#include <errno.h>
#include <assert.h>
#include <signal.h>
+#include <ctype.h>
#include <sys/types.h>
#include <sys/wait.h>
SockAddr unix_sock_addr(const char *path);
Socket new_unix_listener(SockAddr listenaddr, Plug plug);
-void fatalbox(char *p, ...)
+void fatalbox(const char *p, ...)
{
va_list ap;
fprintf(stderr, "FATAL ERROR: ");
fputc('\n', stderr);
exit(1);
}
-void modalfatalbox(char *p, ...)
+void modalfatalbox(const char *p, ...)
{
va_list ap;
fprintf(stderr, "FATAL ERROR: ");
fputc('\n', stderr);
exit(1);
}
-void nonfatal(char *p, ...)
+void nonfatal(const char *p, ...)
{
va_list ap;
fprintf(stderr, "ERROR: ");
va_end(ap);
fputc('\n', stderr);
}
-void connection_fatal(void *frontend, char *p, ...)
+void connection_fatal(void *frontend, const char *p, ...)
{
va_list ap;
fprintf(stderr, "FATAL ERROR: ");
fputc('\n', stderr);
exit(1);
}
-void cmdline_error(char *p, ...)
+void cmdline_error(const char *p, ...)
{
va_list ap;
fprintf(stderr, "pageant: ");
* In Pageant our selects are synchronous, so these functions are
* empty stubs.
*/
-int uxsel_input_add(int fd, int rwx) { return 0; }
-void uxsel_input_remove(int id) { }
+uxsel_id *uxsel_input_add(int fd, int rwx) { return NULL; }
+void uxsel_input_remove(uxsel_id *id) { }
/*
* More stubs.
Filename *platform_default_filename(const char *name) { return filename_from_str(""); }
char *x_get_default(const char *key) { return NULL; }
void log_eventlog(void *handle, const char *event) {}
+int from_backend(void *frontend, int is_stderr, const char *data, int datalen)
+{ assert(!"only here to satisfy notional call from backend_socket_log"); }
/*
* Short description of parameters.
{
printf("Pageant: SSH agent\n");
printf("%s\n", ver);
- printf("FIXME\n");
+ printf("Usage: pageant <lifetime> [key files]\n");
+ printf(" pageant [key files] --exec <command> [args]\n");
+ printf(" pageant -a [key files]\n");
+ printf(" pageant -d [key identifiers]\n");
+ printf(" pageant --public [key identifiers]\n");
+ printf(" pageant --public-openssh [key identifiers]\n");
+ printf(" pageant -l\n");
+ printf(" pageant -D\n");
+ printf("Lifetime options, for running Pageant as an agent:\n");
+ printf(" -X run with the lifetime of the X server\n");
+ printf(" -T run with the lifetime of the controlling tty\n");
+ printf(" --permanent run permanently\n");
+ printf(" --debug run in debugging mode, without forking\n");
+ printf(" --exec <command> run with the lifetime of that command\n");
+ printf("Client options, for talking to an existing agent:\n");
+ printf(" -a add key(s) to the existing agent\n");
+ printf(" -l list currently loaded key fingerprints and comments\n");
+ printf(" --public print public keys in RFC 4716 format\n");
+ printf(" --public-openssh print public keys in OpenSSH format\n");
+ printf(" -d delete key(s) from the agent\n");
+ printf(" -D delete all keys from the agent\n");
+ printf("Other options:\n");
+ printf(" -v verbose mode (in agent mode)\n");
exit(1);
}
};
char *socketname;
+static enum { SHELL_AUTO, SHELL_SH, SHELL_CSH } shell_type = SHELL_AUTO;
void pageant_print_env(int pid)
{
- printf("SSH_AUTH_SOCK=%s; export SSH_AUTH_SOCK;\n"
- "SSH_AGENT_PID=%d; export SSH_AGENT_PID;\n",
- socketname, (int)pid);
+ if (shell_type == SHELL_AUTO) {
+ /* Same policy as OpenSSH: if $SHELL ends in "csh" then assume
+ * it's csh-shaped. */
+ const char *shell = getenv("SHELL");
+ if (shell && strlen(shell) >= 3 &&
+ !strcmp(shell + strlen(shell) - 3, "csh"))
+ shell_type = SHELL_CSH;
+ else
+ shell_type = SHELL_SH;
+ }
+
+ /*
+ * These shell snippets could usefully pay some attention to
+ * escaping of interesting characters. I don't think it causes a
+ * problem at the moment, because the pathnames we use are so
+ * utterly boring, but it's a lurking bug waiting to happen once
+ * a bit more flexibility turns up.
