Page MenuHomeFreeBSD
Differential D25708 Diff 74582 crypto/openssh/ssh-agent.c

Changeset View

Standalone View

View Options

crypto/openssh/ssh-agent.c

Show All 29 Lines
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/ */
#include "includes.h" #include "includes.h"
__RCSID("$FreeBSD$");
#include <sys/types.h> #include <sys/types.h>
#include <sys/param.h> #include <sys/param.h>
#include <sys/resource.h> #include <sys/resource.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <sys/socket.h> #include <sys/socket.h>
#ifdef HAVE_SYS_TIME_H #ifdef HAVE_SYS_TIME_H
# include <sys/time.h> # include <sys/time.h>
▲ Show 20 LinesShow All 113 Lines▼ Show 20 Lines
extern char *__progname; extern char *__progname;
/* Default lifetime in seconds (0 == forever) */ /* Default lifetime in seconds (0 == forever) */
static long lifetime = 0; static long lifetime = 0;
static int fingerprint_hash = SSH_FP_HASH_DEFAULT; static int fingerprint_hash = SSH_FP_HASH_DEFAULT;
/*
* Client connection count; incremented in new_socket() and decremented in
* close_socket(). When it reaches 0, ssh-agent will exit. Since it is
* normally initialized to 1, it will never reach 0. However, if the -x
* option is specified, it is initialized to 0 in main(); in that case,
* ssh-agent will exit as soon as it has had at least one client but no
* longer has any.
*/
static int xcount = 1;
static void static void
close_socket(SocketEntry *e) close_socket(SocketEntry *e)
{ {
int last = 0;
if (e->type == AUTH_CONNECTION) {
debug("xcount %d -> %d", xcount, xcount - 1);
if (--xcount == 0)
last = 1;
}
close(e->fd); close(e->fd);
e->fd = -1; e->fd = -1;
e->type = AUTH_UNUSED; e->type = AUTH_UNUSED;
sshbuf_free(e->input); sshbuf_free(e->input);
sshbuf_free(e->output); sshbuf_free(e->output);
sshbuf_free(e->request); sshbuf_free(e->request);
if (last)
cleanup_exit(0);
} }
static void static void
idtab_init(void) idtab_init(void)
{ {
idtab = xcalloc(1, sizeof(*idtab)); idtab = xcalloc(1, sizeof(*idtab));
TAILQ_INIT(&idtab->idlist); TAILQ_INIT(&idtab->idlist);
idtab->nentries = 0; idtab->nentries = 0;
▲ Show 20 LinesShow All 586 Lines▼ Show 20 Lines#endif /* ENABLE_PKCS11 */
return 0; return 0;
} }
static void static void
new_socket(sock_type type, int fd) new_socket(sock_type type, int fd)
{ {
u_int i, old_alloc, new_alloc; u_int i, old_alloc, new_alloc;
if (type == AUTH_CONNECTION) {
debug("xcount %d -> %d", xcount, xcount + 1);
++xcount;
}
set_nonblock(fd); set_nonblock(fd);
if (fd > max_fd) if (fd > max_fd)
max_fd = fd; max_fd = fd;
for (i = 0; i < sockets_alloc; i++) for (i = 0; i < sockets_alloc; i++)
if (sockets[i].type == AUTH_UNUSED) { if (sockets[i].type == AUTH_UNUSED) {
sockets[i].fd = fd; sockets[i].fd = fd;
▲ Show 20 LinesShow All 279 Lines▼ Show 20 Lines if (parent_pid != -1 && getppid() != parent_pid) {
_exit(2); _exit(2);
} }
} }
static void static void
usage(void) usage(void)
{ {
fprintf(stderr, fprintf(stderr,
"usage: ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash]\n" "usage: ssh-agent [-c | -s] [-Ddx] [-a bind_address] [-E fingerprint_hash]\n"
" [-P pkcs11_whitelist] [-t life] [command [arg ...]]\n" " [-P pkcs11_whitelist] [-t life] [command [arg ...]]\n"
" ssh-agent [-c | -s] -k\n"); " ssh-agent [-c | -s] -k\n");
exit(1); exit(1);
} }
int int
main(int ac, char **av) main(int ac, char **av)
{ {
Show All 16 Lines#endif
ssh_malloc_init(); /* must be called before any mallocs */ ssh_malloc_init(); /* must be called before any mallocs */
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */ /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd(); sanitise_stdfd();
/* drop */ /* drop */
setegid(getgid()); setegid(getgid());
setgid(getgid()); setgid(getgid());
setuid(geteuid());
platform_disable_tracing(0); /* strict=no */ platform_disable_tracing(0); /* strict=no */
if (getrlimit(RLIMIT_NOFILE, &rlim) == -1) if (getrlimit(RLIMIT_NOFILE, &rlim) == -1)
fatal("%s: getrlimit: %s", __progname, strerror(errno)); fatal("%s: getrlimit: %s", __progname, strerror(errno));
__progname = ssh_get_progname(av[0]); __progname = ssh_get_progname(av[0]);
seed_rng(); seed_rng();
while ((ch = getopt(ac, av, "cDdksE:a:P:t:")) != -1) { while ((ch = getopt(ac, av, "cDdksE:a:P:t:x")) != -1) {
switch (ch) { switch (ch) {
case 'E': case 'E':
fingerprint_hash = ssh_digest_alg_by_name(optarg); fingerprint_hash = ssh_digest_alg_by_name(optarg);
if (fingerprint_hash == -1) if (fingerprint_hash == -1)
fatal("Invalid hash algorithm \"%s\"", optarg); fatal("Invalid hash algorithm \"%s\"", optarg);
break; break;
case 'c': case 'c':
if (s_flag) if (s_flag)
Show All 26 Lines while ((ch = getopt(ac, av, "cDdksE:a:P:t:x")) != -1) {
case 'a': case 'a':
agentsocket = optarg; agentsocket = optarg;
break; break;
case 't': case 't':
if ((lifetime = convtime(optarg)) == -1) { if ((lifetime = convtime(optarg)) == -1) {
fprintf(stderr, "Invalid lifetime\n"); fprintf(stderr, "Invalid lifetime\n");
usage(); usage();
} }
break;
case 'x':
xcount = 0;
break; break;
default: default:
usage(); usage();
} }
} }
ac -= optind; ac -= optind;
av += optind; av += optind;
▲ Show 20 LinesShow All 184 LinesShow Last 20 Lines