1 files changed, 498 insertions, 0 deletions
diff --git a/other/openssh-2.1.1p4/authfd.c b/other/openssh-2.1.1p4/authfd.c
new file mode 100644
index 0000000..69fe2ae
--- /dev/null
+++ b/other/openssh-2.1.1p4/authfd.c
@@ -0,0 +1,498 @@
+/*
+ *
+ * authfd.c
+ *
+ * Author: Tatu Ylonen <ylo@cs.hut.fi>
+ *
+ * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
+ *                    All rights reserved
+ *
+ * Created: Wed Mar 29 01:30:28 1995 ylo
+ *
+ * Functions for connecting the local authentication agent.
+ *
+ */
+#include "includes.h"
+RCSID("$OpenBSD: authfd.c,v 1.21 2000/06/26 09:22:29 markus Exp $");
+#include "ssh.h"
+#include "rsa.h"
+#include "authfd.h"
+#include "buffer.h"
+#include "bufaux.h"
+#include "xmalloc.h"
+#include "getput.h"
+#include <openssl/rsa.h>
+/* helper */
+int ssh_agent_get_reply(AuthenticationConnection *auth);
+/* Returns the number of the authentication fd, or -1 if there is none. */
+int
+ssh_get_authentication_socket()
+{
+        const char *authsocket;
+        int sock;
+        struct sockaddr_un sunaddr;
+        authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME);
+        if (!authsocket)
+                return -1;
+        sunaddr.sun_family = AF_UNIX;
+        strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path));
+        sock = socket(AF_UNIX, SOCK_STREAM, 0);
+        if (sock < 0)
+                return -1;
+        /* close on exec */
+        if (fcntl(sock, F_SETFD, 1) == -1) {
+                close(sock);
+                return -1;
+        }
+        if (connect(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0) {
+                close(sock);
+                return -1;
+        }
+        return sock;
+}
+/*
+ * Closes the agent socket if it should be closed (depends on how it was
+ * obtained).  The argument must have been returned by
+ * ssh_get_authentication_socket().
+ */
+void
+ssh_close_authentication_socket(int sock)
+{
+        if (getenv(SSH_AUTHSOCKET_ENV_NAME))
+                close(sock);
+}
+/*
+ * Opens and connects a private socket for communication with the
+ * authentication agent.  Returns the file descriptor (which must be
+ * shut down and closed by the caller when no longer needed).
+ * Returns NULL if an error occurred and the connection could not be
+ * opened.
+ */
+AuthenticationConnection *
+ssh_get_authentication_connection()
+{
+        AuthenticationConnection *auth;
+        int sock;
+        sock = ssh_get_authentication_socket();
+        /*
+         * Fail if we couldn't obtain a connection.  This happens if we
+         * exited due to a timeout.
+         */
+        if (sock < 0)
+                return NULL;
+        auth = xmalloc(sizeof(*auth));
+        auth->fd = sock;
+        buffer_init(&auth->packet);
+        buffer_init(&auth->identities);
+        auth->howmany = 0;
+        return auth;
+}
+/*
+ * Closes the connection to the authentication agent and frees any associated
+ * memory.
+ */
+void
+ssh_close_authentication_connection(AuthenticationConnection *ac)
+{
+        buffer_free(&ac->packet);
+        buffer_free(&ac->identities);
+        close(ac->fd);
+        xfree(ac);
+}
+/*
+ * Returns the first authentication identity held by the agent.
+ * Returns true if an identity is available, 0 otherwise.
+ * The caller must initialize the integers before the call, and free the
+ * comment after a successful call (before calling ssh_get_next_identity).
+ */
+int
+ssh_get_first_identity(AuthenticationConnection *auth,
+                       BIGNUM *e, BIGNUM *n, char **comment)
+{
+        unsigned char msg[8192];
+        int len, l;
+        /*
+         * Send a message to the agent requesting for a list of the
+         * identities it can represent.
