Promote ssh2_userauth_antispoof_msg into utils.

It doesn't actually do anything specific to the userauth layer; it's just a helper function that deals with the mechanics of printing an unspoofable message on various kinds of front end, and the only parameters it needs are a Seat and a message. Currently, it's used for 'here is the start/end of the server banner' only. But it's also got all the right functionality to be used for the (still missing) messages about which proxy SSH server the next set of login prompts are going to refer to.
2025-07-01 11:32:48 -05:00 · 2021-09-16 11:43:02 +01:00
parent adf6b698e4
commit fb663d4761
4 changed files with 43 additions and 37 deletions
--- a/utils/CMakeLists.txt
+++ b/utils/CMakeLists.txt
@ -1,4 +1,5 @@
 add_sources_from_current_dir(utils
+  antispoof.c
  base64_decode_atom.c
  base64_encode_atom.c
  bufchain.c
--- a/utils/antispoof.c
+++ b/utils/antispoof.c
@ -0,0 +1,28 @@
+#include "putty.h"
+#include "misc.h"
+
+void seat_antispoof_msg(Seat *seat, const char *msg)
+{
+    strbuf *sb = strbuf_new();
+    seat_set_trust_status(seat, true);
+    if (seat_can_set_trust_status(seat)) {
+        /*
+         * If the seat can directly indicate that this message is
+         * generated by the client, then we can just use the message
+         * unmodified as an unspoofable header.
+         */
+        put_datapl(sb, ptrlen_from_asciz(msg));
+    } else {
+        /*
+         * Otherwise, add enough padding around it that the server
+         * wouldn't be able to mimic it within our line-length
+         * constraint.
+         */
+        strbuf_catf(sb, "-- %s ", msg);
+        while (sb->len < 78)
+            put_byte(sb, '-');
+    }
+    put_datapl(sb, PTRLEN_LITERAL("\r\n"));
+    seat_banner_pl(seat, ptrlen_from_strbuf(sb));
+    strbuf_free(sb);
+}