Re: should "want reply" responses be checked or ignored?

[Jim Wigginton <terrafrost%gmail.com@localhost>]

On Thu, Aug 13, 2009 at 11:08 AM, Simon Tatham<anakin%pobox.com@localhost> wrote:
>> From <http://tools.ietf.org/html/rfc4254#section-6.5>:
>>>   It is RECOMMENDED that the reply to these messages be requested and
>>>   checked.  The client SHOULD ignore these messages.
>
> Jim Wigginton  <terrafrost%gmail.com@localhost> wrote:
>> Recommending SSH_MSG_CHANNEL_REQUEST responses be checked and then
>> saying, later, that they should be ignored, seems a little
>> contradictory.  If you ignore them, you're not checking them, and if
>> you check them, you're not ignoring them.
>
> I think you've misparsed. In both those sentences, "these messages"
> denote the SSH_MSG_CHANNEL_REQUESTs themselves, not the responses.

Rereading it, I think you're right.

> The second sentence says that if the _server_ should ever send the
> _client_ an SSH_MSG_CHANNEL_REQUEST that asks to start a shell or
> command or subsystem, the client should ignore it! (Probably most
> relevant to people who are writing both a client and server
> implementation which share code, in which one might accidentally
> leave in the code that responds to requests and end up with the
> client able to respond to all sorts of inappropriate requests if a
> malicious server should take it into its head to send them.)

Seems kinda redundant given this:

6.1.  Opening a Session

  A session is started by sending the following message.

     byte      SSH_MSG_CHANNEL_OPEN
     string    "session"
     uint32    sender channel
     uint32    initial window size
     uint32    maximum packet size

  Client implementations SHOULD reject any session channel open
  requests to make it more difficult for a corrupt server to attack the
  client.

Of course, redundancy isn't necessarily a bad thing.

Anyway, thanks!