+         */
+        msg[0] = 0;
+        msg[1] = 0;
+        msg[2] = 0;
+        msg[3] = 1;
+        msg[4] = SSH_AGENTC_REQUEST_RSA_IDENTITIES;
+        if (atomicio(write, auth->fd, msg, 5) != 5) {
+                error("write auth->fd: %.100s", strerror(errno));
+                return 0;
+        }
+        /* Read the length of the response.  XXX implement timeouts here. */
+        len = 4;
+        while (len > 0) {
+                l = read(auth->fd, msg + 4 - len, len);
+                if (l <= 0) {
+                        error("read auth->fd: %.100s", strerror(errno));
+                        return 0;
+                }
+                len -= l;
+        }
+        /*
+         * Extract the length, and check it for sanity.  (We cannot trust
+         * authentication agents).
+         */
+        len = GET_32BIT(msg);
+        if (len < 1 || len > 256 * 1024)
+                fatal("Authentication reply message too long: %d\n", len);
+        /* Read the packet itself. */
+        buffer_clear(&auth->identities);
+        while (len > 0) {
+                l = len;
+                if (l > sizeof(msg))
+                        l = sizeof(msg);
+                l = read(auth->fd, msg, l);
+                if (l <= 0)
+                        fatal("Incomplete authentication reply.");
+                buffer_append(&auth->identities, (char *) msg, l);
+                len -= l;
+        }
+        /* Get message type, and verify that we got a proper answer. */
+        buffer_get(&auth->identities, (char *) msg, 1);
+        if (msg[0] != SSH_AGENT_RSA_IDENTITIES_ANSWER)
+                fatal("Bad authentication reply message type: %d", msg[0]);
+        /* Get the number of entries in the response and check it for sanity. */
+        auth->howmany = buffer_get_int(&auth->identities);
+        if (auth->howmany > 1024)
+                fatal("Too many identities in authentication reply: %d\n", auth->howmany);
+        /* Return the first entry (if any). */
+        return ssh_get_next_identity(auth, e, n, comment);
+}
+/*
+ * Returns the next authentication identity for the agent.  Other functions
+ * can be called between this and ssh_get_first_identity or two calls of this
+ * function.  This returns 0 if there are no more identities.  The caller
+ * must free comment after a successful return.
+ */
+int
+ssh_get_next_identity(AuthenticationConnection *auth,
+                      BIGNUM *e, BIGNUM *n, char **comment)
+{
+        unsigned int bits;
+        /* Return failure if no more entries. */
+        if (auth->howmany <= 0)
+                return 0;
+        /*
+         * Get the next entry from the packet.  These will abort with a fatal
+         * error if the packet is too short or contains corrupt data.
+         */
+        bits = buffer_get_int(&auth->identities);
+        buffer_get_bignum(&auth->identities, e);
+        buffer_get_bignum(&auth->identities, n);
+        *comment = buffer_get_string(&auth->identities, NULL);
+        if (bits != BN_num_bits(n))
+                log("Warning: identity keysize mismatch: actual %d, announced %u",
+                    BN_num_bits(n), bits);
+        /* Decrement the number of remaining entries. */
+        auth->howmany--;
+        return 1;
+}
+/*
+ * Generates a random challenge, sends it to the agent, and waits for
+ * response from the agent.  Returns true (non-zero) if the agent gave the
+ * correct answer, zero otherwise.  Response type selects the style of
+ * response desired, with 0 corresponding to protocol version 1.0 (no longer
+ * supported) and 1 corresponding to protocol version 1.1.
+ */
+int
+ssh_decrypt_challenge(AuthenticationConnection *auth,
+                      BIGNUM* e, BIGNUM *n, BIGNUM *challenge,
+                      unsigned char session_id[16],
+                      unsigned int response_type,
+                      unsigned char response[16])
+{
+        Buffer buffer;
+        unsigned char buf[8192];
+        int len, l, i;
+        /* Response type 0 is no longer supported. */
+        if (response_type == 0)
+                fatal("Compatibility with ssh protocol version 1.0 no longer supported.");
+        /* Format a message to the agent. */
+        buf[0] = SSH_AGENTC_RSA_CHALLENGE;
+        buffer_init(&buffer);
+        buffer_append(&buffer, (char *) buf, 1);
+        buffer_put_int(&buffer, BN_num_bits(n));
+        buffer_put_bignum(&buffer, e);
+        buffer_put_bignum(&buffer, n);
+        buffer_put_bignum(&buffer, challenge);
+        buffer_append(&buffer, (char *) session_id, 16);
+        buffer_put_int(&buffer, response_type);
+        /* Get the length of the message, and format it in the buffer. */
+        len = buffer_len(&buffer);
+        PUT_32BIT(buf, len);
+        /* Send the length and then the packet to the agent. */
+        if (atomicio(write, auth->fd, buf, 4) != 4 ||
+            atomicio(write, auth->fd, buffer_ptr(&buffer),
+            buffer_len(&buffer)) != buffer_len(&buffer)) {
+                error("Error writing to authentication socket.");
+error_cleanup:
+                buffer_free(&buffer);
+                return 0;
+        }
+        /*
+         * Wait for response from the agent.  First read the length of the
+         * response packet.
