diff options
author | Damien Miller <djm@mindrot.org> | 2004-06-18 01:19:03 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2004-06-18 01:19:03 +1000 |
commit | 23f0770a1bf8b0a1aa7c8d4bd78699fa0e9358d0 (patch) | |
tree | a4011718b766af34f837471c2311e6cd044e2c20 | |
parent | 3756dcee244f47c20a6590129d99e625169836c6 (diff) |
- djm@cvs.openbsd.org 2004/06/17 15:10:14
[clientloop.c misc.h readconf.c readpass.c ssh.c ssh_config.5]
Add option for confirmation (ControlMaster=ask) via ssh-askpass before
opening shared connections; ok markus@
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | clientloop.c | 38 | ||||
-rw-r--r-- | misc.h | 3 | ||||
-rw-r--r-- | readconf.c | 4 | ||||
-rw-r--r-- | readpass.c | 9 | ||||
-rw-r--r-- | ssh.c | 7 | ||||
-rw-r--r-- | ssh_config.5 | 11 |
7 files changed, 65 insertions, 13 deletions
@@ -3,6 +3,10 @@ | |||
3 | - djm@cvs.openbsd.org 2004/06/17 14:52:48 | 3 | - djm@cvs.openbsd.org 2004/06/17 14:52:48 |
4 | [clientloop.c clientloop.h ssh.c] | 4 | [clientloop.c clientloop.h ssh.c] |
5 | support environment passing over shared connections; ok markus@ | 5 | support environment passing over shared connections; ok markus@ |
6 | - djm@cvs.openbsd.org 2004/06/17 15:10:14 | ||
7 | [clientloop.c misc.h readconf.c readpass.c ssh.c ssh_config.5] | ||
8 | Add option for confirmation (ControlMaster=ask) via ssh-askpass before | ||
9 | opening shared connections; ok markus@ | ||
6 | 10 | ||
7 | 20040617 | 11 | 20040617 |
8 | - (dtucker) [regress/scp.sh] diff -N is not portable (but needed for some | 12 | - (dtucker) [regress/scp.sh] diff -N is not portable (but needed for some |
@@ -1276,4 +1280,4 @@ | |||
1276 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 1280 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
1277 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 1281 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
1278 | 1282 | ||
1279 | $Id: ChangeLog,v 1.3405 2004/06/17 15:17:29 djm Exp $ | 1283 | $Id: ChangeLog,v 1.3406 2004/06/17 15:19:03 djm Exp $ |
diff --git a/clientloop.c b/clientloop.c index eb3200331..8f2f270d7 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -59,7 +59,7 @@ | |||
59 | */ | 59 | */ |
60 | 60 | ||
61 | #include "includes.h" | 61 | #include "includes.h" |
62 | RCSID("$OpenBSD: clientloop.c,v 1.126 2004/06/17 14:52:48 djm Exp $"); | 62 | RCSID("$OpenBSD: clientloop.c,v 1.127 2004/06/17 15:10:13 djm Exp $"); |
63 | 63 | ||
64 | #include "ssh.h" | 64 | #include "ssh.h" |
65 | #include "ssh1.h" | 65 | #include "ssh1.h" |
@@ -549,7 +549,7 @@ client_extra_session2_setup(int id, void *arg) | |||
549 | client_session2_setup(id, cctx->want_tty, cctx->want_subsys, | 549 | client_session2_setup(id, cctx->want_tty, cctx->want_subsys, |
550 | cctx->term, &cctx->tio, c->rfd, &cctx->cmd, cctx->env, | 550 | cctx->term, &cctx->tio, c->rfd, &cctx->cmd, cctx->env, |
551 | client_subsystem_reply); | 551 | client_subsystem_reply); |
552 | 552 | ||
553 | c->confirm_ctx = NULL; | 553 | c->confirm_ctx = NULL; |
