);
				866	if ((r = sshbuf_get_stringb(e->input, e->request)) != 0 \|\|
				867	(r = sshbuf_get_u8(e->request, &type)) != 0)
				868	fatal("%s: buffer error: %s", __func__, ssh_err(r));
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	869
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	870	/* check wheter agent is locked */
				871	if (locked && type != SSH_AGENTC_UNLOCK) {
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	872	sshbuf_reset(e->request);
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	873	switch (type) {
				874	case SSH_AGENTC_REQUEST_RSA_IDENTITIES:
				875	case SSH2_AGENTC_REQUEST_IDENTITIES:
				876	/* send empty lists */
				877	no_identities(e, type);
				878	break;
				879	default:
				880	/* send a fail message for all other request types */
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	881	send_status(e, 0);
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	882	}
				883	return;
				884	}
				885
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	886	debug("type %d", type);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	887	switch (type) {
Ben Lindstrom	2f71704	2002-06-06 21:52:03 +0000	[diff] [blame]	888	case SSH_AGENTC_LOCK:
				889	case SSH_AGENTC_UNLOCK:
				890	process_lock_agent(e, type == SSH_AGENTC_LOCK);
				891	break;
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	892	#ifdef WITH_SSH1
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	893	/* ssh1 */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	894	case SSH_AGENTC_RSA_CHALLENGE:
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	895	process_authentication_challenge1(e);
				896	break;
				897	case SSH_AGENTC_REQUEST_RSA_IDENTITIES:
				898	process_request_identities(e, 1);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	899	break;
				900	case SSH_AGENTC_ADD_RSA_IDENTITY:
Ben Lindstrom	2b266b7	2002-06-21 00:08:39 +0000	[diff] [blame]	901	case SSH_AGENTC_ADD_RSA_ID_CONSTRAINED:
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	902	process_add_identity(e, 1);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	903	break;
				904	case SSH_AGENTC_REMOVE_RSA_IDENTITY:
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	905	process_remove_identity(e, 1);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	906	break;
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	907	#endif
djm@openbsd.org	2f04af9	2015-03-04 21:12:59 +0000	[diff] [blame]	908	case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES:
				909	process_remove_all_identities(e, 1); /* safe for !WITH_SSH1 */
				910	break;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	911	/* ssh2 */
				912	case SSH2_AGENTC_SIGN_REQUEST:
				913	process_sign_request2(e);
				914	break;
				915	case SSH2_AGENTC_REQUEST_IDENTITIES:
				916	process_request_identities(e, 2);
				917	break;
				918	case SSH2_AGENTC_ADD_IDENTITY:
Ben Lindstrom	2b266b7	2002-06-21 00:08:39 +0000	[diff] [blame]	919	case SSH2_AGENTC_ADD_ID_CONSTRAINED:
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	920	process_add_identity(e, 2);
				921	break;
				922	case SSH2_AGENTC_REMOVE_IDENTITY:
				923	process_remove_identity(e, 2);
				924	break;
				925	case SSH2_AGENTC_REMOVE_ALL_IDENTITIES:
				926	process_remove_all_identities(e, 2);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	927	break;
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	928	#ifdef ENABLE_PKCS11
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	929	case SSH_AGENTC_ADD_SMARTCARD_KEY:
Damien Miller	d94f20d	2003-06-11 22:06:33 +1000	[diff] [blame]	930	case SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED:
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	931	process_add_smartcard_key(e);
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	932	break;
Ben Lindstrom	3f47163	2001-07-04 03:53:15 +0000	[diff] [blame]	933	case SSH_AGENTC_REMOVE_SMARTCARD_KEY:
				934	process_remove_smartcard_key(e);
Damien Miller	9f0f5c6	2001-12-21 14:45:46 +1100	[diff] [blame]	935	break;
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	936	#endif /* ENABLE_PKCS11 */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	937	default:
				938	/* Unknown message. Respond with failure. */
				939	error("Unknown message %d", type);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	940	sshbuf_reset(e->request);
