flak rss random

ssh in https

The wifi network at BSDcan, really the UOttawa network, blocks a bunch of ports. This makes it difficult to connect to outside machines using “exotic” protocols, basically anything except http or https. There are many ways to resolve this, here’s what I did.

Pick a port that’s allowed, such as 443. Unfortunately I’m already using port 443 for some very serious https business. But it’s possible to run two protocols over the same port with some smarts in the endpoint.

ssh connections start by having both client and server exchange version strings. You can observe this by running netcat.

> nc localhost 22
SSH-2.0-OpenSSH_8.0

Or start a server and observe the client, ssh -p 20002 localhost.

> nc -l localhost 20002
SSH-2.0-OpenSSH_8.0

This is convenient because many other protocols typically begin with only one party. You can’t tell you’re talking to a web server, for instance, because the server doesn’t respond until it receives a request. The upside, for ssh, is that you can probably inject it into almost anything, given some control over the software.

In my case, I’m running a web server. My request loop used to look like this:

        _, err := rw.Reader.Peek(1)
        if err != nil {
            return
        }
        req, err := http.ReadRequest(rw.Reader)

It’s reading one byte to check for timeouts and disconnects. If we read a little more, we can spot ssh connections.

        sneak, err := rw.Reader.Peek(4)
        if err != nil {
            return
        }
        if conn.sshproxy && string(sneak) == "SSH-" {
            sshconn, err := net.Dial("tcp", "127.0.0.1:22")
            sneak, _ = rw.Reader.Peek(rw.Reader.Buffered())
            sshconn.Write(sneak)
            c := make(chan net.Conn)
            go copyuntildone(netconn, sshconn, c)
            go copyuntildone(sshconn, netconn, c)
            closewhendone(c)
            return
        }
        req, err := http.ReadRequest(rw.Reader)

From there, it’s a simple matter of copying data from one socket to the other.

On the client side, this requires a simple proxy command to connect via TLS first.

ProxyCommand nc -c %h 443
Posted 17 May 2019 17:32 by tedu Updated: 17 May 2019 17:32
Tagged: openbsd software web

the png that squished really big

I posted a tiny png, a mastodon stepped on it, and... it got really big.

more...

Posted 16 Apr 2019 17:33 by tedu Updated: 16 Apr 2019 17:34
Tagged: software web

honk 0.1

honk is my take on a federated status updater. One might say it’s opinionated software. Since my opinions are correct, this makes honk the world’s first provably correct social media application. Here’s a formerly brief rundown of things that work, things that don’t work, and things that won’t work. Plus some complaints about how other people do things. The version number, 0.1, indicates your expected level of satisfaction.

more...

Posted 09 Apr 2019 12:36 by tedu Updated: 17 Apr 2019 00:58
Tagged: project software web

battery consuming battery software

This is a little tour of some software I took today. One of the topics that consistently comes up when people discuss what operating system to run on their laptop is how much battery life to expect, and the answers are all over the map. The focus always seems to be on the kernel and how advanced its scheduler algorithm is, and the minutia of interrupt controllers. We throw around terms like race to sleep. But rarely do I see anyone mention the impact that the software they choose to run spending millions of CPU cycles on trivial tasks might have on battery life. Especially ironic if that software ends up being the software we’re running to monitor how much battery is left.

more...

Posted 08 Apr 2019 17:12 by tedu Updated: 08 Apr 2019 17:12
Tagged: software

code integrity vs data security

On the last day of AsiaBSDCon, George Neville-Neil gave the keynote talk, Security Fantasies and Realities. Some of it was good and some of it was bad. One of the central points is that the ioshitsunami is coming and in order to save humanity we need to do more of the good security and less of the bad security. One of the, or perhaps just the, good security things to do is hardware root of trust, which I will call TPM, although it has a few brand names.

more...

