Annotation of src/usr.bin/ssh/ssh-agent.c, Revision 1.18
1.18 ! markus 1: /* $OpenBSD: ssh-agent.c,v 1.17 1999/11/02 19:42:36 markus Exp $ */
1.15 markus 2:
1.1 deraadt 3: /*
4:
5: ssh-agent.c
6:
7: Author: Tatu Ylonen <ylo@cs.hut.fi>
8:
9: Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
10: All rights reserved
11:
12: Created: Wed Mar 29 03:46:59 1995 ylo
13:
14: The authentication agent program.
15:
16: */
17:
18: #include "includes.h"
1.18 ! markus 19: RCSID("$OpenBSD: ssh-agent.c,v 1.17 1999/11/02 19:42:36 markus Exp $");
1.1 deraadt 20:
21: #include "ssh.h"
22: #include "rsa.h"
23: #include "authfd.h"
24: #include "buffer.h"
25: #include "bufaux.h"
26: #include "xmalloc.h"
27: #include "packet.h"
28: #include "getput.h"
29: #include "mpaux.h"
30:
1.13 deraadt 31: #include <ssl/md5.h>
1.7 deraadt 32:
1.1 deraadt 33: typedef struct
34: {
35: int fd;
1.12 markus 36: enum { AUTH_UNUSED, AUTH_SOCKET, AUTH_CONNECTION } type;
1.1 deraadt 37: Buffer input;
38: Buffer output;
39: } SocketEntry;
40:
41: unsigned int sockets_alloc = 0;
42: SocketEntry *sockets = NULL;
43:
44: typedef struct
45: {
1.2 provos 46: RSA *key;
1.1 deraadt 47: char *comment;
48: } Identity;
49:
50: unsigned int num_identities = 0;
51: Identity *identities = NULL;
52:
53: int max_fd = 0;
54:
1.11 markus 55: /* pid of shell == parent of agent */
1.10 markus 56: int parent_pid = -1;
57:
58: /* pathname and directory for AUTH_SOCKET */
59: char socket_name[1024];
60: char socket_dir[1024];
61:
1.2 provos 62: void
63: process_request_identity(SocketEntry *e)
1.1 deraadt 64: {
65: Buffer msg;
66: int i;
67:
68: buffer_init(&msg);
69: buffer_put_char(&msg, SSH_AGENT_RSA_IDENTITIES_ANSWER);
70: buffer_put_int(&msg, num_identities);
71: for (i = 0; i < num_identities; i++)
72: {
1.2 provos 73: buffer_put_int(&msg, BN_num_bits(identities[i].key->n));
74: buffer_put_bignum(&msg, identities[i].key->e);
75: buffer_put_bignum(&msg, identities[i].key->n);
1.1 deraadt 76: buffer_put_string(&msg, identities[i].comment,
77: strlen(identities[i].comment));
78: }
79: buffer_put_int(&e->output, buffer_len(&msg));
80: buffer_append(&e->output, buffer_ptr(&msg), buffer_len(&msg));
81: buffer_free(&msg);
82: }
83:
1.2 provos 84: void
85: process_authentication_challenge(SocketEntry *e)
1.1 deraadt 86: {
1.2 provos 87: int i, pub_bits, len;
88: BIGNUM *pub_e, *pub_n, *challenge;
1.1 deraadt 89: Buffer msg;
1.7 deraadt 90: MD5_CTX md;
1.1 deraadt 91: unsigned char buf[32], mdbuf[16], session_id[16];
92: unsigned int response_type;
93:
94: buffer_init(&msg);
1.2 provos 95: pub_e = BN_new();
96: pub_n = BN_new();
97: challenge = BN_new();
1.1 deraadt 98: pub_bits = buffer_get_int(&e->input);
1.2 provos 99: buffer_get_bignum(&e->input, pub_e);
100: buffer_get_bignum(&e->input, pub_n);
101: buffer_get_bignum(&e->input, challenge);
1.1 deraadt 102: if (buffer_len(&e->input) == 0)
103: {
104: /* Compatibility code for old servers. */
105: memset(session_id, 0, 16);
106: response_type = 0;
107: }
108: else
109: {
110: /* New code. */
111: buffer_get(&e->input, (char *)session_id, 16);
112: response_type = buffer_get_int(&e->input);
113: }
114: for (i = 0; i < num_identities; i++)
1.2 provos 115: if (pub_bits == BN_num_bits(identities[i].key->n) &&