+         */
+        len = 4;
+        while (len > 0) {
+                l = read(auth->fd, buf + 4 - len, len);
+                if (l <= 0) {
+                        error("Error reading response length from authentication socket.");
+                        goto error_cleanup;
+                }
+                len -= l;
+        }
+        /* Extract the length, and check it for sanity. */
+        len = GET_32BIT(buf);
+        if (len > 256 * 1024)
+                fatal("Authentication response too long: %d", len);
+        /* Read the rest of the response in tothe buffer. */
+        buffer_clear(&buffer);
+        while (len > 0) {
+                l = len;
+                if (l > sizeof(buf))
+                        l = sizeof(buf);
+                l = read(auth->fd, buf, l);
+                if (l <= 0) {
+                        error("Error reading response from authentication socket.");
+                        goto error_cleanup;
+                }
+                buffer_append(&buffer, (char *) buf, l);
+                len -= l;
+        }
+        /* Get the type of the packet. */
+        buffer_get(&buffer, (char *) buf, 1);
+        /* Check for agent failure message. */
+        if (buf[0] == SSH_AGENT_FAILURE) {
+                log("Agent admitted failure to authenticate using the key.");
+                goto error_cleanup;
+        }
+        /* Now it must be an authentication response packet. */
+        if (buf[0] != SSH_AGENT_RSA_RESPONSE)
+                fatal("Bad authentication response: %d", buf[0]);
+        /*
+         * Get the response from the packet.  This will abort with a fatal
+         * error if the packet is corrupt.
+         */
+        for (i = 0; i < 16; i++)
+                response[i] = buffer_get_char(&buffer);
+        /* The buffer containing the packet is no longer needed. */
+        buffer_free(&buffer);
+        /* Correct answer. */
+        return 1;
+}
+/*
+ * Adds an identity to the authentication server.  This call is not meant to
+ * be used by normal applications.
+ */
+int
+ssh_add_identity(AuthenticationConnection *auth,
+                 RSA * key, const char *comment)
+{
+        Buffer buffer;
+        unsigned char buf[8192];
+        int len;
+        /* Format a message to the agent. */
+        buffer_init(&buffer);
+        buffer_put_char(&buffer, SSH_AGENTC_ADD_RSA_IDENTITY);
+        buffer_put_int(&buffer, BN_num_bits(key->n));
+        buffer_put_bignum(&buffer, key->n);
+        buffer_put_bignum(&buffer, key->e);
+        buffer_put_bignum(&buffer, key->d);
+        /* To keep within the protocol: p < q for ssh. in SSL p > q */
+        buffer_put_bignum(&buffer, key->iqmp);  /* ssh key->u */
+        buffer_put_bignum(&buffer, key->q);     /* ssh key->p, SSL key->q */
+        buffer_put_bignum(&buffer, key->p);     /* ssh key->q, SSL key->p */
+        buffer_put_string(&buffer, comment, strlen(comment));
+        /* Get the length of the message, and format it in the buffer. */
+        len = buffer_len(&buffer);
+        PUT_32BIT(buf, len);
+        /* Send the length and then the packet to the agent. */
+        if (atomicio(write, auth->fd, buf, 4) != 4 ||
+            atomicio(write, auth->fd, buffer_ptr(&buffer),
+            buffer_len(&buffer)) != buffer_len(&buffer)) {
+                error("Error writing to authentication socket.");
+                buffer_free(&buffer);
+                return 0;
+        }
+        buffer_free(&buffer);
+        return ssh_agent_get_reply(auth);
+}
+/*
+ * Removes an identity from the authentication server.  This call is not
+ * meant to be used by normal applications.