				941	send_status(e, 0);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	942	break;
				943	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	944	}
				945
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	946	static void
Ben Lindstrom	65366a8	2001-12-06 16:32:47 +0000	[diff] [blame]	947	new_socket(sock_type type, int fd)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	948	{
Darren Tucker	fb16b24	2003-09-22 21:04:23 +1000	[diff] [blame]	949	u_int i, old_alloc, new_alloc;
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	950
Damien Miller	232711f	2004-06-15 10:35:30 +1000	[diff] [blame]	951	set_nonblock(fd);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	952
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	953	if (fd > max_fd)
				954	max_fd = fd;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	955
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	956	for (i = 0; i < sockets_alloc; i++)
				957	if (sockets[i].type == AUTH_UNUSED) {
				958	sockets[i].fd = fd;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	959	if ((sockets[i].input = sshbuf_new()) == NULL)
				960	fatal("%s: sshbuf_new failed", __func__);
				961	if ((sockets[i].output = sshbuf_new()) == NULL)
				962	fatal("%s: sshbuf_new failed", __func__);
				963	if ((sockets[i].request = sshbuf_new()) == NULL)
				964	fatal("%s: sshbuf_new failed", __func__);
Darren Tucker	fb16b24	2003-09-22 21:04:23 +1000	[diff] [blame]	965	sockets[i].type = type;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	966	return;
				967	}
				968	old_alloc = sockets_alloc;
Darren Tucker	fb16b24	2003-09-22 21:04:23 +1000	[diff] [blame]	969	new_alloc = sockets_alloc + 10;
deraadt@openbsd.org	657a5fb	2015-04-24 01:36:00 +0000	[diff] [blame]	970	sockets = xreallocarray(sockets, new_alloc, sizeof(sockets[0]));
Darren Tucker	fb16b24	2003-09-22 21:04:23 +1000	[diff] [blame]	971	for (i = old_alloc; i < new_alloc; i++)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	972	sockets[i].type = AUTH_UNUSED;
Darren Tucker	fb16b24	2003-09-22 21:04:23 +1000	[diff] [blame]	973	sockets_alloc = new_alloc;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	974	sockets[old_alloc].fd = fd;
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	975	if ((sockets[old_alloc].input = sshbuf_new()) == NULL)
				976	fatal("%s: sshbuf_new failed", __func__);
				977	if ((sockets[old_alloc].output = sshbuf_new()) == NULL)
				978	fatal("%s: sshbuf_new failed", __func__);
				979	if ((sockets[old_alloc].request = sshbuf_new()) == NULL)
				980	fatal("%s: sshbuf_new failed", __func__);
Darren Tucker	fb16b24	2003-09-22 21:04:23 +1000	[diff] [blame]	981	sockets[old_alloc].type = type;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	982	}
				983
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	984	static int
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	985	prepare_select(fd_set fdrp, fd_set fdwp, int fdl, u_int nallocp,
				986	struct timeval **tvpp)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	987	{
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	988	u_int i, sz;
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	989	int n = 0;
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	990	static struct timeval tv;
Darren Tucker	5511925	2013-06-02 07:43:59 +1000	[diff] [blame]	991	time_t deadline;
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	992
				993	for (i = 0; i < sockets_alloc; i++) {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	994	switch (sockets[i].type) {
				995	case AUTH_SOCKET:
				996	case AUTH_CONNECTION:
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	997	n = MAX(n, sockets[i].fd);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	998	break;
				999	case AUTH_UNUSED:
				1000	break;
				1001	default:
				1002	fatal("Unknown socket type %d", sockets[i].type);
				1003	break;
				1004	}
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1005	}
				1006
				1007	sz = howmany(n+1, NFDBITS) * sizeof(fd_mask);
Ben Lindstrom	a3d5a4c	2001-07-18 15:58:08 +0000	[diff] [blame]	1008	if (fdrp == NULL \|\| sz > nallocp) {
Darren Tucker	a627d42	2013-06-02 07:31:17 +1000	[diff] [blame]	1009	free(*fdrp);
				1010	free(*fdwp);
