static void source_agent_env(enum agent id) { struct agent_data_t data; int ret = envoy_get_agent(id, &data, AGENT_ENVIRON); if (ret < 0) warn("failed to fetch envoy agent"); switch (data.status) { case ENVOY_STOPPED: case ENVOY_STARTED: case ENVOY_RUNNING: break; case ENVOY_FAILED: warnx("agent failed to start, check envoyd's log"); case ENVOY_BADUSER: warnx("connection rejected, user is unauthorized to use this agent"); } if (data.type == AGENT_GPG_AGENT) { _cleanup_gpg_ struct gpg_t *agent = gpg_agent_connection(data.gpg, NULL); gpg_update_tty(agent); } if (data.gpg[0]) { putenvf("GPG_AGENT_INFO=%s", data.gpg); } else { unsetenv("GPG_AGENT_INFO"); } putenvf("SSH_AUTH_SOCK=%s", data.sock); }
static int get_agent(struct agent_data_t *data, enum agent id, bool start) { int ret = envoy_get_agent(id, data, start ? AGENT_DEFAULTS : AGENT_STATUS); if (ret < 0) err(EXIT_FAILURE, "failed to fetch agent"); switch (data->status) { case ENVOY_STOPPED: case ENVOY_STARTED: case ENVOY_RUNNING: break; case ENVOY_FAILED: errx(EXIT_FAILURE, "agent failed to start, check envoyd's log"); case ENVOY_BADUSER: errx(EXIT_FAILURE, "connection rejected, user is unauthorized to use this agent"); } return ret; }
static int pam_get_agent(struct agent_data_t *data, enum agent id, uid_t uid, gid_t gid) { bool dropped = set_privileges(true, &uid, &gid); int ret = envoy_get_agent(id, data, AGENT_ENVIRON); if (ret < 0) syslog(PAM_LOG_ERR, "failed to fetch agent: %s", strerror(errno)); switch (data->status) { case ENVOY_STOPPED: case ENVOY_STARTED: case ENVOY_RUNNING: break; case ENVOY_FAILED: syslog(PAM_LOG_ERR, "agent failed to start, check envoyd's log"); case ENVOY_BADUSER: syslog(PAM_LOG_ERR, "connection rejected, user is unauthorized to use this agent"); } if (dropped) set_privileges(false, &uid, &gid); return ret; }