openssh bugs - Jun 2003 - [Bug 596] "ProxyCommand none" doesn't work

http://bugzilla.mindrot.org/show_bug.cgi?id=596

           Summary: "ProxyCommand none" doesn't work
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ssh
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: jimb at redhat.com


Using 

According to the man page, putting "ProxyCommand none" in my
.ssh/config file
should make SSH not use a proxy command to connect to that host.  However, when
I do this, SSH tries to execute "none" as a proxy command:

$ cat ~/.ssh/config
ProxyCommand none
$ ssh -V
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
$ ssh -v www.red-bean.com
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /home/jimb/.ssh/config
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: Executing proxy command: exec none

debug1: identity file /home/jimb/.ssh/identity type 0
debug1: identity file /home/jimb/.ssh/id_rsa type -1
/bin/sh: line 1: exec: none: not found
debug1: identity file /home/jimb/.ssh/id_dsa type 2
ssh_exchange_identification: Connection closed by remote host
debug1: Calling cleanup 0x805f31c(0x0)
$

The problem seems to be in process_config_line: on entry, 'line'
contains a
terminating newline:

$ gdb ./ssh
GNU gdb 2003-04-17-cvs
Copyright 2003 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for
details.
This GDB was configured as "i686-pc-linux-gnu"...
(gdb) break process_config_line
Breakpoint 1 at 0x804d42c: file readconf.c, line 284.
(gdb) run www.red-bean.com
Starting program: /rigel/jimb/TARS/openssh/openssh-3.6.1p2/ssh www.red-bean.com

Breakpoint 1, process_config_line (options=0x807fba0, host=0xbfffc2ee
"www.red-bean.com", line=0xbfffb7bc "\001",
filename=0xbfffbc70
"/home/jimb/.ssh/config",
linenum=1, activep=0xbfffb7bc) at readconf.c:284
284             s = line;
(gdb) next
286             keyword = strdelim(&s);
(gdb) print line
$1 = 0xbfffb7c0 "ProxyCommand none\n"
(gdb)

The newline at the end gets copied through into the options structure:

(gdb) dis 1
(gdb) break ssh.c:604
Breakpoint 2 at 0x804bece: file ssh.c, line 604.
(gdb) c
Continuing.

Breakpoint 2, main (ac=0, av=0xbfffbdfc) at ssh.c:604
604             if (options.proxy_command != NULL &&
(gdb) print options.proxy_command
$2 = 0x8085da0 "none\n"
(gdb)

This means that the following code doesn't do what it's supposed to do:

	if (options.proxy_command != NULL &&
	    strcmp(options.proxy_command, "none") == 0)
		options.proxy_command = NULL;

I suspect that none of the configuration options that retain the entire rest of
the line want that trailing newline.  I'll attach a patch to
process_config_line
that removes a trailing newline, if present, from the value before doing any
more per-option parsing.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=596





------- Additional Comments From jimb at redhat.com  2003-06-17 07:57 -------
Created an attachment (id=328)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=328&action=view)
Patch to strip terminating newlines from config file lines

With this patch, SSH recognizes the "ProxyCommand none" line in
~/.ssh/config
properly:

$ ssh www.red-bean.com
Linux sanpietro 2.4.19 #1 SMP Wed Oct 16 10:36:57 CDT 2002 sparc64 unknown

   "It now remains to be seen what are the methods and rules for a
    prince as regards his subjects and friends.  And as I know that
    many have written of this, I fear that my writing about it may be
    deemed presumptuous, differing as I do, especially in this matter,
    from the opinions of others.  But my intention being to write
    something of use to those who understand, it appears to me more
    proper to go to the real truth of the matter than to its
    imagination; and many have imagined republics and principalities
    which have never been seen or known to exist in reality; for how
    we live is so far removed from how we ought to live, that he who
    abandons what is done for what ought to be done, will rather learn
    to bring about his own ruin than his preservation.	A man who
    wishes to make a profession of goodness in everything must
    necessarily come to grief among so many who are not good.
    Therefore it is necessary for a prince, who wishes to maintain
    himself, to learn how not to be good, and to use this knowledge
    and not use it, according to the necessity of the case."
		    -- Niccolo Machiavelli, "The Prince", chapter 15
You have new mail.
Last login: Mon Jun 16 16:54:46 2003 from 12-223-225-216.client.insightbb.com
jimb at sanpietro:~$




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

http://bugzilla.mindrot.org/show_bug.cgi?id=596

jimb at redhat.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |DUPLICATE



------- Additional Comments From jimb at redhat.com  2003-06-17 08:12 -------


*** This bug has been marked as a duplicate of 528 ***



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.