Skip to content

Experimental: pass first stage parameters in argv #1243

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 5 commits into
base: master
Choose a base branch
from
Draft

Experimental: pass first stage parameters in argv #1243

wants to merge 5 commits into from

Conversation

@moreati
Copy link
Member

@moreati moreati commented Feb 5, 2025
edited
Loading

Before (line continuations added manually)

The context label (alex@kintha:<pid>) and preamble length (18191) are encoded inside the base64

ssh -o LogLevel ERROR -o Compression yes -o ServerAliveInterval 15 -o ServerAliveCountMax 3 -o BatchMode yes -o StrictHostKeyChecking yes foo \
    python -c \
    'import sys;sys.path=[p for p in sys.path if p];import binascii,os,zlib;exec(zlib.decompress(binascii.a2b_base64("eNqVkl1PwjAUhu/5Fd61i8toh0pYXCIBFBP5yIIuBheyj04aRtt0GwN/vR0zuGGM8W5P3/ec93Q9ju7aPDUEFQRqLakXNaLxhYKYyw3UrFb5HeXChEjHCGnf7Oh1kkrFFYcJTwl06iDr4NahUFAF5szfqvgl8mwbDH1ZUAZ8FtUl01tapncLcO+opIfUIHsS5pkfJERVtfNUtgPK2uKQrTkD1pnj3GAaXfDveHVuIhOfJtgRmVLOllanrCxbWqqGsB2V6hTMXxfj2XT11H+eDsaj4eremU1WrtOfz0cO8GyAwfFvnPx95+EFKaE5euVRmMCmoDfxEsAtzfg7YZafkP3dhrJs7VtX3ZvOtQa0lupSSJoRiHUweVzMEEJvDKj0kEfqilorFuUmxBEXhKknBzJQVQP7I6GBEZGQb4UkaQpjYUjiRxB3e2bvWPb1nmcdXB0UASg3RTmq5MHv7uIv98/xcXP8016Z2icQlOoP")))'

After (line continuations added manually)

The base64 blob (first stage), context label, and preamble length are seperate argv items.

ssh -o LogLevel ERROR -o Compression yes -o ServerAliveInterval 15 -o ServerAliveCountMax 3 -o BatchMode yes -o StrictHostKeyChecking yes foo \
    python -c \
    'import sys;sys.path=[p for p in sys.path if p];import binascii,os,zlib;exec(zlib.decompress(binascii.a2b_base64(sys.argv[1]),-15))' \
    pZJdS8MwGIXv+yu8GW/CSpd2F2KhF2ObTnAflGmRWUY/0hnckpK0q/PXm7IxW0URvcvDOXlP3nB8M/CEsnKWU4QNaVYNYtmFhkzIF4Rdoz6nZe4gYtqE4A/2zSZJrdpHTrZCUeQ3QTYhaEKl4RhY8min41ck7DbICVeuE3bVQVn0lSZlEcVb6nkwimTFuH3VK5XsxYz38kPxLDi4bWfXA8e6hF9n7KlUTPCV2w/PIQ6pR7j6AuV7JrUKi8flZD5b3w3uZ8PJeLS+9ufTdeAPFouxD6EH9j8T7T8lNv0D/+aBaKH9HUePxi1qC+anbwO0Y4XYUO52FIZOrUZys9cPx4YeUUlWUGSbML1dzgkhTxx0dCJSvRw2srpMWSpyynVrQMaAjaH3tmWxldJE7HJJlUKZJWmUIsYLdB7fD3F9/9SN9qTAhCqGunTZKX/4nbX62fp1Abu9wLmdDn4H \
    alex@kintha:58688 \
    18191

@moreati
Copy link
Member Author

moreati commented May 28, 2025
edited
Loading

The old arrangemet was 759 bytes, as measured by preamble_size.py, latest compression tweaks and code golfing have dropped that to approx 743 bytes. The new arrangement is 773 bytes, including latest compression tweaks and golfing.

Benefits of the new arrangement are

  • static first stage
    • speedup - It doesn't have to be dynamically regenerated for each context/connection.
    • transparency - the scary base64 blob can be reversed once, analysed once, subjected to much tighter filtering or allow listing
    • less magic - no 'constants' that are actually string labels replaced at runtime
    • looser coupling - between the python -c ... stage (zeroth stage) and the first stage.

@moreati
Copy link
Member Author

moreati commented Jul 6, 2025

refs #711

@moreati
Copy link
Member Author

moreati commented Aug 16, 2025

env -S ... might be of use

-S, --split-string=S
    process and split S into separate arguments; used to pass multiple arguments on shebang lines

-- https://manpages.debian.org/trixie/coreutils/env.1.en.html

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@moreati