summaryrefslogtreecommitdiff
path: root/ssh-agent.c
diff options
context:
space:
mode:
authorEd Maste <emaste@FreeBSD.org>2020-02-14 19:47:15 +0000
committerEd Maste <emaste@FreeBSD.org>2020-02-14 19:47:15 +0000
commitf02e39982452024dafcf0ea6e536ebff586ffce4 (patch)
tree78cdaad953cc879dc7d97272436a4d84b228d94c /ssh-agent.c
parentdc9e8d9c8401178683a1f53bc816389a1160dc41 (diff)
vendor/openssh/8.0p1vendor/openssh
Notes
Diffstat (limited to 'ssh-agent.c')
-rw-r--r--ssh-agent.c28
1 files changed, 19 insertions, 9 deletions
diff --git a/ssh-agent.c b/ssh-agent.c
index d8a8260f9bfde..d06ecfd98a9a5 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.231 2018/05/11 03:38:51 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.233 2019/01/22 22:58:50 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -96,6 +96,8 @@
/* Maximum accepted message length */
#define AGENT_MAX_LEN (256*1024)
+/* Maximum bytes to read from client socket */
+#define AGENT_RBUF_LEN (4096)
typedef enum {
AUTH_UNUSED,
@@ -839,7 +841,7 @@ handle_socket_read(u_int socknum)
static int
handle_conn_read(u_int socknum)
{
- char buf[1024];
+ char buf[AGENT_RBUF_LEN];
ssize_t len;
int r;
@@ -946,6 +948,7 @@ prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp, u_int maxfds)
struct pollfd *pfd = *pfdp;
size_t i, j, npfd = 0;
time_t deadline;
+ int r;
/* Count active sockets */
for (i = 0; i < sockets_alloc; i++) {
@@ -983,8 +986,19 @@ prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp, u_int maxfds)
case AUTH_CONNECTION:
pfd[j].fd = sockets[i].fd;
pfd[j].revents = 0;
- /* XXX backoff when input buffer full */
- pfd[j].events = POLLIN;
+ /*
+ * Only prepare to read if we can handle a full-size
+ * input read buffer and enqueue a max size reply..
+ */
+ if ((r = sshbuf_check_reserve(sockets[i].input,
+ AGENT_RBUF_LEN)) == 0 &&
+ (r = sshbuf_check_reserve(sockets[i].output,
+ AGENT_MAX_LEN)) == 0)
+ pfd[j].events = POLLIN;
+ else if (r != SSH_ERR_NO_BUFFER_SPACE) {
+ fatal("%s: buffer error: %s",
+ __func__, ssh_err(r));
+ }
if (sshbuf_len(sockets[i].output) > 0)
pfd[j].events |= POLLOUT;
j++;
@@ -1095,10 +1109,6 @@ main(int ac, char **av)
if (getrlimit(RLIMIT_NOFILE, &rlim) == -1)
fatal("%s: getrlimit: %s", __progname, strerror(errno));
-#ifdef WITH_OPENSSL
- OpenSSL_add_all_algorithms();
-#endif
-
__progname = ssh_get_progname(av[0]);
seed_rng();
@@ -1199,7 +1209,7 @@ main(int ac, char **av)
*/
#define SSH_AGENT_MIN_FDS (3+1+1+1+4)
if (rlim.rlim_cur < SSH_AGENT_MIN_FDS)
- fatal("%s: file descriptior rlimit %lld too low (minimum %u)",
+ fatal("%s: file descriptor rlimit %lld too low (minimum %u)",
__progname, (long long)rlim.rlim_cur, SSH_AGENT_MIN_FDS);
maxfds = rlim.rlim_cur - SSH_AGENT_MIN_FDS;
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 09:15:34 +0000