Hi,
There's a nasty bug in auth-open.c that causes all options in a line
of authorized_keys to be applied to all subsequent lines without
options.
IMNSHO this clearly shows the evil of global variables, and using
extern whatever as a means of information sharing.
Cheers,
Han Holl
--- auth-options.c.orig Fri Feb 9 14:14:51 2001
+++ auth-options.c Fri Feb 9 14:18:43 2001
@@ -57,11 +57,12 @@
auth_parse_options(struct passwd *pw, char *options, unsigned long linenum)
{
const char *cp;
- if (!options)
- return 1;
/* reset options */
auth_clear_options();
+
+ if (!options)
+ return 1;
while (*options && *options != ' ' && *options !=
'\t') {
cp = "no-port-forwarding";
On Fri, Feb 09, 2001 at 02:31:25PM +0100, Han Holl wrote:> There's a nasty bug in auth-open.c that causes all options in a line > of authorized_keys to be applied to all subsequent lines without > options.thanks.> IMNSHO this clearly shows the evil of global variables, and using > extern whatever as a means of information sharing.sure, you are right, but there are many more things to fix in the code and nobody bothered to remove all the globals inherited from ssh-1.2.12. -m
Apparently Analagous Threads
- [ossh patch] principal name/patterns in authorized_keys2
- PATCH: krb4/krb5/... names/patterns in auth_keys entries
- Patch: 3.0.1p1: rename a conflicting variable
- PATCH: log key fingerprint upon successful login
- Patch logging comment field of authorized key being used