554 | buffer_free(&cctx->cmd); | 554 | buffer_free(&cctx->cmd); |
555 | xfree(cctx->term); | 555 | xfree(cctx->term); |
@@ -566,7 +566,7 @@ client_process_control(fd_set * readset) | |||
566 | { | 566 | { |
567 | Buffer m; | 567 | Buffer m; |
568 | Channel *c; | 568 | Channel *c; |
569 | int client_fd, new_fd[3], ver, i; | 569 | int client_fd, new_fd[3], ver, i, allowed; |
570 | socklen_t addrlen; | 570 | socklen_t addrlen; |
571 | struct sockaddr_storage addr; | 571 | struct sockaddr_storage addr; |
572 | struct confirm_ctx *cctx; | 572 | struct confirm_ctx *cctx; |
@@ -600,23 +600,52 @@ client_process_control(fd_set * readset) | |||
600 | close(client_fd); | 600 | close(client_fd); |
601 | return; | 601 | return; |
602 | } | 602 | } |
603 | /* XXX: implement use of ssh-askpass to confirm additional channels */ | 603 | |
604 | allowed = 1; | ||
605 | if (options.control_master == 2) { | ||
606 | char *p, prompt[1024]; | ||
607 | |||
608 | allowed = 0; | ||
609 | snprintf(prompt, sizeof(prompt), | ||
610 | "Allow shared connection to %s? ", host); | ||
611 | p = read_passphrase(prompt, RP_USE_ASKPASS|RP_ALLOW_EOF); | ||
612 | if (p != NULL) { | ||
613 | /* | ||
614 | * Accept empty responses and responses consisting | ||
615 | * of the word "yes" as affirmative. | ||
616 | */ | ||
617 | if (*p == '\0' || *p == '\n' || | ||
618 | strcasecmp(p, "yes") == 0) | ||
619 | allowed = 1; | ||
620 | xfree(p); | ||
621 | } | ||
622 | } | ||
604 | 623 | ||
605 | unset_nonblock(client_fd); | 624 | unset_nonblock(client_fd); |
606 | 625 | ||
607 | buffer_init(&m); | 626 | buffer_init(&m); |
608 | 627 | ||
628 | buffer_put_int(&m, allowed); | ||
609 | buffer_put_int(&m, getpid()); | 629 | buffer_put_int(&m, getpid()); |
610 | if (ssh_msg_send(client_fd, /* version */0, &m) == -1) { | 630 | if (ssh_msg_send(client_fd, /* version */0, &m) == -1) { |
611 | error("%s: client msg_send failed", __func__); | 631 | error("%s: client msg_send failed", __func__); |
612 | close(client_fd); | 632 | close(client_fd); |
633 | buffer_free(&m); | ||
613 | return; | 634 | return; |
614 | } | 635 | } |
615 | buffer_clear(&m); | 636 | buffer_clear(&m); |
616 | 637 | ||
638 | if (!allowed) { | ||
639 | error("Refused control connection"); | ||
640 | close(client_fd); | ||
641 | buffer_free(&m); | ||
642 | return; | ||
643 | } | ||
644 | |||
617 | if (ssh_msg_recv(client_fd, &m) == -1) { | 645 | if (ssh_msg_recv(client_fd, &m) == -1) { |
618 | error("%s: client msg_recv failed", __func__); | 646 | error("%s: client msg_recv failed", __func__); |
619 | close(client_fd); | 647 | close(client_fd); |
648 | buffer_free(&m); | ||
620 | return; | 649 | return; |
621 | } | 650 | } |
622 | 651 | ||
@@ -670,6 +699,7 @@ client_process_control(fd_set * readset) | |||
670 | close(new_fd[0]); | 699 | close(new_fd[0]); |
671 | close(new_fd[1]); | 700 | close(new_fd[1]); |
672 | close(new_fd[2]); | 701 | close(new_fd[2]); |
702 | buffer_free(&m); | ||
673 | return; | 703 | return; |
674 | } | 704 | } |
675 | buffer_free(&m); | 705 | buffer_free(&m); |
