diff options
-rw-r--r-- | sftp-server.c | 32 | ||||
-rw-r--r-- | ssh-agent.1 | 18 | ||||
-rw-r--r-- | ssh-agent.c | 24 |
3 files changed, 37 insertions, 37 deletions
diff --git a/sftp-server.c b/sftp-server.c index 359204fa7..b1d8c88cb 100644 --- a/sftp-server.c +++ b/sftp-server.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: sftp-server.c,v 1.117 2019/07/05 04:55:40 djm Exp $ */ | 1 | /* $OpenBSD: sftp-server.c,v 1.118 2020/06/22 05:52:05 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000-2004 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -74,7 +74,7 @@ static int init_done; | |||
74 | static int readonly; | 74 | static int readonly; |
75 | 75 | ||
76 | /* Requests that are allowed/denied */ | 76 | /* Requests that are allowed/denied */ |
77 | static char *request_whitelist, *request_blacklist; | 77 | static char *request_allowlist, *request_denylist; |
78 | 78 | ||
79 | /* portable attributes, etc. */ | 79 | /* portable attributes, etc. */ |
80 | typedef struct Stat Stat; | 80 | typedef struct Stat Stat; |
@@ -164,20 +164,20 @@ request_permitted(const struct sftp_handler *h) | |||
164 | verbose("Refusing %s request in read-only mode", h->name); | 164 | verbose("Refusing %s request in read-only mode", h->name); |
165 | return 0; | 165 | return 0; |
166 | } | 166 | } |
167 | if (request_blacklist != NULL && | 167 | if (request_denylist != NULL && |
168 | ((result = match_list(h->name, request_blacklist, NULL))) != NULL) { | 168 | ((result = match_list(h->name, request_denylist, NULL))) != NULL) { |
169 | free(result); | 169 | free(result); |
170 | verbose("Refusing blacklisted %s request", h->name); | 170 | verbose("Refusing denylisted %s request", h->name); |
171 | return 0; | 171 | return 0; |
172 | } | 172 | } |
173 | if (request_whitelist != NULL && | 173 | if (request_allowlist != NULL && |
174 | ((result = match_list(h->name, request_whitelist, NULL))) != NULL) { | 174 | ((result = match_list(h->name, request_allowlist, NULL))) != NULL) { |
175 | free(result); | 175 | free(result); |
176 | debug2("Permitting whitelisted %s request", h->name); | 176 | debug2("Permitting allowlisted %s request", h->name); |
177 | return 1; | 177 | return 1; |
178 | } | 178 | } |
179 | if (request_whitelist != NULL) { | 179 | if (request_allowlist != NULL) { |
180 | verbose("Refusing non-whitelisted %s request", h->name); | 180 | verbose("Refusing non-allowlisted %s request", h->name); |
181 | return 0; | 181 | return 0; |
182 | } | 182 | } |
183 | return 1; | 183 | return 1; |
@@ -1556,8 +1556,8 @@ sftp_server_usage(void) | |||
1556 | 1556 | ||
1557 | fprintf(stderr, | 1557 | fprintf(stderr, |
1558 | "usage: %s [-ehR] [-d start_directory] [-f log_facility] " | 1558 | "usage: %s [-ehR] [-d start_directory] [-f log_facility] " |
1559 | "[-l log_level]\n\t[-P blacklisted_requests] " | 1559 | "[-l log_level]\n\t[-P denied_requests] " |
1560 | "[-p whitelisted_requests] [-u umask]\n" | 1560 | "[-p allowed_requests] [-u umask]\n" |
1561 | " %s -Q protocol_feature\n", | 1561 | " %s -Q protocol_feature\n", |
1562 | __progname, __progname); | 1562 | __progname, __progname); |
1563 | exit(1); | 1563 | exit(1); |
@@ -1627,14 +1627,14 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw) | |||
1627 | free(cp); | 1627 | free(cp); |
1628 | break; | 1628 | break; |
1629 | case 'p': | 1629 | case 'p': |
1630 | if (request_whitelist != NULL) | 1630 | if (request_allowlist != NULL) |
1631 | fatal("Permitted requests already set"); | 1631 | fatal("Permitted requests already set"); |
1632 | request_whitelist = xstrdup(optarg); | 1632 | request_allowlist = xstrdup(optarg); |
1633 | break; | 1633 | break; |
1634 | case 'P': | 1634 | case 'P': |
1635 | if (request_blacklist != NULL) | 1635 | if (request_denylist != NULL) |
