draft-miller-ssh-agent-02: extensions and success messages
Alex Wilson
alex+mailinglists_openssh-dev at cooperi.net
Fri Apr 6 03:05:18 AEST 2018
On 04/04/18 21:56, Damien Miller wrote:
>
> I don't follow - clients always have to know that the last message sent
> was, otherwise they wouldn't be able to disambiguate the shared
> SSH_AGENT_SUCCESS / SSH_AGENT_FAILURE.
The format of that message doesn't change though -- it's always a single
byte (so you don't need that information in the function that actually
parses the message). With this proposal that is no longer the case. I
mean, maybe it's a pointless concern and things are fine as proposed. I
wrote my client implementation to not have any of that state there for
parsing messages to make it easier to test and fuzz. I know other
implmentations don't necessarily do the same thing.
>
> If it's a problem in practice, then I guess I could add an extension-
> specific reply message to a future draft, but I'm struggling to think of
> a situation in which it would be needed.
>
> BTW nothing at present implements any extensions AFAIK.
>
In case you want an example, in the prototype code I've been working on
for a hypervisor-controlled SSH agent for each VM/machine at work I'm
presently squatting on some high message ID numbers for retreiving
additional information from the agent. I would like to change these to
use the extension mechanism as soon as it's finalised.
Thanks for entertaining my question anyway. :)
More information about the openssh-unix-dev
mailing list