116: BN_cmp(pub_e, identities[i].key->e) == 0 &&
117: BN_cmp(pub_n, identities[i].key->n) == 0)
1.1 deraadt 118: {
119: /* Decrypt the challenge using the private key. */
1.2 provos 120: rsa_private_decrypt(challenge, challenge, identities[i].key);
1.1 deraadt 121:
122: /* Compute the desired response. */
123: switch (response_type)
124: {
125: case 0: /* As of protocol 1.0 */
126: /* This response type is no longer supported. */
127: log("Compatibility with ssh protocol 1.0 no longer supported.");
128: buffer_put_char(&msg, SSH_AGENT_FAILURE);
129: goto send;
130:
131: case 1: /* As of protocol 1.1 */
132: /* The response is MD5 of decrypted challenge plus session id. */
1.2 provos 133: len = BN_num_bytes(challenge);
1.17 markus 134:
135: if (len <= 0 || len > 32) {
136: fatal("process_authentication_challenge: "
137: "bad challenge length %d", len);
138: }
139:
1.2 provos 140: memset(buf, 0, 32);
141: BN_bn2bin(challenge, buf + 32 - len);
1.13 deraadt 142: MD5_Init(&md);
143: MD5_Update(&md, buf, 32);
144: MD5_Update(&md, session_id, 16);
145: MD5_Final(mdbuf, &md);
1.1 deraadt 146: break;
147:
148: default:
149: fatal("process_authentication_challenge: bad response_type %d",
150: response_type);
151: break;
152: }
153:
154: /* Send the response. */
155: buffer_put_char(&msg, SSH_AGENT_RSA_RESPONSE);
156: for (i = 0; i < 16; i++)
157: buffer_put_char(&msg, mdbuf[i]);
158:
159: goto send;
160: }
161: /* Unknown identity. Send failure. */
162: buffer_put_char(&msg, SSH_AGENT_FAILURE);
163: send:
164: buffer_put_int(&e->output, buffer_len(&msg));
165: buffer_append(&e->output, buffer_ptr(&msg),
166: buffer_len(&msg));
167: buffer_free(&msg);
1.2 provos 168: BN_clear_free(pub_e);
169: BN_clear_free(pub_n);
170: BN_clear_free(challenge);
1.1 deraadt 171: }
172:
1.2 provos 173: void
174: process_remove_identity(SocketEntry *e)
1.1 deraadt 175: {
176: unsigned int bits;
177: unsigned int i;
1.2 provos 178: BIGNUM *dummy, *n;
1.1 deraadt 179:
1.2 provos 180: dummy = BN_new();
181: n = BN_new();
1.1 deraadt 182:
183: /* Get the key from the packet. */
184: bits = buffer_get_int(&e->input);
1.2 provos 185: buffer_get_bignum(&e->input, dummy);
186: buffer_get_bignum(&e->input, n);
1.18 ! markus 187:
! 188: if (bits != BN_num_bits(n))
! 189: error("Warning: keysize mismatch: actual %d, announced %s",
! 190: BN_num_bits(n), bits);
1.1 deraadt 191:
192: /* Check if we have the key. */
193: for (i = 0; i < num_identities; i++)
1.2 provos 194: if (BN_cmp(identities[i].key->n, n) == 0)
1.1 deraadt 195: {
196: /* We have this key. Free the old key. Since we don\'t want to leave
197: empty slots in the middle of the array, we actually free the
198: key there and copy data from the last entry. */
1.2 provos 199: RSA_free(identities[i].key);
1.1 deraadt 200: xfree(identities[i].comment);
201: if (i < num_identities - 1)
202: identities[i] = identities[num_identities - 1];
203: num_identities--;
1.2 provos 204: BN_clear_free(dummy);
205: BN_clear_free(n);
1.1 deraadt 206:
207: /* Send success. */
208: buffer_put_int(&e->output, 1);
209: buffer_put_char(&e->output, SSH_AGENT_SUCCESS);
210: return;
211: }
212: /* We did not have the key. */
1.2 provos 213: BN_clear(dummy);
