1 /* $OpenBSD: ssh-agent.c,v 1.170 2010/08/31 12:33:38 djm Exp $ */
3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
6 * The authentication agent program.
8 * As far as I am concerned, the code I have written for this software
9 * can be used freely for any purpose. Any derived versions of this
10 * software must be clearly marked as such, and if the derived work is
11 * incompatible with the protocol description in the RFC file, it must be
12 * called by a name other than "ssh" or "Secure Shell".
14 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
16 * Redistribution and use in source and binary forms, with or without
17 * modification, are permitted provided that the following conditions
19 * 1. Redistributions of source code must retain the above copyright
20 * notice, this list of conditions and the following disclaimer.
21 * 2. Redistributions in binary form must reproduce the above copyright
22 * notice, this list of conditions and the following disclaimer in the
23 * documentation and/or other materials provided with the distribution.
25 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
26 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
27 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
28 * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
29 * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
30 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
31 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
32 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
33 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 #include <sys/types.h>
40 #include <sys/param.h>
41 #include <sys/resource.h>
43 #include <sys/socket.h>
44 #ifdef HAVE_SYS_TIME_H
45 # include <sys/time.h>
50 #include "openbsd-compat/sys-queue.h"
52 #include <openssl/evp.h>
53 #include <openssl/md5.h>
54 #include "openbsd-compat/openssl-compat.h"
80 #include "ssh-pkcs11.h"
83 #if defined(HAVE_SYS_PRCTL_H)
84 #include <sys/prctl.h> /* For prctl() and PR_SET_DUMPABLE */
101 u_int sockets_alloc
= 0;
102 SocketEntry
*sockets
= NULL
;
104 typedef struct identity
{
105 TAILQ_ENTRY(identity
) next
;
115 TAILQ_HEAD(idqueue
, identity
) idlist
;
118 /* private key table, one per protocol version */
123 /* pid of shell == parent of agent */
124 pid_t parent_pid
= -1;
125 u_int parent_alive_interval
= 0;
127 /* pathname and directory for AUTH_SOCKET */
128 char socket_name
[MAXPATHLEN
];
129 char socket_dir
[MAXPATHLEN
];
133 char *lock_passwd
= NULL
;
135 extern char *__progname
;
137 /* Default lifetime (0 == forever) */
138 static int lifetime
= 0;
141 close_socket(SocketEntry
*e
)
145 e
->type
= AUTH_UNUSED
;
146 buffer_free(&e
->input
);
147 buffer_free(&e
->output
);
148 buffer_free(&e
->request
);
156 for (i
= 0; i
<=2; i
++) {
157 TAILQ_INIT(&idtable
[i
].idlist
);
158 idtable
[i
].nentries
= 0;
162 /* return private key table for requested protocol version */
164 idtab_lookup(int version
)
166 if (version
< 1 || version
> 2)
167 fatal("internal error, bad protocol version %d", version
);
168 return &idtable
[version
];
172 free_identity(Identity
*id
)
175 if (id
->provider
!= NULL
)
181 /* return matching private key for given public key */
183 lookup_identity(Key
*key
, int version
)
187 Idtab
*tab
= idtab_lookup(version
);
188 TAILQ_FOREACH(id
, &tab
->idlist
, next
) {
189 if (key_equal(key
, id
->key
))
195 /* Check confirmation of keysign request */
197 confirm_key(Identity
*id
)
202 p
= key_fingerprint(id
->key
, SSH_FP_MD5
, SSH_FP_HEX
);
203 if (ask_permission("Allow use of key %s?\nKey fingerprint %s.",
211 /* send list of supported public keys to 'client' */
213 process_request_identities(SocketEntry
*e
, int version
)
215 Idtab
*tab
= idtab_lookup(version
);
220 buffer_put_char(&msg
, (version
== 1) ?
