summaryrefslogtreecommitdiffstats
path: root/ssh-agent.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--ssh-agent.c48
1 files changed, 29 insertions, 19 deletions
diff --git a/ssh-agent.c b/ssh-agent.c
index b6a3f48..d35741a 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.303 2023/12/18 14:48:08 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.306 2024/03/09 05:12:13 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -162,6 +162,8 @@ int max_fd = 0;
pid_t parent_pid = -1;
time_t parent_alive_interval = 0;
+sig_atomic_t signalled = 0;
+
/* pid of process for which cleanup_socket is applicable */
pid_t cleanup_pid = 0;
@@ -250,6 +252,7 @@ free_dest_constraints(struct dest_constraint *dcs, size_t ndcs)
free(dcs);
}
+#ifdef ENABLE_PKCS11
static void
dup_dest_constraint_hop(const struct dest_constraint_hop *dch,
struct dest_constraint_hop *out)
@@ -289,6 +292,7 @@ dup_dest_constraints(const struct dest_constraint *dcs, size_t ndcs)
}
return ret;
}
+#endif /* ENABLE_PKCS11 */
#ifdef DEBUG_CONSTRAINTS
static void
@@ -1522,10 +1526,11 @@ no_identities(SocketEntry *e)
sshbuf_free(msg);
}
+#ifdef ENABLE_PKCS11
/* Add an identity to idlist; takes ownership of 'key' and 'comment' */
static void
add_p11_identity(struct sshkey *key, char *comment, const char *provider,
- time_t death, int confirm, struct dest_constraint *dest_constraints,
+ time_t death, u_int confirm, struct dest_constraint *dest_constraints,
size_t ndest_constraints)
{
Identity *id;
@@ -1548,7 +1553,6 @@ add_p11_identity(struct sshkey *key, char *comment, const char *provider,
idtab->nentries++;
}
-#ifdef ENABLE_PKCS11
static void
process_add_smartcard_key(SocketEntry *e)
{
@@ -2060,7 +2064,7 @@ after_poll(struct pollfd *pfd, size_t npfd, u_int maxfds)
}
static int
-prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp, u_int maxfds)
+prepare_poll(struct pollfd **pfdp, size_t *npfdp, struct timespec *timeoutp, u_int maxfds)
{
struct pollfd *pfd = *pfdp;
size_t i, j, npfd = 0;
@@ -2126,14 +2130,8 @@ prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp, u_int maxfds)
if (parent_alive_interval != 0)
deadline = (deadline == 0) ? parent_alive_interval :
MINIMUM(deadline, parent_alive_interval);
- if (deadline == 0) {
- *timeoutp = -1; /* INFTIM */
- } else {
- if (deadline > INT_MAX / 1000)
- *timeoutp = INT_MAX / 1000;
- else
- *timeoutp = deadline * 1000;
- }
+ if (deadline != 0)
+ ptimeout_deadline_sec(timeoutp, deadline);
return (1);
}
@@ -2153,17 +2151,16 @@ void
cleanup_exit(int i)
{
cleanup_socket();
+#ifdef ENABLE_PKCS11
+ pkcs11_terminate();
+#endif
_exit(i);
}
static void
cleanup_handler(int sig)
{
- cleanup_socket();
-#ifdef ENABLE_PKCS11
- pkcs11_terminate();
-#endif
- _exit(2);
+ signalled = sig;
}
static void
@@ -2207,10 +2204,11 @@ main(int ac, char **av)
char pidstrbuf[1 + 3 * sizeof pid];
size_t len;
mode_t prev_mask;
- int timeout = -1; /* INFTIM */
+ struct timespec timeout;
struct pollfd *pfd = NULL;
size_t npfd = 0;
u_int maxfds;
+ sigset_t nsigset, osigset;
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
@@ -2446,13 +2444,25 @@ skip:
ssh_signal(SIGHUP, cleanup_handler);
ssh_signal(SIGTERM, cleanup_handler);
+ sigemptyset(&nsigset);
+ sigaddset(&nsigset, SIGINT);
+ sigaddset(&nsigset, SIGHUP);
+ sigaddset(&nsigset, SIGTERM);
+
if (pledge("stdio rpath cpath unix id proc exec", NULL) == -1)
fatal("%s: pledge: %s", __progname, strerror(errno));
platform_pledge_agent();
while (1) {
+ sigprocmask(SIG_BLOCK, &nsigset, &osigset);
+ if (signalled != 0) {
+ logit("exiting on signal %d", (int)signalled);
+ cleanup_exit(2);
+ }
+ ptimeout_init(&timeout);
prepare_poll(&pfd, &npfd, &timeout, maxfds);
- result = poll(pfd, npfd, timeout);
+ result = ppoll(pfd, npfd, ptimeout_get_tsp(&timeout), &osigset);
+ sigprocmask(SIG_SETMASK, &osigset, NULL);
saved_errno = errno;
if (parent_alive_interval != 0)
check_parent_exists();