Hide session token in ps and logs

2020-11-18 19:53:51 -08:00 · 2019-08-31 17:31:01 -04:00 · 2019-08-31 17:31:01 -04:00 · 080be74a75
commit 080be74a75
parent ebbafd794f
4 changed files with 14 additions and 7 deletions
--- a/log.c
+++ b/log.c
@ -86,7 +86,7 @@ log_vwrite(int level, const char *msg, va_list ap)
 {
 	char	*fmt = NULL;

-	const char *token = tmate_session->session_token;
+	const char *token = tmate_session->obfuscated_session_token;

 	if (log_settings.log_level < level)
 		return;
--- a/tmate-main.c
+++ b/tmate-main.c
@ -262,9 +262,12 @@ void set_session_token(struct tmate_session *session,
 	xasprintf(&path, TMATE_WORKDIR "/sessions/%s", token);
 	socket_path = path;

+	xasprintf((char **)&session->obfuscated_session_token, "%.4s...",
+		  session->session_token);
+
 	memset(cmdline, 0, cmdline_end - cmdline);
 	sprintf(cmdline, "tmate-ssh-server [%s] %s %s",
-		session->session_token,
+		tmate_session->obfuscated_session_token,
 		session->ssh_client.role == TMATE_ROLE_DAEMON ? "(daemon)" : "(pty client)",
 		session->ssh_client.ip_address);
 }
--- a/tmate-ssh-server.c
+++ b/tmate-ssh-server.c
@ -215,8 +215,7 @@ static void register_on_ssh_read(struct tmate_ssh_client *client)

 static void handle_sigalrm(__unused int sig)
 {
-	tmate_debug("Connection grace period (%ds) passed", TMATE_SSH_GRACE_PERIOD);
-	exit(1);
+	tmate_fatal_info("Connection grace period (%ds) passed", TMATE_SSH_GRACE_PERIOD);
 }

 static void client_bootstrap(struct tmate_session *_session)
@ -258,8 +257,7 @@ static void client_bootstrap(struct tmate_session *_session)

 	tmate_debug("Exchanging DH keys");
 	if (ssh_handle_key_exchange(session) < 0)
-		tmate_fatal("Error doing the key exchange: %s",
-				    ssh_get_error(session));
+		tmate_fatal_info("Error doing the key exchange: %s", ssh_get_error(session));

 	mainloop = ssh_event_new();
 	ssh_event_add_session(mainloop, session);
@ -271,7 +269,7 @@ static void client_bootstrap(struct tmate_session *_session)

 	alarm(0);

-	/* The latency is callback set later */
+	/* The latency callback is set later */
 	tmate_start_ssh_latency_probes(client, &ssh_server_cb, TMATE_SSH_KEEPALIVE * 1000);
 	register_on_ssh_read(client);

--- a/tmate.h
+++ b/tmate.h
@ -26,6 +26,11 @@ extern void printflike(2, 3) tmate_log(int level, const char *msg, ...);
 	tmate_log(LOG_CRIT, "fatal: " str, ##__VA_ARGS__);	\
 	exit(1);						\
 })
+#define tmate_fatal_info(str, ...)				\
+({								\
+	tmate_log(LOG_INFO, "fatal: " str, ##__VA_ARGS__);	\
+ 	exit(1);						\
+})

 /* tmate-msgpack.c */

@ -231,6 +236,7 @@ struct tmate_session {
 	/* only for role deamon */
 	const char *session_token;
 	const char *session_token_ro;
+	const char *obfuscated_session_token; /* for logging purposes */

 	struct tmate_encoder daemon_encoder;
 	struct tmate_decoder daemon_decoder;