221 SSH_AGENT_RSA_IDENTITIES_ANSWER
: SSH2_AGENT_IDENTITIES_ANSWER
);
222 buffer_put_int(&msg
, tab
->nentries
);
223 TAILQ_FOREACH(id
, &tab
->idlist
, next
) {
224 if (id
->key
->type
== KEY_RSA1
) {
225 buffer_put_int(&msg
, BN_num_bits(id
->key
->rsa
->n
));
226 buffer_put_bignum(&msg
, id
->key
->rsa
->e
);
227 buffer_put_bignum(&msg
, id
->key
->rsa
->n
);
231 key_to_blob(id
->key
, &blob
, &blen
);
232 buffer_put_string(&msg
, blob
, blen
);
235 buffer_put_cstring(&msg
, id
->comment
);
237 buffer_put_int(&e
->output
, buffer_len(&msg
));
238 buffer_append(&e
->output
, buffer_ptr(&msg
), buffer_len(&msg
));
244 process_authentication_challenge1(SocketEntry
*e
)
246 u_char buf
[32], mdbuf
[16], session_id
[16];
256 key
= key_new(KEY_RSA1
);
257 if ((challenge
= BN_new()) == NULL
)
258 fatal("process_authentication_challenge1: BN_new failed");
260 (void) buffer_get_int(&e
->request
); /* ignored */
261 buffer_get_bignum(&e
->request
, key
->rsa
->e
);
262 buffer_get_bignum(&e
->request
, key
->rsa
->n
);
263 buffer_get_bignum(&e
->request
, challenge
);
265 /* Only protocol 1.1 is supported */
266 if (buffer_len(&e
->request
) == 0)
268 buffer_get(&e
->request
, session_id
, 16);
269 response_type
= buffer_get_int(&e
->request
);
270 if (response_type
!= 1)
273 id
= lookup_identity(key
, 1);
274 if (id
!= NULL
&& (!id
->confirm
|| confirm_key(id
) == 0)) {
275 Key
*private = id
->key
;
276 /* Decrypt the challenge using the private key. */
277 if (rsa_private_decrypt(challenge
, challenge
, private->rsa
) <= 0)
280 /* The response is MD5 of decrypted challenge plus session id. */
281 len
= BN_num_bytes(challenge
);
282 if (len
<= 0 || len
> 32) {
283 logit("process_authentication_challenge: bad challenge length %d", len
);
287 BN_bn2bin(challenge
, buf
+ 32 - len
);
289 MD5_Update(&md
, buf
, 32);
290 MD5_Update(&md
, session_id
, 16);
291 MD5_Final(mdbuf
, &md
);
293 /* Send the response. */
294 buffer_put_char(&msg
, SSH_AGENT_RSA_RESPONSE
);
295 for (i
= 0; i
< 16; i
++)
296 buffer_put_char(&msg
, mdbuf
[i
]);
301 /* Unknown identity or protocol error. Send failure. */
302 buffer_put_char(&msg
, SSH_AGENT_FAILURE
);
304 buffer_put_int(&e
->output
, buffer_len(&msg
));
305 buffer_append(&e
->output
, buffer_ptr(&msg
), buffer_len(&msg
));
307 BN_clear_free(challenge
);
313 process_sign_request2(SocketEntry
*e
)
315 u_char
*blob
, *data
, *signature
= NULL
;
316 u_int blen
, dlen
, slen
= 0;
317 extern int datafellows
;
325 blob
= buffer_get_string(&e
->request
, &blen
);
326 data
= buffer_get_string(&e
->request
, &dlen
);
328 flags
= buffer_get_int(&e
->request
);
329 odatafellows
= datafellows
;
330 if (flags
& SSH_AGENT_OLD_SIGNATURE
)
331 datafellows
= SSH_BUG_SIGBLOB
;
333 key
= key_from_blob(blob
, blen
);
335 Identity
*id
= lookup_identity(key
, 2);
336 if (id
!= NULL
&& (!id
->confirm
|| confirm_key(id
) == 0))
337 ok
= key_sign(id
->key
, &signature
, &slen
, data
, dlen
);
342 buffer_put_char(&msg
, SSH2_AGENT_SIGN_RESPONSE
);
343 buffer_put_string(&msg
, signature
, slen
);
345 buffer_put_char(&msg
, SSH_AGENT_FAILURE
);
347 buffer_put_int(&e
->output
, buffer_len(&msg
));
348 buffer_append(&e
->output
, buffer_ptr(&msg
),
353 if (signature
!= NULL
)
355 datafellows
= odatafellows
;
360 process_remove_identity(SocketEntry
*e
, int version
)
369 key
= key_new(KEY_RSA1
);
370 bits
= buffer_get_int(&e
->request
);
371 buffer_get_bignum(&e
->request
, key
->rsa
->e
);
372 buffer_get_bignum(&e
->request
, key
->rsa
->n
);
374 if (bits
!= key_size(key
))
375 logit("Warning: identity keysize mismatch: actual %u, announced %u",
376 key_size(key
), bits
);
379 blob
= buffer_get_string(&e
->request
, &blen
);
