Skip to content

Instantly share code, notes, and snippets.

@DocLM
Last active March 7, 2021 19:47
Show Gist options
  • Save DocLM/23403b935d57b79fba3be5249d68c652 to your computer and use it in GitHub Desktop.
Save DocLM/23403b935d57b79fba3be5249d68c652 to your computer and use it in GitHub Desktop.
Patch openssh ssh-agent to work with MacOS launchd socket listener
diff --git a/ssh-agent.c b/ssh-agent.c
index 58fe6dd..90ba7fb 100644
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -71,6 +71,7 @@
#include <time.h>
#include <string.h>
#include <unistd.h>
+#include <launch.h>
#ifdef HAVE_UTIL_H
# include <util.h>
#endif
@@ -1372,6 +1373,7 @@ int
main(int ac, char **av)
{
int c_flag = 0, d_flag = 0, D_flag = 0, k_flag = 0, s_flag = 0;
+ int l_flag = 0;
int sock, ch, result, saved_errno;
char *shell, *format, *pidstr, *agentsocket = NULL;
#ifdef HAVE_SETRLIMIT
@@ -1405,7 +1407,7 @@ main(int ac, char **av)
__progname = ssh_get_progname(av[0]);
seed_rng();
- while ((ch = getopt(ac, av, "cDdksE:a:O:P:t:")) != -1) {
+ while ((ch = getopt(ac, av, "cDdklsE:a:O:P:t:")) != -1) {
switch (ch) {
case 'E':
fingerprint_hash = ssh_digest_alg_by_name(optarg);
@@ -1431,6 +1433,9 @@ main(int ac, char **av)
fatal("-P option already specified");
allowed_providers = xstrdup(optarg);
break;
+ case 'l':
+ l_flag++;
+ break;
case 's':
if (c_flag)
usage();
@@ -1533,6 +1538,27 @@ main(int ac, char **av)
* Create socket early so it will exist before command gets run from
* the parent.
*/
+ if (l_flag) {
+ int *fds = NULL;
+ size_t count = 0;
+ result = launch_activate_socket("Listeners", &fds, &count);
+
+ if (result != 0 || fds == NULL || count < 1) {
+ errno = result;
+ perror("launch_activate_socket()");
+ exit(1);
+ }
+
+ size_t i;
+ for (i = 0; i < count; i++) {
+ new_socket(AUTH_SOCKET, fds[i]);
+ }
+
+ if (fds)
+ free(fds);
+
+ goto skip2;
+ } else {
prev_mask = umask(0177);
sock = unix_listener(socket_name, SSH_LISTEN_BACKLOG, 0);
if (sock < 0) {
@@ -1540,6 +1566,7 @@ main(int ac, char **av)
*socket_name = '\0'; /* Don't unlink any existing file */
cleanup_exit(1);
}
+ }
umask(prev_mask);
/*
@@ -1612,6 +1639,7 @@ skip:
pkcs11_init(0);
#endif
new_socket(AUTH_SOCKET, sock);
+skip2:
if (ac > 0)
parent_alive_interval = 10;
idtab_init();
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment