add request no-more-sessions@openssh.com global request

Signed-off-by: Ahsen Kamal <itsahsenkamal@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>

include/libssh/libssh.h

@@ -529,6 +529,7 @@ LIBSSH_API socket_t ssh_get_fd(ssh_session session);
 LIBSSH_API char *ssh_get_hexa(const unsigned char *what, size_t len);
 LIBSSH_API char *ssh_get_issue_banner(ssh_session session);
 LIBSSH_API int ssh_get_openssh_version(ssh_session session);
+LIBSSH_API int ssh_request_no_more_sessions(ssh_session session);
 
 LIBSSH_API int ssh_get_server_publickey(ssh_session session, ssh_key *key);
 

src/client.c

@@ -691,6 +691,28 @@ int ssh_get_openssh_version(ssh_session session)
 
     return session->openssh;
 }
+
+/**
+ * @brief Most SSH connections will only ever request a single session, but an
+ * attacker may abuse a running ssh client to surreptitiously open
+ * additional sessions under their control. OpenSSH provides a global
+ * request "no-more-sessions@openssh.com" to mitigate this attack.
+ *
+ * @param[in]  session  The SSH session to use.
+ *
+ * @returns             SSH_OK on success, SSH_ERROR on error.
+ * @returns             SSH_AGAIN, if the session is in nonblocking mode,
+ *                      and call must be done again.
+ */
+int ssh_request_no_more_sessions(ssh_session session)
+{
+    if (session == NULL) {
+        return SSH_ERROR;
+    }
+
+    return ssh_global_request(session, "no-more-sessions@openssh.com", NULL, 1);
+}
+
 /**
  * @brief Add disconnect message when ssh_session is disconnected
  * To add a disconnect message to give peer a better hint.