380 key
= key_from_blob(blob
, blen
);
385 Identity
*id
= lookup_identity(key
, version
);
388 * We have this key. Free the old key. Since we
389 * don't want to leave empty slots in the middle of
390 * the array, we actually free the key there and move
391 * all the entries between the empty slot and the end
394 Idtab
*tab
= idtab_lookup(version
);
395 if (tab
->nentries
< 1)
396 fatal("process_remove_identity: "
397 "internal error: tab->nentries %d",
399 TAILQ_REMOVE(&tab
->idlist
, id
, next
);
406 buffer_put_int(&e
->output
, 1);
407 buffer_put_char(&e
->output
,
408 success
? SSH_AGENT_SUCCESS
: SSH_AGENT_FAILURE
);
412 process_remove_all_identities(SocketEntry
*e
, int version
)
414 Idtab
*tab
= idtab_lookup(version
);
417 /* Loop over all identities and clear the keys. */
418 for (id
= TAILQ_FIRST(&tab
->idlist
); id
;
419 id
= TAILQ_FIRST(&tab
->idlist
)) {
420 TAILQ_REMOVE(&tab
->idlist
, id
, next
);
424 /* Mark that there are no identities. */
428 buffer_put_int(&e
->output
, 1);
429 buffer_put_char(&e
->output
, SSH_AGENT_SUCCESS
);
432 /* removes expired keys and returns number of seconds until the next expiry */
436 u_int deadline
= 0, now
= time(NULL
);
441 for (version
= 1; version
< 3; version
++) {
442 tab
= idtab_lookup(version
);
443 for (id
= TAILQ_FIRST(&tab
->idlist
); id
; id
= nxt
) {
444 nxt
= TAILQ_NEXT(id
, next
);
447 if (now
>= id
->death
) {
448 debug("expiring key '%s'", id
->comment
);
449 TAILQ_REMOVE(&tab
->idlist
, id
, next
);
453 deadline
= (deadline
== 0) ? id
->death
:
454 MIN(deadline
, id
->death
);
457 if (deadline
== 0 || deadline
<= now
)
460 return (deadline
- now
);
464 process_add_identity(SocketEntry
*e
, int version
)
466 Idtab
*tab
= idtab_lookup(version
);
468 int type
, success
= 0, death
= 0, confirm
= 0;
469 char *type_name
, *comment
;
471 #ifdef OPENSSL_HAS_ECC
481 k
= key_new_private(KEY_RSA1
);
482 (void) buffer_get_int(&e
->request
); /* ignored */
483 buffer_get_bignum(&e
->request
, k
->rsa
->n
);
484 buffer_get_bignum(&e
->request
, k
->rsa
->e
);
485 buffer_get_bignum(&e
->request
, k
->rsa
->d
);
486 buffer_get_bignum(&e
->request
, k
->rsa
->iqmp
);
488 /* SSH and SSL have p and q swapped */
489 buffer_get_bignum(&e
->request
, k
->rsa
->q
); /* p */
490 buffer_get_bignum(&e
->request
, k
->rsa
->p
); /* q */
492 /* Generate additional parameters */
493 rsa_generate_additional_parameters(k
->rsa
);
496 type_name
= buffer_get_string(&e
->request
, NULL
);
497 type
= key_type_from_name(type_name
);
500 k
= key_new_private(type
);
501 buffer_get_bignum2(&e
->request
, k
->dsa
->p
);
502 buffer_get_bignum2(&e
->request
, k
->dsa
->q
);
503 buffer_get_bignum2(&e
->request
, k
->dsa
->g
);
504 buffer_get_bignum2(&e
->request
, k
->dsa
->pub_key
);
505 buffer_get_bignum2(&e
->request
, k
->dsa
->priv_key
);
507 case KEY_DSA_CERT_V00
:
509 cert
= buffer_get_string(&e
->request
, &len
);
510 if ((k
= key_from_blob(cert
, len
)) == NULL
)
511 fatal("Certificate parse failed");
514 buffer_get_bignum2(&e
->request
, k
->dsa
->priv_key
);
516 #ifdef OPENSSL_HAS_ECC
518 k
= key_new_private(type
);
519 k
->ecdsa_nid
= key_ecdsa_nid_from_name(type_name
);
520 curve
= buffer_get_string(&e
->request
, NULL
);
521 if (k
->ecdsa_nid
!= key_curve_name_to_nid(curve
))
522 fatal("%s: curve names mismatch", __func__
);
524 k
->ecdsa
= EC_KEY_new_by_curve_name(k
->ecdsa_nid
);
525 if (k
->ecdsa
== NULL
)
526 fatal("%s: EC_KEY_new_by_curve_name failed",
528 q
= EC_POINT_new(EC_KEY_get0_group(k
->ecdsa
));
530 fatal("%s: BN_new failed", __func__
);
531 if ((exponent
= BN_new()) == NULL
)
532 fatal("%s: BN_new failed", __func__
);
533 buffer_get_ecpoint(&e
->request
,
534 EC_KEY_get0_group(k
