version 1.108.2.2, 2004/03/04 18:18:16 |
version 1.109, 2003/04/08 20:21:29 |
|
|
p = read_passphrase(prompt, RP_ALLOW_EOF); |
p = read_passphrase(prompt, RP_ALLOW_EOF); |
if (p != NULL) { |
if (p != NULL) { |
/* |
/* |
* Accept empty responses and responses consisting |
* Accept empty responses and responses consisting |
* of the word "yes" as affirmative. |
* of the word "yes" as affirmative. |
*/ |
*/ |
if (*p == '\0' || *p == '\n' || strcasecmp(p, "yes") == 0) |
if (*p == '\0' || *p == '\n' || strcasecmp(p, "yes") == 0) |
|
|
process_add_smartcard_key (SocketEntry *e) |
process_add_smartcard_key (SocketEntry *e) |
{ |
{ |
char *sc_reader_id = NULL, *pin; |
char *sc_reader_id = NULL, *pin; |
int i, version, success = 0, death = 0, confirm = 0; |
int i, version, success = 0; |
Key **keys, *k; |
Key **keys, *k; |
Identity *id; |
Identity *id; |
Idtab *tab; |
Idtab *tab; |
|
|
sc_reader_id = buffer_get_string(&e->request, NULL); |
sc_reader_id = buffer_get_string(&e->request, NULL); |
pin = buffer_get_string(&e->request, NULL); |
pin = buffer_get_string(&e->request, NULL); |
|
|
while (buffer_len(&e->request)) { |
|
switch (buffer_get_char(&e->request)) { |
|
case SSH_AGENT_CONSTRAIN_LIFETIME: |
|
death = time(NULL) + buffer_get_int(&e->request); |
|
break; |
|
case SSH_AGENT_CONSTRAIN_CONFIRM: |
|
confirm = 1; |
|
break; |
|
default: |
|
break; |
|
} |
|
} |
|
if (lifetime && !death) |
|
death = time(NULL) + lifetime; |
|
|
|
keys = sc_get_keys(sc_reader_id, pin); |
keys = sc_get_keys(sc_reader_id, pin); |
xfree(sc_reader_id); |
xfree(sc_reader_id); |
xfree(pin); |
xfree(pin); |
|
|
if (lookup_identity(k, version) == NULL) { |
if (lookup_identity(k, version) == NULL) { |
id = xmalloc(sizeof(Identity)); |
id = xmalloc(sizeof(Identity)); |
id->key = k; |
id->key = k; |
id->comment = sc_get_key_label(k); |
id->comment = xstrdup("smartcard key"); |
id->death = death; |
id->death = 0; |
id->confirm = confirm; |
id->confirm = 0; |
TAILQ_INSERT_TAIL(&tab->idlist, id, next); |
TAILQ_INSERT_TAIL(&tab->idlist, id, next); |
tab->nentries++; |
tab->nentries++; |
success = 1; |
success = 1; |
|
|
break; |
break; |
#ifdef SMARTCARD |
#ifdef SMARTCARD |
case SSH_AGENTC_ADD_SMARTCARD_KEY: |
case SSH_AGENTC_ADD_SMARTCARD_KEY: |
case SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED: |
|
process_add_smartcard_key(e); |
process_add_smartcard_key(e); |
break; |
break; |
case SSH_AGENTC_REMOVE_SMARTCARD_KEY: |
case SSH_AGENTC_REMOVE_SMARTCARD_KEY: |
|
|
static void |
static void |
new_socket(sock_type type, int fd) |
new_socket(sock_type type, int fd) |
{ |
{ |
u_int i, old_alloc, new_alloc; |
u_int i, old_alloc; |
|
|
if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) |
if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0) |
error("fcntl O_NONBLOCK: %s", strerror(errno)); |
error("fcntl O_NONBLOCK: %s", strerror(errno)); |
|
|
for (i = 0; i < sockets_alloc; i++) |
for (i = 0; i < sockets_alloc; i++) |