1636 | fatal("Refused requests already set"); | 1636 | fatal("Refused requests already set"); |
1637 | request_blacklist = xstrdup(optarg); | 1637 | request_denylist = xstrdup(optarg); |
1638 | break; | 1638 | break; |
1639 | case 'u': | 1639 | case 'u': |
1640 | errno = 0; | 1640 | errno = 0; |
diff --git a/ssh-agent.1 b/ssh-agent.1 index 8e9295e9d..2cf46160b 100644 --- a/ssh-agent.1 +++ b/ssh-agent.1 | |||
@@ -1,4 +1,4 @@ | |||
1 | .\" $OpenBSD: ssh-agent.1,v 1.71 2020/06/19 07:21:42 dtucker Exp $ | 1 | .\" $OpenBSD: ssh-agent.1,v 1.72 2020/06/22 05:52:05 djm Exp $ |
2 | .\" | 2 | .\" |
3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | .\" Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -34,7 +34,7 @@ | |||
34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF | 34 | .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF |
35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. | 35 | .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. |
36 | .\" | 36 | .\" |
37 | .Dd $Mdocdate: June 19 2020 $ | 37 | .Dd $Mdocdate: June 22 2020 $ |
38 | .Dt SSH-AGENT 1 | 38 | .Dt SSH-AGENT 1 |
39 | .Os | 39 | .Os |
40 | .Sh NAME | 40 | .Sh NAME |
@@ -46,12 +46,12 @@ | |||
46 | .Op Fl \&Dd | 46 | .Op Fl \&Dd |
47 | .Op Fl a Ar bind_address | 47 | .Op Fl a Ar bind_address |
48 | .Op Fl E Ar fingerprint_hash | 48 | .Op Fl E Ar fingerprint_hash |
49 | .Op Fl P Ar provider_whitelist | 49 | .Op Fl P Ar allowed_providers |
50 | .Op Fl t Ar life | 50 | .Op Fl t Ar life |
51 | .Nm ssh-agent | 51 | .Nm ssh-agent |
52 | .Op Fl a Ar bind_address | 52 | .Op Fl a Ar bind_address |
53 | .Op Fl E Ar fingerprint_hash | 53 | .Op Fl E Ar fingerprint_hash |
54 | .Op Fl P Ar provider_whitelist | 54 | .Op Fl P Ar allowed_providers |
55 | .Op Fl t Ar life | 55 | .Op Fl t Ar life |
56 | .Ar command Op Ar arg ... | 56 | .Ar command Op Ar arg ... |
57 | .Nm ssh-agent | 57 | .Nm ssh-agent |
@@ -102,19 +102,19 @@ The default is | |||
102 | Kill the current agent (given by the | 102 | Kill the current agent (given by the |
103 | .Ev SSH_AGENT_PID | 103 | .Ev SSH_AGENT_PID |
104 | environment variable). | 104 | environment variable). |
105 | .It Fl P Ar provider_whitelist | 105 | .It Fl P Ar allowed_providers |
106 | Specify a pattern-list of acceptable paths for PKCS#11 and FIDO authenticator | 106 | Specify a pattern-list of acceptable paths for PKCS#11 provider and FIDO |
107 | shared libraries that may be used with the | 107 | authenticator middleware shared libraries that may be used with the |
108 | .Fl S | 108 | .Fl S |
109 | or | 109 | or |
110 | .Fl s | 110 | .Fl s |
111 | options to | 111 | options to |
112 | .Xr ssh-add 1 . | 112 | .Xr ssh-add 1 . |
113 | Libraries that do not match the whitelist will be refused. | 113 | Libraries that do not match the pattern list will be refused. |
114 | See PATTERNS in | 114 | See PATTERNS in |
115 | .Xr ssh_config 5 | 115 | .Xr ssh_config 5 |
116 | for a description of pattern-list syntax. | 116 | for a description of pattern-list syntax. |
117 | The default whitelist is | 117 | The default list is |
118 | .Dq /usr/lib/*,/usr/local/lib/* . | 118 | .Dq /usr/lib/*,/usr/local/lib/* . |
119 | .It Fl s | 119 | .It Fl s |
120 | Generate Bourne shell commands on | 120 | Generate Bourne shell commands on |
diff --git a/ssh-agent.c b/ssh-agent.c index 596c39582..d2f00e5ba 100644 --- a/ssh-agent.c +++ b/ssh-agent.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-agent.c,v 1.259 2020/06/19 07:21:42 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh-agent.c,v 1.260 2020/06/22 05:52:05 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -150,8 +150,8 @@ pid_t cleanup_pid = 0; | |||
150 | char socket_name[PATH_MAX]; | 150 | char socket_name[PATH_MAX]; |