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1011	*fdrp = xmalloc(sz);
				1012	*fdwp = xmalloc(sz);
Ben Lindstrom	a3d5a4c	2001-07-18 15:58:08 +0000	[diff] [blame]	1013	*nallocp = sz;
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1014	}
Ben Lindstrom	a3d5a4c	2001-07-18 15:58:08 +0000	[diff] [blame]	1015	if (n < *fdl)
				1016	debug("XXX shrink: %d < %d", n, *fdl);
				1017	*fdl = n;
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1018	memset(*fdrp, 0, sz);
				1019	memset(*fdwp, 0, sz);
				1020
				1021	for (i = 0; i < sockets_alloc; i++) {
				1022	switch (sockets[i].type) {
				1023	case AUTH_SOCKET:
				1024	case AUTH_CONNECTION:
				1025	FD_SET(sockets[i].fd, *fdrp);
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	1026	if (sshbuf_len(sockets[i].output) > 0)
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1027	FD_SET(sockets[i].fd, *fdwp);
				1028	break;
				1029	default:
				1030	break;
				1031	}
				1032	}
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	1033	deadline = reaper();
				1034	if (parent_alive_interval != 0)
				1035	deadline = (deadline == 0) ? parent_alive_interval :
				1036	MIN(deadline, parent_alive_interval);
				1037	if (deadline == 0) {
				1038	*tvpp = NULL;
				1039	} else {
				1040	tv.tv_sec = deadline;
				1041	tv.tv_usec = 0;
				1042	*tvpp = &tv;
				1043	}
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1044	return (1);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1045	}
				1046
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	1047	static void
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1048	after_select(fd_set readset, fd_set writeset)
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1049	{
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	1050	struct sockaddr_un sunaddr;
Damien Miller	7684ee1	2000-03-17 23:40:15 +1100	[diff] [blame]	1051	socklen_t slen;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1052	char buf[1024];
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	1053	int len, sock, r;
Darren Tucker	72473c6	2009-10-07 09:01:03 +1100	[diff] [blame]	1054	u_int i, orig_alloc;
Damien Miller	538f181	2002-09-12 09:51:10 +1000	[diff] [blame]	1055	uid_t euid;
				1056	gid_t egid;
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1057
Darren Tucker	72473c6	2009-10-07 09:01:03 +1100	[diff] [blame]	1058	for (i = 0, orig_alloc = sockets_alloc; i < orig_alloc; i++)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1059	switch (sockets[i].type) {
				1060	case AUTH_UNUSED:
				1061	break;
				1062	case AUTH_SOCKET:
				1063	if (FD_ISSET(sockets[i].fd, readset)) {
Damien Miller	7684ee1	2000-03-17 23:40:15 +1100	[diff] [blame]	1064	slen = sizeof(sunaddr);
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1065	sock = accept(sockets[i].fd,
Damien Miller	9096740	2006-03-26 14:07:26 +1100	[diff] [blame]	1066	(struct sockaddr *)&sunaddr, &slen);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1067	if (sock < 0) {
Damien Miller	c653b89	2002-02-08 22:05:41 +1100	[diff] [blame]	1068	error("accept from AUTH_SOCKET: %s",
				1069	strerror(errno));
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1070	break;
				1071	}
Damien Miller	538f181	2002-09-12 09:51:10 +1000	[diff] [blame]	1072	if (getpeereid(sock, &euid, &egid) < 0) {
				1073	error("getpeereid %d failed: %s",
				1074	sock, strerror(errno));
				1075	close(sock);
				1076	break;
				1077	}
Damien Miller	af9de38	2002-10-03 11:54:35 +1000	[diff] [blame]	1078	if ((euid != 0) && (getuid() != euid)) {
Damien Miller	538f181	2002-09-12 09:51:10 +1000	[diff] [blame]	1079	error("uid mismatch: "
Damien Miller	db30b12	2002-09-19 11:46:58 +1000	[diff] [blame]	1080	"peer euid %u != uid %u",
				1081	(u_int) euid, (u_int) getuid());
Damien Miller	538f181	2002-09-12 09:51:10 +1000	[diff] [blame]	1082	close(sock);
				1083	break;
				1084	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1085	new_socket(AUTH_CONNECTION, sock);
				1086	}
				1087	break;
				1088	case AUTH_CONNECTION:
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	1089	if (sshbuf_len(sockets[i].output) > 0 &&
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1090	FD_ISSET(sockets[i].fd, writeset)) {
Darren Tucker	72473c6	2009-10-07 09:01:03 +1100	[diff] [blame]	1091	len = write(sockets[i].fd,
