eliott/serenity
1
0
Fork 0
mirror of https://github.com/SerenityOS/serenity synced 2026-04-25 17:15:42 +02:00
Code Issues Packages Projects Releases Wiki Activity

SSHServer: Reject unknown service names during authentication

Browse Source
This commit is contained in:
Lucas Chollet
2026-03-31 12:50:30 +02:00
parent 40a956c49c
commit 384af7857d
1 changed files with 8 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Userland/Services/SSHServer/SSHClient.cpp
View File

@@ -305,6 +305,14 @@ ErrorOr<void> SSHClient::handle_user_authentication(GenericMessage message)
if (username != TRY(Core::Account::self(Core::Account::Read::PasswdOnly)).username())
return Error::from_string_literal("Can't authenticate for another user account");
// "The 'service name' specifies the service to start after authentication. There may
// be several different authenticated services provided. If the requested service is
// not available, the server MAY disconnect immediately or at any later time. Sending
// a proper disconnect message is RECOMMENDED. In any case, if the service does not
// exist, authentication MUST NOT be accepted."
if (service_name != "ssh-connection"sv.bytes())
return Error::from_string_literal("Unknown service name.");
if (method_name == "none"sv.bytes()) {
// FIXME: Implement proper authentication!!!