- markus@cvs.openbsd.org 2002/06/05 16:08:07

[ssh-agent.1 ssh-agent.c] '-a bind_address' binds the agent to user-specified unix-domain socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
2002-06-06 21:46:08 +00:00 · 2002-06-06 21:46:08 +00:00 · b7788f3ebe
parent 22fa01cdea
commit b7788f3ebe
4 changed files with 37 additions and 14 deletions
--- a/6
+++ b/6
@ -102,6 +102,10 @@
     [ssh-agent.1 ssh-agent.c]
     '-a bind_address' binds the agent to user-specified unix-domain
     socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
+   - markus@cvs.openbsd.org 2002/06/05 16:08:07
+     [ssh-agent.1 ssh-agent.c]
+     '-a bind_address' binds the agent to user-specified unix-domain
+     socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).

 20020604
 - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed
@ -786,4 +790,4 @@
 - (stevesk) entropy.c: typo in debug message
 - (djm) ssh-keygen -i needs seeded RNG; report from markus@

-$Id: ChangeLog,v 1.2171 2002/06/06 21:46:07 mouring Exp $
+$Id: ChangeLog,v 1.2172 2002/06/06 21:46:57 mouring Exp $
--- a/ssh-add.1
+++ b/ssh-add.1
@ -1,4 +1,4 @@
-.\"	$OpenBSD: ssh-add.1,v 1.30 2002/02/04 20:41:16 stevesk Exp $
+.\"	$OpenBSD: ssh-add.1,v 1.31 2002/06/05 16:35:45 markus Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@ -129,6 +129,9 @@ or related script.
 may be necessary to redirect the input from
 .Pa /dev/null
 to make this work.)
+.It Ev SSH_AUTH_SOCK
+Identifies the path of a unix-domain socket used to communicate with the
+agent.
 .El
 .Sh DIAGNOSTICS
 Exit status is 0 on success, 1 if the specified command fails,
--- a/ssh-agent.1
+++ b/ssh-agent.1
@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-agent.1,v 1.31 2002/02/04 20:41:16 stevesk Exp $
+.\" $OpenBSD: ssh-agent.1,v 1.32 2002/06/05 16:08:07 markus Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -42,6 +42,7 @@
 .Nd authentication agent
 .Sh SYNOPSIS
 .Nm ssh-agent
+.Op Fl a Ar bind_address
 .Op Fl c Li | Fl s
 .Op Fl d
 .Op Ar command Op Ar args ...
@ -64,6 +65,11 @@ machines using
 .Pp
 The options are as follows:
 .Bl -tag -width Ds
+.It Fl a Ar bind_address
+Bind the agent to the unix-domain socket
+.Ar bind_address .
+The default is
+.Pa /tmp/ssh-XXXXXXXX/agent.<pid> .
 .It Fl c
 Generate C-shell commands on
 .Dv stdout .
@ -135,7 +141,6 @@ by the agent, and the result will be returned to the requester.
 This way, private keys are not exposed to clients using the agent.
 .Pp
 A unix-domain socket is created
-.Pq Pa /tmp/ssh-XXXXXXXX/agent.<pid> ,
 and the name of this socket is stored in the
 .Ev SSH_AUTH_SOCK
 environment
--- a/ssh-agent.c
+++ b/ssh-agent.c
@ -35,7 +35,7 @@

 #include "includes.h"
 #include "openbsd-compat/fake-queue.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.85 2002/04/02 11:49:39 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.86 2002/06/05 16:08:07 markus Exp $");

 #include <openssl/evp.h>
 #include <openssl/md5.h>
@ -803,6 +803,7 @@ usage(void)
 	fprintf(stderr, "  -s          Generate Bourne shell commands on stdout.\n");
 	fprintf(stderr, "  -k          Kill the current agent.\n");
 	fprintf(stderr, "  -d          Debug mode.\n");
+	fprintf(stderr, "  -a socket   Bind agent socket to given name.\n");
 	exit(1);
 }

@ -819,6 +820,7 @@ main(int ac, char **av)
 #endif
 	pid_t pid;
 	char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
+	char *agentsocket = NULL;
 	extern int optind;
 	fd_set *readsetp = NULL, *writesetp = NULL;

@ -829,9 +831,9 @@ main(int ac, char **av)
 	seed_rng();

 #ifdef __GNU_LIBRARY__
-	while ((ch = getopt(ac, av, "+cdks")) != -1) {
+	while ((ch = getopt(ac, av, "+cdksa:")) != -1) {
 #else /* __GNU_LIBRARY__ */
-	while ((ch = getopt(ac, av, "cdks")) != -1) {
+	while ((ch = getopt(ac, av, "cdksa:")) != -1) {
 #endif /* __GNU_LIBRARY__ */
 		switch (ch) {
 		case 'c':
@ -852,6 +854,9 @@ main(int ac, char **av)
 				usage();
 			d_flag++;
 			break;
+		case 'a':
+			agentsocket = optarg;
+			break;
 		default:
 			usage();
 		}
@ -892,14 +897,20 @@ main(int ac, char **av)
 	}
 	parent_pid = getpid();

-	/* Create private directory for agent socket */
-	strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir);
-	if (mkdtemp(socket_dir) == NULL) {
-		perror("mkdtemp: private socket dir");
-		exit(1);
+	if (agentsocket == NULL) {
+		/* Create private directory for agent socket */
+		strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir);
+		if (mkdtemp(socket_dir) == NULL) {
+			perror("mkdtemp: private socket dir");
+			exit(1);
+		}
+		snprintf(socket_name, sizeof socket_name, "%s/agent.%d", socket_dir,
+		    parent_pid);
+	} else {
+		/* Try to use specified agent socket */
+		socket_dir[0] = '\0';
+		strlcpy(socket_name, agentsocket, sizeof socket_name);
 	}
-	snprintf(socket_name, sizeof socket_name, "%s/agent.%d", socket_dir,
-	    parent_pid);

 	/*
 	 * Create socket early so it will exist before command gets run from