->ecdsa
), q
);
535 buffer_get_bignum2(&e
->request
, exponent
);
536 if (EC_KEY_set_public_key(k
->ecdsa
, q
) != 1)
537 fatal("%s: EC_KEY_set_public_key failed",
539 if (EC_KEY_set_private_key(k
->ecdsa
, exponent
) != 1)
540 fatal("%s: EC_KEY_set_private_key failed",
542 if (key_ec_validate_public(EC_KEY_get0_group(k
->ecdsa
),
543 EC_KEY_get0_public_key(k
->ecdsa
)) != 0)
544 fatal("%s: bad ECDSA public key", __func__
);
545 if (key_ec_validate_private(k
->ecdsa
) != 0)
546 fatal("%s: bad ECDSA private key", __func__
);
547 BN_clear_free(exponent
);
551 cert
= buffer_get_string(&e
->request
, &len
);
552 if ((k
= key_from_blob(cert
, len
)) == NULL
)
553 fatal("Certificate parse failed");
556 if ((exponent
= BN_new()) == NULL
)
557 fatal("%s: BN_new failed", __func__
);
558 buffer_get_bignum2(&e
->request
, exponent
);
559 if (EC_KEY_set_private_key(k
->ecdsa
, exponent
) != 1)
560 fatal("%s: EC_KEY_set_private_key failed",
562 if (key_ec_validate_public(EC_KEY_get0_group(k
->ecdsa
),
563 EC_KEY_get0_public_key(k
->ecdsa
)) != 0 ||
564 key_ec_validate_private(k
->ecdsa
) != 0)
565 fatal("%s: bad ECDSA key", __func__
);
566 BN_clear_free(exponent
);
568 #endif /* OPENSSL_HAS_ECC */
570 k
= key_new_private(type
);
571 buffer_get_bignum2(&e
->request
, k
->rsa
->n
);
572 buffer_get_bignum2(&e
->request
, k
->rsa
->e
);
573 buffer_get_bignum2(&e
->request
, k
->rsa
->d
);
574 buffer_get_bignum2(&e
->request
, k
->rsa
->iqmp
);
575 buffer_get_bignum2(&e
->request
, k
->rsa
->p
);
576 buffer_get_bignum2(&e
->request
, k
->rsa
->q
);
578 /* Generate additional parameters */
579 rsa_generate_additional_parameters(k
->rsa
);
581 case KEY_RSA_CERT_V00
:
583 cert
= buffer_get_string(&e
->request
, &len
);
584 if ((k
= key_from_blob(cert
, len
)) == NULL
)
585 fatal("Certificate parse failed");
588 buffer_get_bignum2(&e
->request
, k
->rsa
->d
);
589 buffer_get_bignum2(&e
->request
, k
->rsa
->iqmp
);
590 buffer_get_bignum2(&e
->request
, k
->rsa
->p
);
591 buffer_get_bignum2(&e
->request
, k
->rsa
->q
);
595 buffer_clear(&e
->request
);
601 /* enable blinding */
604 case KEY_RSA_CERT_V00
:
607 if (RSA_blinding_on(k
->rsa
, NULL
) != 1) {
608 error("process_add_identity: RSA_blinding_on failed");
614 comment
= buffer_get_string(&e
->request
, NULL
);
619 while (buffer_len(&e
->request
)) {
620 switch ((type
= buffer_get_char(&e
->request
))) {
621 case SSH_AGENT_CONSTRAIN_LIFETIME
:
622 death
= time(NULL
) + buffer_get_int(&e
->request
);
624 case SSH_AGENT_CONSTRAIN_CONFIRM
:
628 error("process_add_identity: "
629 "Unknown constraint type %d", type
);
636 if (lifetime
&& !death
)
637 death
= time(NULL
) + lifetime
;
638 if ((id
= lookup_identity(k
, version
)) == NULL
) {
639 id
= xcalloc(1, sizeof(Identity
));
641 TAILQ_INSERT_TAIL(&tab
->idlist
, id
, next
);
642 /* Increment the number of identities. */
648 id
->comment
= comment
;
650 id
->confirm
= confirm
;
652 buffer_put_int(&e
->output
, 1);
653 buffer_put_char(&e
->output
,
654 success
? SSH_AGENT_SUCCESS
: SSH_AGENT_FAILURE
);
657 /* XXX todo: encrypt sensitive data with passphrase */
659 process_lock_agent(SocketEntry
*e
, int lock
)
664 passwd
= buffer_get_string(&e
->request
, NULL
);
665 if (locked
&& !lock
&& strcmp(passwd
, lock_passwd
) == 0) {
667 memset(lock_passwd
, 0, strlen(lock_passwd
));
671 } else if (!locked
&& lock
) {
673 lock_passwd
= xstrdup(passwd
);
676 memset(passwd
, 0, strlen(passwd
));
679 buffer_put_int(&e
->output
, 1);
680 buffer_put_char(&e
->output
,
681 success
? SSH_AGENT_SUCCESS
: SSH_AGENT_FAILURE
);
685 no_identities(SocketEntry
*e
, u_int type
)
690 buffer_put_char(&msg
,
691 (type
== SSH_AGENTC_REQUEST_RSA_IDENTITIES
) ?