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	1092	sshbuf_ptr(sockets[i].output),
				1093	sshbuf_len(sockets[i].output));
Darren Tucker	72473c6	2009-10-07 09:01:03 +1100	[diff] [blame]	1094	if (len == -1 && (errno == EAGAIN \|\|
				1095	errno == EWOULDBLOCK \|\|
				1096	errno == EINTR))
				1097	continue;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1098	if (len <= 0) {
Damien Miller	58f3486	2002-09-04 16:31:21 +1000	[diff] [blame]	1099	close_socket(&sockets[i]);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1100	break;
				1101	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	1102	if ((r = sshbuf_consume(sockets[i].output,
				1103	len)) != 0)
				1104	fatal("%s: buffer error: %s",
				1105	__func__, ssh_err(r));
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1106	}
				1107	if (FD_ISSET(sockets[i].fd, readset)) {
Darren Tucker	72473c6	2009-10-07 09:01:03 +1100	[diff] [blame]	1108	len = read(sockets[i].fd, buf, sizeof(buf));
				1109	if (len == -1 && (errno == EAGAIN \|\|
				1110	errno == EWOULDBLOCK \|\|
				1111	errno == EINTR))
				1112	continue;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1113	if (len <= 0) {
Damien Miller	58f3486	2002-09-04 16:31:21 +1000	[diff] [blame]	1114	close_socket(&sockets[i]);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1115	break;
				1116	}
markus@openbsd.org	139ca81	2015-01-14 13:09:09 +0000	[diff] [blame]	1117	if ((r = sshbuf_put(sockets[i].input,
				1118	buf, len)) != 0)
				1119	fatal("%s: buffer error: %s",
				1120	__func__, ssh_err(r));
Damien Miller	f497794	2014-07-30 12:32:46 +1000	[diff] [blame]	1121	explicit_bzero(buf, sizeof(buf));
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1122	process_message(&sockets[i]);
				1123	}
				1124	break;
				1125	default:
				1126	fatal("Unknown type %d", sockets[i].type);
				1127	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1128	}
				1129
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	1130	static void
Darren Tucker	6fa8abd	2003-09-22 21:10:21 +1000	[diff] [blame]	1131	cleanup_socket(void)
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1132	{
Damien Miller	b1e967c	2014-07-03 21:22:40 +1000	[diff] [blame]	1133	if (cleanup_pid != 0 && getpid() != cleanup_pid)
				1134	return;
				1135	debug("%s: cleanup", __func__);
Ben Lindstrom	77808ab	2001-01-26 05:10:34 +0000	[diff] [blame]	1136	if (socket_name[0])
				1137	unlink(socket_name);
				1138	if (socket_dir[0])
				1139	rmdir(socket_dir);
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1140	}
				1141
Darren Tucker	3e33cec	2003-10-02 16:12:36 +1000	[diff] [blame]	1142	void
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1143	cleanup_exit(int i)
				1144	{
Darren Tucker	6fa8abd	2003-09-22 21:10:21 +1000	[diff] [blame]	1145	cleanup_socket();
				1146	_exit(i);
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1147	}
				1148
Damien Miller	1c13bd8	2006-03-26 14:28:14 +1100	[diff] [blame]	1149	/ARGSUSED/
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	1150	static void
Ben Lindstrom	77808ab	2001-01-26 05:10:34 +0000	[diff] [blame]	1151	cleanup_handler(int sig)
				1152	{
Darren Tucker	6fa8abd	2003-09-22 21:10:21 +1000	[diff] [blame]	1153	cleanup_socket();
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	1154	#ifdef ENABLE_PKCS11
				1155	pkcs11_terminate();
				1156	#endif
Ben Lindstrom	77808ab	2001-01-26 05:10:34 +0000	[diff] [blame]	1157	_exit(2);
				1158	}
				1159
Ben Lindstrom	bba8121	2001-06-25 05:01:22 +0000	[diff] [blame]	1160	static void
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	1161	check_parent_exists(void)
Ben Lindstrom	0250da0	2001-07-22 20:44:00 +0000	[diff] [blame]	1162	{
Darren Tucker	3e78a51	2011-06-03 14:14:16 +1000	[diff] [blame]	1163	/*
				1164	* If our parent has exited then getppid() will return (pid_t)1,
				1165	* so testing for that should be safe.
				1166	*/
				1167	if (parent_pid != -1 && getppid() != parent_pid) {
Ben Lindstrom	0250da0	2001-07-22 20:44:00 +0000	[diff] [blame]	1168	/* printf("Parent has died - Authentication agent exiting.\n"); */
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	1169	cleanup_socket();
				1170	_exit(2);
Ben Lindstrom	0250da0	2001-07-22 20:44:00 +0000	[diff] [blame]	1171	}
Ben Lindstrom	0250da0	2001-07-22 20:44:00 +0000	[diff] [blame]	1172	}
				1173
