Be more persmissive for session tokens (useful for named sessions)

2020-11-18 19:53:51 -08:00 · 2019-11-07 08:17:51 -05:00 · 2019-11-07 08:17:51 -05:00 · 6c41248dad
commit 6c41248dad
parent 7c1bc239af
4 changed files with 17 additions and 13 deletions
--- a/tmate-auth-keys.c
+++ b/tmate-auth-keys.c
@ -167,7 +167,7 @@ bool would_tmate_session_allow_auth(const char *token, const char *pubkey)
 	int sock_fd = -1;
 	int ret = true;

-	if (tmate_validated_session_token(token) < 0)
+	if (tmate_validate_session_token(token) < 0)
 		goto out;

 	char *sock_path = get_socket_path(token);
--- a/tmate-main.c
+++ b/tmate-main.c
@ -173,10 +173,18 @@ int main(int argc, char **argv, char **envp)
 	return 0;
 }

-char *get_socket_path(const char *token)
+char *get_socket_path(const char *_token)
 {
 	char *path;
+	char *token = xstrdup(_token);
+
+	for (char *c = token; *c; c++) {
+		if (*c == '/' || *c == '.')
+			*c = '_';
+	}
+
 	xasprintf(&path, TMATE_WORKDIR "/sessions/%s", token);
+	free(token);
 	return path;
 }

--- a/tmate-ssh-client-pty.c
+++ b/tmate-ssh-client-pty.c
@ -133,24 +133,20 @@ static void ssh_echo(struct tmate_ssh_client *ssh_client,


 /*
- * Session tokens are filesystem sensitive,
- * so we must be very careful with / and .
+ * Note: get_socket_path() replaces '/' and '.' by '_' to
+ * avoid wondering around the file system.
 */
 static char valid_digits[] = "abcdefghjklmnopqrstuvwxyz"
                             "ABCDEFGHJKLMNOPQRSTUVWXYZ"
-			     "0123456789-_";
+			     "0123456789-_/";

-int tmate_validated_session_token(const char *token)
+int tmate_validate_session_token(const char *token)
 {
 	int len;
 	int i;

-	if (!memcmp("ro-", token, 3))
-		token += 3;
-
 	len = strlen(token);
-
-	if (len != TMATE_TOKEN_LEN)
+	if (len <= 2)
 		return -1;

 	for (i = 0; i < len; i++) {
@ -173,7 +169,7 @@ void tmate_spawn_pty_client(struct tmate_session *session)
 	int slave_pty;
 	int ret;

-	if (tmate_validated_session_token(token) < 0) {
+	if (tmate_validate_session_token(token) < 0) {
 		ssh_echo(client, BAD_TOKEN_ERROR_STR);
 		tmate_fatal("Invalid token");
 	}
--- a/tmate.h
+++ b/tmate.h
@ -142,7 +142,7 @@ extern void tmate_dump_exec_response(struct tmate_session *session,

 /* tmate-ssh-client-pty.c */
 extern void tmate_spawn_pty_client(struct tmate_session *session);
-extern int tmate_validated_session_token(const char *token);
+extern int tmate_validate_session_token(const char *token);

 /* tmate-ssh-server.c */