692 SSH_AGENT_RSA_IDENTITIES_ANSWER
: SSH2_AGENT_IDENTITIES_ANSWER
);
693 buffer_put_int(&msg
, 0);
694 buffer_put_int(&e
->output
, buffer_len(&msg
));
695 buffer_append(&e
->output
, buffer_ptr(&msg
), buffer_len(&msg
));
701 process_add_smartcard_key(SocketEntry
*e
)
703 char *provider
= NULL
, *pin
;
704 int i
, type
, version
, count
= 0, success
= 0, death
= 0, confirm
= 0;
705 Key
**keys
= NULL
, *k
;
709 provider
= buffer_get_string(&e
->request
, NULL
);
710 pin
= buffer_get_string(&e
->request
, NULL
);
712 while (buffer_len(&e
->request
)) {
713 switch ((type
= buffer_get_char(&e
->request
))) {
714 case SSH_AGENT_CONSTRAIN_LIFETIME
:
715 death
= time(NULL
) + buffer_get_int(&e
->request
);
717 case SSH_AGENT_CONSTRAIN_CONFIRM
:
721 error("process_add_smartcard_key: "
722 "Unknown constraint type %d", type
);
726 if (lifetime
&& !death
)
727 death
= time(NULL
) + lifetime
;
729 count
= pkcs11_add_provider(provider
, pin
, &keys
);
730 for (i
= 0; i
< count
; i
++) {
732 version
= k
->type
== KEY_RSA1
? 1 : 2;
733 tab
= idtab_lookup(version
);
734 if (lookup_identity(k
, version
) == NULL
) {
735 id
= xcalloc(1, sizeof(Identity
));
737 id
->provider
= xstrdup(provider
);
738 id
->comment
= xstrdup(provider
); /* XXX */
740 id
->confirm
= confirm
;
741 TAILQ_INSERT_TAIL(&tab
->idlist
, id
, next
);
756 buffer_put_int(&e
->output
, 1);
757 buffer_put_char(&e
->output
,
758 success
? SSH_AGENT_SUCCESS
: SSH_AGENT_FAILURE
);
762 process_remove_smartcard_key(SocketEntry
*e
)
764 char *provider
= NULL
, *pin
= NULL
;
765 int version
, success
= 0;
769 provider
= buffer_get_string(&e
->request
, NULL
);
770 pin
= buffer_get_string(&e
->request
, NULL
);
773 for (version
= 1; version
< 3; version
++) {
774 tab
= idtab_lookup(version
);
775 for (id
= TAILQ_FIRST(&tab
->idlist
); id
; id
= nxt
) {
776 nxt
= TAILQ_NEXT(id
, next
);
777 if (!strcmp(provider
, id
->provider
)) {
778 TAILQ_REMOVE(&tab
->idlist
, id
, next
);
784 if (pkcs11_del_provider(provider
) == 0)
787 error("process_remove_smartcard_key:"
788 " pkcs11_del_provider failed");
790 buffer_put_int(&e
->output
, 1);
791 buffer_put_char(&e
->output
,
792 success
? SSH_AGENT_SUCCESS
: SSH_AGENT_FAILURE
);
794 #endif /* ENABLE_PKCS11 */
796 /* dispatch incoming messages */
799 process_message(SocketEntry
*e
)
804 if (buffer_len(&e
->input
) < 5)
805 return; /* Incomplete message. */
806 cp
= buffer_ptr(&e
->input
);
807 msg_len
= get_u32(cp
);
808 if (msg_len
> 256 * 1024) {
812 if (buffer_len(&e
->input
) < msg_len
+ 4)
815 /* move the current input to e->request */
816 buffer_consume(&e
->input
, 4);
817 buffer_clear(&e
->request
);
818 buffer_append(&e
->request
, buffer_ptr(&e
->input
), msg_len
);
819 buffer_consume(&e
->input
, msg_len
);
820 type
= buffer_get_char(&e
->request
);
822 /* check wheter agent is locked */
823 if (locked
&& type
!= SSH_AGENTC_UNLOCK
) {
824 buffer_clear(&e
->request
);
826 case SSH_AGENTC_REQUEST_RSA_IDENTITIES
:
827 case SSH2_AGENTC_REQUEST_IDENTITIES
:
828 /* send empty lists */
829 no_identities(e
, type
);
832 /* send a fail message for all other request types */
833 buffer_put_int(&e
->output
, 1);
834 buffer_put_char(&e
->output
, SSH_AGENT_FAILURE
);
839 debug("type %d", type
);
841 case SSH_AGENTC_LOCK
:
842 case SSH_AGENTC_UNLOCK
:
843 process_lock_agent(e
, type
== SSH_AGENTC_LOCK
);
846 case SSH_AGENTC_RSA_CHALLENGE
:
847 process_authentication_challenge1(e
