diff options
| author |   djm <djm@openbsd.org> | 2020-11-08 22:37:24 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2020-11-08 22:37:24 +0000 |
| commit | f29223874aaef706d56059b7e6d81229a0447b37 (patch) | |
| tree | f06629d82e41a9ee27a39396fd619fef8cde1288 | |
| parent | In case of failure, call sigexit() from trapsignal instead of sensig(). (diff) | |
| download | wireguard-openbsd-f29223874aaef706d56059b7e6d81229a0447b37.tar.xz wireguard-openbsd-f29223874aaef706d56059b7e6d81229a0447b37.zip | |
when requesting a security key touch on stderr, inform the user once
the touch has been recorded; requested by claudio@ ok markus@
| -rw-r--r-- | usr.bin/ssh/misc.h | 5 | ||||
| -rw-r--r-- | usr.bin/ssh/readpass.c | 36 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-agent.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh-keygen.c | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/sshconnect2.c | 4 |
5 files changed, 37 insertions, 16 deletions
diff --git a/usr.bin/ssh/misc.h b/usr.bin/ssh/misc.h index 553b0922007..e259dd49dea 100644 --- a/usr.bin/ssh/misc.h +++ b/usr.bin/ssh/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.88 2020/10/03 09:22:26 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.89 2020/11/08 22:37:24 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -189,7 +189,8 @@ char *read_passphrase(const char *, int); int ask_permission(const char *, ...) __attribute__((format(printf, 1, 2))); struct notifier_ctx *notify_start(int, const char *, ...) __attribute__((format(printf, 2, 3))); -void notify_complete(struct notifier_ctx *); +void notify_complete(struct notifier_ctx *, const char *, ...) + __attribute__((format(printf, 2, 3))); #define MINIMUM(a, b) (((a) < (b)) ? (a) : (b)) #define MAXIMUM(a, b) (((a) > (b)) ? (a) : (b)) diff --git a/usr.bin/ssh/readpass.c b/usr.bin/ssh/readpass.c index d96d52d3e8f..1e77d61113b 100644 --- a/usr.bin/ssh/readpass.c +++ b/usr.bin/ssh/readpass.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readpass.c,v 1.65 2020/10/18 11:32:01 djm Exp $ */ +/* $OpenBSD: readpass.c,v 1.66 2020/11/08 22:37:24 djm Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * @@ -219,6 +219,14 @@ ask_permission(const char *fmt, ...) return (allowed); } +static void +writemsg(const char *msg) +{ + (void)write(STDERR_FILENO, "\r", 1); + (void)write(STDERR_FILENO, msg, strlen(msg)); + (void)write(STDERR_FILENO, "\r\n", 2); +} + struct notifier_ctx { pid_t pid; void (*osigchld)(int); @@ -229,8 +237,8 @@ notify_start(int force_askpass, const char *fmt, ...) { va_list args; char *prompt = NULL; - pid_t pid; - void (*osigchld)(int); + pid_t pid = -1; + void (*osigchld)(int) = NULL; const char *askpass, *s; struct notifier_ctx *ret = NULL; @@ -241,10 +249,8 @@ notify_start(int force_askpass, const char *fmt, ...) if (fflush(NULL) != 0) error_f("fflush: %s", strerror(errno)); if (!force_askpass && isatty(STDERR_FILENO)) { - (void)write(STDERR_FILENO, "\r", 1); - (void)write(STDERR_FILENO, prompt, strlen(prompt)); - (void)write(STDERR_FILENO, "\r\n", 2); - goto out; + writemsg(prompt); + goto out_ctx; } if ((askpass = getenv("SSH_ASKPASS")) == NULL) askpass = _PATH_SSH_ASKPASS_DEFAULT; @@ -275,6 +281,7 @@ notify_start(int force_askpass, const char *fmt, ...) _exit(1); /* NOTREACHED */ } + out_ctx: if ((ret = calloc(1, sizeof(*ret))) == NULL) { kill(pid, SIGTERM); fatal_f("calloc failed"); @@ -287,9 +294,22 @@ notify_start(int force_askpass, const char *fmt, ...) } void -notify_complete(struct notifier_ctx *ctx) +notify_complete(struct notifier_ctx *ctx, const char *fmt, ...) { int ret; + char *msg = NULL; + va_list args; + + if (fmt != NULL && ctx->pid == -1) { + /* + * notify_start wrote to stderr, so send conclusion message + * there too + */ + va_start(args, fmt); + xvasprintf(&msg, fmt, args); + va_end(args); + writemsg(msg); + } if (ctx == NULL || ctx->pid <= 0) { free(ctx); diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c index b9206031da2..8a402f3a17d 100644 --- a/usr.bin/ssh/ssh-agent.c +++ b/usr.bin/ssh/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.266 2020/10/18 11:32:02 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.267 2020/11/08 22:37:24 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -402,7 +402,7 @@ process_sign_request2(SocketEntry *e) /* Success */ ok = 0; send: - notify_complete(notifier); + notify_complete(notifier, "User presence confirmed"); sshkey_free(key); free(fp); if (ok == 0) { diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c index 031d1e0e369..e30b99d25e5 100644 --- a/usr.bin/ssh/ssh-keygen.c +++ b/usr.bin/ssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.423 2020/10/29 03:01:18 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.424 2020/11/08 22:37:24 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1831,7 +1831,7 @@ do_ca_sign(struct passwd *pw, const char *ca_key_path, int prefer_agent, } r = sshkey_certify(public, ca, key_type_name, sk_provider, pin); - notify_complete(notifier); + notify_complete(notifier, "User presence confirmed"); if (r != 0) fatal_r(r, "Couldn't certify key %s", tmp); } diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c index 12a42cd0946..02723aecb20 100644 --- a/usr.bin/ssh/sshconnect2.c +++ b/usr.bin/ssh/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.333 2020/10/30 01:50:07 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.334 2020/11/08 22:37:24 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1272,7 +1272,7 @@ identity_sign(struct identity *id, u_char **sigp, size_t *lenp, free(prompt); if (pin != NULL) freezero(pin, strlen(pin)); - notify_complete(notifier); + notify_complete(notifier, "User presence confirmed"); sshkey_free(prv); return r; } |