diff options
| author | dtucker <dtucker> | 2008-06-10 23:34:01 +0000 |
|---|---|---|
| committer | dtucker <dtucker> | 2008-06-10 23:34:01 +0000 |
| commit | 4161913751309927de0a142aab8013bac9845d74 (patch) | |
| tree | db1fd6a2d592a08bdbd9c81a650f4ab02f1d352b /serverloop.c | |
| parent | 9ac4e0275a63eda5aa91d5f6de12dddd2f001537 (diff) | |
| download | openssh-4161913751309927de0a142aab8013bac9845d74.tar.gz | |
- djm@cvs.openbsd.org 2008/06/10 22:15:23
[PROTOCOL ssh.c serverloop.c]
Add a no-more-sessions@openssh.com global request extension that the
client sends when it knows that it will never request another session
(i.e. when session multiplexing is disabled). This allows a server to
disallow further session requests and terminate the session.
Why would a non-multiplexing client ever issue additional session
requests? It could have been attacked with something like SSH'jack:
http://www.storm.net.nz/projects/7
feedback & ok markus
Diffstat (limited to 'serverloop.c')
| -rw-r--r-- | serverloop.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/serverloop.c b/serverloop.c index 6bc140f8..76d76bab 100644 --- a/serverloop.c +++ b/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.151 2008/05/09 16:21:13 markus Exp $ */ +/* $OpenBSD: serverloop.c,v 1.152 2008/06/10 22:15:23 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -105,6 +105,7 @@ static int connection_in; /* Connection to client (input). */ static int connection_out; /* Connection to client (output). */ static int connection_closed = 0; /* Connection to client closed. */ static u_int buffer_high; /* "Soft" max buffer size. */ +static int no_more_sessions = 0; /* Disallow further sessions. */ /* * This SIGCHLD kludge is used to detect when the child exits. The server @@ -1013,6 +1014,12 @@ server_request_session(void) debug("input_session_request"); packet_check_eom(); + + if (no_more_sessions) { + packet_disconnect("Possible attack: attempt to open a session " + "after additional sessions disabled"); + } + /* * A server session has no fd to read or write until a * CHANNEL_REQUEST for a shell is made, so we set the type to @@ -1133,6 +1140,9 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) success = channel_cancel_rport_listener(cancel_address, cancel_port); xfree(cancel_address); + } else if (strcmp(rtype, "no-more-sessions@openssh.com") == 0) { + no_more_sessions = 1; + success = 1; } if (want_reply) { packet_start(success ? |