From b1b3e4b7ea3d432129fc80e7323611be8b841f2e Mon Sep 17 00:00:00 2001 From: Roman Zeyde Date: Sat, 7 May 2022 20:36:08 +0300 Subject: [PATCH 1/2] Don't fail if not all request is parsed https://www.openssh.com/agent-restrict.html https://github.com/openssh/openssh-portable/commit/266678e19eb0e86fdf865b431b6e172e7a95bf48 --- libagent/ssh/client.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libagent/ssh/client.py b/libagent/ssh/client.py index 1b346d6..aa3b47c 100644 --- a/libagent/ssh/client.py +++ b/libagent/ssh/client.py @@ -76,5 +76,7 @@ def parse_ssh_blob(data): public_key = util.read_frame(i) res['public_key'] = formats.parse_pubkey(public_key) - assert not i.read() + unparsed = i.read() + if unparsed: + log.warning('unparsed blob: %r', unparsed) return res From 8d4536b37aa8f68cbf23952481b66126a29eb6aa Mon Sep 17 00:00:00 2001 From: Roman Zeyde Date: Sat, 21 May 2022 12:09:00 +0300 Subject: [PATCH 2/2] Fixup linting issues --- libagent/ssh/protocol.py | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/libagent/ssh/protocol.py b/libagent/ssh/protocol.py index 81783a8..4c2af8f 100644 --- a/libagent/ssh/protocol.py +++ b/libagent/ssh/protocol.py @@ -88,7 +88,7 @@ class Handler: msg_code('SSH_AGENTC_REQUEST_RSA_IDENTITIES'): _legacy_pubs, msg_code('SSH2_AGENTC_REQUEST_IDENTITIES'): self.list_pubs, msg_code('SSH2_AGENTC_SIGN_REQUEST'): self.sign_message, - msg_code('SSH_AGENTC_EXTENSION'): self.unsupported_extension, + msg_code('SSH_AGENTC_EXTENSION'): _unsupported_extension, } def handle(self, msg): @@ -166,6 +166,7 @@ class Handler: code = util.pack('B', msg_code('SSH2_AGENT_SIGN_RESPONSE')) return util.frame(code, data) - def unsupported_extension(self, buf): - code = util.pack('B', msg_code('SSH_AGENT_EXTENSION_FAILURE')) - return util.frame(code) + +def _unsupported_extension(): + code = util.pack('B', msg_code('SSH_AGENT_EXTENSION_FAILURE')) + return util.frame(code)