+ */
+
+ switch (shell_type) {
+ case SHELL_SH:
+ printf("SSH_AUTH_SOCK=%s; export SSH_AUTH_SOCK;\n"
+ "SSH_AGENT_PID=%d; export SSH_AGENT_PID;\n",
+ socketname, pid);
+ break;
+ case SHELL_CSH:
+ printf("setenv SSH_AUTH_SOCK %s;\n"
+ "setenv SSH_AGENT_PID %d;\n",
+ socketname, pid);
+ break;
+ case SHELL_AUTO:
+ assert(0 && "Can't get here");
+ break;
+ }
}
void pageant_fork_and_print_env(int retain_tty)
KEYACT_CLIENT_DEL,
KEYACT_CLIENT_DEL_ALL,
KEYACT_CLIENT_LIST,
- KEYACT_CLIENT_LIST_FULL,
+ KEYACT_CLIENT_PUBLIC_OPENSSH,
+ KEYACT_CLIENT_PUBLIC
} keyact;
struct cmdline_key_action {
struct cmdline_key_action *next;
keyact_tail = a;
}
+int have_controlling_tty(void)
+{
+ int fd = open("/dev/tty", O_RDONLY);
+ if (fd < 0) {
+ if (errno != ENXIO) {
+ perror("/dev/tty: open");
+ exit(1);
+ }
+ return FALSE;
+ } else {
+ close(fd);
+ return TRUE;
+ }
+}
+
char **exec_args = NULL;
enum {
LIFE_UNSPEC, LIFE_X11, LIFE_TTY, LIFE_DEBUG, LIFE_PERM, LIFE_EXEC
} life = LIFE_UNSPEC;
const char *display = NULL;
+static char *askpass(const char *comment)
+{
+ if (have_controlling_tty()) {
+ int ret;
+ prompts_t *p = new_prompts(NULL);
+ p->to_server = FALSE;
+ p->name = dupstr("Pageant passphrase prompt");
+ add_prompt(p,
+ dupprintf("Enter passphrase to load key '%s': ", comment),
+ FALSE);
+ ret = console_get_userpass_input(p, NULL, 0);
+ assert(ret >= 0);
+
+ if (!ret) {
+ perror("pageant: unable to read passphrase");
+ free_prompts(p);
+ return NULL;
+ } else {
+ char *passphrase = dupstr(p->prompts[0]->result);
+ free_prompts(p);
+ return passphrase;
+ }
+ } else if (display) {
+ char *prompt, *passphrase;
+ int success;
+
+ /* in gtkask.c */
+ char *gtk_askpass_main(const char *display, const char *wintitle,
+ const char *prompt, int *success);
+
+ prompt = dupprintf("Enter passphrase to load key '%s': ", comment);
+ passphrase = gtk_askpass_main(display,
+ "Pageant passphrase prompt",
+ prompt, &success);
+ sfree(prompt);
+ if (!success) {
+ /* return value is error message */
+ fprintf(stderr, "%s\n", passphrase);
+ sfree(passphrase);
+ passphrase = NULL;
+ }
+ return passphrase;
+ } else {
+ fprintf(stderr, "no way to read a passphrase without tty or "
+ "X display\n");
+ return NULL;
+ }
+}
+
+static int unix_add_keyfile(const char *filename_str)
+{
+ Filename *filename = filename_from_str(filename_str);
+ int status, ret;
+ char *err;
+
+ ret = TRUE;
+
+ /*
+ * Try without a passphrase.
+ */
+ status = pageant_add_keyfile(filename, NULL, &err);
+ if (status == PAGEANT_ACTION_OK) {
+ goto cleanup;
+ } else if (status == PAGEANT_ACTION_FAILURE) {
+ fprintf(stderr, "pageant: %s: %s\n", filename_str, err);
+ ret = FALSE;
+ goto cleanup;
+ }
+
+ /*
+ * And now try prompting for a passphrase.
