[openssh-commits] [openssh] 02/04: upstream: New EnableEscapeCommandline ssh_config(5) option
git+noreply at mindrot.org
git+noreply at mindrot.org
Wed Nov 30 12:16:48 AEDT 2022
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit f7cebbbf407d772ed71403d314343766782fe540
Author: djm at openbsd.org <djm at openbsd.org>
Date: Mon Nov 28 01:37:36 2022 +0000
upstream: New EnableEscapeCommandline ssh_config(5) option
This option (default "no") controls whether the ~C escape is available.
Turning it off by default means we will soon be able to use a stricter
default pledge(2) in the client.
feedback deraadt@ dtucker@; tested in snaps for a while
OpenBSD-Commit-ID: 7e277595d60acb8263118dcb66554472257b387a
---
clientloop.c | 14 +++++++++++---
readconf.c | 12 +++++++++++-
readconf.h | 3 ++-
ssh.1 | 5 +++--
ssh_config.5 | 10 ++++++++--
5 files changed, 35 insertions(+), 9 deletions(-)
diff --git a/clientloop.c b/clientloop.c
index 02349ccb..3cc185b6 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.382 2022/11/10 23:03:10 dtucker Exp $ */
+/* $OpenBSD: clientloop.c,v 1.383 2022/11/28 01:37:36 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -887,6 +887,7 @@ out:
#define SUPPRESS_MUXCLIENT 1 /* don't show in mux client sessions */
#define SUPPRESS_MUXMASTER 2 /* don't show in mux master sessions */
#define SUPPRESS_SYSLOG 4 /* don't show when logging to syslog */
+#define SUPPRESS_NOCMDLINE 8 /* don't show when cmdline disabled*/
struct escape_help_text {
const char *cmd;
const char *text;
@@ -897,7 +898,7 @@ static struct escape_help_text esc_txt[] = {
{".", "terminate connection (and any multiplexed sessions)",
SUPPRESS_MUXCLIENT},
{"B", "send a BREAK to the remote system", SUPPRESS_NEVER},
- {"C", "open a command line", SUPPRESS_MUXCLIENT},
+ {"C", "open a command line", SUPPRESS_MUXCLIENT|SUPPRESS_NOCMDLINE},
{"R", "request rekey", SUPPRESS_NEVER},
{"V/v", "decrease/increase verbosity (LogLevel)", SUPPRESS_MUXCLIENT},
{"^Z", "suspend ssh", SUPPRESS_MUXCLIENT},
@@ -921,7 +922,8 @@ print_escape_help(struct sshbuf *b, int escape_char, int mux_client,
suppress_flags =
(mux_client ? SUPPRESS_MUXCLIENT : 0) |
(mux_client ? 0 : SUPPRESS_MUXMASTER) |
- (using_stderr ? 0 : SUPPRESS_SYSLOG);
+ (using_stderr ? 0 : SUPPRESS_SYSLOG) |
+ (options.enable_escape_commandline == 0 ? SUPPRESS_NOCMDLINE : 0);
for (i = 0; i < sizeof(esc_txt)/sizeof(esc_txt[0]); i++) {
if (esc_txt[i].flags & suppress_flags)
@@ -1115,6 +1117,12 @@ process_escapes(struct ssh *ssh, Channel *c,
case 'C':
if (c && c->ctl_chan != -1)
goto noescape;
+ if (options.enable_escape_commandline == 0) {
+ if ((r = sshbuf_putf(berr,
+ "commandline disabled\r\n")) != 0)
+ fatal_fr(r, "sshbuf_putf");
+ continue;
+ }
process_cmdline(ssh);
continue;
diff --git a/readconf.c b/readconf.c
index 42be690b..794fac6d 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.369 2022/09/17 10:33:18 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.370 2022/11/28 01:37:36 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -175,6 +175,7 @@ typedef enum {
oFingerprintHash, oUpdateHostkeys, oHostbasedAcceptedAlgorithms,
oPubkeyAcceptedAlgorithms, oCASignatureAlgorithms, oProxyJump,
oSecurityKeyProvider, oKnownHostsCommand, oRequiredRSASize,
+ oEnableEscapeCommandline,
oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported
} OpCodes;