				1174	static void
Ben Lindstrom	28072eb	2001-02-10 23:13:41 +0000	[diff] [blame]	1175	usage(void)
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1176	{
Damien Miller	f0858de	2014-04-20 13:01:30 +1000	[diff] [blame]	1177	fprintf(stderr,
jmc@openbsd.org	b7ca276	2015-04-24 06:26:49 +0000	[diff] [blame]	1178	"usage: ssh-agent [-c \| -s] [-Dd] [-a bind_address] [-E fingerprint_hash]\n"
jmc@openbsd.org	a5375cc	2014-12-21 23:35:14 +0000	[diff] [blame]	1179	" [-t life] [command [arg ...]]\n"
Damien Miller	f0858de	2014-04-20 13:01:30 +1000	[diff] [blame]	1180	" ssh-agent [-c \| -s] -k\n");
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1181	exit(1);
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1182	}
				1183
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1184	int
				1185	main(int ac, char **av)
				1186	{
djm@openbsd.org	2ea9746	2015-04-24 05:26:44 +0000	[diff] [blame]	1187	int c_flag = 0, d_flag = 0, D_flag = 0, k_flag = 0, s_flag = 0;
Darren Tucker	cf0d2db	2007-02-28 21:19:58 +1100	[diff] [blame]	1188	int sock, fd, ch, result, saved_errno;
Darren Tucker	c7a6fc4	2004-08-13 21:18:00 +1000	[diff] [blame]	1189	u_int nalloc;
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	1190	char shell, format, pidstr, agentsocket = NULL;
				1191	fd_set readsetp = NULL, writesetp = NULL;
Ben Lindstrom	2c467a2	2000-12-27 04:57:41 +0000	[diff] [blame]	1192	#ifdef HAVE_SETRLIMIT
Ben Lindstrom	c72745a	2000-12-02 19:03:54 +0000	[diff] [blame]	1193	struct rlimit rlim;
Ben Lindstrom	2c467a2	2000-12-27 04:57:41 +0000	[diff] [blame]	1194	#endif
Damien Miller	615f939	2000-05-17 22:53:33 +1000	[diff] [blame]	1195	extern int optind;
Ben Lindstrom	883844d	2002-06-23 00:20:50 +0000	[diff] [blame]	1196	extern char *optarg;
Ben Lindstrom	822b634	2002-06-23 21:38:49 +0000	[diff] [blame]	1197	pid_t pid;
				1198	char pidstrbuf[1 + 3 * sizeof pid];
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	1199	struct timeval *tvp = NULL;
Darren Tucker	9013323	2009-06-21 17:50:15 +1000	[diff] [blame]	1200	size_t len;
Damien Miller	ab2ec58	2014-07-18 15:04:47 +1000	[diff] [blame]	1201	mode_t prev_mask;
Kevin Steves	de41bc6	2000-12-14 00:04:08 +0000	[diff] [blame]	1202
dtucker@openbsd.org	ffb1e7e	2016-02-15 09:47:49 +0000	[diff] [blame]	1203	ssh_malloc_init(); /* must be called before any mallocs */
Darren Tucker	ce321d8	2005-10-03 18:11:24 +1000	[diff] [blame]	1204	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
				1205	sanitise_stdfd();
				1206
Damien Miller	6cffb9a	2002-09-04 16:20:26 +1000	[diff] [blame]	1207	/* drop */
				1208	setegid(getgid());
				1209	setgid(getgid());
				1210
Damien Miller	6c4914a	2004-03-03 11:08:59 +1100	[diff] [blame]	1211	#if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
				1212	/* Disable ptrace on Linux without sgid bit */
				1213	prctl(PR_SET_DUMPABLE, 0);
				1214	#endif
				1215
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	1216	#ifdef WITH_OPENSSL
Damien Miller	4314c2b	2010-09-10 11:12:09 +1000	[diff] [blame]	1217	OpenSSL_add_all_algorithms();
Damien Miller	1f0311c	2014-05-15 14:24:09 +1000	[diff] [blame]	1218	#endif
Ben Lindstrom	d09fcf5	2001-03-29 00:29:54 +0000	[diff] [blame]	1219
Damien Miller	59d3d5b	2003-08-22 09:34:41 +1000	[diff] [blame]	1220	__progname = ssh_get_progname(av[0]);
Damien Miller	60bc517	2001-03-19 09:38:15 +1100	[diff] [blame]	1221	seed_rng();
Kevin Steves	ef4eea9	2001-02-05 12:42:17 +0000	[diff] [blame]	1222
djm@openbsd.org	2ea9746	2015-04-24 05:26:44 +0000	[diff] [blame]	1223	while ((ch = getopt(ac, av, "cDdksE:a:t:")) != -1) {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1224	switch (ch) {
djm@openbsd.org	56d1c83	2014-12-21 22:27:55 +0000	[diff] [blame]	1225	case 'E':
				1226	fingerprint_hash = ssh_digest_alg_by_name(optarg);
				1227	if (fingerprint_hash == -1)
				1228	fatal("Invalid hash algorithm \"%s\"", optarg);
				1229	break;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1230	case 'c':
				1231	if (s_flag)
				1232	usage();
				1233	c_flag++;
				1234	break;
				1235	case 'k':
				1236	k_flag++;
				1237	break;
				1238	case 's':
				1239	if (c_flag)
				1240	usage();
				1241	s_flag++;
				1242	break;
Ben Lindstrom	d94580c	2001-07-04 03:48:02 +0000	[diff] [blame]	1243	case 'd':
