summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--usr.bin/ssh/ssh-agent.c97
1 files changed, 55 insertions, 42 deletions
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c
index d38fa3cf34b..c178c6d54cc 100644
--- a/usr.bin/ssh/ssh-agent.c
+++ b/usr.bin/ssh/ssh-agent.c
@@ -35,7 +35,7 @@
#include "includes.h"
#include <sys/queue.h>
-RCSID("$OpenBSD: ssh-agent.c,v 1.86 2002/06/05 16:08:07 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.87 2002/06/05 16:48:54 markus Exp $");
#include <openssl/evp.h>
#include <openssl/md5.h>
@@ -66,6 +66,7 @@ typedef struct {
sock_type type;
Buffer input;
Buffer output;
+ Buffer request;
} SocketEntry;
u_int sockets_alloc = 0;
@@ -186,16 +187,16 @@ process_authentication_challenge1(SocketEntry *e)
if ((challenge = BN_new()) == NULL)
fatal("process_authentication_challenge1: BN_new failed");
- buffer_get_int(&e->input); /* ignored */
- buffer_get_bignum(&e->input, key->rsa->e);
- buffer_get_bignum(&e->input, key->rsa->n);
- buffer_get_bignum(&e->input, challenge);
+ buffer_get_int(&e->request); /* ignored */
+ buffer_get_bignum(&e->request, key->rsa->e);
+ buffer_get_bignum(&e->request, key->rsa->n);
+ buffer_get_bignum(&e->request, challenge);
/* Only protocol 1.1 is supported */
- if (buffer_len(&e->input) == 0)
+ if (buffer_len(&e->request) == 0)
goto failure;
- buffer_get(&e->input, session_id, 16);
- response_type = buffer_get_int(&e->input);
+ buffer_get(&e->request, session_id, 16);
+ response_type = buffer_get_int(&e->request);
if (response_type != 1)
goto failure;
@@ -251,10 +252,10 @@ process_sign_request2(SocketEntry *e)
datafellows = 0;
- blob = buffer_get_string(&e->input, &blen);
- data = buffer_get_string(&e->input, &dlen);
+ blob = buffer_get_string(&e->request, &blen);
+ data = buffer_get_string(&e->request, &dlen);
- flags = buffer_get_int(&e->input);
+ flags = buffer_get_int(&e->request);
if (flags & SSH_AGENT_OLD_SIGNATURE)
datafellows = SSH_BUG_SIGBLOB;
@@ -295,16 +296,16 @@ process_remove_identity(SocketEntry *e, int version)
switch (version) {
case 1:
key = key_new(KEY_RSA1);
- bits = buffer_get_int(&e->input);
- buffer_get_bignum(&e->input, key->rsa->e);
- buffer_get_bignum(&e->input, key->rsa->n);
+ bits = buffer_get_int(&e->request);
+ buffer_get_bignum(&e->request, key->rsa->e);
+ buffer_get_bignum(&e->request, key->rsa->n);
if (bits != key_size(key))
log("Warning: identity keysize mismatch: actual %d, announced %d",
key_size(key), bits);
break;
case 2:
- blob = buffer_get_string(&e->input, &blen);
+ blob = buffer_get_string(&e->request, &blen);
key = key_from_blob(blob, blen);
xfree(blob);
break;
@@ -370,51 +371,51 @@ process_add_identity(SocketEntry *e, int version)
switch (version) {
case 1:
k = key_new_private(KEY_RSA1);
- buffer_get_int(&e->input); /* ignored */
- buffer_get_bignum(&e->input, k->rsa->n);
- buffer_get_bignum(&e->input, k->rsa->e);
- buffer_get_bignum(&e->input, k->rsa->d);
- buffer_get_bignum(&e->input, k->rsa->iqmp);
+ buffer_get_int(&e->request); /* ignored */
+ buffer_get_bignum(&e->request, k->rsa->n);
+ buffer_get_bignum(&e->request, k->rsa->e);
+ buffer_get_bignum(&e->request, k->rsa->d);
+ buffer_get_bignum(&e->request, k->rsa->iqmp);
/* SSH and SSL have p and q swapped */
- buffer_get_bignum(&e->input, k->rsa->q); /* p */
- buffer_get_bignum(&e->input, k->rsa->p); /* q */
+ buffer_get_bignum(&e->request, k->rsa->q); /* p */
+ buffer_get_bignum(&e->request, k->rsa->p); /* q */
/* Generate additional parameters */
rsa_generate_additional_parameters(k->rsa);
break;
case 2:
- type_name = buffer_get_string(&e->input, NULL);
+ type_name = buffer_get_string(&e->request, NULL);
type = key_type_from_name(type_name);
xfree(type_name);
switch (type) {
case KEY_DSA:
k = key_new_private(type);
- buffer_get_bignum2(&e->input, k->dsa->p);
- buffer_get_bignum2(&e->input, k->dsa->q);
- buffer_get_bignum2(&e->input, k->dsa->g);