);
849 case SSH_AGENTC_REQUEST_RSA_IDENTITIES
:
850 process_request_identities(e
, 1);
852 case SSH_AGENTC_ADD_RSA_IDENTITY
:
853 case SSH_AGENTC_ADD_RSA_ID_CONSTRAINED
:
854 process_add_identity(e
, 1);
856 case SSH_AGENTC_REMOVE_RSA_IDENTITY
:
857 process_remove_identity(e
, 1);
859 case SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES
:
860 process_remove_all_identities(e
, 1);
863 case SSH2_AGENTC_SIGN_REQUEST
:
864 process_sign_request2(e
);
866 case SSH2_AGENTC_REQUEST_IDENTITIES
:
867 process_request_identities(e
, 2);
869 case SSH2_AGENTC_ADD_IDENTITY
:
870 case SSH2_AGENTC_ADD_ID_CONSTRAINED
:
871 process_add_identity(e
, 2);
873 case SSH2_AGENTC_REMOVE_IDENTITY
:
874 process_remove_identity(e
, 2);
876 case SSH2_AGENTC_REMOVE_ALL_IDENTITIES
:
877 process_remove_all_identities(e
, 2);
880 case SSH_AGENTC_ADD_SMARTCARD_KEY
:
881 case SSH_AGENTC_ADD_SMARTCARD_KEY_CONSTRAINED
:
882 process_add_smartcard_key(e
);
884 case SSH_AGENTC_REMOVE_SMARTCARD_KEY
:
885 process_remove_smartcard_key(e
);
887 #endif /* ENABLE_PKCS11 */
889 /* Unknown message. Respond with failure. */
890 error("Unknown message %d", type
);
891 buffer_clear(&e
->request
);
892 buffer_put_int(&e
->output
, 1);
893 buffer_put_char(&e
->output
, SSH_AGENT_FAILURE
);
899 new_socket(sock_type type
, int fd
)
901 u_int i
, old_alloc
, new_alloc
;
908 for (i
= 0; i
< sockets_alloc
; i
++)
909 if (sockets
[i
].type
== AUTH_UNUSED
) {
911 buffer_init(&sockets
[i
].input
);
912 buffer_init(&sockets
[i
].output
);
913 buffer_init(&sockets
[i
].request
);
914 sockets
[i
].type
= type
;
917 old_alloc
= sockets_alloc
;
918 new_alloc
= sockets_alloc
+ 10;
919 sockets
= xrealloc(sockets
, new_alloc
, sizeof(sockets
[0]));
920 for (i
= old_alloc
; i
< new_alloc
; i
++)
921 sockets
[i
].type
= AUTH_UNUSED
;
922 sockets_alloc
= new_alloc
;
923 sockets
[old_alloc
].fd
= fd
;
924 buffer_init(&sockets
[old_alloc
].input
);
925 buffer_init(&sockets
[old_alloc
].output
);
926 buffer_init(&sockets
[old_alloc
].request
);
927 sockets
[old_alloc
].type
= type
;
931 prepare_select(fd_set
**fdrp
, fd_set
**fdwp
, int *fdl
, u_int
*nallocp
,
932 struct timeval
**tvpp
)
934 u_int i
, sz
, deadline
;
936 static struct timeval tv
;
938 for (i
= 0; i
< sockets_alloc
; i
++) {
939 switch (sockets
[i
].type
) {
941 case AUTH_CONNECTION
:
942 n
= MAX(n
, sockets
[i
].fd
);
947 fatal("Unknown socket type %d", sockets
[i
].type
);
952 sz
= howmany(n
+1, NFDBITS
) * sizeof(fd_mask
);
953 if (*fdrp
== NULL
|| sz
> *nallocp
) {
963 debug("XXX shrink: %d < %d", n
, *fdl
);
965 memset(*fdrp
, 0, sz
);
966 memset(*fdwp
, 0, sz
);
968 for (i
= 0; i
< sockets_alloc
; i
++) {
969 switch (sockets
[i
].type
) {
971 case AUTH_CONNECTION
:
972 FD_SET(sockets
[i
].fd
, *fdrp
);
973 if (buffer_len(&sockets
[i
].output
) > 0)
974 FD_SET(sockets
[i
].fd
, *fdwp
);
981 if (parent_alive_interval
!= 0)
982 deadline
= (deadline
== 0) ? parent_alive_interval
:
983 MIN(deadline
, parent_alive_interval
);
987 tv
.tv_sec
= deadline
;
995 after_select(fd_set
*readset
, fd_set
*writeset
)
997 struct sockaddr_un sunaddr
;
1001 u_int i
, orig_alloc
;
1005 for (i
= 0, orig_alloc
= sockets_alloc
; i
< orig_alloc
; i
++)
1006 switch (sockets
[i
].type
) {
1010 if (FD_ISSET(sockets
[i
].fd
, readset
)) {
1011 slen
= sizeof(sunaddr
);
1012 sock
= accept(sockets
[i
].fd
,
1013 (struct sockaddr
*)&sunaddr
, &slen
);
1015 error("accept from AUTH_SOCKET: %s",
