diff options
Diffstat (limited to 'ssh-agent.c')
| -rw-r--r-- | ssh-agent.c | 28 |
1 files changed, 19 insertions, 9 deletions
diff --git a/ssh-agent.c b/ssh-agent.c index d8a8260f9bfd..d06ecfd98a9a 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.231 2018/05/11 03:38:51 djm Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.233 2019/01/22 22:58:50 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -96,6 +96,8 @@ /* Maximum accepted message length */ #define AGENT_MAX_LEN (256*1024) +/* Maximum bytes to read from client socket */ +#define AGENT_RBUF_LEN (4096) typedef enum { AUTH_UNUSED, @@ -839,7 +841,7 @@ handle_socket_read(u_int socknum) static int handle_conn_read(u_int socknum) { - char buf[1024]; + char buf[AGENT_RBUF_LEN]; ssize_t len; int r; @@ -946,6 +948,7 @@ prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp, u_int maxfds) struct pollfd *pfd = *pfdp; size_t i, j, npfd = 0; time_t deadline; + int r; /* Count active sockets */ for (i = 0; i < sockets_alloc; i++) { @@ -983,8 +986,19 @@ prepare_poll(struct pollfd **pfdp, size_t *npfdp, int *timeoutp, u_int maxfds) case AUTH_CONNECTION: pfd[j].fd = sockets[i].fd; pfd[j].revents = 0; - /* XXX backoff when input buffer full */ - pfd[j].events = POLLIN; + /* + * Only prepare to read if we can handle a full-size + * input read buffer and enqueue a max size reply.. + */ + if ((r = sshbuf_check_reserve(sockets[i].input, + AGENT_RBUF_LEN)) == 0 && + (r = sshbuf_check_reserve(sockets[i].output, + AGENT_MAX_LEN)) == 0) + pfd[j].events = POLLIN; + else if (r != SSH_ERR_NO_BUFFER_SPACE) { + fatal("%s: buffer error: %s", + __func__, ssh_err(r)); + } if (sshbuf_len(sockets[i].output) > 0) pfd[j].events |= POLLOUT; j++; @@ -1095,10 +1109,6 @@ main(int ac, char **av) if (getrlimit(RLIMIT_NOFILE, &rlim) == -1) fatal("%s: getrlimit: %s", __progname, strerror(errno)); -#ifdef WITH_OPENSSL - OpenSSL_add_all_algorithms(); -#endif - __progname = ssh_get_progname(av[0]); seed_rng(); @@ -1199,7 +1209,7 @@ main(int ac, char **av) */ #define SSH_AGENT_MIN_FDS (3+1+1+1+4) if (rlim.rlim_cur < SSH_AGENT_MIN_FDS) - fatal("%s: file descriptior rlimit %lld too low (minimum %u)", + fatal("%s: file descriptor rlimit %lld too low (minimum %u)", __progname, (long long)rlim.rlim_cur, SSH_AGENT_MIN_FDS); maxfds = rlim.rlim_cur - SSH_AGENT_MIN_FDS; |