if (sockets[i].type == AUTH_UNUSED) { |
if (sockets[i].type == AUTH_UNUSED) { |
sockets[i].fd = fd; |
sockets[i].fd = fd; |
|
sockets[i].type = type; |
buffer_init(&sockets[i].input); |
buffer_init(&sockets[i].input); |
buffer_init(&sockets[i].output); |
buffer_init(&sockets[i].output); |
buffer_init(&sockets[i].request); |
buffer_init(&sockets[i].request); |
sockets[i].type = type; |
|
return; |
return; |
} |
} |
old_alloc = sockets_alloc; |
old_alloc = sockets_alloc; |
new_alloc = sockets_alloc + 10; |
sockets_alloc += 10; |
if (sockets) |
if (sockets) |
sockets = xrealloc(sockets, new_alloc * sizeof(sockets[0])); |
sockets = xrealloc(sockets, sockets_alloc * sizeof(sockets[0])); |
else |
else |
sockets = xmalloc(new_alloc * sizeof(sockets[0])); |
sockets = xmalloc(sockets_alloc * sizeof(sockets[0])); |
for (i = old_alloc; i < new_alloc; i++) |
for (i = old_alloc; i < sockets_alloc; i++) |
sockets[i].type = AUTH_UNUSED; |
sockets[i].type = AUTH_UNUSED; |
sockets_alloc = new_alloc; |
sockets[old_alloc].type = type; |
sockets[old_alloc].fd = fd; |
sockets[old_alloc].fd = fd; |
buffer_init(&sockets[old_alloc].input); |
buffer_init(&sockets[old_alloc].input); |
buffer_init(&sockets[old_alloc].output); |
buffer_init(&sockets[old_alloc].output); |
buffer_init(&sockets[old_alloc].request); |
buffer_init(&sockets[old_alloc].request); |
sockets[old_alloc].type = type; |
|
} |
} |
|
|
static int |
static int |
|
|
} |
} |
|
|
static void |
static void |
cleanup_socket(void) |
cleanup_socket(void *p) |
{ |
{ |
if (socket_name[0]) |
if (socket_name[0]) |
unlink(socket_name); |
unlink(socket_name); |
|
|
rmdir(socket_dir); |
rmdir(socket_dir); |
} |
} |
|
|
void |
static void |
cleanup_exit(int i) |
cleanup_exit(int i) |
{ |
{ |
cleanup_socket(); |
cleanup_socket(NULL); |
_exit(i); |
exit(i); |
} |
} |
|
|
static void |
static void |
cleanup_handler(int sig) |
cleanup_handler(int sig) |
{ |
{ |
cleanup_socket(); |
cleanup_socket(NULL); |
_exit(2); |
_exit(2); |
} |
} |
|
|
|
|
|
|
if (agentsocket == NULL) { |
if (agentsocket == NULL) { |
/* Create private directory for agent socket */ |
/* Create private directory for agent socket */ |
strlcpy(socket_dir, "/tmp/ssh-XXXXXXXXXX", sizeof socket_dir); |
strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir); |
if (mkdtemp(socket_dir) == NULL) { |
if (mkdtemp(socket_dir) == NULL) { |
perror("mkdtemp: private socket dir"); |
perror("mkdtemp: private socket dir"); |
exit(1); |
exit(1); |
|
|
perror("bind"); |
perror("bind"); |
cleanup_exit(1); |
cleanup_exit(1); |
} |
} |
if (listen(sock, SSH_LISTEN_BACKLOG) < 0) { |
if (listen(sock, 128) < 0) { |
perror("listen"); |
perror("listen"); |
cleanup_exit(1); |
cleanup_exit(1); |
} |
} |
|
|
} |
} |
|
|
skip: |
skip: |
|
fatal_add_cleanup(cleanup_socket, NULL); |
new_socket(AUTH_SOCKET, sock); |
new_socket(AUTH_SOCKET, sock); |
if (ac > 0) { |
if (ac > 0) { |
signal(SIGALRM, check_parent_exists); |
signal(SIGALRM, check_parent_exists); |