tyler.durden/openssh-portable
1
0
Fork 0
mirror of https://github.com/PowerShell/openssh-portable.git synced 2025-07-28 16:24:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

upstream: New EnableEscapeCommandline ssh_config(5) option

Browse Source 
This option (default "no") controls whether the ~C escape is available.
Turning it off by default means we will soon be able to use a stricter
default pledge(2) in the client.

feedback deraadt@ dtucker@; tested in snaps for a while

OpenBSD-Commit-ID: 7e277595d60acb8263118dcb66554472257b387a
This commit is contained in:
djm@openbsd.org 2022-11-28 01:37:36 +00:00 committed by Darren Tucker
parent d323f7ecf5
commit f7cebbbf40
No known key found for this signature in database
5 changed files with 35 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
clientloop.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: clientloop.c,v 1.382 2022/11/10 23:03:10 dtucker Exp $ */ /* $OpenBSD: clientloop.c,v 1.383 2022/11/28 01:37:36 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -887,6 +887,7 @@ out:
#define SUPPRESS_MUXCLIENT 1 /* don't show in mux client sessions */ #define SUPPRESS_MUXCLIENT 1 /* don't show in mux client sessions */
#define SUPPRESS_MUXMASTER 2 /* don't show in mux master sessions */ #define SUPPRESS_MUXMASTER 2 /* don't show in mux master sessions */
#define SUPPRESS_SYSLOG 4 /* don't show when logging to syslog */ #define SUPPRESS_SYSLOG 4 /* don't show when logging to syslog */
#define SUPPRESS_NOCMDLINE 8 /* don't show when cmdline disabled*/
struct escape_help_text { struct escape_help_text {
const char *cmd; const char *cmd;
const char *text; const char *text;
@ -897,7 +898,7 @@ static struct escape_help_text esc_txt[] = {
{".", "terminate connection (and any multiplexed sessions)", {".", "terminate connection (and any multiplexed sessions)",
SUPPRESS_MUXCLIENT}, SUPPRESS_MUXCLIENT},
{"B", "send a BREAK to the remote system", SUPPRESS_NEVER}, {"B", "send a BREAK to the remote system", SUPPRESS_NEVER},
{"C", "open a command line", SUPPRESS_MUXCLIENT}, {"C", "open a command line", SUPPRESS_MUXCLIENT|SUPPRESS_NOCMDLINE},
{"R", "request rekey", SUPPRESS_NEVER}, {"R", "request rekey", SUPPRESS_NEVER},
{"V/v", "decrease/increase verbosity (LogLevel)", SUPPRESS_MUXCLIENT}, {"V/v", "decrease/increase verbosity (LogLevel)", SUPPRESS_MUXCLIENT},
{"^Z", "suspend ssh", SUPPRESS_MUXCLIENT}, {"^Z", "suspend ssh", SUPPRESS_MUXCLIENT},
@ -921,7 +922,8 @@ print_escape_help(struct sshbuf *b, int escape_char, int mux_client,
suppress_flags = suppress_flags =
(mux_client ? SUPPRESS_MUXCLIENT : 0) | (mux_client ? SUPPRESS_MUXCLIENT : 0) |
(mux_client ? 0 : SUPPRESS_MUXMASTER) | (mux_client ? 0 : SUPPRESS_MUXMASTER) |
(using_stderr ? 0 : SUPPRESS_SYSLOG); (using_stderr ? 0 : SUPPRESS_SYSLOG) |
(options.enable_escape_commandline == 0 ? SUPPRESS_NOCMDLINE : 0);
for (i = 0; i < sizeof(esc_txt)/sizeof(esc_txt[0]); i++) { for (i = 0; i < sizeof(esc_txt)/sizeof(esc_txt[0]); i++) {
if (esc_txt[i].flags & suppress_flags) if (esc_txt[i].flags & suppress_flags)
@ -1115,6 +1117,12 @@ process_escapes(struct ssh *ssh, Channel *c,
case 'C': case 'C':
if (c && c->ctl_chan != -1) if (c && c->ctl_chan != -1)
goto noescape; goto noescape;
if (options.enable_escape_commandline == 0) {
if ((r = sshbuf_putf(berr,
"commandline disabled\r\n")) != 0)
fatal_fr(r, "sshbuf_putf");
continue;
}
process_cmdline(ssh); process_cmdline(ssh);
continue; continue;