+ */
+ while (1) {
+ char *passphrase = askpass(err);
+ sfree(err);
+ err = NULL;
+ if (!passphrase)
+ break;
+
+ status = pageant_add_keyfile(filename, passphrase, &err);
+
+ smemclr(passphrase, strlen(passphrase));
+ sfree(passphrase);
+ passphrase = NULL;
+
+ if (status == PAGEANT_ACTION_OK) {
+ goto cleanup;
+ } else if (status == PAGEANT_ACTION_FAILURE) {
+ fprintf(stderr, "pageant: %s: %s\n", filename_str, err);
+ ret = FALSE;
+ goto cleanup;
+ }
+ }
+
+ cleanup:
+ sfree(err);
+ filename_free(filename);
+ return ret;
+}
+
+void key_list_callback(void *ctx, const char *fingerprint,
+ const char *comment, struct pageant_pubkey *key)
+{
+ printf("%s %s\n", fingerprint, comment);
+}
+
+struct key_find_ctx {
+ const char *string;
+ int match_fp, match_comment;
+ struct pageant_pubkey *found;
+ int nfound;
+};
+
+int match_fingerprint_string(const char *string, const char *fingerprint)
+{
+ const char *hash;
+
+ /* Find the hash in the fingerprint string. It'll be the word at the end. */
+ hash = strrchr(fingerprint, ' ');
+ assert(hash);
+ hash++;
+
+ /* Now see if the search string is a prefix of the full hash,
+ * neglecting colons and case differences. */
+ while (1) {
+ while (*string == ':') string++;
+ while (*hash == ':') hash++;
+ if (!*string)
+ return TRUE;
+ if (tolower((unsigned char)*string) != tolower((unsigned char)*hash))
+ return FALSE;
+ string++;
+ hash++;
+ }
+}
+
+void key_find_callback(void *vctx, const char *fingerprint,
+ const char *comment, struct pageant_pubkey *key)
+{
+ struct key_find_ctx *ctx = (struct key_find_ctx *)vctx;
+
+ if ((ctx->match_comment && !strcmp(ctx->string, comment)) ||
+ (ctx->match_fp && match_fingerprint_string(ctx->string, fingerprint)))
+ {
+ if (!ctx->found)
+ ctx->found = pageant_pubkey_copy(key);
+ ctx->nfound++;
+ }
+}
+
+struct pageant_pubkey *find_key(const char *string, char **retstr)
+{
+ struct key_find_ctx actx, *ctx = &actx;
+ struct pageant_pubkey key_in, *key_ret;
+ int try_file = TRUE, try_fp = TRUE, try_comment = TRUE;
+ int file_errors = FALSE;
+
+ /*
+ * Trim off disambiguating prefixes telling us how to interpret
+ * the provided string.
+ */
+ if (!strncmp(string, "file:", 5)) {
+ string += 5;
+ try_fp = try_comment = FALSE;
+ file_errors = TRUE; /* also report failure to load the file */
+ } else if (!strncmp(string, "comment:", 8)) {
+ string += 8;
+ try_file = try_fp = FALSE;
+ } else if (!strncmp(string, "fp:", 3)) {
+ string += 3;
+ try_file = try_comment = FALSE;
+ } else if (!strncmp(string, "fingerprint:", 12)) {
+ string += 12;
+ try_file = try_comment = FALSE;
+ }
+
+ /*
+ * Try interpreting the string as a key file name.
+ */
+ if (try_file) {
+ Filename *fn = filename_from_str(string);
+ int keytype = key_type(fn);
+ if (keytype == SSH_KEYTYPE_SSH1 ||
+ keytype == SSH_KEYTYPE_SSH1_PUBLIC) {
+ const char *error;
+
+ if (!rsakey_pubblob(fn, &key_in.blob, &key_in.bloblen,
+ NULL, &error)) {
+ if (file_errors) {
+ *retstr = dupprintf("unable to load file '%s': %s",
+ string, error);
+ filename_free(fn);
+ return NULL;
+ }
+ }
+
+ /*
+ * If we've successfully loaded the file, stop here - we
+ * already have a key blob and need not go to the agent to
+ * list things.
