annotate cli-agentfwd.c @ 1777:97ad26e397a5

Add server postauth fuzzer, wrap connect_remote()
author Matt Johnston <matt@ucc.asn.au>
date Fri, 13 Nov 2020 23:18:05 +0800
parents a53e7d2d60be
children a7cc3332d8ab
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
1 /*
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
2 * Dropbear - a SSH2 server
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
3 *
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
4 * Copyright (c) 2005 Matt Johnston
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
5 * All rights reserved.
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
6 *
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
8 * of this software and associated documentation files (the "Software"), to deal
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
9 * in the Software without restriction, including without limitation the rights
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
11 * copies of the Software, and to permit persons to whom the Software is
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
12 * furnished to do so, subject to the following conditions:
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
13 *
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
14 * The above copyright notice and this permission notice shall be included in
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
15 * all copies or substantial portions of the Software.
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
16 *
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
23 * SOFTWARE. */
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
24
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
25 #include "includes.h"
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
26
1295
750ec4ec4cbe Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents: 1057
diff changeset
27 #if DROPBEAR_CLI_AGENTFWD
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
28
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 #include "agentfwd.h"
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30 #include "session.h"
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
31 #include "ssh.h"
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
32 #include "dbutil.h"
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
33 #include "chansession.h"
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
34 #include "channel.h"
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
35 #include "packet.h"
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
36 #include "buffer.h"
858
220f55d540ae rename random.h to dbrandom.h since some OSes have a system random.h
Matt Johnston <matt@ucc.asn.au>
parents: 857
diff changeset
37 #include "dbrandom.h"
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
38 #include "listener.h"
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
39 #include "runopts.h"
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
40 #include "atomicio.h"
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
41 #include "signkey.h"
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
42 #include "auth.h"
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
43
551
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
44 /* The protocol implemented to talk to OpenSSH's SSH2 agent is documented in
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
45 PROTOCOL.agent in recent OpenSSH source distributions (5.1p1 has it). */
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
46
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
47 static int new_agent_chan(struct Channel * channel);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
48
547
cf376c696dfc Make it compile, update for changes in channel structure.
Matt Johnston <matt@ucc.asn.au>
parents: 225
diff changeset
49 const struct ChanType cli_chan_agent = {
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
50 0, /* sepfds */
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
51 "[email protected]",
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
52 new_agent_chan,
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
53 NULL,
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
54 NULL,
1625
79eef94ccea9 Split ChanType closehandler() and cleanup() so that dbclient doesn't
Matt Johnston <matt@ucc.asn.au>
parents: 1459
diff changeset
55 NULL,
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
56 NULL
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
57 };
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
58
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
59 static int connect_agent() {
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
60
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
61 int fd = -1;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
62 char* agent_sock = NULL;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
63
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
64 agent_sock = getenv("SSH_AUTH_SOCK");
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
65 if (agent_sock == NULL)
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
66 return -1;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
67
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
68 fd = connect_unix(agent_sock);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
69
563
12fc5b342dc0 - Don't print warning if SSH_AUTH_SOCK is unset
Matt Johnston <matt@ucc.asn.au>
parents: 562
diff changeset
70 if (fd < 0) {
12fc5b342dc0 - Don't print warning if SSH_AUTH_SOCK is unset
Matt Johnston <matt@ucc.asn.au>
parents: 562
diff changeset
71 dropbear_log(LOG_INFO, "Failed to connect to agent");
12fc5b342dc0 - Don't print warning if SSH_AUTH_SOCK is unset
Matt Johnston <matt@ucc.asn.au>
parents: 562
diff changeset
72 }
12fc5b342dc0 - Don't print warning if SSH_AUTH_SOCK is unset
Matt Johnston <matt@ucc.asn.au>
parents: 562
diff changeset
73
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
74 return fd;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
75 }
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
76
857
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 761
diff changeset
77 /* handle a request for a connection to the locally running ssh-agent
c19acba28590 use oldstyle comments
Matt Johnston <matt@ucc.asn.au>
parents: 761
diff changeset
78 or forward. */
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
79 static int new_agent_chan(struct Channel * channel) {
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
80
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
81 int fd = -1;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
82
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
83 if (!cli_opts.agent_fwd)
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
84 return SSH_OPEN_ADMINISTRATIVELY_PROHIBITED;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
85
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
86 fd = connect_agent();
610
3c5f631358a0 Fix check of wrong variable found by Klocwork
Matt Johnston <matt@ucc.asn.au>
parents: 563
diff changeset
87 if (fd < 0) {
562
a900cb1c53fa - Handle failure to connect to forwarding socket
Matt Johnston <matt@ucc.asn.au>
parents: 560
diff changeset
88 return SSH_OPEN_CONNECT_FAILED;
a900cb1c53fa - Handle failure to connect to forwarding socket
Matt Johnston <matt@ucc.asn.au>
parents: 560
diff changeset
89 }
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
90
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
91 setnonblocking(fd);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
92
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
93 ses.maxfd = MAX(ses.maxfd, fd);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
94
547
cf376c696dfc Make it compile, update for changes in channel structure.
Matt Johnston <matt@ucc.asn.au>
parents: 225
diff changeset
95 channel->readfd = fd;
cf376c696dfc Make it compile, update for changes in channel structure.
Matt Johnston <matt@ucc.asn.au>
parents: 225
diff changeset
96 channel->writefd = fd;
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
97
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
98 return 0;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
99 }
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
100
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
101 /* Sends a request to the agent, returning a newly allocated buffer
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
102 * with the response */
550
61c3513825b0 Talking to the agent works now. Can't interpret the pubkeys.
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
103 /* This function will block waiting for a response - it will
61c3513825b0 Talking to the agent works now. Can't interpret the pubkeys.
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
104 * only be used by client authentication (not for forwarded requests)
61c3513825b0 Talking to the agent works now. Can't interpret the pubkeys.
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
105 * won't cause problems for interactivity. */
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
106 /* Packet format (from draft-ylonen)
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
107 4 bytes Length, msb first. Does not include length itself.
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
108 1 byte Packet type. The value 255 is reserved for future extensions.
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
109 data Any data, depending on packet type. Encoding as in the ssh packet
550
61c3513825b0 Talking to the agent works now. Can't interpret the pubkeys.
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
110 protocol.
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
111 */
1459
06d52bcb8094 Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents: 1323
diff changeset
112 static buffer * agent_request(unsigned char type, const buffer *data) {
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
113
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
114 buffer * payload = NULL;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
115 buffer * inbuf = NULL;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
116 size_t readlen = 0;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
117 ssize_t ret;
552
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
118 const int fd = cli_opts.agent_fd;
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
119 unsigned int data_len = 0;
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
120 if (data)
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
121 {
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
122 data_len = data->len;
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
123 }
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
124
552
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
125 payload = buf_new(4 + 1 + data_len);
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
126
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
127 buf_putint(payload, 1 + data_len);
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
128 buf_putbyte(payload, type);
552
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
129 if (data) {
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
130 buf_putbytes(payload, data->data, data->len);
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
131 }
550
61c3513825b0 Talking to the agent works now. Can't interpret the pubkeys.
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
132 buf_setpos(payload, 0);
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
133
1323
83d85b28b353 upgrade atomicio
Francois Perrad <francois.perrad@gadz.org>
parents: 1295
diff changeset
134 ret = atomicio(vwrite, fd, buf_getptr(payload, payload->len), payload->len);
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
135 if ((size_t)ret != payload->len) {
550
61c3513825b0 Talking to the agent works now. Can't interpret the pubkeys.
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
136 TRACE(("write failed fd %d for agent_request, %s", fd, strerror(errno)))
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
137 goto out;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
138 }
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
139
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
140 buf_free(payload);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
141 payload = NULL;
550
61c3513825b0 Talking to the agent works now. Can't interpret the pubkeys.
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
142 TRACE(("Wrote out bytes for agent_request"))
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
143 /* Now we read the response */
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
144 inbuf = buf_new(4);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
145 ret = atomicio(read, fd, buf_getwriteptr(inbuf, 4), 4);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
146 if (ret != 4) {
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
147 TRACE(("read of length failed for agent_request"))
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
148 goto out;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
149 }
550
61c3513825b0 Talking to the agent works now. Can't interpret the pubkeys.
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
150 buf_setpos(inbuf, 0);
61c3513825b0 Talking to the agent works now. Can't interpret the pubkeys.
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
151 buf_setlen(inbuf, ret);
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
152
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
153 readlen = buf_getint(inbuf);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
154 if (readlen > MAX_AGENT_REPLY) {
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
155 TRACE(("agent reply is too big"));
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
156 goto out;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
157 }
550
61c3513825b0 Talking to the agent works now. Can't interpret the pubkeys.
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
158
1057
16584026a1f0 allocate buffer and data in a single allocation
Matt Johnston <matt@ucc.asn.au>
parents: 985
diff changeset
159 inbuf = buf_resize(inbuf, readlen);
550
61c3513825b0 Talking to the agent works now. Can't interpret the pubkeys.
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
160 buf_setpos(inbuf, 0);
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
161 ret = atomicio(read, fd, buf_getwriteptr(inbuf, readlen), readlen);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
162 if ((size_t)ret != readlen) {
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
163 TRACE(("read of data failed for agent_request"))
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
164 goto out;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
165 }
550
61c3513825b0 Talking to the agent works now. Can't interpret the pubkeys.
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
166 buf_incrwritepos(inbuf, readlen);
61c3513825b0 Talking to the agent works now. Can't interpret the pubkeys.
Matt Johnston <matt@ucc.asn.au>
parents: 547
diff changeset
167 buf_setpos(inbuf, 0);
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
168
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
169 out:
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
170 if (payload)
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
171 buf_free(payload);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
172
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
173 return inbuf;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
174 }
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
175
552
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
176 static void agent_get_key_list(m_list * ret_list)
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
177 {
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
178 buffer * inbuf = NULL;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
179 unsigned int num = 0;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
180 unsigned char packet_type;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
181 unsigned int i;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
182 int ret;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
183
552
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
184 inbuf = agent_request(SSH2_AGENTC_REQUEST_IDENTITIES, NULL);
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
185 if (!inbuf) {
552
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
186 TRACE(("agent_request failed returning identities"))
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
187 goto out;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
188 }
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
189
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
190 /* The reply has a format of:
551
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
191 byte SSH2_AGENT_IDENTITIES_ANSWER
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
192 uint32 num_keys
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
193 Followed by zero or more consecutive keys, encoded as:
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
194 string key_blob
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
195 string key_comment
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
196 */
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
197 packet_type = buf_getbyte(inbuf);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
198 if (packet_type != SSH2_AGENT_IDENTITIES_ANSWER) {
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
199 goto out;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
200 }
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
201
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
202 num = buf_getint(inbuf);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
203 for (i = 0; i < num; i++) {
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
204 sign_key * pubkey = NULL;
864
30ab30e46452 Fix some warnings
Matt Johnston <matt@ucc.asn.au>
parents: 858
diff changeset
205 enum signkey_type key_type = DROPBEAR_SIGNKEY_ANY;
551
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
206 buffer * key_buf;
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
207
551
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
208 /* each public key is encoded as a string */
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
209 key_buf = buf_getstringbuf(inbuf);
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
210 pubkey = new_sign_key();
551
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
211 ret = buf_get_pub_key(key_buf, pubkey, &key_type);
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
212 buf_free(key_buf);
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
213 if (ret != DROPBEAR_SUCCESS) {
985
9bf46570868f clarify bad/unknown
Matt Johnston <matt@ucc.asn.au>
parents: 984
diff changeset
214 TRACE(("Skipping bad/unknown type pubkey from agent"));
984
d46e7f613157 Handle invalid agent keys by skipping rather than exiting.
Catalin Patulea <cat@vv.carleton.ca>
parents: 970
diff changeset
215 sign_key_free(pubkey);
d46e7f613157 Handle invalid agent keys by skipping rather than exiting.
Catalin Patulea <cat@vv.carleton.ca>
parents: 970
diff changeset
216 } else {
d46e7f613157 Handle invalid agent keys by skipping rather than exiting.
Catalin Patulea <cat@vv.carleton.ca>
parents: 970
diff changeset
217 pubkey->type = key_type;
d46e7f613157 Handle invalid agent keys by skipping rather than exiting.
Catalin Patulea <cat@vv.carleton.ca>
parents: 970
diff changeset
218 pubkey->source = SIGNKEY_SOURCE_AGENT;
d46e7f613157 Handle invalid agent keys by skipping rather than exiting.
Catalin Patulea <cat@vv.carleton.ca>
parents: 970
diff changeset
219
d46e7f613157 Handle invalid agent keys by skipping rather than exiting.