1019 if (getpeereid(sock
, &euid
, &egid
) < 0) {
1020 error("getpeereid %d failed: %s",
1021 sock
, strerror(errno
));
1025 if ((euid
!= 0) && (getuid() != euid
)) {
1026 error("uid mismatch: "
1027 "peer euid %u != uid %u",
1028 (u_int
) euid
, (u_int
) getuid());
1032 new_socket(AUTH_CONNECTION
, sock
);
1035 case AUTH_CONNECTION
:
1036 if (buffer_len(&sockets
[i
].output
) > 0 &&
1037 FD_ISSET(sockets
[i
].fd
, writeset
)) {
1038 len
= write(sockets
[i
].fd
,
1039 buffer_ptr(&sockets
[i
].output
),
1040 buffer_len(&sockets
[i
].output
));
1041 if (len
== -1 && (errno
== EAGAIN
||
1042 errno
== EWOULDBLOCK
||
1046 close_socket(&sockets
[i
]);
1049 buffer_consume(&sockets
[i
].output
, len
);
1051 if (FD_ISSET(sockets
[i
].fd
, readset
)) {
1052 len
= read(sockets
[i
].fd
, buf
, sizeof(buf
));
1053 if (len
== -1 && (errno
== EAGAIN
||
1054 errno
== EWOULDBLOCK
||
1058 close_socket(&sockets
[i
]);
1061 buffer_append(&sockets
[i
].input
, buf
, len
);
1062 process_message(&sockets
[i
]);
1066 fatal("Unknown type %d", sockets
[i
].type
);
1071 cleanup_socket(void)
1074 unlink(socket_name
);
1088 cleanup_handler(int sig
)
1091 #ifdef ENABLE_PKCS11
1098 check_parent_exists(void)
1100 if (parent_pid
!= -1 && kill(parent_pid
, 0) < 0) {
1101 /* printf("Parent has died - Authentication agent exiting.\n"); */
1110 fprintf(stderr
, "usage: %s [options] [command [arg ...]]\n",
1112 fprintf(stderr
, "Options:\n");
1113 fprintf(stderr
, " -c Generate C-shell commands on stdout.\n");
1114 fprintf(stderr
, " -s Generate Bourne shell commands on stdout.\n");
1115 fprintf(stderr
, " -k Kill the current agent.\n");
1116 fprintf(stderr
, " -d Debug mode.\n");
1117 fprintf(stderr
, " -a socket Bind agent socket to given name.\n");
1118 fprintf(stderr
, " -t life Default identity lifetime (seconds).\n");
1123 main(int ac
, char **av
)
1125 int c_flag
= 0, d_flag
= 0, k_flag
= 0, s_flag
= 0;
1126 int sock
, fd
, ch
, result
, saved_errno
;
1128 char *shell
, *format
, *pidstr
, *agentsocket
= NULL
;
1129 fd_set
*readsetp
= NULL
, *writesetp
= NULL
;
1130 struct sockaddr_un sunaddr
;
1131 #ifdef HAVE_SETRLIMIT
1136 extern char *optarg
;
1138 char pidstrbuf
[1 + 3 * sizeof pid
];
1139 struct timeval
*tvp
= NULL
;
1142 /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
1149 #if defined(HAVE_PRCTL) && defined(PR_SET_DUMPABLE)
1150 /* Disable ptrace on Linux without sgid bit */
1151 prctl(PR_SET_DUMPABLE
, 0);
1154 OpenSSL_add_all_algorithms();
1156 __progname
= ssh_get_progname(av
[0]);
1160 while ((ch
= getopt(ac
, av
, "cdksa:t:")) != -1) {
1181 agentsocket
= optarg
;
1184 if ((lifetime
= convtime(optarg
)) == -1) {
1185 fprintf(stderr
, "Invalid lifetime\n");
1196 if (ac
> 0 && (c_flag
|| k_flag
|| s_flag
|| d_flag
))
1199 if (ac
== 0 && !c_flag
&& !s_flag
) {
1200 shell
= getenv("SHELL");
1201 if (shell
!= NULL
&& (len
= strlen(shell
)) > 2 &&
1202 strncmp(shell
+ len
- 3, "csh", 3) == 0)
1206 const char *errstr
= NULL
;
1208 pidstr
= getenv(SSH_AGENTPID_ENV_NAME
);
1209 if (pidstr
== NULL
) {
1210 fprintf(stderr
, "%s not set, cannot kill agent\n",
1211 SSH_AGENTPID_ENV_NAME
);
1214 pid
= (int)strtonum(pidstr
, 2, INT_MAX
, &errstr
);
1217 "%s=\"%s\", which is not a good PID: %s\n",
1218 SSH_AGENTPID_ENV_NAME
, pidstr
, errstr
);
1221 if (kill(pid
, SIGTERM
) == -1) {
1225 format
= c_flag
? "unsetenv %s;\n" : "unset %s;\n";
1226 printf(format
, SSH_AUTHSOCKET_ENV_NAME
);