+ */
+ key_in.ssh_version = 1;
+ key_ret = pageant_pubkey_copy(&key_in);
+ sfree(key_in.blob);
+ filename_free(fn);
+ return key_ret;
+ } else if (keytype == SSH_KEYTYPE_SSH2 ||
+ keytype == SSH_KEYTYPE_SSH2_PUBLIC_RFC4716 ||
+ keytype == SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH) {
+ const char *error;
+
+ if ((key_in.blob = ssh2_userkey_loadpub(fn, NULL,
+ &key_in.bloblen,
+ NULL, &error)) == NULL) {
+ if (file_errors) {
+ *retstr = dupprintf("unable to load file '%s': %s",
+ string, error);
+ filename_free(fn);
+ return NULL;
+ }
+ }
+
+ /*
+ * If we've successfully loaded the file, stop here - we
+ * already have a key blob and need not go to the agent to
+ * list things.
+ */
+ key_in.ssh_version = 2;
+ key_ret = pageant_pubkey_copy(&key_in);
+ sfree(key_in.blob);
+ filename_free(fn);
+ return key_ret;
+ } else {
+ if (file_errors) {
+ *retstr = dupprintf("unable to load key file '%s': %s",
+ string, key_type_to_str(keytype));
+ filename_free(fn);
+ return NULL;
+ }
+ }
+ filename_free(fn);
+ }
+
+ /*
+ * Failing that, go through the keys in the agent, and match
+ * against fingerprints and comments as appropriate.
+ */
+ ctx->string = string;
+ ctx->match_fp = try_fp;
+ ctx->match_comment = try_comment;
+ ctx->found = NULL;
+ ctx->nfound = 0;
+ if (pageant_enum_keys(key_find_callback, ctx, retstr) ==
+ PAGEANT_ACTION_FAILURE)
+ return NULL;
+
+ if (ctx->nfound == 0) {
+ *retstr = dupstr("no key matched");
+ assert(!ctx->found);
+ return NULL;
+ } else if (ctx->nfound > 1) {
+ *retstr = dupstr("multiple keys matched");
+ assert(ctx->found);
+ pageant_pubkey_free(ctx->found);
+ return NULL;
+ }
+
+ assert(ctx->found);
+ return ctx->found;
+}
+
void run_client(void)
{
+ const struct cmdline_key_action *act;
+ struct pageant_pubkey *key;
+ int errors = FALSE;
+ char *retstr;
+
if (!agent_exists()) {
fprintf(stderr, "pageant: no agent running to talk to\n");
exit(1);
}
- fprintf(stderr, "NYI\n");
- exit(1);
+
+ for (act = keyact_head; act; act = act->next) {
+ switch (act->action) {
+ case KEYACT_CLIENT_ADD:
+ if (!unix_add_keyfile(act->filename))
+ errors = TRUE;
+ break;
+ case KEYACT_CLIENT_LIST:
+ if (pageant_enum_keys(key_list_callback, NULL, &retstr) ==
+ PAGEANT_ACTION_FAILURE) {
+ fprintf(stderr, "pageant: listing keys: %s\n", retstr);
+ sfree(retstr);
+ errors = TRUE;
+ }
+ break;
+ case KEYACT_CLIENT_DEL:
+ key = NULL;
+ if (!(key = find_key(act->filename, &retstr)) ||
+ pageant_delete_key(key, &retstr) == PAGEANT_ACTION_FAILURE) {
+ fprintf(stderr, "pageant: deleting key '%s': %s\n",
+ act->filename, retstr);
+ sfree(retstr);
+ errors = TRUE;
+ }
+ if (key)
+ pageant_pubkey_free(key);
+ break;
+ case KEYACT_CLIENT_PUBLIC_OPENSSH:
+ case KEYACT_CLIENT_PUBLIC:
+ key = NULL;
+ if (!(key = find_key(act->filename, &retstr))) {
+ fprintf(stderr, "pageant: finding key '%s': %s\n",
+ act->filename, retstr);
+ sfree(retstr);
+ errors = TRUE;
+ } else {
+ FILE *fp = stdout; /* FIXME: add a -o option? */
+
+ if (key->ssh_version == 1) {
+ struct RSAKey rkey;
+ memset(&rkey, 0, sizeof(rkey));
+ rkey.comment = dupstr(key->comment);
+ makekey(key->blob, key->bloblen, &rkey, NULL, 0);
+ ssh1_write_pubkey(fp, &rkey);
+ freersakey(&rkey);
+ } else {
+ ssh2_write_pubkey(fp, key->comment, key->blob,key->bloblen,
+ (act->action == KEYACT_CLIENT_PUBLIC ?