djm@openbsd.org	2ea9746	2015-04-24 05:26:44 +0000	[diff] [blame]	1244	if (d_flag \|\| D_flag)
Ben Lindstrom	d94580c	2001-07-04 03:48:02 +0000	[diff] [blame]	1245	usage();
				1246	d_flag++;
				1247	break;
djm@openbsd.org	2ea9746	2015-04-24 05:26:44 +0000	[diff] [blame]	1248	case 'D':
				1249	if (d_flag \|\| D_flag)
				1250	usage();
				1251	D_flag++;
				1252	break;
Ben Lindstrom	b7788f3	2002-06-06 21:46:08 +0000	[diff] [blame]	1253	case 'a':
				1254	agentsocket = optarg;
				1255	break;
Damien Miller	53d8148	2003-01-22 11:47:19 +1100	[diff] [blame]	1256	case 't':
				1257	if ((lifetime = convtime(optarg)) == -1) {
				1258	fprintf(stderr, "Invalid lifetime\n");
				1259	usage();
				1260	}
				1261	break;
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1262	default:
				1263	usage();
				1264	}
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1265	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1266	ac -= optind;
				1267	av += optind;
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1268
djm@openbsd.org	2ea9746	2015-04-24 05:26:44 +0000	[diff] [blame]	1269	if (ac > 0 && (c_flag \|\| k_flag \|\| s_flag \|\| d_flag \|\| D_flag))
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1270	usage();
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1271
Ben Lindstrom	eecdf23	2002-04-02 21:03:51 +0000	[diff] [blame]	1272	if (ac == 0 && !c_flag && !s_flag) {
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1273	shell = getenv("SHELL");
Darren Tucker	9013323	2009-06-21 17:50:15 +1000	[diff] [blame]	1274	if (shell != NULL && (len = strlen(shell)) > 2 &&
				1275	strncmp(shell + len - 3, "csh", 3) == 0)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1276	c_flag = 1;
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1277	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1278	if (k_flag) {
Damien Miller	89c3fe4	2006-03-31 23:11:28 +1100	[diff] [blame]	1279	const char *errstr = NULL;
				1280
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1281	pidstr = getenv(SSH_AGENTPID_ENV_NAME);
				1282	if (pidstr == NULL) {
				1283	fprintf(stderr, "%s not set, cannot kill agent\n",
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1284	SSH_AGENTPID_ENV_NAME);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1285	exit(1);
				1286	}
Damien Miller	89c3fe4	2006-03-31 23:11:28 +1100	[diff] [blame]	1287	pid = (int)strtonum(pidstr, 2, INT_MAX, &errstr);
				1288	if (errstr) {
				1289	fprintf(stderr,
				1290	"%s=\"%s\", which is not a good PID: %s\n",
				1291	SSH_AGENTPID_ENV_NAME, pidstr, errstr);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1292	exit(1);
				1293	}
				1294	if (kill(pid, SIGTERM) == -1) {
				1295	perror("kill");
				1296	exit(1);
				1297	}
				1298	format = c_flag ? "unsetenv %s;\n" : "unset %s;\n";
				1299	printf(format, SSH_AUTHSOCKET_ENV_NAME);
				1300	printf(format, SSH_AGENTPID_ENV_NAME);
Ben Lindstrom	ce0f634	2002-06-11 16:42:49 +0000	[diff] [blame]	1301	printf("echo Agent pid %ld killed;\n", (long)pid);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1302	exit(0);
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1303	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1304	parent_pid = getpid();
				1305
Ben Lindstrom	b7788f3	2002-06-06 21:46:08 +0000	[diff] [blame]	1306	if (agentsocket == NULL) {
				1307	/* Create private directory for agent socket */
Damien Miller	2cd6293	2010-12-01 11:50:35 +1100	[diff] [blame]	1308	mktemp_proto(socket_dir, sizeof(socket_dir));
Ben Lindstrom	b7788f3	2002-06-06 21:46:08 +0000	[diff] [blame]	1309	if (mkdtemp(socket_dir) == NULL) {
				1310	perror("mkdtemp: private socket dir");
				1311	exit(1);
				1312	}
Ben Lindstrom	ce0f634	2002-06-11 16:42:49 +0000	[diff] [blame]	1313	snprintf(socket_name, sizeof socket_name, "%s/agent.%ld", socket_dir,
				1314	(long)parent_pid);
Ben Lindstrom	b7788f3	2002-06-06 21:46:08 +0000	[diff] [blame]	1315	} else {
				1316	/* Try to use specified agent socket */
				1317	socket_dir[0] = '\0';
				1318	strlcpy(socket_name, agentsocket, sizeof socket_name);
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1319	}
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1320
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	1321	/*
				1322	* Create socket early so it will exist before command gets run from
				1323	* the parent.