+ */
+int
+ssh_remove_identity(AuthenticationConnection *auth, RSA *key)
+{
+        Buffer buffer;
+        unsigned char buf[5];
+        int len;
+        /* Format a message to the agent. */
+        buffer_init(&buffer);
+        buffer_put_char(&buffer, SSH_AGENTC_REMOVE_RSA_IDENTITY);
+        buffer_put_int(&buffer, BN_num_bits(key->n));
+        buffer_put_bignum(&buffer, key->e);
+        buffer_put_bignum(&buffer, key->n);
+        /* Get the length of the message, and format it in the buffer. */
+        len = buffer_len(&buffer);
+        PUT_32BIT(buf, len);
+        /* Send the length and then the packet to the agent. */
+        if (atomicio(write, auth->fd, buf, 4) != 4 ||
+            atomicio(write, auth->fd, buffer_ptr(&buffer),
+            buffer_len(&buffer)) != buffer_len(&buffer)) {
+                error("Error writing to authentication socket.");
+                buffer_free(&buffer);
+                return 0;
+        }
+        buffer_free(&buffer);
+        return ssh_agent_get_reply(auth);
+}
+/*
+ * Removes all identities from the agent.  This call is not meant to be used
+ * by normal applications.
+ */
+int
+ssh_remove_all_identities(AuthenticationConnection *auth)
+{
+        unsigned char buf[5];
+        /* Get the length of the message, and format it in the buffer. */
+        PUT_32BIT(buf, 1);
+        buf[4] = SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES;
+        /* Send the length and then the packet to the agent. */
+        if (atomicio(write, auth->fd, buf, 5) != 5) {
+                error("Error writing to authentication socket.");
+                return 0;
+        }
+        return ssh_agent_get_reply(auth);
+}
+/*
+ * Read for reply from agent. returns 1 for success, 0 on error
+ */
+int 
+ssh_agent_get_reply(AuthenticationConnection *auth)
+{
+        Buffer buffer;
+        unsigned char buf[8192];
+        int len, l, type;
+        /*
+         * Wait for response from the agent.  First read the length of the
+         * response packet.
+         */
+        len = 4;
+        while (len > 0) {
+                l = read(auth->fd, buf + 4 - len, len);
+                if (l <= 0) {
+                        error("Error reading response length from authentication socket.");
+                        buffer_free(&buffer);
+                        return 0;
+                }
+                len -= l;
+        }
+        /* Extract the length, and check it for sanity. */
+        len = GET_32BIT(buf);
+        if (len > 256 * 1024)
+                fatal("Response from agent too long: %d", len);
+        /* Read the rest of the response in to the buffer. */
+        buffer_init(&buffer);
+        while (len > 0) {
+                l = len;
+                if (l > sizeof(buf))
+                        l = sizeof(buf);
+                l = read(auth->fd, buf, l);
+                if (l <= 0) {
+                        error("Error reading response from authentication socket.");
+                        buffer_free(&buffer);
+                        return 0;
+                }
+                buffer_append(&buffer, (char *) buf, l);
+                len -= l;
+        }
+        /* Get the type of the packet. */
+        type = buffer_get_char(&buffer);
+        buffer_free(&buffer);
+        switch (type) {
+        case SSH_AGENT_FAILURE:
+                return 0;
+        case SSH_AGENT_SUCCESS:
+                return 1;
+        default:
+                fatal("Bad response from authentication agent: %d", type);
+        }
+        /* NOTREACHED */
+        return 0;
+}

diff --git a/other/openssh-2.1.1p4/authfd.c b/other/openssh-2.1.1p4/authfd.c new file mode 100644 index 0000000..69fe2ae --- /dev/null +++ b/other/openssh-2.1.1p4/authfd.c
@@ -0,0 +1,498 @@
	1	/*
	2	*
	3	* authfd.c
	4	*
	5	* Author: Tatu Ylonen <ylo@cs.hut.fi>
	6	*
	7	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
	8	* All rights reserved
	9	*
	10	* Created: Wed Mar 29 01:30:28 1995 ylo
	11	*
	12	* Functions for connecting the local authentication agent.
