Last active
March 7, 2021 19:47
-
-
Save DocLM/23403b935d57b79fba3be5249d68c652 to your computer and use it in GitHub Desktop.
Patch openssh ssh-agent to work with MacOS launchd socket listener
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/ssh-agent.c b/ssh-agent.c | |
index 58fe6dd..90ba7fb 100644 | |
--- a/ssh-agent.c | |
+++ b/ssh-agent.c | |
@@ -71,6 +71,7 @@ | |
#include <time.h> | |
#include <string.h> | |
#include <unistd.h> | |
+#include <launch.h> | |
#ifdef HAVE_UTIL_H | |
# include <util.h> | |
#endif | |
@@ -1372,6 +1373,7 @@ int | |
main(int ac, char **av) | |
{ | |
int c_flag = 0, d_flag = 0, D_flag = 0, k_flag = 0, s_flag = 0; | |
+ int l_flag = 0; | |
int sock, ch, result, saved_errno; | |
char *shell, *format, *pidstr, *agentsocket = NULL; | |
#ifdef HAVE_SETRLIMIT | |
@@ -1405,7 +1407,7 @@ main(int ac, char **av) | |
__progname = ssh_get_progname(av[0]); | |
seed_rng(); | |
- while ((ch = getopt(ac, av, "cDdksE:a:O:P:t:")) != -1) { | |
+ while ((ch = getopt(ac, av, "cDdklsE:a:O:P:t:")) != -1) { | |
switch (ch) { | |
case 'E': | |
fingerprint_hash = ssh_digest_alg_by_name(optarg); | |
@@ -1431,6 +1433,9 @@ main(int ac, char **av) | |
fatal("-P option already specified"); | |
allowed_providers = xstrdup(optarg); | |
break; | |
+ case 'l': | |
+ l_flag++; | |
+ break; | |
case 's': | |
if (c_flag) | |
usage(); | |
@@ -1533,6 +1538,27 @@ main(int ac, char **av) | |
* Create socket early so it will exist before command gets run from | |
* the parent. | |
*/ | |
+ if (l_flag) { | |
+ int *fds = NULL; | |
+ size_t count = 0; | |
+ result = launch_activate_socket("Listeners", &fds, &count); | |
+ | |
+ if (result != 0 || fds == NULL || count < 1) { | |
+ errno = result; | |
+ perror("launch_activate_socket()"); | |
+ exit(1); | |
+ } | |
+ | |
+ size_t i; | |
+ for (i = 0; i < count; i++) { | |
+ new_socket(AUTH_SOCKET, fds[i]); | |
+ } | |
+ | |
+ if (fds) | |
+ free(fds); | |
+ | |
+ goto skip2; | |
+ } else { | |
prev_mask = umask(0177); | |
sock = unix_listener(socket_name, SSH_LISTEN_BACKLOG, 0); | |
if (sock < 0) { | |
@@ -1540,6 +1566,7 @@ main(int ac, char **av) | |
*socket_name = '\0'; /* Don't unlink any existing file */ | |
cleanup_exit(1); | |
} | |
+ } | |
umask(prev_mask); | |
/* | |
@@ -1612,6 +1639,7 @@ skip: | |
pkcs11_init(0); | |
#endif | |
new_socket(AUTH_SOCKET, sock); | |
+skip2: | |
if (ac > 0) | |
parent_alive_interval = 10; | |
idtab_init(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment