Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

x/crypto/ssh: allow to send type specific data when accepting a channel #64211

Open
drakkan opened this issue Nov 16, 2023 · 4 comments
Open
Labels
Proposal Proposal-Accepted Proposal-Crypto Proposal related to crypto packages or other security issues
Milestone

Comments

@drakkan
Copy link
Member

drakkan commented Nov 16, 2023

According to RFC 4254 section 5.1, SSH_MSG_CHANNEL_OPEN_CONFIRMATION can contain some type specific data, we have mapping for this extra payload but currently the field is unused.

I propose to add API to allow setting this field when accepting a channel on the server side and to retrieve the value on the client side.

Proposed API for the server side part:

// NewChannelWithPayload is a NewChannel that allows to send an arbitrary
// payload in SSH_MSG_CHANNEL_OPEN_CONFIRMATION.
type NewChannelWithPayload interface {
	NewChannel

	// AcceptWithPayload allows to set an arbitrary payload to send in
	// SSH_MSG_CHANNEL_OPEN_CONFIRMATION.
	AcceptWithPayload(payload []byte) (Channel, <-chan *Request, error)
}

Proposed API for the client side part:

// ChannelWithPayload is a Channel that allows to retrieve the type specific
// data received in SSH_MSG_CHANNEL_OPEN_CONFIRMATION.
type ChannelWithPayload interface {
	Channel

	// Payload returns the channel type specific data received in
	// SSH_MSG_CHANNEL_OPEN_CONFIRMATION.
	Payload() []byte
}

for the client side part we can also evaluate an interface extension for Conn to add something like this:

OpenChannelPayload(name string, data []byte) (Channel, <-chan *Request, []byte, error)

this way the payload is returned directly after opening the channel without the need to call the Payload() method on the channel as proposed above.
I prefer the first option because I'm not a big fan of methods that return multiple values, but that's just a personal preference.

Thank you!

cc @golang/proposal-review

@gopherbot gopherbot added this to the Proposal milestone Nov 16, 2023
@gopherbot
Copy link
Contributor

Change https://go.dev/cl/543055 mentions this issue: ssh: allow to send type specific data when accepting a channel

@ianlancetaylor ianlancetaylor added the Proposal-Crypto Proposal related to crypto packages or other security issues label Dec 2, 2023
@rsc
Copy link
Contributor

rsc commented Jan 10, 2024

This proposal has been added to the active column of the proposals project
and will now be reviewed at the weekly proposal review meetings.
— rsc for the proposal review group

@rsc
Copy link
Contributor

rsc commented Jan 19, 2024

Based on the discussion above, this proposal seems like a likely accept.
— rsc for the proposal review group

Proposal details in #64211 (comment)

@rsc
Copy link
Contributor

rsc commented Jan 26, 2024

No change in consensus, so accepted. 🎉
This issue now tracks the work of implementing the proposal.
— rsc for the proposal review group

Proposal details in #64211 (comment)

@rsc rsc changed the title proposal: x/crypto/ssh: allow to send type specific data when accepting a channel x/crypto/ssh: allow to send type specific data when accepting a channel Jan 26, 2024
@rsc rsc modified the milestones: Proposal, Backlog Jan 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Proposal Proposal-Accepted Proposal-Crypto Proposal related to crypto packages or other security issues
Projects
Status: Accepted
Development

No branches or pull requests

4 participants