summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@cvs.openbsd.org>2004-06-17 15:10:15 +0000
committerDamien Miller <djm@cvs.openbsd.org>2004-06-17 15:10:15 +0000
commit3a55c8c87458ea7988be376c7e0ca408b1c1409a (patch)
tree184da3cf2a5f52d63e20e8ed72ea7304bcf9660b
parent523188aba06aeedcd6e58a5499cc1980979a1874 (diff)
Add option for confirmation (ControlMaster=ask) via ssh-askpass before opening
shared connections; ok markus@
-rw-r--r--usr.bin/ssh/clientloop.c38
-rw-r--r--usr.bin/ssh/misc.h3
-rw-r--r--usr.bin/ssh/readconf.c4
-rw-r--r--usr.bin/ssh/readpass.c9
-rw-r--r--usr.bin/ssh/ssh.c7
-rw-r--r--usr.bin/ssh/ssh_config.511
6 files changed, 60 insertions, 12 deletions
diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c
index eb320033130..8f2f270d7d9 100644
--- a/usr.bin/ssh/clientloop.c
+++ b/usr.bin/ssh/clientloop.c
@@ -59,7 +59,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: clientloop.c,v 1.126 2004/06/17 14:52:48 djm Exp $");
+RCSID("$OpenBSD: clientloop.c,v 1.127 2004/06/17 15:10:13 djm Exp $");
#include "ssh.h"
#include "ssh1.h"
@@ -549,7 +549,7 @@ client_extra_session2_setup(int id, void *arg)
client_session2_setup(id, cctx->want_tty, cctx->want_subsys,
cctx->term, &cctx->tio, c->rfd, &cctx->cmd, cctx->env,
client_subsystem_reply);
-
+
c->confirm_ctx = NULL;
buffer_free(&cctx->cmd);
xfree(cctx->term);
@@ -566,7 +566,7 @@ client_process_control(fd_set * readset)
{
Buffer m;
Channel *c;
- int client_fd, new_fd[3], ver, i;
+ int client_fd, new_fd[3], ver, i, allowed;
socklen_t addrlen;
struct sockaddr_storage addr;
struct confirm_ctx *cctx;
@@ -600,23 +600,52 @@ client_process_control(fd_set * readset)
close(client_fd);
return;
}
- /* XXX: implement use of ssh-askpass to confirm additional channels */
+
+ allowed = 1;
+ if (options.control_master == 2) {
+ char *p, prompt[1024];
+
+ allowed = 0;
+ snprintf(prompt, sizeof(prompt),
+ "Allow shared connection to %s? ", host);
+ p = read_passphrase(prompt, RP_USE_ASKPASS|RP_ALLOW_EOF);
+ if (p != NULL) {
+ /*
+ * Accept empty responses and responses consisting
+ * of the word "yes" as affirmative.
+ */
+ if (*p == '\0' || *p == '\n' ||
+ strcasecmp(p, "yes") == 0)
+ allowed = 1;
+ xfree(p);
+ }
+ }
unset_nonblock(client_fd);
buffer_init(&m);
+ buffer_put_int(&m, allowed);
buffer_put_int(&m, getpid());
if (ssh_msg_send(client_fd, /* version */0, &m) == -1) {
error("%s: client msg_send failed", __func__);
close(client_fd);
+ buffer_free(&m);
return;
}
buffer_clear(&m);
+ if (!allowed) {
+ error("Refused control connection");
+ close(client_fd);
+ buffer_free(&m);
+ return;
+ }
+
if (ssh_msg_recv(client_fd, &m) == -1) {
error("%s: client msg_recv failed", __func__);
close(client_fd);
+ buffer_free(&m);
return;
}
@@ -670,6 +699,7 @@ client_process_control(fd_set * readset)
close(new_fd[0]);
close(new_fd[1]);
close(new_fd[2]);
+ buffer_free(&m);
return;
}
buffer_free(&m);
diff --git a/usr.bin/ssh/misc.h b/usr.bin/ssh/misc.h
index 6a4eff13697..ffa8d8f27bd 100644
--- a/usr.bin/ssh/misc.h
+++ b/usr.bin/ssh/misc.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.15 2004/06/14 01:44:39 djm Exp $ */
+/* $OpenBSD: misc.h,v 1.16 2004/06/17 15:10:14 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -43,5 +43,6 @@ char *tilde_expand_filename(const char *, uid_t);
#define RP_ECHO 0x0001
#define RP_ALLOW_STDIN 0x0002
#define RP_ALLOW_EOF 0x0004
+#define RP_USE_ASKPASS 0x0008
