fix: osh.pl: validate user and host format

2025-09-04 03:54:11 +08:00 · 2020-11-19 16:44:43 +00:00 · 2020-11-19 16:44:43 +00:00 · 15cad00c27
commit 15cad00c27
parent 461b1304c7
5 changed files with 34 additions and 3 deletions
--- a/bin/admin/install
+++ b/bin/admin/install
@ -214,7 +214,11 @@ fi

 if [ "$OS_FAMILY" = FreeBSD ]; then
    action_doing "Running under FreeBSD, verifying if /home is mounted with ACLs..."
-    home_mp="$(df /home | awk '{ if(NR==2) {print $6;exit} }')"
+    home_mp="$(df /home 2>/dev/null | awk '{ if(NR==2) {print $6;exit} }')"
+    if [ -z "$home_mp" ]; then
+        # no /home? nevermind, / will probably do
+        home_mp=/
+    fi
    if ! mount | awk '{ if($3=="'"$home_mp"'"){print;exit} }' | grep -q -w acls; then
        action_error "No. Please modify your /etc/fstab accordingly, and run \`mount -u -o acls $home_mp' to apply the change on-the-fly."
        exit 1
--- a/bin/shell/osh.pl
+++ b/bin/shell/osh.pl
@ -364,6 +364,7 @@ my $remainingOptions;
 if (not defined $realOptions) {
    help();
    if (OVH::Bastion::config('interactiveModeByDefault')->value) {
+
        # nothing specified by the user, let's drop them to the interactive mode
        osh_warn("No command specified, entering interactive mode by default");
        $interactive = 1;
@ -547,6 +548,15 @@ else {
    }
 }

+if ($user && !OVH::Bastion::is_valid_remote_user(user => $user)) {
+    main_exit OVH::Bastion::EXIT_INVALID_REMOTE_USER, 'invalid_remote_user', "Remote user name '$user' seems invalid";
+}
+if ($host && $host !~ m{^[a-zA-Z0-9._/:-]+$}) {
+
+    # can be an IP (v4 or v6), hostname, or prefix (with a /)
+    main_exit OVH::Bastion::EXIT_INVALID_REMOTE_HOST, 'invalid_remote_host', "Remote host name '$host' seems invalid";
+}
+
 # Get real ip from host
 $fnret = R('ERR_INTERNAL', silent => 1);
 my $ip = undef;
--- a/lib/perl/OVH/Bastion.pm
+++ b/lib/perl/OVH/Bastion.pm
@ -90,6 +90,8 @@ use constant {
    EXIT_MFA_ANY_SETUP_REQUIRED      => 124,
    EXIT_MFA_FAILED                  => 125,
    EXIT_TTYREC_CMDLINE_FAILED       => 126,
+    EXIT_INVALID_REMOTE_USER         => 127,
+    EXIT_INVALID_REMOTE_HOST         => 128,
 };

 use constant {
--- a/lib/perl/OVH/Bastion/configuration.inc
+++ b/lib/perl/OVH/Bastion/configuration.inc
@ -201,10 +201,13 @@ sub load_configuration {
    $C->{'idleLockTimeout'} = 0 if ($C->{'idleKillTimeout'} <= $C->{'idleLockTimeout'});

    # booleans that can only be 0 or 1 and default to 1
-    foreach my $key (qw{
+    foreach my $key (
+        qw{
        enableSyslog enableGlobalAccessLog enableAccountAccessLog enableGlobalSqlLog enableAccountSqlLog displayLastLogin
        interactiveModeByDefault
-        }) {
+        }
+      )
+    {
        $C->{$key} = 1 if (not defined $C->{$key} or $C->{$key} !~ /^\d+$/);
        $C->{$key} > 1 and $C->{$key} = 1;
    }
--- a/tests/functional/tests.d/340-selfaccesses.sh
+++ b/tests/functional/tests.d/340-selfaccesses.sh
@ -74,6 +74,18 @@ testsuite_selfaccesses()
    contain "Access denied for"
    json .command    null .error_code KO_ACCESS_DENIED

+    run ssh invalid_host $a1 127.0./0.1 -- id
+    retvalshouldbe 102
+    json .error_code KO_HOST_NOT_FOUND
+
+    run ssh invalid_host $a1 127.0.%0.1 -- id
+    retvalshouldbe 128
+    json .error_code KO_INVALID_REMOTE_HOST
+
+    run ssh invalid_user $a1 ro/ot@127.0.0.1 -- id
+    retvalshouldbe 127
+    json .error_code KO_INVALID_REMOTE_USER
+
    grant selfAddPersonalAccess
    grant selfDelPersonalAccess