214: BN_clear(n);
1.1 deraadt 215:
216: /* Send failure. */
217: buffer_put_int(&e->output, 1);
218: buffer_put_char(&e->output, SSH_AGENT_FAILURE);
219: }
220:
221: /* Removes all identities from the agent. */
222:
1.2 provos 223: void
224: process_remove_all_identities(SocketEntry *e)
1.1 deraadt 225: {
226: unsigned int i;
227:
228: /* Loop over all identities and clear the keys. */
229: for (i = 0; i < num_identities; i++)
230: {
1.2 provos 231: RSA_free(identities[i].key);
1.1 deraadt 232: xfree(identities[i].comment);
233: }
234:
235: /* Mark that there are no identities. */
236: num_identities = 0;
237:
238: /* Send success. */
239: buffer_put_int(&e->output, 1);
240: buffer_put_char(&e->output, SSH_AGENT_SUCCESS);
241: return;
242: }
243:
244: /* Adds an identity to the agent. */
245:
1.2 provos 246: void
247: process_add_identity(SocketEntry *e)
1.1 deraadt 248: {
1.2 provos 249: RSA *k;
1.1 deraadt 250: int i;
1.2 provos 251: BIGNUM *aux;
252: BN_CTX *ctx;
253:
1.1 deraadt 254: if (num_identities == 0)
255: identities = xmalloc(sizeof(Identity));
256: else
257: identities = xrealloc(identities, (num_identities + 1) * sizeof(Identity));
1.2 provos 258:
259: identities[num_identities].key = RSA_new();
260: k = identities[num_identities].key;
261: buffer_get_int(&e->input); /* bits */
262: k->n = BN_new();
263: buffer_get_bignum(&e->input, k->n);
264: k->e = BN_new();
265: buffer_get_bignum(&e->input, k->e);
266: k->d = BN_new();
267: buffer_get_bignum(&e->input, k->d);
268: k->iqmp = BN_new();
269: buffer_get_bignum(&e->input, k->iqmp);
270: /* SSH and SSL have p and q swapped */
271: k->q = BN_new();
272: buffer_get_bignum(&e->input, k->q); /* p */
273: k->p = BN_new();
274: buffer_get_bignum(&e->input, k->p); /* q */
275:
276: /* Generate additional parameters */
277: aux = BN_new();
278: ctx = BN_CTX_new();
279:
280: BN_sub(aux, k->q, BN_value_one());
281: k->dmq1 = BN_new();
282: BN_mod(k->dmq1, k->d, aux, ctx);
283:
284: BN_sub(aux, k->p, BN_value_one());
285: k->dmp1 = BN_new();
286: BN_mod(k->dmp1, k->d, aux, ctx);
287:
288: BN_clear_free(aux);
289: BN_CTX_free(ctx);
290:
1.1 deraadt 291: identities[num_identities].comment = buffer_get_string(&e->input, NULL);
292:
293: /* Check if we already have the key. */
294: for (i = 0; i < num_identities; i++)
1.2 provos 295: if (BN_cmp(identities[i].key->n, k->n) == 0)
1.1 deraadt 296: {
297: /* We already have this key. Clear and free the new data and
298: return success. */
1.2 provos 299: RSA_free(k);
1.1 deraadt 300: xfree(identities[num_identities].comment);
301:
302: /* Send success. */
303: buffer_put_int(&e->output, 1);
304: buffer_put_char(&e->output, SSH_AGENT_SUCCESS);
305: return;
306: }
307:
308: /* Increment the number of identities. */
309: num_identities++;
310:
311: /* Send a success message. */
312: buffer_put_int(&e->output, 1);
313: buffer_put_char(&e->output, SSH_AGENT_SUCCESS);
314: }
315:
1.2 provos 316: void
317: process_message(SocketEntry *e)
1.1 deraadt 318: {
319: unsigned int msg_len;
320: unsigned int type;
321: unsigned char *cp;
322: if (buffer_len(&e->input) < 5)
323: return; /* Incomplete message. */
324: cp = (unsigned char *)buffer_ptr(&e->input);
325: msg_len = GET_32BIT(cp);