151 | char socket_dir[PATH_MAX]; | 151 | char socket_dir[PATH_MAX]; |
152 | 152 | ||
153 | /* PKCS#11/Security key path whitelist */ | 153 | /* Pattern-list of allowed PKCS#11/Security key paths */ |
154 | static char *provider_whitelist; | 154 | static char *allowed_providers; |
155 | 155 | ||
156 | /* locking */ | 156 | /* locking */ |
157 | #define LOCK_SIZE 32 | 157 | #define LOCK_SIZE 32 |
@@ -612,9 +612,9 @@ process_add_identity(SocketEntry *e) | |||
612 | free(sk_provider); | 612 | free(sk_provider); |
613 | sk_provider = xstrdup(canonical_provider); | 613 | sk_provider = xstrdup(canonical_provider); |
614 | if (match_pattern_list(sk_provider, | 614 | if (match_pattern_list(sk_provider, |
615 | provider_whitelist, 0) != 1) { | 615 | allowed_providers, 0) != 1) { |
616 | error("Refusing add key: " | 616 | error("Refusing add key: " |
617 | "provider %s not whitelisted", sk_provider); | 617 | "provider %s not allowed", sk_provider); |
618 | free(sk_provider); | 618 | free(sk_provider); |
619 | goto send; | 619 | goto send; |
620 | } | 620 | } |
@@ -769,9 +769,9 @@ process_add_smartcard_key(SocketEntry *e) | |||
769 | provider, strerror(errno)); | 769 | provider, strerror(errno)); |
770 | goto send; | 770 | goto send; |
771 | } | 771 | } |
772 | if (match_pattern_list(canonical_provider, provider_whitelist, 0) != 1) { | 772 | if (match_pattern_list(canonical_provider, allowed_providers, 0) != 1) { |
773 | verbose("refusing PKCS#11 add of \"%.100s\": " | 773 | verbose("refusing PKCS#11 add of \"%.100s\": " |
774 | "provider not whitelisted", canonical_provider); | 774 | "provider not allowed", canonical_provider); |
775 | goto send; | 775 | goto send; |
776 | } | 776 | } |
777 | debug("%s: add %.100s", __func__, canonical_provider); | 777 | debug("%s: add %.100s", __func__, canonical_provider); |
@@ -1255,7 +1255,7 @@ usage(void) | |||
1255 | fprintf(stderr, | 1255 | fprintf(stderr, |
1256 | "usage: ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash]\n" | 1256 | "usage: ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash]\n" |
1257 | " [-P provider_whitelist] [-t life]\n" | 1257 | " [-P provider_whitelist] [-t life]\n" |
1258 | " ssh-agent [-a bind_address] [-E fingerprint_hash] [-P provider_whitelist]\n" | 1258 | " ssh-agent [-a bind_address] [-E fingerprint_hash] [-P allowed_providers]\n" |
1259 | " [-t life] command [arg ...]\n" | 1259 | " [-t life] command [arg ...]\n" |
1260 | " ssh-agent [-c | -s] -k\n"); | 1260 | " ssh-agent [-c | -s] -k\n"); |
1261 | exit(1); | 1261 | exit(1); |
@@ -1320,9 +1320,9 @@ main(int ac, char **av) | |||
1320 | fatal("Unknown -O option"); | 1320 | fatal("Unknown -O option"); |
1321 | break; | 1321 | break; |
1322 | case 'P': | 1322 | case 'P': |
1323 | if (provider_whitelist != NULL) | 1323 | if (allowed_providers != NULL) |
1324 | fatal("-P option already specified"); | 1324 | fatal("-P option already specified"); |
1325 | provider_whitelist = xstrdup(optarg); | 1325 | allowed_providers = xstrdup(optarg); |
1326 | break; | 1326 | break; |
1327 | case 's': | 1327 | case 's': |
1328 | if (c_flag) | 1328 | if (c_flag) |
@@ -1358,8 +1358,8 @@ main(int ac, char **av) | |||
1358 | if (ac > 0 && (c_flag || k_flag || s_flag || d_flag || D_flag)) | 1358 | if (ac > 0 && (c_flag || k_flag || s_flag || d_flag || D_flag)) |
1359 | usage(); | 1359 | usage(); |
1360 | 1360 | ||
1361 | if (provider_whitelist == NULL) | 1361 | if (allowed_providers == NULL) |
1362 | provider_whitelist = xstrdup(DEFAULT_PROVIDER_WHITELIST); | 1362 | allowed_providers = xstrdup(DEFAULT_PROVIDER_WHITELIST); |
1363 | 1363 | ||
1364 | if (ac == 0 && !c_flag && !s_flag) { | 1364 | if (ac == 0 && !c_flag && !s_flag) { |
1365 | shell = getenv("SHELL"); | 1365 | shell = getenv("SHELL"); |