+ SSH_KEYTYPE_SSH2_PUBLIC_RFC4716 :
+ SSH_KEYTYPE_SSH2_PUBLIC_OPENSSH));
+ }
+ pageant_pubkey_free(key);
+ }
+ break;
+ case KEYACT_CLIENT_DEL_ALL:
+ if (pageant_delete_all_keys(&retstr) == PAGEANT_ACTION_FAILURE) {
+ fprintf(stderr, "pageant: deleting all keys: %s\n", retstr);
+ sfree(retstr);
+ errors = TRUE;
+ }
+ break;
+ default:
+ assert(0 && "Invalid client action found");
+ }
+ }
+
+ if (errors)
+ exit(1);
}
void run_agent(void)
int fd;
int i, fdcount, fdsize, fdstate;
int termination_pid = -1;
+ int errors = FALSE;
Conf *conf;
+ const struct cmdline_key_action *act;
fdlist = NULL;
fdcount = fdsize = 0;
+ pageant_init();
+
+ /*
+ * Start by loading any keys provided on the command line.
+ */
+ for (act = keyact_head; act; act = act->next) {
+ assert(act->action == KEYACT_AGENT_LOAD);
+ if (!unix_add_keyfile(act->filename))
+ errors = TRUE;
+ }
+ if (errors)
+ exit(1);
+
/*
* Set up a listening socket and run Pageant on it.
*/
exit(1);
}
socketname = dupprintf("%s/pageant.%d", socketdir, (int)getpid());
- pageant_init();
pl = pageant_listener_new();
sock = new_unix_listener(unix_sock_addr(socketname), (Plug)pl);
if ((err = sk_socket_error(sock)) != NULL) {
NULL
};
- if (!display)
- display = getenv("DISPLAY");
if (!display) {
fprintf(stderr, "pageant: no DISPLAY for -X mode\n");
exit(1);
* our containing tty session has ended, so it's time to
* clean up and leave.
*/
- int fd = open("/dev/tty", O_RDONLY);
- if (fd < 0) {
- if (errno != ENXIO) {
- perror("/dev/tty: open");
- exit(1);
- }
+ if (!have_controlling_tty()) {
time_to_die = TRUE;
break;
- } else {
- close(fd);
}
}
curr_keyact = KEYACT_CLIENT_ADD;
} else if (!strcmp(p, "-d")) {
curr_keyact = KEYACT_CLIENT_DEL;
+ } else if (!strcmp(p, "-s")) {
+ shell_type = SHELL_SH;
+ } else if (!strcmp(p, "-c")) {
+ shell_type = SHELL_CSH;
} else if (!strcmp(p, "-D")) {
add_keyact(KEYACT_CLIENT_DEL_ALL, NULL);
} else if (!strcmp(p, "-l")) {
add_keyact(KEYACT_CLIENT_LIST, NULL);
- } else if (!strcmp(p, "-L")) {
- add_keyact(KEYACT_CLIENT_LIST_FULL, NULL);
+ } else if (!strcmp(p, "--public")) {
+ curr_keyact = KEYACT_CLIENT_PUBLIC;
+ } else if (!strcmp(p, "--public-openssh")) {
+ curr_keyact = KEYACT_CLIENT_PUBLIC_OPENSSH;
} else if (!strcmp(p, "-X")) {
life = LIFE_X11;
} else if (!strcmp(p, "-T")) {
sk_init();
uxsel_init();
+ if (!display) {
+ display = getenv("DISPLAY");
+ if (display && !*display)
+ display = NULL;
+ }
+
/*
* Now distinguish our two main running modes. Either we're
* actually starting up an agent, in which case we should have a