326: if (msg_len > 256 * 1024)
327: {
1.8 deraadt 328: shutdown(e->fd, SHUT_RDWR);
1.1 deraadt 329: close(e->fd);
330: e->type = AUTH_UNUSED;
331: return;
332: }
333: if (buffer_len(&e->input) < msg_len + 4)
334: return;
335: buffer_consume(&e->input, 4);
336: type = buffer_get_char(&e->input);
1.12 markus 337:
1.1 deraadt 338: switch (type)
339: {
340: case SSH_AGENTC_REQUEST_RSA_IDENTITIES:
341: process_request_identity(e);
342: break;
343: case SSH_AGENTC_RSA_CHALLENGE:
344: process_authentication_challenge(e);
345: break;
346: case SSH_AGENTC_ADD_RSA_IDENTITY:
347: process_add_identity(e);
348: break;
349: case SSH_AGENTC_REMOVE_RSA_IDENTITY:
350: process_remove_identity(e);
351: break;
352: case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES:
353: process_remove_all_identities(e);
354: break;
355: default:
356: /* Unknown message. Respond with failure. */
357: error("Unknown message %d", type);
358: buffer_clear(&e->input);
359: buffer_put_int(&e->output, 1);
360: buffer_put_char(&e->output, SSH_AGENT_FAILURE);
361: break;
362: }
363: }
364:
1.2 provos 365: void
366: new_socket(int type, int fd)
1.1 deraadt 367: {
368: unsigned int i, old_alloc;
369: if (fcntl(fd, F_SETFL, O_NONBLOCK) < 0)
370: error("fcntl O_NONBLOCK: %s", strerror(errno));
371:
372: if (fd > max_fd)
373: max_fd = fd;
374:
375: for (i = 0; i < sockets_alloc; i++)
376: if (sockets[i].type == AUTH_UNUSED)
377: {
378: sockets[i].fd = fd;
379: sockets[i].type = type;
380: buffer_init(&sockets[i].input);
381: buffer_init(&sockets[i].output);
382: return;
383: }
384: old_alloc = sockets_alloc;
385: sockets_alloc += 10;
386: if (sockets)
387: sockets = xrealloc(sockets, sockets_alloc * sizeof(sockets[0]));
388: else
389: sockets = xmalloc(sockets_alloc * sizeof(sockets[0]));
390: for (i = old_alloc; i < sockets_alloc; i++)
391: sockets[i].type = AUTH_UNUSED;
392: sockets[old_alloc].type = type;
393: sockets[old_alloc].fd = fd;
394: buffer_init(&sockets[old_alloc].input);
395: buffer_init(&sockets[old_alloc].output);
396: }
397:
1.2 provos 398: void
399: prepare_select(fd_set *readset, fd_set *writeset)
1.1 deraadt 400: {
401: unsigned int i;
402: for (i = 0; i < sockets_alloc; i++)
403: switch (sockets[i].type)
404: {
1.12 markus 405: case AUTH_SOCKET:
1.1 deraadt 406: case AUTH_CONNECTION:
407: FD_SET(sockets[i].fd, readset);
408: if (buffer_len(&sockets[i].output) > 0)
409: FD_SET(sockets[i].fd, writeset);
410: break;
411: case AUTH_UNUSED:
412: break;
413: default:
414: fatal("Unknown socket type %d", sockets[i].type);
415: break;
416: }
417: }
418:
419: void after_select(fd_set *readset, fd_set *writeset)
420: {
421: unsigned int i;
1.12 markus 422: int len, sock;
1.1 deraadt 423: char buf[1024];
424: struct sockaddr_un sunaddr;
425:
426: for (i = 0; i < sockets_alloc; i++)
427: switch (sockets[i].type)
428: {
429: case AUTH_UNUSED:
430: break;
431: case AUTH_SOCKET:
432: if (FD_ISSET(sockets[i].fd, readset))
433: {
434: len = sizeof(sunaddr);
435: sock = accept(sockets[i].fd, (struct sockaddr *)&sunaddr, &len);
436: if (sock < 0)
437: {
438: perror("accept from AUTH_SOCKET");
439: break;
440: }
1.12 markus 441: new_socket(AUTH_CONNECTION, sock);
1.1 deraadt 442: }
443: break;
444: case AUTH_CONNECTION:
445: if (buffer_len(&sockets[i].output) > 0 &&
446: FD_ISSET(sockets[i].fd, writeset))
447: {
448: len = write(sockets[i].fd, buffer_ptr(&sockets[i].output),
449: buffer_len(&sockets[i].output));
450: if (len <= 0)
451: {
1.8 deraadt 452: shutdown(sockets[i].fd, SHUT_RDWR);
1.1 deraadt 453: close(sockets[i].fd);
454: sockets[i].type = AUTH_UNUSED;
455: break;
456: }
457: buffer_consume(&sockets[i].output, len);
458: }
459: if (FD_ISSET(sockets[i].fd, readset))
460: {
461: len = read(sockets[i].fd, buf, sizeof(buf));
462: if (len <= 0)
463: {
1.8 deraadt 464: shutdown(sockets[i].fd, SHUT_RDWR);
1.1 deraadt 465: close(sockets[i].fd);
466: sockets[i].type = AUTH_UNUSED;
467: break;
468: }
469: buffer_append(&sockets[i].input, buf, len);
470: process_message(&sockets[i]);
471: }
472: break;
473: default:
474: fatal("Unknown type %d", sockets[i].type);
475: }
476: }
477:
1.6 deraadt 478: void
1.2 provos 479: check_parent_exists(int sig)
1.1 deraadt 480: {
481: if (kill(parent_pid, 0) < 0)
482: {
483: /* printf("Parent has died - Authentication agent exiting.\n"); */
484: exit(1);
485: }
486: signal(SIGALRM, check_parent_exists);
487: alarm(10);
488: }
489:
1.15 markus 490: void
491: cleanup_socket(void)
492: {
1.10 markus 493: remove(socket_name);
494: rmdir(socket_dir);
495: }
496:
1.15 markus 497: void
498: cleanup_exit(int i)
499: {
500: cleanup_socket();
501: exit(i);
502: }
503:
504: void
505: usage()
506: {
507: extern char *__progname;
508:
509: fprintf(stderr, "ssh-agent version %s\n", SSH_VERSION);
510: fprintf(stderr, "Usage: %s [-c | -s] [-k] [command {args...]]\n",
511: __progname);
512: exit(1);
513: }
514:
1.2 provos 515: int
516: main(int ac, char **av)
1.1 deraadt 517: {
518: fd_set readset, writeset;
1.15 markus 519: int sock, c_flag = 0, k_flag = 0, s_flag = 0, ch;
1.1 deraadt 520: struct sockaddr_un sunaddr;
1.15 markus 521: pid_t pid;
522: char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
1.1 deraadt 523:
1.3 deraadt 524: /* check if RSA support exists */
525: if (rsa_alive() == 0) {
526: extern char *__progname;
527: fprintf(stderr,
528: "%s: no RSA support in libssl and libcrypto. See ssl(8).\n",
529: __progname);
530: exit(1);
531: }
1.1 deraadt 532:
1.15 markus 533: while ((ch = getopt(ac, av, "cks")) != -1)
534: {
535: switch (ch)
536: {
537: case 'c':
538: if (s_flag)
539: usage();
540: c_flag++;
541: break;
542: case 'k':
543: k_flag++;
544: break;
545: case 's':
546: if (c_flag)
547: usage();
548: s_flag++;
549: break;
550: default:
551: usage();
552: }
553: }
554: ac -= optind;
555: av += optind;
556:
557: if (ac > 0 && (c_flag || k_flag || s_flag))
558: usage();
559:
560: if (ac == 0 && !c_flag && !k_flag && !s_flag)
561: {
562: shell = getenv("SHELL");
563: if (shell != NULL && strncmp(shell + strlen(shell) - 3, "csh", 3) == 0)
564: c_flag = 1;
565: }
566:
567: if (k_flag)
1.1 deraadt 568: {
1.15 markus 569: pidstr = getenv(SSH_AGENTPID_ENV_NAME);
570: if (pidstr == NULL)
571: {
572: fprintf(stderr, "%s not set, cannot kill agent\n",
573: SSH_AGENTPID_ENV_NAME);
574: exit(1);
575: }
576: pid = atoi(pidstr);
577: if (pid < 1) /* XXX PID_MAX check too */
578: {
579: fprintf(stderr, "%s=\"%s\", which is not a good PID\n",
