- markus@cvs.openbsd.org 2002/06/05 16:08:07

     [ssh-agent.1 ssh-agent.c]
     '-a bind_address' binds the agent to user-specified unix-domain
     socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).

diff --git a/ChangeLog b/ChangeLog
index 28ba7c4eeb7fc83f42a461a79c4dad0df5379466..7b39065f1b1e2e55db9116eb4395fd14cd5c83c7 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -98,6 +98,10 @@
    - markus@cvs.openbsd.org 2002/06/04 23:05:49
      [cipher.c monitor.c monitor_fdpass.c monitor_mm.c monitor_wrap.c]
      __FUNCTION__ -> __func__
+   - markus@cvs.openbsd.org 2002/06/05 16:08:07
+     [ssh-agent.1 ssh-agent.c]
+     '-a bind_address' binds the agent to user-specified unix-domain
+     socket instead of /tmp/ssh-XXXXXXXX/agent.<pid>; ok djm@ (some time ago).
 
 20020604
  - (stevesk) [channels.c] bug #164 patch from YOSHIFUJI Hideaki (changed

diff --git a/ssh-add.1 b/ssh-add.1
index 41d5def6ff150e6cf35c452ccb300d804629169f..163fc45edff8cf9ed3d15a407d9cd00db1a037e6 100644 (file)
--- a/ssh-add.1
+++ b/ssh-add.1
@@ -1,4 +1,4 @@
-.\"    $OpenBSD: ssh-add.1,v 1.30 2002/02/04 20:41:16 stevesk Exp $
+.\"    $OpenBSD: ssh-add.1,v 1.31 2002/06/05 16:35:45 markus Exp $
 .\"
 .\"  -*- nroff -*-
 .\"
@@ -129,6 +129,9 @@ or related script.
 may be necessary to redirect the input from
 .Pa /dev/null
 to make this work.)
+.It Ev SSH_AUTH_SOCK
+Identifies the path of a unix-domain socket used to communicate with the
+agent.
 .El
 .Sh DIAGNOSTICS
 Exit status is 0 on success, 1 if the specified command fails,

diff --git a/ssh-agent.1 b/ssh-agent.1
index 9909ef59022d7d5a7cfb8d0c3e88d14031d35e27..5f498b7e3a441901f4b8a8d8d6e3fce735693afd 100644 (file)
--- a/ssh-agent.1
+++ b/ssh-agent.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-agent.1,v 1.31 2002/02/04 20:41:16 stevesk Exp $
+.\" $OpenBSD: ssh-agent.1,v 1.32 2002/06/05 16:08:07 markus Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -42,6 +42,7 @@
 .Nd authentication agent
 .Sh SYNOPSIS
 .Nm ssh-agent
+.Op Fl a Ar bind_address
 .Op Fl c Li | Fl s
 .Op Fl d
 .Op Ar command Op Ar args ...
@@ -64,6 +65,11 @@ machines using
 .Pp
 The options are as follows:
 .Bl -tag -width Ds
+.It Fl a Ar bind_address
+Bind the agent to the unix-domain socket
+.Ar bind_address .
+The default is
+.Pa /tmp/ssh-XXXXXXXX/agent.<pid> .
 .It Fl c
 Generate C-shell commands on
 .Dv stdout .
@@ -135,7 +141,6 @@ by the agent, and the result will be returned to the requester.
 This way, private keys are not exposed to clients using the agent.
 .Pp
 A unix-domain socket is created
-.Pq Pa /tmp/ssh-XXXXXXXX/agent.<pid> ,
 and the name of this socket is stored in the
 .Ev SSH_AUTH_SOCK
 environment

diff --git a/ssh-agent.c b/ssh-agent.c
index 33596c47a9924342706e26ec8fbfd03a00e6cca0..d3321478bbf3109ef3ef2e2b81a82f838a7cf570 100644 (file)
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -35,7 +35,7 @@
 
 #include "includes.h"
 #include "openbsd-compat/fake-queue.h"
-RCSID("$OpenBSD: ssh-agent.c,v 1.85 2002/04/02 11:49:39 markus Exp $");
+RCSID("$OpenBSD: ssh-agent.c,v 1.86 2002/06/05 16:08:07 markus Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/md5.h>
@@ -803,6 +803,7 @@ usage(void)
        fprintf(stderr, "  -s          Generate Bourne shell commands on stdout.\n");
        fprintf(stderr, "  -k          Kill the current agent.\n");
        fprintf(stderr, "  -d          Debug mode.\n");
+       fprintf(stderr, "  -a socket   Bind agent socket to given name.\n");
        exit(1);
 }
 
@@ -819,6 +820,7 @@ main(int ac, char **av)
 #endif
        pid_t pid;
        char *shell, *format, *pidstr, pidstrbuf[1 + 3 * sizeof pid];
+       char *agentsocket = NULL;
        extern int optind;
        fd_set *readsetp = NULL, *writesetp = NULL;
 
@@ -829,9 +831,9 @@ main(int ac, char **av)
        seed_rng();
 
 #ifdef __GNU_LIBRARY__
-       while ((ch = getopt(ac, av, "+cdks")) != -1) {
+       while ((ch = getopt(ac, av, "+cdksa:")) != -1) {
 #else /* __GNU_LIBRARY__ */
-       while ((ch = getopt(ac, av, "cdks")) != -1) {
+       while ((ch = getopt(ac, av, "cdksa:")) != -1) {
 #endif /* __GNU_LIBRARY__ */
                switch (ch) {
                case 'c':
@@ -852,6 +854,9 @@ main(int ac, char **av)
                                usage();
                        d_flag++;
                        break;
+               case 'a':
+                       agentsocket = optarg;
+                       break;
                default:
                        usage();
                }
@@ -892,14 +897,20 @@ main(int ac, char **av)
        }
        parent_pid = getpid();
 
-       /* Create private directory for agent socket */
-       strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir);
-       if (mkdtemp(socket_dir) == NULL) {
-               perror("mkdtemp: private socket dir");
-               exit(1);
+       if (agentsocket == NULL) {
+               /* Create private directory for agent socket */
+               strlcpy(socket_dir, "/tmp/ssh-XXXXXXXX", sizeof socket_dir);
+               if (mkdtemp(socket_dir) == NULL) {
+                       perror("mkdtemp: private socket dir");
+                       exit(1);
+               }
+               snprintf(socket_name, sizeof socket_name, "%s/agent.%d", socket_dir,
+                   parent_pid);
+       } else {
+               /* Try to use specified agent socket */
+               socket_dir[0] = '\0';
+               strlcpy(socket_name, agentsocket, sizeof socket_name);
        }
-       snprintf(socket_name, sizeof socket_name, "%s/agent.%d", socket_dir,
-           parent_pid);
 
        /*
         * Create socket early so it will exist before command gets run from