Catalin Patulea <cat@vv.carleton.ca>
parents: 970
diff changeset
220 list_append(ret_list, pubkey);
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
221 }
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
222
551
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
223 /* We'll ignore the comment for now. might want it later.*/
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
224 buf_eatstring(inbuf);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
225 }
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
226
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
227 out:
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
228 if (inbuf) {
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
229 buf_free(inbuf);
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
230 inbuf = NULL;
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
231 }
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
232 }
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
233
1459
06d52bcb8094 Pointer parameter could be declared as pointing to const
Francois Perrad <francois.perrad@gadz.org>
parents: 1323
diff changeset
234 void cli_setup_agent(const struct Channel *channel) {
560
52d7301e46bd Agent forwarding works
Matt Johnston <matt@ucc.asn.au>
parents: 552
diff changeset
235 if (!getenv("SSH_AUTH_SOCK")) {
52d7301e46bd Agent forwarding works
Matt Johnston <matt@ucc.asn.au>
parents: 552
diff changeset
236 return;
52d7301e46bd Agent forwarding works
Matt Johnston <matt@ucc.asn.au>
parents: 552
diff changeset
237 }
52d7301e46bd Agent forwarding works
Matt Johnston <matt@ucc.asn.au>
parents: 552
diff changeset
238
970
0bb16232e7c4 Make keepalive handling more robust, this should now match what OpenSSH does
Matt Johnston <matt@ucc.asn.au>
parents: 864
diff changeset
239 start_send_channel_request(channel, "[email protected]");
560
52d7301e46bd Agent forwarding works
Matt Johnston <matt@ucc.asn.au>
parents: 552
diff changeset
240 /* Don't want replies */
52d7301e46bd Agent forwarding works
Matt Johnston <matt@ucc.asn.au>
parents: 552
diff changeset
241 buf_putbyte(ses.writepayload, 0);
52d7301e46bd Agent forwarding works
Matt Johnston <matt@ucc.asn.au>
parents: 552
diff changeset
242 encrypt_packet();
52d7301e46bd Agent forwarding works
Matt Johnston <matt@ucc.asn.au>
parents: 552
diff changeset
243 }
52d7301e46bd Agent forwarding works
Matt Johnston <matt@ucc.asn.au>
parents: 552
diff changeset
244
551
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
245 /* Returned keys are prepended to ret_list, which will
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
246 be updated. */
560
52d7301e46bd Agent forwarding works
Matt Johnston <matt@ucc.asn.au>
parents: 552
diff changeset
247 void cli_load_agent_keys(m_list *ret_list) {
552
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
248 /* agent_fd will be closed after successful auth */
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
249 cli_opts.agent_fd = connect_agent();
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
250 if (cli_opts.agent_fd < 0) {
547
cf376c696dfc Make it compile, update for changes in channel structure.
Matt Johnston <matt@ucc.asn.au>
parents: 225
diff changeset
251 return;
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
252 }
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
253
552
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
254 agent_get_key_list(ret_list);
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
255 }
551
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
256
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
257 void agent_buf_sign(buffer *sigblob, sign_key *key,
1682
a53e7d2d60be rsa-sha256 for ssh-agent
Matt Johnston <matt@ucc.asn.au>
parents: 1625
diff changeset
258 const buffer *data_buf, enum signature_type sigtype) {
612
1aee049681bd Tidy error handling and get rid of some commented out code
Matt Johnston <matt@ucc.asn.au>
parents: 610
diff changeset
259 buffer *request_data = NULL;
1aee049681bd Tidy error handling and get rid of some commented out code
Matt Johnston <matt@ucc.asn.au>
parents: 610
diff changeset
260 buffer *response = NULL;
653
5e8d84f3ee72 - Remove unused variable/code
Matt Johnston <matt@ucc.asn.au>
parents: 612
diff changeset
261 unsigned int siglen;
552
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
262 int packet_type;
1682
a53e7d2d60be rsa-sha256 for ssh-agent
Matt Johnston <matt@ucc.asn.au>
parents: 1625
diff changeset
263 int flags = 0;
552
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
264
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
265 /* Request format
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
266 byte SSH2_AGENTC_SIGN_REQUEST
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
267 string key_blob
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
268 string data
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
269 uint32 flags
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
270 */
