upstream: better terminology for permissions; feedback & ok markus@

OpenBSD-Commit-ID: ffb220b435610741dcb4de0e7fc68cbbdc876d2c
This commit is contained in:
djm@openbsd.org 2020-06-22 05:52:05 +00:00 committed by Damien Miller
parent 00531bb42f
commit fc270baf26
3 changed files with 37 additions and 37 deletions

View File

@ -1,4 +1,4 @@
/* $OpenBSD: sftp-server.c,v 1.117 2019/07/05 04:55:40 djm Exp $ */ /* $OpenBSD: sftp-server.c,v 1.118 2020/06/22 05:52:05 djm Exp $ */
/* /*
* Copyright (c) 2000-2004 Markus Friedl. All rights reserved. * Copyright (c) 2000-2004 Markus Friedl. All rights reserved.
* *
@ -74,7 +74,7 @@ static int init_done;
static int readonly; static int readonly;
/* Requests that are allowed/denied */ /* Requests that are allowed/denied */
static char *request_whitelist, *request_blacklist; static char *request_allowlist, *request_denylist;
/* portable attributes, etc. */ /* portable attributes, etc. */
typedef struct Stat Stat; typedef struct Stat Stat;
@ -164,20 +164,20 @@ request_permitted(const struct sftp_handler *h)
verbose("Refusing %s request in read-only mode", h->name); verbose("Refusing %s request in read-only mode", h->name);
return 0; return 0;
} }
if (request_blacklist != NULL && if (request_denylist != NULL &&
((result = match_list(h->name, request_blacklist, NULL))) != NULL) { ((result = match_list(h->name, request_denylist, NULL))) != NULL) {
free(result); free(result);
verbose("Refusing blacklisted %s request", h->name); verbose("Refusing denylisted %s request", h->name);
return 0; return 0;
} }
if (request_whitelist != NULL && if (request_allowlist != NULL &&
((result = match_list(h->name, request_whitelist, NULL))) != NULL) { ((result = match_list(h->name, request_allowlist, NULL))) != NULL) {
free(result); free(result);
debug2("Permitting whitelisted %s request", h->name); debug2("Permitting allowlisted %s request", h->name);
return 1; return 1;
} }
if (request_whitelist != NULL) { if (request_allowlist != NULL) {
verbose("Refusing non-whitelisted %s request", h->name); verbose("Refusing non-allowlisted %s request", h->name);
return 0; return 0;
} }
return 1; return 1;
@ -1556,8 +1556,8 @@ sftp_server_usage(void)
fprintf(stderr, fprintf(stderr,
"usage: %s [-ehR] [-d start_directory] [-f log_facility] " "usage: %s [-ehR] [-d start_directory] [-f log_facility] "
"[-l log_level]\n\t[-P blacklisted_requests] " "[-l log_level]\n\t[-P denied_requests] "
"[-p whitelisted_requests] [-u umask]\n" "[-p allowed_requests] [-u umask]\n"
" %s -Q protocol_feature\n", " %s -Q protocol_feature\n",
__progname, __progname); __progname, __progname);
exit(1); exit(1);
@ -1627,14 +1627,14 @@ sftp_server_main(int argc, char **argv, struct passwd *user_pw)
free(cp); free(cp);
break; break;
case 'p': case 'p':
if (request_whitelist != NULL) if (request_allowlist != NULL)
fatal("Permitted requests already set"); fatal("Permitted requests already set");
request_whitelist = xstrdup(optarg); request_allowlist = xstrdup(optarg);
break; break;
case 'P': case 'P':
if (request_blacklist != NULL) if (request_denylist != NULL)
fatal("Refused requests already set"); fatal("Refused requests already set");
request_blacklist = xstrdup(optarg); request_denylist = xstrdup(optarg);
break; break;
case 'u': case 'u':
errno = 0; errno = 0;

View File

@ -1,4 +1,4 @@
.\" $OpenBSD: ssh-agent.1,v 1.71 2020/06/19 07:21:42 dtucker Exp $ .\" $OpenBSD: ssh-agent.1,v 1.72 2020/06/22 05:52:05 djm Exp $
.\" .\"
.\" Author: Tatu Ylonen <ylo@cs.hut.fi> .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.Dd $Mdocdate: June 19 2020 $ .Dd $Mdocdate: June 22 2020 $
.Dt SSH-AGENT 1 .Dt SSH-AGENT 1
.Os .Os
.Sh NAME .Sh NAME
@ -46,12 +46,12 @@
.Op Fl \&Dd .Op Fl \&Dd
.Op Fl a Ar bind_address .Op Fl a Ar bind_address
.Op Fl E Ar fingerprint_hash .Op Fl E Ar fingerprint_hash
.Op Fl P Ar provider_whitelist .Op Fl P Ar allowed_providers
.Op Fl t Ar life .Op Fl t Ar life
.Nm ssh-agent .Nm ssh-agent
.Op Fl a Ar bind_address .Op Fl a Ar bind_address
.Op Fl E Ar fingerprint_hash .Op Fl E Ar fingerprint_hash
.Op Fl P Ar provider_whitelist .Op Fl P Ar allowed_providers
.Op Fl t Ar life .Op Fl t Ar life
.Ar command Op Ar arg ... .Ar command Op Ar arg ...
.Nm ssh-agent .Nm ssh-agent
@ -102,19 +102,19 @@ The default is
Kill the current agent (given by the Kill the current agent (given by the
.Ev SSH_AGENT_PID .Ev SSH_AGENT_PID
environment variable). environment variable).
.It Fl P Ar provider_whitelist .It Fl P Ar allowed_providers
Specify a pattern-list of acceptable paths for PKCS#11 and FIDO authenticator Specify a pattern-list of acceptable paths for PKCS#11 provider and FIDO
shared libraries that may be used with the authenticator middleware shared libraries that may be used with the
.Fl S .Fl S
or or
.Fl s .Fl s
options to options to
.Xr ssh-add 1 . .Xr ssh-add 1 .
Libraries that do not match the whitelist will be refused. Libraries that do not match the pattern list will be refused.
See PATTERNS in See PATTERNS in
.Xr ssh_config 5 .Xr ssh_config 5
for a description of pattern-list syntax. for a description of pattern-list syntax.
The default whitelist is The default list is
.Dq /usr/lib/*,/usr/local/lib/* . .Dq /usr/lib/*,/usr/local/lib/* .
.It Fl s .It Fl s
Generate Bourne shell commands on Generate Bourne shell commands on