12
readconf.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: readconf.c,v 1.369 2022/09/17 10:33:18 djm Exp $ */ /* $OpenBSD: readconf.c,v 1.370 2022/11/28 01:37:36 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -175,6 +175,7 @@ typedef enum {
oFingerprintHash, oUpdateHostkeys, oHostbasedAcceptedAlgorithms, oFingerprintHash, oUpdateHostkeys, oHostbasedAcceptedAlgorithms,
oPubkeyAcceptedAlgorithms, oCASignatureAlgorithms, oProxyJump, oPubkeyAcceptedAlgorithms, oCASignatureAlgorithms, oProxyJump,
oSecurityKeyProvider, oKnownHostsCommand, oRequiredRSASize, oSecurityKeyProvider, oKnownHostsCommand, oRequiredRSASize,
oEnableEscapeCommandline,
oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported
} OpCodes; } OpCodes;
@ -321,6 +322,7 @@ static struct {
{ "securitykeyprovider", oSecurityKeyProvider }, { "securitykeyprovider", oSecurityKeyProvider },
{ "knownhostscommand", oKnownHostsCommand }, { "knownhostscommand", oKnownHostsCommand },
{ "requiredrsasize", oRequiredRSASize }, { "requiredrsasize", oRequiredRSASize },
{ "enableescapecommandline", oEnableEscapeCommandline },
{ NULL, oBadOption } { NULL, oBadOption }
}; };
@ -2177,6 +2179,10 @@ parse_pubkey_algos:
*charptr = xstrdup(arg); *charptr = xstrdup(arg);
break; break;
case oEnableEscapeCommandline:
intptr = &options->enable_escape_commandline;
goto parse_flag;
case oRequiredRSASize: case oRequiredRSASize:
intptr = &options->required_rsa_size; intptr = &options->required_rsa_size;
goto parse_int; goto parse_int;
@ -2429,6 +2435,7 @@ initialize_options(Options * options)
options->pubkey_accepted_algos = NULL; options->pubkey_accepted_algos = NULL;
options->known_hosts_command = NULL; options->known_hosts_command = NULL;
options->required_rsa_size = -1; options->required_rsa_size = -1;
options->enable_escape_commandline = -1;
} }
/* /*
@ -2627,6 +2634,8 @@ fill_default_options(Options * options)
#endif #endif
if (options->required_rsa_size == -1) if (options->required_rsa_size == -1)
options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE; options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE;
if (options->enable_escape_commandline == -1)
options->enable_escape_commandline = 0;
/* Expand KEX name lists */ /* Expand KEX name lists */
all_cipher = cipher_alg_list(',', 0); all_cipher = cipher_alg_list(',', 0);
@ -3308,6 +3317,7 @@ dump_client_config(Options *o, const char *host)
dump_cfg_fmtint(oVerifyHostKeyDNS, o->verify_host_key_dns); dump_cfg_fmtint(oVerifyHostKeyDNS, o->verify_host_key_dns);
dump_cfg_fmtint(oVisualHostKey, o->visual_host_key); dump_cfg_fmtint(oVisualHostKey, o->visual_host_key);
dump_cfg_fmtint(oUpdateHostkeys, o->update_hostkeys); dump_cfg_fmtint(oUpdateHostkeys, o->update_hostkeys);
dump_cfg_fmtint(oEnableEscapeCommandline, o->enable_escape_commandline);
/* Integer options */ /* Integer options */
dump_cfg_int(oCanonicalizeMaxDots, o->canonicalize_max_dots); dump_cfg_int(oCanonicalizeMaxDots, o->canonicalize_max_dots);

3
readconf.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: readconf.h,v 1.148 2022/09/17 10:33:18 djm Exp $ */ /* $OpenBSD: readconf.h,v 1.149 2022/11/28 01:37:36 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
@ -177,6 +177,7 @@ typedef struct {
char *known_hosts_command; char *known_hosts_command;
int required_rsa_size; /* minimum size of RSA keys */ int required_rsa_size; /* minimum size of RSA keys */
int enable_escape_commandline; /* ~C commandline */
char *ignored_unknown; /* Pattern list of unknown tokens to ignore */ char *ignored_unknown; /* Pattern list of unknown tokens to ignore */
} Options; } Options;

5
ssh.1
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: ssh.1,v 1.432 2022/09/17 10:33:18 djm Exp $ .\" $OpenBSD: ssh.1,v 1.433 2022/11/28 01:37:36 djm Exp $
.Dd $Mdocdate: September 17 2022 $ .Dd $Mdocdate: November 28 2022 $
.Dt SSH 1 .Dt SSH 1
.Os .Os
.Sh NAME .Sh NAME
@ -522,6 +522,7 @@ For full details of the options listed below, and their possible values, see
.It ControlPath .It ControlPath
.It ControlPersist .It ControlPersist
.It DynamicForward .It DynamicForward
.It EnableEscapeCommandline
.It EscapeChar .It EscapeChar
.It ExitOnForwardFailure .It ExitOnForwardFailure
.It FingerprintHash .It FingerprintHash

10
ssh_config.5
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: ssh_config.5,v 1.375 2022/11/07 10:09:28 dtucker Exp $ .\" $OpenBSD: ssh_config.5,v 1.376 2022/11/28 01:37:36 djm Exp $
.Dd $Mdocdate: November 7 2022 $ .Dd $Mdocdate: November 28 2022 $
.Dt SSH_CONFIG 5 .Dt SSH_CONFIG 5
.Os .Os
.Sh NAME .Sh NAME
@ -643,6 +643,12 @@ will act as a SOCKS server.
Multiple forwardings may be specified, and Multiple forwardings may be specified, and
additional forwardings can be given on the command line. additional forwardings can be given on the command line.
Only the superuser can forward privileged ports. Only the superuser can forward privileged ports.
.It Cm EnableEscapeCommandline
Enables the command line option in the
.Cm EscapeChar
menu for interactive sessions (default
.Ql ~C ) .
By default, the command line is disabled.
.It Cm EnableSSHKeysign .It Cm EnableSSHKeysign
Setting this option to Setting this option to
.Cm yes .Cm yes