upstream: factor out common code in the agent client

Add a ssh_request_reply_decode() function that sends a message to
the agent, reads and parses a success/failure reply.
Use it for all requests that only expect success/failure

ok markus@

OpenBSD-Commit-ID: e0c1f4d5e6cfa525d62581e2b8de93be0cb85adb
This commit is contained in:
djm@openbsd.org 2021-01-26 00:46:17 +00:00 committed by Damien Miller
parent d1e578afe7
commit cb7b22ea20
1 changed files with 39 additions and 24 deletions

View File

@ -1,4 +1,4 @@
/* $OpenBSD: authfd.c,v 1.126 2020/10/29 02:52:43 djm Exp $ */ /* $OpenBSD: authfd.c,v 1.127 2021/01/26 00:46:17 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -177,6 +177,27 @@ ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply)
return 0; return 0;
} }
/* Communicate with agent: sent request, read and decode status reply */
static int
ssh_request_reply_decode(int sock, struct sshbuf *request)
{
struct sshbuf *reply;
int r;
u_char type;
if ((reply = sshbuf_new()) == NULL)
return SSH_ERR_ALLOC_FAIL;
if ((r = ssh_request_reply(sock, request, reply)) != 0 ||
(r = sshbuf_get_u8(reply, &type)) != 0 ||
(r = decode_reply(type)) != 0)
goto out;
/* success */
r = 0;
out:
sshbuf_free(reply);
return r;
}
/* /*
* Closes the agent socket if it should be closed (depends on how it was * Closes the agent socket if it should be closed (depends on how it was
* obtained). The argument must have been returned by * obtained). The argument must have been returned by
@ -200,13 +221,11 @@ ssh_lock_agent(int sock, int lock, const char *password)
if ((msg = sshbuf_new()) == NULL) if ((msg = sshbuf_new()) == NULL)
return SSH_ERR_ALLOC_FAIL; return SSH_ERR_ALLOC_FAIL;
if ((r = sshbuf_put_u8(msg, type)) != 0 || if ((r = sshbuf_put_u8(msg, type)) != 0 ||
(r = sshbuf_put_cstring(msg, password)) != 0) (r = sshbuf_put_cstring(msg, password)) != 0 ||
(r = ssh_request_reply_decode(sock, msg)) != 0)
goto out; goto out;
if ((r = ssh_request_reply(sock, msg, msg)) != 0) /* success */
goto out; r = 0;
if ((r = sshbuf_get_u8(msg, &type)) != 0)
goto out;
r = decode_reply(type);
out: out:
sshbuf_free(msg); sshbuf_free(msg);
return r; return r;
@ -519,11 +538,10 @@ ssh_add_identity_constrained(int sock, struct sshkey *key,
(r = encode_constraints(msg, life, confirm, maxsign, (r = encode_constraints(msg, life, confirm, maxsign,
provider)) != 0) provider)) != 0)
goto out; goto out;
if ((r = ssh_request_reply(sock, msg, msg)) != 0) if ((r = ssh_request_reply_decode(sock, msg)) != 0)
goto out; goto out;
if ((r = sshbuf_get_u8(msg, &type)) != 0) /* success */
goto out; r = 0;
r = decode_reply(type);
out: out:
sshbuf_free(msg); sshbuf_free(msg);
return r; return r;
@ -538,7 +556,7 @@ ssh_remove_identity(int sock, const struct sshkey *key)
{ {
struct sshbuf *msg; struct sshbuf *msg;
int r; int r;
u_char type, *blob = NULL; u_char *blob = NULL;
size_t blen; size_t blen;
if ((msg = sshbuf_new()) == NULL) if ((msg = sshbuf_new()) == NULL)
@ -555,11 +573,10 @@ ssh_remove_identity(int sock, const struct sshkey *key)
r = SSH_ERR_INVALID_ARGUMENT; r = SSH_ERR_INVALID_ARGUMENT;
goto out; goto out;
} }
if ((r = ssh_request_reply(sock, msg, msg)) != 0) if ((r = ssh_request_reply_decode(sock, msg)) != 0)
goto out; goto out;
if ((r = sshbuf_get_u8(msg, &type)) != 0) /* success */
goto out; r = 0;
r = decode_reply(type);
out: out:
if (blob != NULL) if (blob != NULL)
freezero(blob, blen); freezero(blob, blen);
@ -595,11 +612,10 @@ ssh_update_card(int sock, int add, const char *reader_id, const char *pin,
if (constrained && if (constrained &&
(r = encode_constraints(msg, life, confirm, 0, NULL)) != 0) (r = encode_constraints(msg, life, confirm, 0, NULL)) != 0)
goto out; goto out;
if ((r = ssh_request_reply(sock, msg, msg)) != 0) if ((r = ssh_request_reply_decode(sock, msg)) != 0)
goto out; goto out;
if ((r = sshbuf_get_u8(msg, &type)) != 0) /* success */
goto out; r = 0;
r = decode_reply(type);
out: out:
sshbuf_free(msg); sshbuf_free(msg);
return r; return r;
@ -626,11 +642,10 @@ ssh_remove_all_identities(int sock, int version)
return SSH_ERR_ALLOC_FAIL; return SSH_ERR_ALLOC_FAIL;
if ((r = sshbuf_put_u8(msg, type)) != 0) if ((r = sshbuf_put_u8(msg, type)) != 0)
goto out; goto out;
if ((r = ssh_request_reply(sock, msg, msg)) != 0) if ((r = ssh_request_reply_decode(sock, msg)) != 0)
goto out; goto out;
if ((r = sshbuf_get_u8(msg, &type)) != 0) /* success */
goto out; r = 0;
r = decode_reply(type);
out: out:
sshbuf_free(msg); sshbuf_free(msg);
return r; return r;