v/tmate-ssh-server
1
0
Fork 0
mirror of https://github.com/tmate-io/tmate-ssh-server.git synced 2020-11-18 19:53:51 -08:00
Code Issues Releases Wiki Activity

Be more persmissive for session tokens (useful for named sessions)

Browse Source
This commit is contained in:
Nicolas Viennot 2019-11-07 08:17:51 -05:00
parent 7c1bc239af
commit 6c41248dad
4 changed files with 17 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
tmate-auth-keys.c
View File

@ -167,7 +167,7 @@ bool would_tmate_session_allow_auth(const char *token, const char *pubkey)
int sock_fd = -1;
int ret = true;
if (tmate_validated_session_token(token) < 0)
if (tmate_validate_session_token(token) < 0)
goto out;
char *sock_path = get_socket_path(token);

10
tmate-main.c
View File

@ -173,10 +173,18 @@ int main(int argc, char **argv, char **envp)
return 0;
}
char *get_socket_path(const char *token)
char *get_socket_path(const char *_token)
{
char *path;
char *token = xstrdup(_token);
for (char *c = token; *c; c++) {
if (*c == '/' || *c == '.')
*c = '_';
}
xasprintf(&path, TMATE_WORKDIR "/sessions/%s", token);
free(token);
return path;
}

16
tmate-ssh-client-pty.c
View File

@ -133,24 +133,20 @@ static void ssh_echo(struct tmate_ssh_client *ssh_client,
/*
* Session tokens are filesystem sensitive,
* so we must be very careful with / and .
* Note: get_socket_path() replaces '/' and '.' by '_' to
* avoid wondering around the file system.
*/
static char valid_digits[] = "abcdefghjklmnopqrstuvwxyz"
"ABCDEFGHJKLMNOPQRSTUVWXYZ"
"0123456789-_";
"0123456789-_/";
int tmate_validated_session_token(const char *token)
int tmate_validate_session_token(const char *token)
{
int len;
int i;
if (!memcmp("ro-", token, 3))
token += 3;
len = strlen(token);
if (len != TMATE_TOKEN_LEN)
if (len <= 2)
return -1;
for (i = 0; i < len; i++) {
@ -173,7 +169,7 @@ void tmate_spawn_pty_client(struct tmate_session *session)
int slave_pty;
int ret;
if (tmate_validated_session_token(token) < 0) {
if (tmate_validate_session_token(token) < 0) {
ssh_echo(client, BAD_TOKEN_ERROR_STR);
tmate_fatal("Invalid token");
}

2
tmate.h
View File

@ -142,7 +142,7 @@ extern void tmate_dump_exec_response(struct tmate_session *session,
/* tmate-ssh-client-pty.c */
extern void tmate_spawn_pty_client(struct tmate_session *session);
extern int tmate_validated_session_token(const char *token);
extern int tmate_validate_session_token(const char *token);
/* tmate-ssh-server.c */