@@ -321,6 +322,7 @@ static struct {
{ "securitykeyprovider", oSecurityKeyProvider },
{ "knownhostscommand", oKnownHostsCommand },
{ "requiredrsasize", oRequiredRSASize },
+ { "enableescapecommandline", oEnableEscapeCommandline },
{ NULL, oBadOption }
};
@@ -2177,6 +2179,10 @@ parse_pubkey_algos:
*charptr = xstrdup(arg);
break;
+ case oEnableEscapeCommandline:
+ intptr = &options->enable_escape_commandline;
+ goto parse_flag;
+
case oRequiredRSASize:
intptr = &options->required_rsa_size;
goto parse_int;
@@ -2429,6 +2435,7 @@ initialize_options(Options * options)
options->pubkey_accepted_algos = NULL;
options->known_hosts_command = NULL;
options->required_rsa_size = -1;
+ options->enable_escape_commandline = -1;
}
/*
@@ -2627,6 +2634,8 @@ fill_default_options(Options * options)
#endif
if (options->required_rsa_size == -1)
options->required_rsa_size = SSH_RSA_MINIMUM_MODULUS_SIZE;
+ if (options->enable_escape_commandline == -1)
+ options->enable_escape_commandline = 0;
/* Expand KEX name lists */
all_cipher = cipher_alg_list(',', 0);
@@ -3308,6 +3317,7 @@ dump_client_config(Options *o, const char *host)
dump_cfg_fmtint(oVerifyHostKeyDNS, o->verify_host_key_dns);
dump_cfg_fmtint(oVisualHostKey, o->visual_host_key);
dump_cfg_fmtint(oUpdateHostkeys, o->update_hostkeys);
+ dump_cfg_fmtint(oEnableEscapeCommandline, o->enable_escape_commandline);
/* Integer options */
dump_cfg_int(oCanonicalizeMaxDots, o->canonicalize_max_dots);
diff --git a/readconf.h b/readconf.h
index ffb5ec4f..5c19a120 100644
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.148 2022/09/17 10:33:18 djm Exp $ */
+/* $OpenBSD: readconf.h,v 1.149 2022/11/28 01:37:36 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
@@ -177,6 +177,7 @@ typedef struct {
char *known_hosts_command;
int required_rsa_size; /* minimum size of RSA keys */
+ int enable_escape_commandline; /* ~C commandline */
char *ignored_unknown; /* Pattern list of unknown tokens to ignore */
} Options;
diff --git a/ssh.1 b/ssh.1
index e255b9b9..a3d1ba16 100644
--- a/ssh.1
+++ b/ssh.1
@@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.432 2022/09/17 10:33:18 djm Exp $
-.Dd $Mdocdate: September 17 2022 $
+.\" $OpenBSD: ssh.1,v 1.433 2022/11/28 01:37:36 djm Exp $
+.Dd $Mdocdate: November 28 2022 $
.Dt SSH 1
.Os
.Sh NAME
@@ -522,6 +522,7 @@ For full details of the options listed below, and their possible values, see
.It ControlPath
.It ControlPersist
.It DynamicForward
+.It EnableEscapeCommandline
.It EscapeChar
.It ExitOnForwardFailure
.It FingerprintHash
diff --git a/ssh_config.5 b/ssh_config.5
index f6fa33ce..ab1e5723 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.375 2022/11/07 10:09:28 dtucker Exp $
-.Dd $Mdocdate: November 7 2022 $
+.\" $OpenBSD: ssh_config.5,v 1.376 2022/11/28 01:37:36 djm Exp $
+.Dd $Mdocdate: November 28 2022 $
.Dt SSH_CONFIG 5
.Os
.Sh NAME
@@ -643,6 +643,12 @@ will act as a SOCKS server.
Multiple forwardings may be specified, and
additional forwardings can be given on the command line.
Only the superuser can forward privileged ports.
+.It Cm EnableEscapeCommandline
+Enables the command line option in the
+.Cm EscapeChar
+menu for interactive sessions (default
+.Ql ~C ) .
+By default, the command line is disabled.
.It Cm EnableSSHKeysign
Setting this option to
.Cm yes
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list