	13	*
	14	*/
	15
	16	#include "includes.h"
	17	RCSID("$OpenBSD: authfd.c,v 1.21 2000/06/26 09:22:29 markus Exp $");
	18
	19	#include "ssh.h"
	20	#include "rsa.h"
	21	#include "authfd.h"
	22	#include "buffer.h"
	23	#include "bufaux.h"
	24	#include "xmalloc.h"
	25	#include "getput.h"
	26
	27	#include <openssl/rsa.h>
	28
	29	/* helper */
	30	int ssh_agent_get_reply(AuthenticationConnection *auth);
	31
	32	/* Returns the number of the authentication fd, or -1 if there is none. */
	33
	34	int
	35	ssh_get_authentication_socket()
	36	{
	37	const char *authsocket;
	38	int sock;
	39	struct sockaddr_un sunaddr;
	40
	41	authsocket = getenv(SSH_AUTHSOCKET_ENV_NAME);
	42	if (!authsocket)
	43	return -1;
	44
	45	sunaddr.sun_family = AF_UNIX;
	46	strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path));
	47
	48	sock = socket(AF_UNIX, SOCK_STREAM, 0);
	49	if (sock < 0)
	50	return -1;
	51
	52	/* close on exec */
	53	if (fcntl(sock, F_SETFD, 1) == -1) {
	54	close(sock);
	55	return -1;
	56	}
	57	if (connect(sock, (struct sockaddr *) & sunaddr, sizeof(sunaddr)) < 0) {
	58	close(sock);
	59	return -1;
	60	}
	61	return sock;
	62	}
	63
	64	/*
	65	* Closes the agent socket if it should be closed (depends on how it was
	66	* obtained). The argument must have been returned by
	67	* ssh_get_authentication_socket().
	68	*/
	69
	70	void
	71	ssh_close_authentication_socket(int sock)
	72	{
	73	if (getenv(SSH_AUTHSOCKET_ENV_NAME))
	74	close(sock);
	75	}
	76
	77	/*
	78	* Opens and connects a private socket for communication with the
	79	* authentication agent. Returns the file descriptor (which must be
	80	* shut down and closed by the caller when no longer needed).
	81	* Returns NULL if an error occurred and the connection could not be
	82	* opened.
	83	*/
	84
	85	AuthenticationConnection *
	86	ssh_get_authentication_connection()
	87	{
	88	AuthenticationConnection *auth;
	89	int sock;
	90
	91	sock = ssh_get_authentication_socket();
	92
	93	/*
	94	* Fail if we couldn't obtain a connection. This happens if we
	95	* exited due to a timeout.
	96	*/
	97	if (sock < 0)
	98	return NULL;
	99
	100	auth = xmalloc(sizeof(*auth));
	101	auth->fd = sock;
	102	buffer_init(&auth->packet);
	103	buffer_init(&auth->identities);
	104	auth->howmany = 0;
	105
	106	return auth;
	107	}
	108
	109	/*
	110	* Closes the connection to the authentication agent and frees any associated
	111	* memory.
	112	*/
	113
	114	void
	115	ssh_close_authentication_connection(AuthenticationConnection *ac)
	116	{
	117	buffer_free(&ac->packet);
	118	buffer_free(&ac->identities);
	119	close(ac->fd);
	120	xfree(ac);
	121	}
	122
	123	/*
	124	* Returns the first authentication identity held by the agent.
	125	* Returns true if an identity is available, 0 otherwise.
	126	* The caller must initialize the integers before the call, and free the
	127	* comment after a successful call (before calling ssh_get_next_identity).
	128	*/
	129
	130	int
	131	ssh_get_first_identity(AuthenticationConnection *auth,
	132	BIGNUM e, BIGNUM n, char **comment)
	133	{
	134	unsigned char msg[8192];
	135	int len, l;
	136
	137	/*
	138	* Send a message to the agent requesting for a list of the
	139	* identities it can represent.
	140	*/
	141	msg[0] = 0;
	142	msg[1] = 0;
	143	msg[2] = 0;
	144	msg[3] = 1;
	145	msg[4] = SSH_AGENTC_REQUEST_RSA_IDENTITIES;
	146	if (atomicio(write, auth->fd, msg, 5) != 5) {
	147	error("write auth->fd: %.100s", strerror(errno));
	148	return 0;
	149	}
	150	/* Read the length of the response. XXX implement timeouts here. */
	151	len = 4;
	152	while (len > 0) {
	153	l = read(auth->fd, msg + 4 - len, len);
	154	if (l <= 0) {
	155	error("read auth->fd: %.100s", strerror(errno));
	156	return 0;
	157	}
	158	len -= l;
	159	}
	160
	161	/*
	162	* Extract the length, and check it for sanity. (We cannot trust
	163	* authentication agents).