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: misc.h,v 1.15 2004/06/14 01:44:39 djm Exp $ */ | 1 | /* $OpenBSD: misc.h,v 1.16 2004/06/17 15:10:14 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 4 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
@@ -43,5 +43,6 @@ char *tilde_expand_filename(const char *, uid_t); | |||
43 | #define RP_ECHO 0x0001 | 43 | #define RP_ECHO 0x0001 |
44 | #define RP_ALLOW_STDIN 0x0002 | 44 | #define RP_ALLOW_STDIN 0x0002 |
45 | #define RP_ALLOW_EOF 0x0004 | 45 | #define RP_ALLOW_EOF 0x0004 |
46 | #define RP_USE_ASKPASS 0x0008 | ||
46 | 47 | ||
47 | char *read_passphrase(const char *, int); | 48 | char *read_passphrase(const char *, int); |
diff --git a/readconf.c b/readconf.c index 2b1d7cc46..429f69129 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -12,7 +12,7 @@ | |||
12 | */ | 12 | */ |
13 | 13 | ||
14 | #include "includes.h" | 14 | #include "includes.h" |
15 | RCSID("$OpenBSD: readconf.c,v 1.132 2004/06/13 15:03:02 djm Exp $"); | 15 | RCSID("$OpenBSD: readconf.c,v 1.133 2004/06/17 15:10:14 djm Exp $"); |
16 | 16 | ||
17 | #include "ssh.h" | 17 | #include "ssh.h" |
18 | #include "xmalloc.h" | 18 | #include "xmalloc.h" |
@@ -772,7 +772,7 @@ parse_int: | |||
772 | 772 | ||
773 | case oControlMaster: | 773 | case oControlMaster: |
774 | intptr = &options->control_master; | 774 | intptr = &options->control_master; |
775 | goto parse_flag; | 775 | goto parse_yesnoask; |
776 | 776 | ||
777 | case oDeprecated: | 777 | case oDeprecated: |
778 | debug("%s line %d: Deprecated option \"%s\"", | 778 | debug("%s line %d: Deprecated option \"%s\"", |
diff --git a/readpass.c b/readpass.c index fc7629c37..eb4f6fdb6 100644 --- a/readpass.c +++ b/readpass.c | |||
@@ -23,7 +23,7 @@ | |||
23 | */ | 23 | */ |
24 | 24 | ||
25 | #include "includes.h" | 25 | #include "includes.h" |
26 | RCSID("$OpenBSD: readpass.c,v 1.29 2004/05/08 00:21:31 djm Exp $"); | 26 | RCSID("$OpenBSD: readpass.c,v 1.30 2004/06/17 15:10:14 djm Exp $"); |
27 | 27 | ||
28 | #include "xmalloc.h" | 28 | #include "xmalloc.h" |
29 | #include "misc.h" | 29 | #include "misc.h" |
@@ -103,7 +103,9 @@ read_passphrase(const char *prompt, int flags) | |||
103 | int rppflags, use_askpass = 0, ttyfd; | 103 | int rppflags, use_askpass = 0, ttyfd; |
104 | 104 | ||
105 | rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF; | 105 | rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF; |
106 | if (flags & RP_ALLOW_STDIN) { | 106 | if (flags & RP_USE_ASKPASS) |
107 | use_askpass = 1; | ||
108 | else if (flags & RP_ALLOW_STDIN) { | ||
107 | if (!isatty(STDIN_FILENO)) | 109 | if (!isatty(STDIN_FILENO)) |
108 | use_askpass = 1; | 110 | use_askpass = 1; |
109 | } else { | 111 | } else { |
@@ -115,6 +117,9 @@ read_passphrase(const char *prompt, int flags) | |||
115 | use_askpass = 1; | 117 | use_askpass = 1; |
116 | } | 118 | } |
117 | 119 | ||
120 | if ((flags & RP_USE_ASKPASS) && getenv("DISPLAY") == NULL) | ||
121 | return (flags & RP_ALLOW_EOF) ? NULL : xstrdup(""); | ||
