upstream: ssh-agent implemented an all-or-nothing allow-list of

FIDO application IDs for security key-backed keys, to prevent web key handles
from being used remotely as this would likely lead to unpleasant surprises.
By default, only application IDs that start with "ssh:*" are allowed.

This adds a -Owebsafe-allow=... argument that can override the default
list with a more or less restrictive one. The default remains unchanged.

ok markus@

OpenBSD-Commit-ID: 957c1ed92a8d7c87453b9341f70cb3f4e6b23e8d

diff --git a/ssh-agent.1 b/ssh-agent.1
index e5f9b0e338da15bf20f1a59389acb47a4170c858..2f5b091ee04fb672d05a3cc68e5c91e693367ef7 100644 (file)
--- a/ssh-agent.1
+++ b/ssh-agent.1
@@ -1,4 +1,4 @@
-.\" $OpenBSD: ssh-agent.1,v 1.80 2024/10/24 03:15:47 djm Exp $
+.\" $OpenBSD: ssh-agent.1,v 1.81 2024/11/06 22:51:26 djm Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: October 24 2024 $
+.Dd $Mdocdate: November 6 2024 $
 .Dt SSH-AGENT 1
 .Os
 .Sh NAME
@@ -107,10 +107,11 @@ environment variable).
 .It Fl O Ar option
 Specify an option when starting
 .Nm .
-Currently two options are supported:
-.Cm allow-remote-pkcs11
+The supported options are:
+.Cm allow-remote-pkcs11 ,
+.Cm no-restrict-websafe
 and
-.Cm no-restrict-websafe .
+.Cm websafe-allow .
 .Pp
 The
 .Cm allow-remote-pkcs11
@@ -143,6 +144,16 @@ user authentication request or a
 signature.
 The default behaviour prevents forwarded access to a FIDO key from also
 implicitly forwarding the ability to authenticate to websites.
+.Pp
+Alternately the
+.Cm websafe-allow
+option allows specifying a pattern-list of key application strings to
+replace the default application allow-list, for example:
+.Dq websafe-allow=ssh:*,example.org,*.example.com
+.Pp
+See PATTERNS in
+.Xr ssh_config 5
+for a description of pattern-list syntax.
 .It Fl P Ar allowed_providers
 Specify a pattern-list of acceptable paths for PKCS#11 provider and FIDO
 authenticator middleware shared libraries that may be used with the
@@ -152,11 +163,12 @@ or
 options to
 .Xr ssh-add 1 .
 Libraries that do not match the pattern list will be refused.
+The default list is
+.Dq usr/lib*/*,/usr/local/lib*/* .
+.Pp
 See PATTERNS in
 .Xr ssh_config 5
 for a description of pattern-list syntax.
-The default list is
-.Dq usr/lib*/*,/usr/local/lib*/* .
 .It Fl s
 Generate Bourne shell commands on
 .Dv stdout .

diff --git a/ssh-agent.c b/ssh-agent.c
index 55f3a8520fda0c06705cca0ee9c1250b817fc401..96c25b9d5718134230c5ba8a86ea765dfd4879e1 100644 (file)
--- a/ssh-agent.c
+++ b/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.308 2024/10/24 03:15:47 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.309 2024/11/06 22:51:26 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -94,6 +94,9 @@
 #ifndef DEFAULT_ALLOWED_PROVIDERS
 # define DEFAULT_ALLOWED_PROVIDERS "/usr/lib*/*,/usr/local/lib*/*"
 #endif
+#ifndef DEFAULT_WEBSAFE_ALLOWLIST
+# define DEFAULT_WEBSAFE_ALLOWLIST "ssh:*"
+#endif
 
 /* Maximum accepted message length */
 #define AGENT_MAX_LEN          (256*1024)
@@ -198,6 +201,7 @@ static int fingerprint_hash = SSH_FP_HASH_DEFAULT;
 
 /* Refuse signing of non-SSH messages for web-origin FIDO keys */
 static int restrict_websafe = 1;
+static char *websafe_allowlist;
 
 static void
 close_socket(SocketEntry *e)
@@ -925,7 +929,8 @@ process_sign_request2(SocketEntry *e)
        }
        if (sshkey_is_sk(id->key)) {
                if (restrict_websafe &&
-                   strncmp(id->key->sk_application, "ssh:", 4) != 0 &&
+                   match_pattern_list(id->key->sk_application,
+                   websafe_allowlist, 0) != 1 &&
                    !check_websafe_message_contents(key, data)) {
                        /* error already logged */
                        goto send;
@@ -2212,6 +2217,7 @@ main(int ac, char **av)
        int c_flag = 0, d_flag = 0, D_flag = 0, k_flag = 0, s_flag = 0;
        int sock, ch, result, saved_errno;
        char *shell, *format, *pidstr, *agentsocket = NULL;
+       const char *ccp;
 #ifdef HAVE_SETRLIMIT
        struct rlimit rlim;
 #endif
@@ -2264,7 +2270,12 @@ main(int ac, char **av)
                                restrict_websafe = 0;
                        else if (strcmp(optarg, "allow-remote-pkcs11") == 0)
                                remote_add_provider = 1;
-                       else
+                       else if ((ccp = strprefix(optarg,
+                           "websafe-allow=", 0)) != NULL) {
+                               if (websafe_allowlist != NULL)
+                                       fatal("websafe-allow already set");
+                               websafe_allowlist = xstrdup(ccp);
+                       } else
                                fatal("Unknown -O option");
                        break;
                case 'P':
@@ -2308,6 +2319,8 @@ main(int ac, char **av)
 
        if (allowed_providers == NULL)
                allowed_providers = xstrdup(DEFAULT_ALLOWED_PROVIDERS);
+       if (websafe_allowlist == NULL)
+               websafe_allowlist = xstrdup(DEFAULT_WEBSAFE_ALLOWLIST);
 
        if (ac == 0 && !c_flag && !s_flag) {
                shell = getenv("SHELL");