Remoted will not exit on empty keys

etc/internal_options.conf

@@ -50,6 +50,8 @@ remoted.comp_average_printout=19999
 # Verify msg id (set to 0 to disable it)
 remoted.verify_msg_id=1
 
+# Don't exit when client.keys empty
+remoted.pass_empty_keyfile=0
 
 # Maild strict checking (0=disabled, 1=enabled)
 maild.strict_checking=1

src/error_messages/error_messages.h

@@ -133,6 +133,8 @@
 
 /* remoted */
 #define NO_REM_CONN     "%s(1750): ERROR: No remote connection configured. Exiting."
+#define NO_CLIENT_KEYS  "%s(1751): ERROR: File client.keys not found or empty."
+
 
 /* 1760 - 1769 -- reserved for maild */
 

src/headers/sec.h

@@ -69,6 +69,8 @@ void OS_StartCounter(keystore *keys) __attribute((nonnull));
 /* Remove counter for id */
 void OS_RemoveCounter(const char *id) __attribute((nonnull));
 
+/* Configure to pass if keys file is empty */
+void OS_PassEmptyKeyfile();
 
 /** Function prototypes -- agent authorization **/
 

src/os_crypto/shared/keys.c

@@ -17,6 +17,7 @@ static void __memclear(char *id, char *name, char *ip, char *key, size_t size) _
 static void __chash(keystore *keys, const char *id, const char *name, char *ip, const char *key) __attribute((nonnull));
 
 static int pass_empty_keyfile = 0;
+
 /* Clear keys entries */
 static void __memclear(char *id, char *name, char *ip, char *key, size_t size)
 {
@@ -112,7 +113,7 @@ int OS_CheckKeys()
 
     if (File_DateofChange(KEYSFILE_PATH) < 0) {
         merror(NO_AUTHFILE, __local_name, KEYSFILE_PATH);
-        merror(NO_REM_CONN, __local_name);
+        merror(NO_CLIENT_KEYS, __local_name);
         return (0);
     }
 
@@ -121,7 +122,7 @@ int OS_CheckKeys()
         /* We can leave from here */
         merror(FOPEN_ERROR, __local_name, KEYSFILE_PATH, errno, strerror(errno));
         merror(NO_AUTHFILE, __local_name, KEYSFILE_PATH);
-        merror(NO_REM_CONN, __local_name);
+        merror(NO_CLIENT_KEYS, __local_name);
         return (0);
     }
 
@@ -146,13 +147,15 @@ void OS_ReadKeys(keystore *keys)
     /* Check if the keys file is present and we can read it */
     if ((keys->file_change = File_DateofChange(KEYS_FILE)) < 0) {
         merror(NO_AUTHFILE, __local_name, KEYS_FILE);
-        ErrorExit(NO_REM_CONN, __local_name);
+        ErrorExit(NO_CLIENT_KEYS, __local_name);
+
     }
     fp = fopen(KEYS_FILE, "r");
     if (!fp) {
         /* We can leave from here */
         merror(FOPEN_ERROR, __local_name, KEYS_FILE, errno, strerror(errno));
-        ErrorExit(NO_REM_CONN, __local_name);
+        ErrorExit(NO_CLIENT_KEYS, __local_name);
+
     }
 
     /* Initialize hashes */
@@ -163,7 +166,7 @@ void OS_ReadKeys(keystore *keys)
     }
 
     /* Initialize structure */
-    keys->keyentries = NULL;
+    os_calloc(1, sizeof(keyentry*), keys->keyentries);
     keys->keysize = 0;
 
     /* Zero the buffers */
@@ -252,7 +255,10 @@ void OS_ReadKeys(keystore *keys)
 
     /* Check if there are any agents available */
     if (keys->keysize == 0) {
-        ErrorExit(NO_REM_CONN, __local_name);
+        merror(NO_CLIENT_KEYS, __local_name);
+        if (!pass_empty_keyfile) {
+            exit(1);
+        }
     }
 
     /* Add additional entry for sender == keysize */

src/remoted/main.c

@@ -127,6 +127,12 @@ int main(int argc, char **argv)
         exit(0);
     }
 
+    /* Don't exit when client.keys empty (if set) */
+    if (getDefine_Int("remoted", "pass_empty_keyfile", 0, 1)) {
+        OS_PassEmptyKeyfile();
+    }
+
+
     /* Check if the user and group given are valid */
     uid = Privsep_GetUser(user);
     gid = Privsep_GetGroup(group);