122 | |||
118 | if (use_askpass && getenv("DISPLAY")) { | 123 | if (use_askpass && getenv("DISPLAY")) { |
119 | if (getenv(SSH_ASKPASS_ENV)) | 124 | if (getenv(SSH_ASKPASS_ENV)) |
120 | askpass = getenv(SSH_ASKPASS_ENV); | 125 | askpass = getenv(SSH_ASKPASS_ENV); |
@@ -40,7 +40,7 @@ | |||
40 | */ | 40 | */ |
41 | 41 | ||
42 | #include "includes.h" | 42 | #include "includes.h" |
43 | RCSID("$OpenBSD: ssh.c,v 1.215 2004/06/17 14:52:48 djm Exp $"); | 43 | RCSID("$OpenBSD: ssh.c,v 1.216 2004/06/17 15:10:14 djm Exp $"); |
44 | 44 | ||
45 | #include <openssl/evp.h> | 45 | #include <openssl/evp.h> |
46 | #include <openssl/err.h> | 46 | #include <openssl/err.h> |
@@ -1044,7 +1044,7 @@ ssh_control_listener(void) | |||
1044 | mode_t old_umask; | 1044 | mode_t old_umask; |
1045 | int addr_len; | 1045 | int addr_len; |
1046 | 1046 | ||
1047 | if (options.control_path == NULL || options.control_master != 1) | 1047 | if (options.control_path == NULL || options.control_master <= 0) |
1048 | return; | 1048 | return; |
1049 | 1049 | ||
1050 | memset(&addr, '\0', sizeof(addr)); | 1050 | memset(&addr, '\0', sizeof(addr)); |
@@ -1266,6 +1266,9 @@ control_client(const char *path) | |||
1266 | fatal("%s: msg_recv", __func__); | 1266 | fatal("%s: msg_recv", __func__); |
1267 | if (buffer_get_char(&m) != 0) | 1267 | if (buffer_get_char(&m) != 0) |
1268 | fatal("%s: wrong version", __func__); | 1268 | fatal("%s: wrong version", __func__); |
1269 | /* Connection allowed? */ | ||
1270 | if (buffer_get_int(&m) != 1) | ||
1271 | fatal("Connection to master denied"); | ||
1269 | control_server_pid = buffer_get_int(&m); | 1272 | control_server_pid = buffer_get_int(&m); |
1270 | 1273 | ||
1271 | buffer_clear(&m); | 1274 | buffer_clear(&m); |
diff --git a/ssh_config.5 b/ssh_config.5 index bab11d313..3e8c1db06 100644 --- a/ssh_config.5 +++ b/ssh_config.5 | |||
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .\" $OpenBSD: ssh_config.5,v 1.36 2004/06/13 15:03:02 djm Exp $ | 37 | .\" $OpenBSD: ssh_config.5,v 1.37 2004/06/17 15:10:14 djm Exp $ |
38 | .Dd September 25, 1999 | 38 | .Dd September 25, 1999 |
39 | .Dt SSH_CONFIG 5 | 39 | .Dt SSH_CONFIG 5 |
40 | .Os | 40 | .Os |
@@ -273,6 +273,15 @@ set to | |||
273 | (the default.) | 273 | (the default.) |
274 | These sessions will reuse the master instance's network connection rather | 274 | These sessions will reuse the master instance's network connection rather |
275 | than initiating new ones. | 275 | than initiating new ones. |
276 | Setting this to | ||
277 | .Dq ask | ||
278 | will cause | ||
279 | .Nm ssh | ||
280 | to listen for control connections, but require confirmation using the | ||
281 | .Ev SSH_ASKPASS | ||
282 | program before they are accepted (see | ||
283 | .Xr ssh-add 1 | ||
284 | for details) | ||
276 | .It Cm ControlPath | 285 | .It Cm ControlPath |
277 | Specify a the path to the control socket used for connection sharing. | 286 | Specify a the path to the control socket used for connection sharing. |
278 | See | 287 | See |