				1324	*/
Damien Miller	ab2ec58	2014-07-18 15:04:47 +1000	[diff] [blame]	1325	prev_mask = umask(0177);
Damien Miller	7acefbb	2014-07-18 14:11:24 +1000	[diff] [blame]	1326	sock = unix_listener(socket_name, SSH_LISTEN_BACKLOG, 0);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1327	if (sock < 0) {
Damien Miller	7acefbb	2014-07-18 14:11:24 +1000	[diff] [blame]	1328	/* XXX - unix_listener() calls error() not perror() */
Darren Tucker	1dee868	2004-11-05 20:26:49 +1100	[diff] [blame]	1329	socket_name = '\0'; / Don't unlink any existing file */
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1330	cleanup_exit(1);
Damien Miller	792c511	1999-10-29 09:47:09 +1000	[diff] [blame]	1331	}
Damien Miller	ab2ec58	2014-07-18 15:04:47 +1000	[diff] [blame]	1332	umask(prev_mask);
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1333
Damien Miller	5428f64	1999-11-25 11:54:57 +1100	[diff] [blame]	1334	/*
				1335	* Fork, and have the parent execute the command, if any, or present
				1336	* the socket data. The child continues as the authentication agent.
				1337	*/
djm@openbsd.org	2ea9746	2015-04-24 05:26:44 +0000	[diff] [blame]	1338	if (D_flag \|\| d_flag) {
				1339	log_init(__progname,
				1340	d_flag ? SYSLOG_LEVEL_DEBUG3 : SYSLOG_LEVEL_INFO,
				1341	SYSLOG_FACILITY_AUTH, 1);
Ben Lindstrom	d94580c	2001-07-04 03:48:02 +0000	[diff] [blame]	1342	format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n";
				1343	printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name,
				1344	SSH_AUTHSOCKET_ENV_NAME);
Ben Lindstrom	ce0f634	2002-06-11 16:42:49 +0000	[diff] [blame]	1345	printf("echo Agent pid %ld;\n", (long)parent_pid);
dtucker@openbsd.org	79394ed	2015-12-11 02:29:03 +0000	[diff] [blame]	1346	fflush(stdout);
Ben Lindstrom	d94580c	2001-07-04 03:48:02 +0000	[diff] [blame]	1347	goto skip;
				1348	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1349	pid = fork();
				1350	if (pid == -1) {
				1351	perror("fork");
Damien Miller	c653b89	2002-02-08 22:05:41 +1100	[diff] [blame]	1352	cleanup_exit(1);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1353	}
				1354	if (pid != 0) { /* Parent - execute the given command. */
				1355	close(sock);
Ben Lindstrom	ce0f634	2002-06-11 16:42:49 +0000	[diff] [blame]	1356	snprintf(pidstrbuf, sizeof pidstrbuf, "%ld", (long)pid);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1357	if (ac == 0) {
				1358	format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n";
				1359	printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name,
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1360	SSH_AUTHSOCKET_ENV_NAME);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1361	printf(format, SSH_AGENTPID_ENV_NAME, pidstrbuf,
Ben Lindstrom	226cfa0	2001-01-22 05:34:40 +0000	[diff] [blame]	1362	SSH_AGENTPID_ENV_NAME);
Ben Lindstrom	ce0f634	2002-06-11 16:42:49 +0000	[diff] [blame]	1363	printf("echo Agent pid %ld;\n", (long)pid);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1364	exit(0);
				1365	}
Damien Miller	e4340be	2000-09-16 13:29:08 +1100	[diff] [blame]	1366	if (setenv(SSH_AUTHSOCKET_ENV_NAME, socket_name, 1) == -1 \|\|
				1367	setenv(SSH_AGENTPID_ENV_NAME, pidstrbuf, 1) == -1) {
				1368	perror("setenv");
				1369	exit(1);
				1370	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1371	execvp(av[0], av);
				1372	perror(av[0]);
				1373	exit(1);
				1374	}
Damien Miller	c653b89	2002-02-08 22:05:41 +1100	[diff] [blame]	1375	/* child */
				1376	log_init(__progname, SYSLOG_LEVEL_INFO, SYSLOG_FACILITY_AUTH, 0);
Ben Lindstrom	3fdf876	2001-07-22 20:40:24 +0000	[diff] [blame]	1377
				1378	if (setsid() == -1) {
Damien Miller	c653b89	2002-02-08 22:05:41 +1100	[diff] [blame]	1379	error("setsid: %s", strerror(errno));
