[openssh-commits] [openssh] 02/02: upstream: Allow forwarding a different agent socket to the path
git+noreply at mindrot.org
git+noreply at mindrot.org
Sat Dec 21 13:22:14 AEDT 2019
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 40be78f503277bd91c958fa25ea9ef918a2ffd3d
Author: djm at openbsd.org <djm at openbsd.org>
Date: Sat Dec 21 02:19:13 2019 +0000
upstream: Allow forwarding a different agent socket to the path
specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent option to
accepting an explicit path or the name of an environment variable in addition
to yes/no.
Patch by Eric Chiang, manpage by me; ok markus@
OpenBSD-Commit-ID: 98f2ed80bf34ea54d8b2ddd19ac14ebbf40e9265
---
authfd.c | 36 +++++++++++++++++++++++++-----------
authfd.h | 3 ++-
clientloop.c | 15 +++++++++++++--
readconf.c | 43 +++++++++++++++++++++++++++++++++++++------
readconf.h | 3 ++-
ssh.c | 34 +++++++++++++++++++++++++++++++++-
ssh_config.5 | 15 +++++++++------
7 files changed, 121 insertions(+), 28 deletions(-)
diff --git a/authfd.c b/authfd.c
index ab630594..05fd4540 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.120 2019/11/13 04:47:52 deraadt Exp $ */
+/* $OpenBSD: authfd.c,v 1.121 2019/12/21 02:19:13 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -82,21 +82,16 @@ decode_reply(u_char type)
return SSH_ERR_INVALID_FORMAT;
}
-/* Returns the number of the authentication fd, or -1 if there is none. */
+/*
+ * Opens an authentication socket at the provided path and stores the file
+ * descriptor in fdp. Returns 0 on success and an error on failure.
+ */
int
-ssh_get_authentication_socket(int *fdp)
+ssh_get_authentication_socket_path(const char *authsocket, int *fdp)
{
- const char *authsocket;
int sock, oerrno;
struct sockaddr_un sunaddr;
- if (fdp != NULL)
- *fdp = -1;
-
- authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME);
- if (authsocket == NULL || *authsocket == '\0')
- return SSH_ERR_AGENT_NOT_PRESENT;
-
memset(&sunaddr, 0, sizeof(sunaddr));
sunaddr.sun_family = AF_UNIX;
strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path));
@@ -119,6 +114,25 @@ ssh_get_authentication_socket(int *fdp)
return 0;
}
+/*
+ * Opens the default authentication socket and stores the file descriptor in
+ * fdp. Returns 0 on success and an error on failure.
+ */
+int
+ssh_get_authentication_socket(int *fdp)
+{
+ const char *authsocket;
+
+ if (fdp != NULL)
+ *fdp = -1;
+
+ authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME);
+ if (authsocket == NULL || *authsocket == '\0')
+ return SSH_ERR_AGENT_NOT_PRESENT;
+
+ return ssh_get_authentication_socket_path(authsocket, fdp);
+}
+
/* Communicate with agent: send request and read reply */
static int
ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply)
diff --git a/authfd.h b/authfd.h
index 443771a0..c3bf6259 100644
--- a/authfd.h
+++ b/authfd.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.h,v 1.47 2019/10/31 21:19:15 djm Exp $ */
+/* $OpenBSD: authfd.h,v 1.48 2019/12/21 02:19:13 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -24,6 +24,7 @@ struct ssh_identitylist {
};
int ssh_get_authentication_socket(int *fdp);
+int ssh_get_authentication_socket_path(const char *authsocket, int *fdp);
void ssh_close_authentication_socket(int sock);
int ssh_lock_agent(int sock, int lock, const char *password);
diff --git a/clientloop.c b/clientloop.c
index 880abfda..8f0332df 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.329 2019/11/25 00:51:37 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.330 2019/12/21 02:19:13 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -134,6 +134,12 @@ extern int muxserver_sock; /* XXX use mux_client_cleanup() instead */
*/
extern char *host;
+/*
+ * If this field is not NULL, the ForwardAgent socket is this path and different
+ * instead of SSH_AUTH_SOCK.