View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh-agent.c,v 1.259 2020/06/19 07:21:42 dtucker Exp $ */ /* $OpenBSD: ssh-agent.c,v 1.260 2020/06/22 05:52:05 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -150,8 +150,8 @@ pid_t cleanup_pid = 0;
char socket_name[PATH_MAX]; char socket_name[PATH_MAX];
char socket_dir[PATH_MAX]; char socket_dir[PATH_MAX];
/* PKCS#11/Security key path whitelist */ /* Pattern-list of allowed PKCS#11/Security key paths */
static char *provider_whitelist; static char *allowed_providers;
/* locking */ /* locking */
#define LOCK_SIZE 32 #define LOCK_SIZE 32
@ -612,9 +612,9 @@ process_add_identity(SocketEntry *e)
free(sk_provider); free(sk_provider);
sk_provider = xstrdup(canonical_provider); sk_provider = xstrdup(canonical_provider);
if (match_pattern_list(sk_provider, if (match_pattern_list(sk_provider,
provider_whitelist, 0) != 1) { allowed_providers, 0) != 1) {
error("Refusing add key: " error("Refusing add key: "
"provider %s not whitelisted", sk_provider); "provider %s not allowed", sk_provider);
free(sk_provider); free(sk_provider);
goto send; goto send;
} }
@ -769,9 +769,9 @@ process_add_smartcard_key(SocketEntry *e)
provider, strerror(errno)); provider, strerror(errno));
goto send; goto send;
} }
if (match_pattern_list(canonical_provider, provider_whitelist, 0) != 1) { if (match_pattern_list(canonical_provider, allowed_providers, 0) != 1) {
verbose("refusing PKCS#11 add of \"%.100s\": " verbose("refusing PKCS#11 add of \"%.100s\": "
"provider not whitelisted", canonical_provider); "provider not allowed", canonical_provider);
goto send; goto send;
} }
debug("%s: add %.100s", __func__, canonical_provider); debug("%s: add %.100s", __func__, canonical_provider);
@ -1255,7 +1255,7 @@ usage(void)
fprintf(stderr, fprintf(stderr,
"usage: ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash]\n" "usage: ssh-agent [-c | -s] [-Dd] [-a bind_address] [-E fingerprint_hash]\n"
" [-P provider_whitelist] [-t life]\n" " [-P provider_whitelist] [-t life]\n"
" ssh-agent [-a bind_address] [-E fingerprint_hash] [-P provider_whitelist]\n" " ssh-agent [-a bind_address] [-E fingerprint_hash] [-P allowed_providers]\n"
" [-t life] command [arg ...]\n" " [-t life] command [arg ...]\n"
" ssh-agent [-c | -s] -k\n"); " ssh-agent [-c | -s] -k\n");
exit(1); exit(1);
@ -1320,9 +1320,9 @@ main(int ac, char **av)
fatal("Unknown -O option"); fatal("Unknown -O option");
break; break;
case 'P': case 'P':
if (provider_whitelist != NULL) if (allowed_providers != NULL)
fatal("-P option already specified"); fatal("-P option already specified");
provider_whitelist = xstrdup(optarg); allowed_providers = xstrdup(optarg);
break; break;
case 's': case 's':
if (c_flag) if (c_flag)
@ -1358,8 +1358,8 @@ main(int ac, char **av)
if (ac > 0 && (c_flag || k_flag || s_flag || d_flag || D_flag)) if (ac > 0 && (c_flag || k_flag || s_flag || d_flag || D_flag))
usage(); usage();
if (provider_whitelist == NULL) if (allowed_providers == NULL)
provider_whitelist = xstrdup(DEFAULT_PROVIDER_WHITELIST); allowed_providers = xstrdup(DEFAULT_PROVIDER_WHITELIST);
if (ac == 0 && !c_flag && !s_flag) { if (ac == 0 && !c_flag && !s_flag) {
shell = getenv("SHELL"); shell = getenv("SHELL");