Ben Lindstrom	3fdf876	2001-07-22 20:40:24 +0000	[diff] [blame]	1380	cleanup_exit(1);
				1381	}
				1382
				1383	(void)chdir("/");
Damien Miller	6c71179	2003-01-24 11:36:23 +1100	[diff] [blame]	1384	if ((fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) {
				1385	/* XXX might close listen socket */
				1386	(void)dup2(fd, STDIN_FILENO);
				1387	(void)dup2(fd, STDOUT_FILENO);
				1388	(void)dup2(fd, STDERR_FILENO);
				1389	if (fd > 2)
				1390	close(fd);
				1391	}
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1392
Ben Lindstrom	2c467a2	2000-12-27 04:57:41 +0000	[diff] [blame]	1393	#ifdef HAVE_SETRLIMIT
Ben Lindstrom	c72745a	2000-12-02 19:03:54 +0000	[diff] [blame]	1394	/* deny core dumps, since memory contains unencrypted private keys */
				1395	rlim.rlim_cur = rlim.rlim_max = 0;
				1396	if (setrlimit(RLIMIT_CORE, &rlim) < 0) {
Damien Miller	c653b89	2002-02-08 22:05:41 +1100	[diff] [blame]	1397	error("setrlimit RLIMIT_CORE: %s", strerror(errno));
Ben Lindstrom	c72745a	2000-12-02 19:03:54 +0000	[diff] [blame]	1398	cleanup_exit(1);
				1399	}
Ben Lindstrom	2c467a2	2000-12-27 04:57:41 +0000	[diff] [blame]	1400	#endif
Ben Lindstrom	d94580c	2001-07-04 03:48:02 +0000	[diff] [blame]	1401
				1402	skip:
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	1403
Damien Miller	b1e967c	2014-07-03 21:22:40 +1000	[diff] [blame]	1404	cleanup_pid = getpid();
				1405
Damien Miller	7ea845e	2010-02-12 09:21:02 +1100	[diff] [blame]	1406	#ifdef ENABLE_PKCS11
				1407	pkcs11_init(0);
				1408	#endif
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1409	new_socket(AUTH_SOCKET, sock);
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	1410	if (ac > 0)
				1411	parent_alive_interval = 10;
Damien Miller	ad833b3	2000-08-23 10:46:23 +1000	[diff] [blame]	1412	idtab_init();
Damien Miller	48bfa9c	2001-07-14 12:12:55 +1000	[diff] [blame]	1413	signal(SIGPIPE, SIG_IGN);
djm@openbsd.org	2ea9746	2015-04-24 05:26:44 +0000	[diff] [blame]	1414	signal(SIGINT, (d_flag \| D_flag) ? cleanup_handler : SIG_IGN);
Ben Lindstrom	77808ab	2001-01-26 05:10:34 +0000	[diff] [blame]	1415	signal(SIGHUP, cleanup_handler);
				1416	signal(SIGTERM, cleanup_handler);
Ben Lindstrom	a3d5a4c	2001-07-18 15:58:08 +0000	[diff] [blame]	1417	nalloc = 0;
				1418
doug@openbsd.org	43849a4	2015-12-11 17:41:37 +0000	[diff] [blame]	1419	if (pledge("stdio cpath unix id proc exec", NULL) == -1)
djm@openbsd.org	d952162	2015-12-01 23:29:24 +0000	[diff] [blame]	1420	fatal("%s: pledge: %s", __progname, strerror(errno));
Damien Miller	4626cba	2016-01-08 14:24:56 +1100	[diff] [blame]	1421	platform_pledge_agent();
djm@openbsd.org	d952162	2015-12-01 23:29:24 +0000	[diff] [blame]	1422
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1423	while (1) {
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	1424	prepare_select(&readsetp, &writesetp, &max_fd, &nalloc, &tvp);
				1425	result = select(max_fd + 1, readsetp, writesetp, NULL, tvp);
Darren Tucker	cf0d2db	2007-02-28 21:19:58 +1100	[diff] [blame]	1426	saved_errno = errno;
Darren Tucker	2812dc9	2007-03-21 20:45:06 +1100	[diff] [blame]	1427	if (parent_alive_interval != 0)
				1428	check_parent_exists();
				1429	(void) reaper(); /* remove expired keys */
Darren Tucker	cf0d2db	2007-02-28 21:19:58 +1100	[diff] [blame]	1430	if (result < 0) {
				1431	if (saved_errno == EINTR)
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1432	continue;
Darren Tucker	cf0d2db	2007-02-28 21:19:58 +1100	[diff] [blame]	1433	fatal("select: %s", strerror(saved_errno));
				1434	} else if (result > 0)
				1435	after_select(readsetp, writesetp);
Damien Miller	95def09	1999-11-25 00:26:21 +1100	[diff] [blame]	1436	}
				1437	/* NOTREACHED */
Damien Miller	d4a8b7e	1999-10-27 13:42:43 +1000	[diff] [blame]	1438	}