+ */
+extern char *forward_agent_sock_path;
+
/*
* Flag to indicate that we have received a window change signal which has
* not yet been processed. This will cause a message indicating the new
@@ -1618,7 +1624,12 @@ client_request_agent(struct ssh *ssh, const char *request_type, int rchan)
"malicious server.");
return NULL;
}
- if ((r = ssh_get_authentication_socket(&sock)) != 0) {
+ if (forward_agent_sock_path == NULL) {
+ r = ssh_get_authentication_socket(&sock);
+ } else {
+ r = ssh_get_authentication_socket_path(forward_agent_sock_path, &sock);
+ }
+ if (r != 0) {
if (r != SSH_ERR_AGENT_NOT_PRESENT)
debug("%s: ssh_get_authentication_socket: %s",
__func__, ssh_err(r));
diff --git a/readconf.c b/readconf.c
index 282afede..cb3ae6dc 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.318 2019/12/20 02:42:42 dtucker Exp $ */
+/* $OpenBSD: readconf.c,v 1.319 2019/12/21 02:19:13 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -919,6 +919,34 @@ parse_time:
case oForwardAgent:
intptr = &options->forward_agent;
+
+ arg = strdelim(&s);
+ if (!arg || *arg == '\0')
+ fatal("%s line %d: missing argument.",
+ filename, linenum);
+
+ value = -1;
+ multistate_ptr = multistate_flag;
+ for (i = 0; multistate_ptr[i].key != NULL; i++) {
+ if (strcasecmp(arg, multistate_ptr[i].key) == 0) {
+ value = multistate_ptr[i].value;
+ break;
+ }
+ }
+ if (value != -1) {
+ if (*activep && *intptr == -1)
+ *intptr = value;
+ break;
+ }
+ /* ForwardAgent wasn't 'yes' or 'no', assume a path */
+ if (*activep && *intptr == -1)
+ *intptr = 1;
+
+ charptr = &options->forward_agent_sock_path;
+ goto parse_agent_path;
+
+ case oForwardX11:
+ intptr = &options->forward_x11;
parse_flag:
multistate_ptr = multistate_flag;
parse_multistate:
@@ -940,10 +968,6 @@ parse_time:
*intptr = value;
break;
- case oForwardX11:
- intptr = &options->forward_x11;
- goto parse_flag;
-
case oForwardX11Trusted:
intptr = &options->forward_x11_trusted;
goto parse_flag;
@@ -1736,6 +1760,7 @@ parse_keytypes:
if (!arg || *arg == '\0')
fatal("%.200s line %d: Missing argument.",
filename, linenum);
+ parse_agent_path:
/* Extra validation if the string represents an env var. */
if (arg[0] == '$' && !valid_env_name(arg + 1)) {
fatal("%.200s line %d: Invalid environment name %s.",
@@ -1853,6 +1878,7 @@ initialize_options(Options * options)
{
memset(options, 'X', sizeof(*options));
options->forward_agent = -1;
+ options->forward_agent_sock_path = NULL;
options->forward_x11 = -1;
options->forward_x11_trusted = -1;
options->forward_x11_timeout = -1;
@@ -2636,7 +2662,6 @@ dump_client_config(Options *o, const char *host)
dump_cfg_fmtint(oClearAllForwardings, o->clear_forwardings);
dump_cfg_fmtint(oExitOnForwardFailure, o->exit_on_forward_failure);
dump_cfg_fmtint(oFingerprintHash, o->fingerprint_hash);
- dump_cfg_fmtint(oForwardAgent, o->forward_agent);
dump_cfg_fmtint(oForwardX11, o->forward_x11);
dump_cfg_fmtint(oForwardX11Trusted, o->forward_x11_trusted);
dump_cfg_fmtint(oGatewayPorts, o->fwd_opts.gateway_ports);
@@ -2712,6 +2737,12 @@ dump_client_config(Options *o, const char *host)
/* Special cases */
+ /* oForwardAgent */
+ if (o->forward_agent_sock_path == NULL)