	164	*/
	165	len = GET_32BIT(msg);
	166	if (len < 1 \|\| len > 256 * 1024)
	167	fatal("Authentication reply message too long: %d\n", len);
	168
	169	/* Read the packet itself. */
	170	buffer_clear(&auth->identities);
	171	while (len > 0) {
	172	l = len;
	173	if (l > sizeof(msg))
	174	l = sizeof(msg);
	175	l = read(auth->fd, msg, l);
	176	if (l <= 0)
	177	fatal("Incomplete authentication reply.");
	178	buffer_append(&auth->identities, (char *) msg, l);
	179	len -= l;
	180	}
	181
	182	/* Get message type, and verify that we got a proper answer. */
	183	buffer_get(&auth->identities, (char *) msg, 1);
	184	if (msg[0] != SSH_AGENT_RSA_IDENTITIES_ANSWER)
	185	fatal("Bad authentication reply message type: %d", msg[0]);
	186
	187	/* Get the number of entries in the response and check it for sanity. */
	188	auth->howmany = buffer_get_int(&auth->identities);
	189	if (auth->howmany > 1024)
	190	fatal("Too many identities in authentication reply: %d\n", auth->howmany);
	191
	192	/* Return the first entry (if any). */
	193	return ssh_get_next_identity(auth, e, n, comment);
	194	}
	195
	196	/*
	197	* Returns the next authentication identity for the agent. Other functions
	198	* can be called between this and ssh_get_first_identity or two calls of this
	199	* function. This returns 0 if there are no more identities. The caller
	200	* must free comment after a successful return.
	201	*/
	202
	203	int
	204	ssh_get_next_identity(AuthenticationConnection *auth,
	205	BIGNUM e, BIGNUM n, char **comment)
	206	{
	207	unsigned int bits;
	208
	209	/* Return failure if no more entries. */
	210	if (auth->howmany <= 0)
	211	return 0;
	212
	213	/*
	214	* Get the next entry from the packet. These will abort with a fatal
	215	* error if the packet is too short or contains corrupt data.
	216	*/
	217	bits = buffer_get_int(&auth->identities);
	218	buffer_get_bignum(&auth->identities, e);
	219	buffer_get_bignum(&auth->identities, n);
	220	*comment = buffer_get_string(&auth->identities, NULL);
	221
	222	if (bits != BN_num_bits(n))
	223	log("Warning: identity keysize mismatch: actual %d, announced %u",
	224	BN_num_bits(n), bits);
	225
	226	/* Decrement the number of remaining entries. */
	227	auth->howmany--;
	228
	229	return 1;
	230	}
	231
	232	/*
	233	* Generates a random challenge, sends it to the agent, and waits for
	234	* response from the agent. Returns true (non-zero) if the agent gave the
	235	* correct answer, zero otherwise. Response type selects the style of
	236	* response desired, with 0 corresponding to protocol version 1.0 (no longer
	237	* supported) and 1 corresponding to protocol version 1.1.
	238	*/
	239
	240	int
	241	ssh_decrypt_challenge(AuthenticationConnection *auth,
	242	BIGNUM* e, BIGNUM n, BIGNUM challenge,
	243	unsigned char session_id[16],
	244	unsigned int response_type,
	245	unsigned char response[16])
	246	{
	247	Buffer buffer;
	248	unsigned char buf[8192];
	249	int len, l, i;
	250
	251	/* Response type 0 is no longer supported. */
	252	if (response_type == 0)
	253	fatal("Compatibility with ssh protocol version 1.0 no longer supported.");
	254
	255	/* Format a message to the agent. */
	256	buf[0] = SSH_AGENTC_RSA_CHALLENGE;
	257	buffer_init(&buffer);
	258	buffer_append(&buffer, (char *) buf, 1);
	259	buffer_put_int(&buffer, BN_num_bits(n));
	260	buffer_put_bignum(&buffer, e);
	261	buffer_put_bignum(&buffer, n);
	262	buffer_put_bignum(&buffer, challenge);
	263	buffer_append(&buffer, (char *) session_id, 16);
	264	buffer_put_int(&buffer, response_type);
	265
	266	/* Get the length of the message, and format it in the buffer. */
	267	len = buffer_len(&buffer);
	268	PUT_32BIT(buf, len);
	269
	270	/* Send the length and then the packet to the agent. */
	271	if (atomicio(write, auth->fd, buf, 4) != 4 \|\|
	272	atomicio(write, auth->fd, buffer_ptr(&buffer),
	273	buffer_len(&buffer)) != buffer_len(&buffer)) {
	274	error("Error writing to authentication socket.");
	275	error_cleanup:
	276	buffer_free(&buffer);
	277	return 0;
	278	}
	279	/*
	280	* Wait for response from the agent. First read the length of the
	281	* response packet.