Posted 26 Mar 2019 02:15 by tedu Updated: 26 Mar 2019 02:15
Tagged: security software thoughts

package of the moment: tview and tcell

I wanted to make an interactive terminal interface for something. Usually I just bang out some vt100 escapes to move the cursor around, color this, erase that. It’s crude but effective as long as the number of screen elements is kept to a minimum. This time, though, I decided on a slightly more disciplined approach, and so I was looking for a library that might assist in drawing views of various sizes, and input fields, and buttons. The works. In go.

more...

Posted 18 Feb 2019 17:58 by tedu Updated: 09 Apr 2019 21:05
Tagged: go software

de facto vs de jure maintenance

Some thoughts on cowboys vs conservatorships after reading De-facto closed source: the case for understandable software. I can’t say I disagree with anything there. Software is too complicated and should be simpler. There is, however, an angle which wasn’t examined. Or at least an alternative that wasn’t fully explored, which is to trust authors in a way which works.

The original problem (or one of them) is the result of a fiercely independent code slinging cowboy distribution model. You write some code, toss it on the tubes, people use it, and then... you move on and hand your star over to somebody else. The de jure maintainer has changed. There’s no continuity.

Another model is to place the code in a conservatorship. Like a curated list of awesome, except actually curated. When the original author steps away, nothing changes. The de jure maintainer is the same. Continuity.

There are many examples of such conservatorships, although we rarely use the term. We might consider the OpenBSD project. Some time ago, Sylvestre wrote and contributed a fuse implementation. Then life moves on, as it does, and so did he, leaving the code without a direct maintainer. But OpenBSD didn’t just hand the code over to somebody else. It’s still ours, even if we could be doing a better job improving it. To be completely honest, although it gets the occasional commit, it may be close to de facto unmaintained. The important fact, however, is that it’s de jure maintained. Users of the fuse code can trust that it won’t get randocoined.

This isn’t an all or nothing proposition. Handing over maintenance doesn’t require assigning copyright. The code is still open, it can be forked out of the conservatorship at any time. And in exchange, there are other people to help fix bugs and answer questions when you go on vacation. You’re not trapped working on a project you’ve lost interest in out of a sense of duty because there’s a succession plan.

See also: Towards a more collaborative OSS model.

Posted 30 Nov 2018 19:11 by tedu Updated: 24 Jan 2019 02:38
Tagged: software thoughts

deconstruct conf 2018

I was at Deconstruct, a little conference. It has no sponsors, a single track, no lunch, no public schedule, and no particular focus except computering. It was quite nice. Some notes from the talks.

more...

Posted 23 May 2018 18:22 by tedu Updated: 23 May 2018 18:22
Tagged: event software

a repo upon the deep

In reference to arbitrary code execution in various source control programs. Refer svn advisory. Remember A Fire Upon the Deep?

There’s some code archaeologists who dig up an artifact. They don’t know what it does, but it includes some instructions for how to unpack it. And so they follow the instructions. And they think they’re taking precautions to prevent it from doing bad stuff, but they screw up, and the evil AI is turned loose. And then bad stuff happens.

It’s funny how similar this is to today’s vulnerability. In theory, checking out a code repo should be a safe operation. All you’re doing is downloading some artifact from a server. Building the code, running the code, all that can be unsafe. But surely there’s no trouble to simply checking out some code?

Alas, a repo is not just a repo. Checking out a repo might require checking out other sub repos and external resources. And so a dumb read only artifact is actually a smart read/execute artifact. The artifact can’t be checked out without also interpreting some of its contents. And if interpreting happens to execute some unwanted shell commands... Bad stuff happens.

It’s a bug, and it’s fixed, but another lesson that nothing is ever simple when adding features. What looks like just a hostname over here could be interpreted as a shell command over there.

Posted 10 Aug 2017 19:38 by tedu Updated: 10 Aug 2017 19:38
Tagged: security software

hurray we won

A few thoughts after reading Are all BSDs created equally? by Ilja van Sprundel. Theo says OpenBSD is the best, Ilja fact checks.

more...

Posted 28 Jul 2017 02:17 by tedu Updated: 28 Jul 2017 02:17
Tagged: openbsd security software thoughts