761
ac2158e3e403 ecc kind of works, needs fixing/testing
Matt Johnston <matt@ucc.asn.au>
parents: 760
diff changeset
271 request_data = buf_new(MAX_PUBKEY_SIZE + data_buf->len + 12);
552
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
272 buf_put_pub_key(request_data, key, key->type);
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
273
760
f336d232fc63 Make _sign and _verify functions take a buffer* rather than void* and int
Matt Johnston <matt@ucc.asn.au>
parents: 723
diff changeset
274 buf_putbufstring(request_data, data_buf);
1682
a53e7d2d60be rsa-sha256 for ssh-agent
Matt Johnston <matt@ucc.asn.au>
parents: 1625
diff changeset
275 #if DROPBEAR_RSA_SHA256
a53e7d2d60be rsa-sha256 for ssh-agent
Matt Johnston <matt@ucc.asn.au>
parents: 1625
diff changeset
276 if (sigtype == DROPBEAR_SIGNATURE_RSA_SHA256) {
a53e7d2d60be rsa-sha256 for ssh-agent
Matt Johnston <matt@ucc.asn.au>
parents: 1625
diff changeset
277 flags |= SSH_AGENT_RSA_SHA2_256;
a53e7d2d60be rsa-sha256 for ssh-agent
Matt Johnston <matt@ucc.asn.au>
parents: 1625
diff changeset
278 }
a53e7d2d60be rsa-sha256 for ssh-agent
Matt Johnston <matt@ucc.asn.au>
parents: 1625
diff changeset
279 #endif
a53e7d2d60be rsa-sha256 for ssh-agent
Matt Johnston <matt@ucc.asn.au>
parents: 1625
diff changeset
280 buf_putint(request_data, flags);
552
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
281
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
282 response = agent_request(SSH2_AGENTC_SIGN_REQUEST, request_data);
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
283
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
284 if (!response) {
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
285 goto fail;
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
286 }
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
287
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
288 packet_type = buf_getbyte(response);
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
289 if (packet_type != SSH2_AGENT_SIGN_RESPONSE) {
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
290 goto fail;
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
291 }
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
292
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
293 /* Response format
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
294 byte SSH2_AGENT_SIGN_RESPONSE
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
295 string signature_blob
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
296 */
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
297 siglen = buf_getint(response);
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
298 buf_putbytes(sigblob, buf_getptr(response, siglen), siglen);
612
1aee049681bd Tidy error handling and get rid of some commented out code
Matt Johnston <matt@ucc.asn.au>
parents: 610
diff changeset
299 goto cleanup;
552
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
300
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
301 fail:
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
302 /* XXX don't fail badly here. instead propagate a failure code back up to
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
303 the cli auth pubkey code, and just remove this key from the list of
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
304 ones to try. */
de3653483ac0 - Client auth using an agent's key works. Still need to implement client
Matt Johnston <matt@ucc.asn.au>
parents: 551
diff changeset
305 dropbear_exit("Agent failed signing key");
612
1aee049681bd Tidy error handling and get rid of some commented out code
Matt Johnston <matt@ucc.asn.au>
parents: 610
diff changeset
306
1aee049681bd Tidy error handling and get rid of some commented out code
Matt Johnston <matt@ucc.asn.au>
parents: 610
diff changeset
307 cleanup:
1aee049681bd Tidy error handling and get rid of some commented out code
Matt Johnston <matt@ucc.asn.au>
parents: 610
diff changeset
308 if (request_data) {
1aee049681bd Tidy error handling and get rid of some commented out code
Matt Johnston <matt@ucc.asn.au>
parents: 610
diff changeset
309 buf_free(request_data);
1aee049681bd Tidy error handling and get rid of some commented out code
Matt Johnston <matt@ucc.asn.au>
parents: 610
diff changeset
310 }
1aee049681bd Tidy error handling and get rid of some commented out code
Matt Johnston <matt@ucc.asn.au>
parents: 610
diff changeset
311 if (response) {
1aee049681bd Tidy error handling and get rid of some commented out code
Matt Johnston <matt@ucc.asn.au>
parents: 610
diff changeset
312 buf_free(response);
1aee049681bd Tidy error handling and get rid of some commented out code
Matt Johnston <matt@ucc.asn.au>
parents: 610
diff changeset
313 }
551
c3f2ec71e3d4 New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents: 550
diff changeset
314 }
225
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
315
ca7e76d981d9 - progress towards client agent forwarding
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
316 #endif