	282	*/
	283	len = 4;
	284	while (len > 0) {
	285	l = read(auth->fd, buf + 4 - len, len);
	286	if (l <= 0) {
	287	error("Error reading response length from authentication socket.");
	288	goto error_cleanup;
	289	}
	290	len -= l;
	291	}
	292
	293	/* Extract the length, and check it for sanity. */
	294	len = GET_32BIT(buf);
	295	if (len > 256 * 1024)
	296	fatal("Authentication response too long: %d", len);
	297
	298	/* Read the rest of the response in tothe buffer. */
	299	buffer_clear(&buffer);
	300	while (len > 0) {
	301	l = len;
	302	if (l > sizeof(buf))
	303	l = sizeof(buf);
	304	l = read(auth->fd, buf, l);
	305	if (l <= 0) {
	306	error("Error reading response from authentication socket.");
	307	goto error_cleanup;
	308	}
	309	buffer_append(&buffer, (char *) buf, l);
	310	len -= l;
	311	}
	312
	313	/* Get the type of the packet. */
	314	buffer_get(&buffer, (char *) buf, 1);
	315
	316	/* Check for agent failure message. */
	317	if (buf[0] == SSH_AGENT_FAILURE) {
	318	log("Agent admitted failure to authenticate using the key.");
	319	goto error_cleanup;
	320	}
	321	/* Now it must be an authentication response packet. */
	322	if (buf[0] != SSH_AGENT_RSA_RESPONSE)
	323	fatal("Bad authentication response: %d", buf[0]);
	324
	325	/*
	326	* Get the response from the packet. This will abort with a fatal
	327	* error if the packet is corrupt.
	328	*/
	329	for (i = 0; i < 16; i++)
	330	response[i] = buffer_get_char(&buffer);
	331
	332	/* The buffer containing the packet is no longer needed. */
	333	buffer_free(&buffer);
	334
	335	/* Correct answer. */
	336	return 1;
	337	}
	338
	339	/*
	340	* Adds an identity to the authentication server. This call is not meant to
	341	* be used by normal applications.
	342	*/
	343
	344	int
	345	ssh_add_identity(AuthenticationConnection *auth,
	346	RSA * key, const char *comment)
	347	{
	348	Buffer buffer;
	349	unsigned char buf[8192];
	350	int len;
	351
	352	/* Format a message to the agent. */
	353	buffer_init(&buffer);
	354	buffer_put_char(&buffer, SSH_AGENTC_ADD_RSA_IDENTITY);
	355	buffer_put_int(&buffer, BN_num_bits(key->n));
	356	buffer_put_bignum(&buffer, key->n);
	357	buffer_put_bignum(&buffer, key->e);
	358	buffer_put_bignum(&buffer, key->d);
	359	/* To keep within the protocol: p < q for ssh. in SSL p > q */
	360	buffer_put_bignum(&buffer, key->iqmp); /* ssh key->u */
	361	buffer_put_bignum(&buffer, key->q); /* ssh key->p, SSL key->q */
	362	buffer_put_bignum(&buffer, key->p); /* ssh key->q, SSL key->p */
	363	buffer_put_string(&buffer, comment, strlen(comment));
	364
	365	/* Get the length of the message, and format it in the buffer. */
	366	len = buffer_len(&buffer);
	367	PUT_32BIT(buf, len);
	368
	369	/* Send the length and then the packet to the agent. */
	370	if (atomicio(write, auth->fd, buf, 4) != 4 \|\|
	371	atomicio(write, auth->fd, buffer_ptr(&buffer),
	372	buffer_len(&buffer)) != buffer_len(&buffer)) {
	373	error("Error writing to authentication socket.");
	374	buffer_free(&buffer);
	375	return 0;
	376	}
	377	buffer_free(&buffer);
	378	return ssh_agent_get_reply(auth);
	379	}
	380
	381	/*
	382	* Removes an identity from the authentication server. This call is not
	383	* meant to be used by normal applications.