+ dump_cfg_fmtint(oForwardAgent, o->forward_agent);
+ else
+ dump_cfg_string(oForwardAgent, o->forward_agent_sock_path);
+
/* oConnectTimeout */
if (o->connection_timeout == -1)
printf("connecttimeout none\n");
diff --git a/readconf.h b/readconf.h
index 51d540b8..dcecfc54 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.130 2019/10/31 21:18:28 djm Exp $ */
+/* $OpenBSD: readconf.h,v 1.131 2019/12/21 02:19:13 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -29,6 +29,7 @@ struct allowed_cname {
typedef struct {
int forward_agent; /* Forward authentication agent. */
+ char *forward_agent_sock_path; /* Optional path of the agent. */
int forward_x11; /* Forward X11 display. */
int forward_x11_timeout; /* Expiration for Cookies */
int forward_x11_trusted; /* Trust Forward X11 display. */
diff --git a/ssh.c b/ssh.c
index 13299f7d..12760af2 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.509 2019/11/18 16:10:05 naddy Exp $ */
+/* $OpenBSD: ssh.c,v 1.510 2019/12/21 02:19:13 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -168,6 +168,12 @@ char *config = NULL;
*/
char *host;
+/*
+ * A config can specify a path to forward, overriding SSH_AUTH_SOCK. If this is
+ * not NULL, forward the socket at this path instead.
+ */
+char *forward_agent_sock_path = NULL;
+
/* Various strings used to to percent_expand() arguments */
static char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV];
static char uidstr[32], *host_arg, *conn_hash_hex;
@@ -1498,6 +1504,32 @@ main(int ac, char **av)
}
}
+ if (options.forward_agent && (options.forward_agent_sock_path != NULL)) {
+ p = tilde_expand_filename(options.forward_agent_sock_path, getuid());
+ cp = percent_expand(p,
+ "d", pw->pw_dir,
+ "h", host,
+ "i", uidstr,
+ "l", thishost,
+ "r", options.user,
+ "u", pw->pw_name,
+ (char *)NULL);
+ free(p);
+
+ if (cp[0] == '$') {
+ if (!valid_env_name(cp + 1)) {
+ fatal("Invalid ForwardAgent environment variable name %s", cp);
+ }
+ if ((p = getenv(cp + 1)) != NULL)
+ forward_agent_sock_path = p;
+ else
+ options.forward_agent = 0;
+ free(cp);
+ } else {
+ forward_agent_sock_path = cp;
+ }
+ }
+
/* Expand ~ in known host file names. */
tilde_expand_paths(options.system_hostfiles,
options.num_system_hostfiles);
diff --git a/ssh_config.5 b/ssh_config.5
index dc7a2143..186e0761 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.311 2019/12/19 15:09:30 naddy Exp $
-.Dd $Mdocdate: December 19 2019 $
+.\" $OpenBSD: ssh_config.5,v 1.312 2019/12/21 02:19:13 djm Exp $
+.Dd $Mdocdate: December 21 2019 $
.Dt SSH_CONFIG 5
.Os
.Sh NAME
@@ -669,11 +669,14 @@ and
.It Cm ForwardAgent
Specifies whether the connection to the authentication agent (if any)
will be forwarded to the remote machine.
-The argument must be
-.Cm yes
-or
+The argument may be
+.Cm yes ,
.Cm no
-(the default).
+(the default),
+an explicit path to an agent socket or the name of an environment variable
+(beginning with
+.Sq $ )
+in which to find the path.
.Pp
Agent forwarding should be enabled with caution.
Users with the ability to bypass file permissions on the remote host
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list