char *read_passphrase(const char *, int);
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c
index f39fe35d8ae..199c7becac9 100644
--- a/usr.bin/ssh/readconf.c
+++ b/usr.bin/ssh/readconf.c
@@ -12,7 +12,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.132 2004/06/13 15:03:02 djm Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.133 2004/06/17 15:10:14 djm Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -770,7 +770,7 @@ parse_int:
case oControlMaster:
intptr = &options->control_master;
- goto parse_flag;
+ goto parse_yesnoask;
case oDeprecated:
debug("%s line %d: Deprecated option \"%s\"",
diff --git a/usr.bin/ssh/readpass.c b/usr.bin/ssh/readpass.c
index 3cc94be0399..1a8397c4a8c 100644
--- a/usr.bin/ssh/readpass.c
+++ b/usr.bin/ssh/readpass.c
@@ -23,7 +23,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: readpass.c,v 1.29 2004/05/08 00:21:31 djm Exp $");
+RCSID("$OpenBSD: readpass.c,v 1.30 2004/06/17 15:10:14 djm Exp $");
#include <readpassphrase.h>
@@ -105,7 +105,9 @@ read_passphrase(const char *prompt, int flags)
int rppflags, use_askpass = 0, ttyfd;
rppflags = (flags & RP_ECHO) ? RPP_ECHO_ON : RPP_ECHO_OFF;
- if (flags & RP_ALLOW_STDIN) {
+ if (flags & RP_USE_ASKPASS)
+ use_askpass = 1;
+ else if (flags & RP_ALLOW_STDIN) {
if (!isatty(STDIN_FILENO))
use_askpass = 1;
} else {
@@ -117,6 +119,9 @@ read_passphrase(const char *prompt, int flags)
use_askpass = 1;
}
+ if ((flags & RP_USE_ASKPASS) && getenv("DISPLAY") == NULL)
+ return (flags & RP_ALLOW_EOF) ? NULL : xstrdup("");
+
if (use_askpass && getenv("DISPLAY")) {
if (getenv(SSH_ASKPASS_ENV))
askpass = getenv(SSH_ASKPASS_ENV);
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index 7a1376bf425..f34818916ce 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c
@@ -40,7 +40,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.215 2004/06/17 14:52:48 djm Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.216 2004/06/17 15:10:14 djm Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
@@ -1028,7 +1028,7 @@ ssh_control_listener(void)
struct sockaddr_un addr;
mode_t old_umask;
- if (options.control_path == NULL || options.control_master != 1)
+ if (options.control_path == NULL || options.control_master <= 0)
return;
memset(&addr, '\0', sizeof(addr));
@@ -1250,6 +1250,9 @@ control_client(const char *path)
fatal("%s: msg_recv", __func__);
if (buffer_get_char(&m) != 0)
fatal("%s: wrong version", __func__);
+ /* Connection allowed? */
+ if (buffer_get_int(&m) != 1)
+ fatal("Connection to master denied");
control_server_pid = buffer_get_int(&m);
buffer_clear(&m);
diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5
index bab11d313a9..3e8c1db069e 100644
--- a/usr.bin/ssh/ssh_config.5
+++ b/usr.bin/ssh/ssh_config.5
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.36 2004/06/13 15:03:02 djm Exp $
+.\" $OpenBSD: ssh_config.5,v 1.37 2004/06/17 15:10:14 djm Exp $
.Dd September 25, 1999
.Dt SSH_CONFIG 5
.Os
@@ -273,6 +273,15 @@ set to
(the default.)
These sessions will reuse the master instance's network connection rather
than initiating new ones.
+Setting this to
+.Dq ask
+will cause
+.Nm ssh
+to listen for control connections, but require confirmation using the
+.Ev SSH_ASKPASS
+program before they are accepted (see
+.Xr ssh-add 1
+for details)
.It Cm ControlPath
Specify a the path to the control socket used for connection sharing.
See