diff options
author | Damien Miller <djm@mindrot.org> | 2010-06-26 10:02:24 +1000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2010-06-26 10:02:24 +1000 |
commit | 1ab6a51f9b258a6e844f1ee442c15aec7fcb6a72 (patch) | |
tree | 708954349afa3ef3f1294934443d5773c1b6b53f /clientloop.c | |
parent | 383ffe6c5f31d3ecd89caadc8aef1bc2b821d63a (diff) |
- djm@cvs.openbsd.org 2010/06/25 23:10:30
[ssh.c]
log the hostname and address that we connected to at LogLevel=verbose
after authentication is successful to mitigate "phishing" attacks by
servers with trusted keys that accept authentication silently and
automatically before presenting fake password/passphrase prompts;
"nice!" markus@
Diffstat (limited to 'clientloop.c')
-rw-r--r-- | clientloop.c | 26 |
1 files changed, 20 insertions, 6 deletions
diff --git a/clientloop.c b/clientloop.c index 76de37213..5608bcc2e 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: clientloop.c,v 1.220 2010/04/10 02:08:44 djm Exp $ */ | 1 | /* $OpenBSD: clientloop.c,v 1.221 2010/06/25 23:15:36 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -155,11 +155,12 @@ static int stdin_eof; /* EOF has been encountered on stderr. */ | |||
155 | static Buffer stdin_buffer; /* Buffer for stdin data. */ | 155 | static Buffer stdin_buffer; /* Buffer for stdin data. */ |
156 | static Buffer stdout_buffer; /* Buffer for stdout data. */ | 156 | static Buffer stdout_buffer; /* Buffer for stdout data. */ |
157 | static Buffer stderr_buffer; /* Buffer for stderr data. */ | 157 | static Buffer stderr_buffer; /* Buffer for stderr data. */ |
158 | static u_int buffer_high;/* Soft max buffer size. */ | 158 | static u_int buffer_high; /* Soft max buffer size. */ |
159 | static int connection_in; /* Connection to server (input). */ | 159 | static int connection_in; /* Connection to server (input). */ |
160 | static int connection_out; /* Connection to server (output). */ | 160 | static int connection_out; /* Connection to server (output). */ |
161 | static int need_rekeying; /* Set to non-zero if rekeying is requested. */ | 161 | static int need_rekeying; /* Set to non-zero if rekeying is requested. */ |
162 | static int session_closed = 0; /* In SSH2: login session closed. */ | 162 | static int session_closed; /* In SSH2: login session closed. */ |
163 | static int x11_refuse_time; /* If >0, refuse x11 opens after this time. */ | ||
163 | 164 | ||
164 | static void client_init_dispatch(void); | 165 | static void client_init_dispatch(void); |
165 | int session_ident = -1; | 166 | int session_ident = -1; |
@@ -254,7 +255,7 @@ get_current_time(void) | |||
254 | #define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" | 255 | #define SSH_X11_PROTO "MIT-MAGIC-COOKIE-1" |
255 | void | 256 | void |
256 | client_x11_get_proto(const char *display, const char *xauth_path, | 257 | client_x11_get_proto(const char *display, const char *xauth_path, |
257 | u_int trusted, char **_proto, char **_data) | 258 | u_int trusted, u_int timeout, char **_proto, char **_data) |
258 | { | 259 | { |
259 | char cmd[1024]; | 260 | char cmd[1024]; |
260 | char line[512]; | 261 | char line[512]; |
@@ -264,6 +265,7 @@ client_x11_get_proto(const char *display, const char *xauth_path, | |||
264 | int got_data = 0, generated = 0, do_unlink = 0, i; | 265 | int got_data = 0, generated = 0, do_unlink = 0, i; |
265 | char *xauthdir, *xauthfile; | 266 | char *xauthdir, *xauthfile; |
266 | struct stat st; | 267 | struct stat st; |
268 | u_int now; | ||
267 | 269 | ||
268 | xauthdir = xauthfile = NULL; | 270 | xauthdir = xauthfile = NULL; |
269 | *_proto = proto; | 271 | *_proto = proto; |
@@ -299,11 +301,18 @@ client_x11_get_proto(const char *display, const char *xauth_path, | |||
299 | xauthdir); | 301 | xauthdir); |
300 | snprintf(cmd, sizeof(cmd), | 302 | snprintf(cmd, sizeof(cmd), |
301 | "%s -f %s generate %s " SSH_X11_PROTO | 303 | "%s -f %s generate %s " SSH_X11_PROTO |
302 | " untrusted timeout 1200 2>" _PATH_DEVNULL, | 304 | " untrusted timeout %u 2>" _PATH_DEVNULL, |
303 | xauth_path, xauthfile, display); | 305 | xauth_path, xauthfile, display, timeout); |
304 | debug2("x11_get_proto: %s", cmd); | 306 | debug2("x11_get_proto: %s", cmd); |
305 | if (system(cmd) == 0) | 307 | if (system(cmd) == 0) |
306 | generated = 1; | 308 | generated = 1; |
309 | if (x11_refuse_time == 0) { | ||
310 | now = time(NULL) + 1; | ||
311 | if (UINT_MAX - timeout < now) | ||
312 | x11_refuse_time = UINT_MAX; | ||
313 | else | ||
314 | x11_refuse_time = now + timeout; | ||
315 | } | ||
307 | } | 316 | } |
308 | } | 317 | } |
309 | 318 | ||
@@ -1686,6 +1695,11 @@ client_request_x11(const char *request_type, int rchan) | |||
1686 | "malicious server."); | 1695 | "malicious server."); |
1687 | return NULL; | 1696 | return NULL; |
1688 | } | 1697 | } |
1698 | if (x11_refuse_time != 0 && time(NULL) >= x11_refuse_time) { | ||
1699 | verbose("Rejected X11 connection after ForwardX11Timeout " | ||
1700 | "expired"); | ||
1701 | return NULL; | ||
1702 | } | ||
1689 | originator = packet_get_string(NULL); | 1703 | originator = packet_get_string(NULL); |
1690 | if (datafellows & SSH_BUG_X11FWD) { | 1704 | if (datafellows & SSH_BUG_X11FWD) { |
1691 | debug2("buggy server: x11 request w/o originator_port"); | 1705 | debug2("buggy server: x11 request w/o originator_port"); |