	384	*/
	385
	386	int
	387	ssh_remove_identity(AuthenticationConnection auth, RSA key)
	388	{
	389	Buffer buffer;
	390	unsigned char buf[5];
	391	int len;
	392
	393	/* Format a message to the agent. */
	394	buffer_init(&buffer);
	395	buffer_put_char(&buffer, SSH_AGENTC_REMOVE_RSA_IDENTITY);
	396	buffer_put_int(&buffer, BN_num_bits(key->n));
	397	buffer_put_bignum(&buffer, key->e);
	398	buffer_put_bignum(&buffer, key->n);
	399
	400	/* Get the length of the message, and format it in the buffer. */
	401	len = buffer_len(&buffer);
	402	PUT_32BIT(buf, len);
	403
	404	/* Send the length and then the packet to the agent. */
	405	if (atomicio(write, auth->fd, buf, 4) != 4 \|\|
	406	atomicio(write, auth->fd, buffer_ptr(&buffer),
	407	buffer_len(&buffer)) != buffer_len(&buffer)) {
	408	error("Error writing to authentication socket.");
	409	buffer_free(&buffer);
	410	return 0;
	411	}
	412	buffer_free(&buffer);
	413	return ssh_agent_get_reply(auth);
	414	}
	415
	416	/*
	417	* Removes all identities from the agent. This call is not meant to be used
	418	* by normal applications.
	419	*/
	420
	421	int
	422	ssh_remove_all_identities(AuthenticationConnection *auth)
	423	{
	424	unsigned char buf[5];
	425
	426	/* Get the length of the message, and format it in the buffer. */
	427	PUT_32BIT(buf, 1);
	428	buf[4] = SSH_AGENTC_REMOVE_ALL_RSA_IDENTITIES;
	429
	430	/* Send the length and then the packet to the agent. */
	431	if (atomicio(write, auth->fd, buf, 5) != 5) {
	432	error("Error writing to authentication socket.");
	433	return 0;
	434	}
	435	return ssh_agent_get_reply(auth);
	436	}
	437
	438	/*
	439	* Read for reply from agent. returns 1 for success, 0 on error
	440	*/
	441
	442	int
	443	ssh_agent_get_reply(AuthenticationConnection *auth)
	444	{
	445	Buffer buffer;
	446	unsigned char buf[8192];
	447	int len, l, type;
	448
	449	/*
	450	* Wait for response from the agent. First read the length of the
	451	* response packet.
	452	*/
	453	len = 4;
	454	while (len > 0) {
	455	l = read(auth->fd, buf + 4 - len, len);
	456	if (l <= 0) {
	457	error("Error reading response length from authentication socket.");
	458	buffer_free(&buffer);
	459	return 0;
	460	}
	461	len -= l;
	462	}
	463
	464	/* Extract the length, and check it for sanity. */
	465	len = GET_32BIT(buf);
	466	if (len > 256 * 1024)
	467	fatal("Response from agent too long: %d", len);
	468
	469	/* Read the rest of the response in to the buffer. */
	470	buffer_init(&buffer);
	471	while (len > 0) {
	472	l = len;
	473	if (l > sizeof(buf))
	474	l = sizeof(buf);
	475	l = read(auth->fd, buf, l);
	476	if (l <= 0) {
	477	error("Error reading response from authentication socket.");
	478	buffer_free(&buffer);
	479	return 0;
	480	}
	481	buffer_append(&buffer, (char *) buf, l);
	482	len -= l;
	483	}
	484
	485	/* Get the type of the packet. */
	486	type = buffer_get_char(&buffer);
	487	buffer_free(&buffer);
	488	switch (type) {
	489	case SSH_AGENT_FAILURE:
	490	return 0;
	491	case SSH_AGENT_SUCCESS:
	492	return 1;
	493	default:
	494	fatal("Bad response from authentication agent: %d", type);
	495	}
	496	/* NOTREACHED */
	497	return 0;
	498	}