From be88d91fa83fe895c824f4a4d48a905cd7d30cf3 Mon Sep 17 00:00:00 2001 From: djm Date: Tue, 26 Jan 2021 00:46:17 +0000 Subject: [PATCH] factor out common code in the agent client Add a ssh_request_reply_decode() function that sends a message to the agent, reads and parses a success/failure reply. Use it for all requests that only expect success/failure ok markus@ --- usr.bin/ssh/authfd.c | 63 +++++++++++++++++++++++++++----------------- 1 file changed, 39 insertions(+), 24 deletions(-) diff --git a/usr.bin/ssh/authfd.c b/usr.bin/ssh/authfd.c index 19c49d6222e..a7fe2cc7d67 100644 --- a/usr.bin/ssh/authfd.c +++ b/usr.bin/ssh/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.126 2020/10/29 02:52:43 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.127 2021/01/26 00:46:17 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -176,6 +176,27 @@ ssh_request_reply(int sock, struct sshbuf *request, struct sshbuf *reply) return 0; } +/* Communicate with agent: sent request, read and decode status reply */ +static int +ssh_request_reply_decode(int sock, struct sshbuf *request) +{ + struct sshbuf *reply; + int r; + u_char type; + + if ((reply = sshbuf_new()) == NULL) + return SSH_ERR_ALLOC_FAIL; + if ((r = ssh_request_reply(sock, request, reply)) != 0 || + (r = sshbuf_get_u8(reply, &type)) != 0 || + (r = decode_reply(type)) != 0) + goto out; + /* success */ + r = 0; + out: + sshbuf_free(reply); + return r; +} + /* * Closes the agent socket if it should be closed (depends on how it was * obtained). The argument must have been returned by @@ -199,13 +220,11 @@ ssh_lock_agent(int sock, int lock, const char *password) if ((msg = sshbuf_new()) == NULL) return SSH_ERR_ALLOC_FAIL; if ((r = sshbuf_put_u8(msg, type)) != 0 || - (r = sshbuf_put_cstring(msg, password)) != 0) - goto out; - if ((r = ssh_request_reply(sock, msg, msg)) != 0) + (r = sshbuf_put_cstring(msg, password)) != 0 || + (r = ssh_request_reply_decode(sock, msg)) != 0) goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - r = decode_reply(type); + /* success */ + r = 0; out: sshbuf_free(msg); return r; @@ -518,11 +537,10 @@ ssh_add_identity_constrained(int sock, struct sshkey *key, (r = encode_constraints(msg, life, confirm, maxsign, provider)) != 0) goto out; - if ((r = ssh_request_reply(sock, msg, msg)) != 0) + if ((r = ssh_request_reply_decode(sock, msg)) != 0) goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - r = decode_reply(type); + /* success */ + r = 0; out: sshbuf_free(msg); return r; @@ -537,7 +555,7 @@ ssh_remove_identity(int sock, const struct sshkey *key) { struct sshbuf *msg; int r; - u_char type, *blob = NULL; + u_char *blob = NULL; size_t blen; if ((msg = sshbuf_new()) == NULL) @@ -554,11 +572,10 @@ ssh_remove_identity(int sock, const struct sshkey *key) r = SSH_ERR_INVALID_ARGUMENT; goto out; } - if ((r = ssh_request_reply(sock, msg, msg)) != 0) + if ((r = ssh_request_reply_decode(sock, msg)) != 0) goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - r = decode_reply(type); + /* success */ + r = 0; out: if (blob != NULL) freezero(blob, blen); @@ -594,11 +611,10 @@ ssh_update_card(int sock, int add, const char *reader_id, const char *pin, if (constrained && (r = encode_constraints(msg, life, confirm, 0, NULL)) != 0) goto out; - if ((r = ssh_request_reply(sock, msg, msg)) != 0) + if ((r = ssh_request_reply_decode(sock, msg)) != 0) goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - r = decode_reply(type); + /* success */ + r = 0; out: sshbuf_free(msg); return r; @@ -625,11 +641,10 @@ ssh_remove_all_identities(int sock, int version) return SSH_ERR_ALLOC_FAIL; if ((r = sshbuf_put_u8(msg, type)) != 0) goto out; - if ((r = ssh_request_reply(sock, msg, msg)) != 0) + if ((r = ssh_request_reply_decode(sock, msg)) != 0) goto out; - if ((r = sshbuf_get_u8(msg, &type)) != 0) - goto out; - r = decode_reply(type); + /* success */ + r = 0; out: sshbuf_free(msg); return r; -- 2.20.1