1227 printf(format
, SSH_AGENTPID_ENV_NAME
);
1228 printf("echo Agent pid %ld killed;\n", (long)pid
);
1231 parent_pid
= getpid();
1233 if (agentsocket
== NULL
) {
1234 /* Create private directory for agent socket */
1235 strlcpy(socket_dir
, "/tmp/ssh-XXXXXXXXXX", sizeof socket_dir
);
1236 if (mkdtemp(socket_dir
) == NULL
) {
1237 perror("mkdtemp: private socket dir");
1240 snprintf(socket_name
, sizeof socket_name
, "%s/agent.%ld", socket_dir
,
1243 /* Try to use specified agent socket */
1244 socket_dir
[0] = '\0';
1245 strlcpy(socket_name
, agentsocket
, sizeof socket_name
);
1249 * Create socket early so it will exist before command gets run from
1252 sock
= socket(AF_UNIX
, SOCK_STREAM
, 0);
1255 *socket_name
= '\0'; /* Don't unlink any existing file */
1258 memset(&sunaddr
, 0, sizeof(sunaddr
));
1259 sunaddr
.sun_family
= AF_UNIX
;
1260 strlcpy(sunaddr
.sun_path
, socket_name
, sizeof(sunaddr
.sun_path
));
1261 prev_mask
= umask(0177);
1262 if (bind(sock
, (struct sockaddr
*) &sunaddr
, sizeof(sunaddr
)) < 0) {
1264 *socket_name
= '\0'; /* Don't unlink any existing file */
1269 if (listen(sock
, SSH_LISTEN_BACKLOG
) < 0) {
1275 * Fork, and have the parent execute the command, if any, or present
1276 * the socket data. The child continues as the authentication agent.
1279 log_init(__progname
, SYSLOG_LEVEL_DEBUG1
, SYSLOG_FACILITY_AUTH
, 1);
1280 format
= c_flag
? "setenv %s %s;\n" : "%s=%s; export %s;\n";
1281 printf(format
, SSH_AUTHSOCKET_ENV_NAME
, socket_name
,
1282 SSH_AUTHSOCKET_ENV_NAME
);
1283 printf("echo Agent pid %ld;\n", (long)parent_pid
);
1291 if (pid
!= 0) { /* Parent - execute the given command. */
1293 snprintf(pidstrbuf
, sizeof pidstrbuf
, "%ld", (long)pid
);
1295 format
= c_flag
? "setenv %s %s;\n" : "%s=%s; export %s;\n";
1296 printf(format
, SSH_AUTHSOCKET_ENV_NAME
, socket_name
,
1297 SSH_AUTHSOCKET_ENV_NAME
);
1298 printf(format
, SSH_AGENTPID_ENV_NAME
, pidstrbuf
,
1299 SSH_AGENTPID_ENV_NAME
);
1300 printf("echo Agent pid %ld;\n", (long)pid
);
1303 if (setenv(SSH_AUTHSOCKET_ENV_NAME
, socket_name
, 1) == -1 ||
1304 setenv(SSH_AGENTPID_ENV_NAME
, pidstrbuf
, 1) == -1) {
1313 log_init(__progname
, SYSLOG_LEVEL_INFO
, SYSLOG_FACILITY_AUTH
, 0);
1315 if (setsid() == -1) {
1316 error("setsid: %s", strerror(errno
));
1321 if ((fd
= open(_PATH_DEVNULL
, O_RDWR
, 0)) != -1) {
1322 /* XXX might close listen socket */
1323 (void)dup2(fd
, STDIN_FILENO
);
1324 (void)dup2(fd
, STDOUT_FILENO
);
1325 (void)dup2(fd
, STDERR_FILENO
);
1330 #ifdef HAVE_SETRLIMIT
1331 /* deny core dumps, since memory contains unencrypted private keys */
1332 rlim
.rlim_cur
= rlim
.rlim_max
= 0;
1333 if (setrlimit(RLIMIT_CORE
, &rlim
) < 0) {
1334 error("setrlimit RLIMIT_CORE: %s", strerror(errno
));
1341 #ifdef ENABLE_PKCS11
1344 new_socket(AUTH_SOCKET
, sock
);
1346 parent_alive_interval
= 10;
1349 signal(SIGINT
, SIG_IGN
);
1350 signal(SIGPIPE
, SIG_IGN
);
1351 signal(SIGHUP
, cleanup_handler
);
1352 signal(SIGTERM
, cleanup_handler
);
1356 prepare_select(&readsetp
, &writesetp
, &max_fd
, &nalloc
, &tvp
);
1357 result
= select(max_fd
+ 1, readsetp
, writesetp
, NULL
, tvp
);
1358 saved_errno
= errno
;
1359 if (parent_alive_interval
!= 0)
1360 check_parent_exists();
1361 (void) reaper(); /* remove expired keys */
1363 if (saved_errno
== EINTR
)
1365 fatal("select: %s", strerror(saved_errno
));
1366 } else if (result
> 0)
1367 after_select(readsetp
, writesetp
);