- buffer_get_bignum2(&e->input, k->dsa->pub_key);
- buffer_get_bignum2(&e->input, k->dsa->priv_key);
+ buffer_get_bignum2(&e->request, k->dsa->p);
+ buffer_get_bignum2(&e->request, k->dsa->q);
+ buffer_get_bignum2(&e->request, k->dsa->g);
+ buffer_get_bignum2(&e->request, k->dsa->pub_key);
+ buffer_get_bignum2(&e->request, k->dsa->priv_key);
break;
case KEY_RSA:
k = key_new_private(type);
- buffer_get_bignum2(&e->input, k->rsa->n);
- buffer_get_bignum2(&e->input, k->rsa->e);
- buffer_get_bignum2(&e->input, k->rsa->d);
- buffer_get_bignum2(&e->input, k->rsa->iqmp);
- buffer_get_bignum2(&e->input, k->rsa->p);
- buffer_get_bignum2(&e->input, k->rsa->q);
+ buffer_get_bignum2(&e->request, k->rsa->n);
+ buffer_get_bignum2(&e->request, k->rsa->e);
+ buffer_get_bignum2(&e->request, k->rsa->d);
+ buffer_get_bignum2(&e->request, k->rsa->iqmp);
+ buffer_get_bignum2(&e->request, k->rsa->p);
+ buffer_get_bignum2(&e->request, k->rsa->q);
/* Generate additional parameters */
rsa_generate_additional_parameters(k->rsa);
break;
default:
- buffer_clear(&e->input);
+ buffer_clear(&e->request);
goto send;
}
break;
}
- comment = buffer_get_string(&e->input, NULL);
+ comment = buffer_get_string(&e->request, NULL);
if (k == NULL) {
xfree(comment);
goto send;
@@ -448,8 +449,8 @@ process_add_smartcard_key (SocketEntry *e)
char *sc_reader_id = NULL, *pin;
int i, version, success = 0;
- sc_reader_id = buffer_get_string(&e->input, NULL);
- pin = buffer_get_string(&e->input, NULL);
+ sc_reader_id = buffer_get_string(&e->request, NULL);
+ pin = buffer_get_string(&e->request, NULL);
keys = sc_get_keys(sc_reader_id, pin);
xfree(sc_reader_id);
xfree(pin);
@@ -490,8 +491,8 @@ process_remove_smartcard_key(SocketEntry *e)
char *sc_reader_id = NULL, *pin;
int i, version, success = 0;
- sc_reader_id = buffer_get_string(&e->input, NULL);
- pin = buffer_get_string(&e->input, NULL);
+ sc_reader_id = buffer_get_string(&e->request, NULL);
+ pin = buffer_get_string(&e->request, NULL);
keys = sc_get_keys(sc_reader_id, pin);
xfree(sc_reader_id);
xfree(pin);
@@ -537,12 +538,20 @@ process_message(SocketEntry *e)
shutdown(e->fd, SHUT_RDWR);
close(e->fd);
e->type = AUTH_UNUSED;
+ buffer_free(&e->input);
+ buffer_free(&e->output);
+ buffer_free(&e->request);
return;
}
if (buffer_len(&e->input) < msg_len + 4)
return;
+
+ /* move the current input to e->request */
buffer_consume(&e->input, 4);
- type = buffer_get_char(&e->input);
+ buffer_clear(&e->request);
+ buffer_append(&e->request, buffer_ptr(&e->input), msg_len);
+ buffer_consume(&e->input, msg_len);
+ type = buffer_get_char(&e->request);
debug("type %d", type);
switch (type) {
@@ -589,7 +598,7 @@ process_message(SocketEntry *e)
default:
/* Unknown message. Respond with failure. */
error("Unknown message %d", type);
- buffer_clear(&e->input);
+ buffer_clear(&e->request);
buffer_put_int(&e->output, 1);
buffer_put_char(&e->output, SSH_AGENT_FAILURE);
break;
@@ -612,6 +621,7 @@ new_socket(sock_type type, int fd)
sockets[i].type = type;
buffer_init(&sockets[i].input);
buffer_init(&sockets[i].output);
+ buffer_init(&sockets[i].request);
return;
}
old_alloc = sockets_alloc;
@@ -626,6 +636,7 @@ new_socket(sock_type type, int fd)
sockets[old_alloc].fd = fd;
buffer_init(&sockets[old_alloc].input);
buffer_init(&sockets[old_alloc].output);
+ buffer_init(&sockets[old_alloc].request);
}
static int
@@ -723,6 +734,7 @@ after_select(fd_set *readset, fd_set *writeset)
sockets[i].type = AUTH_UNUSED;
buffer_free(&sockets[i].input);
buffer_free(&sockets[i].output);
+ buffer_free(&sockets[i].request);
break;
}
buffer_consume(&sockets[i].output, len);
@@ -741,6 +753,7 @@ after_select(fd_set *readset, fd_set *writeset)
sockets[i].type = AUTH_UNUSED;
buffer_free(&sockets[i].input);
buffer_free(&sockets[i].output);
+ buffer_free(&sockets[i].request);
break;
}
buffer_append(&sockets[i].input, buf, len);