580: SSH_AGENTPID_ENV_NAME, pidstr);
581: exit(1);
582: }
583: if (kill(pid, SIGTERM) == -1)
584: {
585: perror("kill");
586: exit(1);
587: }
588: format = c_flag ? "unsetenv %s;\n" : "unset %s;\n";
589: printf(format, SSH_AUTHSOCKET_ENV_NAME);
590: printf(format, SSH_AGENTPID_ENV_NAME);
591: printf("echo Agent pid %d killed;\n", pid);
592: exit(0);
1.1 deraadt 593: }
594:
1.9 markus 595: parent_pid = getpid();
1.10 markus 596:
597: /* Create private directory for agent socket */
598: strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir);
599: if (mkdtemp(socket_dir) == NULL) {
600: perror("mkdtemp: private socket dir");
601: exit(1);
602: }
1.15 markus 603: snprintf(socket_name, sizeof socket_name, "%s/agent.%d", socket_dir,
604: parent_pid);
1.10 markus 605:
1.15 markus 606: /* Create socket early so it will exist before command gets run from
607: the parent. */
1.9 markus 608: sock = socket(AF_UNIX, SOCK_STREAM, 0);
609: if (sock < 0)
1.1 deraadt 610: {
1.9 markus 611: perror("socket");
1.15 markus 612: cleanup_exit(1);
1.9 markus 613: }
614: memset(&sunaddr, 0, sizeof(sunaddr));
615: sunaddr.sun_family = AF_UNIX;
616: strlcpy(sunaddr.sun_path, socket_name, sizeof(sunaddr.sun_path));
617: if (bind(sock, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0)
618: {
619: perror("bind");
1.15 markus 620: cleanup_exit(1);
1.9 markus 621: }
622: if (listen(sock, 5) < 0)
623: {
624: perror("listen");
1.15 markus 625: cleanup_exit(1);
626: }
627:
628: /* Fork, and have the parent execute the command, if any, or present the
629: socket data. The child continues as the authentication agent. */
630: pid = fork();
631: if (pid == -1)
632: {
633: perror("fork");
634: exit(1);
635: }
636: if (pid != 0)
637: { /* Parent - execute the given command. */
638: close(sock);
639: snprintf(pidstrbuf, sizeof pidstrbuf, "%d", pid);
640: if (ac == 0)
641: {
642: format = c_flag ? "setenv %s %s;\n" : "%s=%s; export %s;\n";
643: printf(format, SSH_AUTHSOCKET_ENV_NAME, socket_name,
644: SSH_AUTHSOCKET_ENV_NAME);
645: printf(format, SSH_AGENTPID_ENV_NAME, pidstrbuf,
646: SSH_AGENTPID_ENV_NAME);
647: printf("echo Agent pid %d;\n", pid);
648: exit(0);
649: }
650:
651: setenv(SSH_AUTHSOCKET_ENV_NAME, socket_name, 1);
652: setenv(SSH_AGENTPID_ENV_NAME, pidstrbuf, 1);
653: execvp(av[0], av);
654: perror(av[0]);
1.9 markus 655: exit(1);
1.1 deraadt 656: }
1.15 markus 657:
658: close(0);
659: close(1);
660: close(2);
661:
1.16 markus 662: if (setsid() == -1)
663: {
664: perror("setsid");
665: cleanup_exit(1);
666: }
1.15 markus 667:
668: if (atexit(cleanup_socket) < 0)
1.16 markus 669: {
670: perror("atexit");
671: cleanup_exit(1);
672: }
1.15 markus 673:
1.9 markus 674: new_socket(AUTH_SOCKET, sock);
1.15 markus 675: if (ac > 0)
676: {
677: signal(SIGALRM, check_parent_exists);
678: alarm(10);
679: }
1.1 deraadt 680:
681: signal(SIGINT, SIG_IGN);
1.15 markus 682: signal(SIGPIPE, SIG_IGN);
1.1 deraadt 683: while (1)
684: {
685: FD_ZERO(&readset);
686: FD_ZERO(&writeset);
687: prepare_select(&readset, &writeset);
688: if (select(max_fd + 1, &readset, &writeset, NULL, NULL) < 0)
689: {
690: if (errno == EINTR)
691: continue;
692: exit(1);
693: }
694: after_select(&readset, &writeset);
695: }
696: /*NOTREACHED*/
697: }