Michael Barabanov
2008-Aug-19 18:37 UTC
fixed: [patch] fix to ForceCommand to support additional arguments to internal-sftp
The previous version broke the case of internal-sftp without arguments. This
is a fixed version.
--- /var/tmp/session.c 2008-08-18 21:07:10.000000000 -0700
+++ session.c 2008-08-19 11:28:29.000000000 -0700
@@ -781,7 +781,7 @@
if (options.adm_forced_command) {
original_command = command;
command = options.adm_forced_command;
- if (strcmp(INTERNAL_SFTP_NAME, command) == 0)
+ if (strcmp(INTERNAL_SFTP_NAME, command) == 0 ||
strncmp(INTERNAL_SFTP_NAME, command, strlen(INTERNAL_SFTP_NAME)) == 0 &&
isspace(command[strlen(INTERNAL_SFTP_NAME)]))
s->is_subsystem = SUBSYSTEM_INT_SFTP;
else if (s->is_subsystem)
s->is_subsystem = SUBSYSTEM_EXT;
@@ -789,7 +789,7 @@
} else if (forced_command) {
original_command = command;
command = forced_command;
- if (strcmp(INTERNAL_SFTP_NAME, command) == 0)
+ if (strcmp(INTERNAL_SFTP_NAME, command) == 0 ||
strncmp(INTERNAL_SFTP_NAME, command, strlen(INTERNAL_SFTP_NAME)) == 0 &&
isspace(command[strlen(INTERNAL_SFTP_NAME)]))
s->is_subsystem = SUBSYSTEM_INT_SFTP;
else if (s->is_subsystem)
s->is_subsystem = SUBSYSTEM_EXT;
Damien Miller
2008-Aug-20 00:32 UTC
fixed: [patch] fix to ForceCommand to support additional arguments to internal-sftp
On Tue, 19 Aug 2008, Michael Barabanov wrote:> The previous version broke the case of internal-sftp without arguments. This > is a fixed version.How about this: Index: session.c ==================================================================RCS file: /cvs/src/usr.bin/ssh/session.c,v retrieving revision 1.241 diff -u -p -r1.241 session.c --- session.c 16 Jun 2008 13:22:53 -0000 1.241 +++ session.c 20 Aug 2008 00:32:11 -0000 @@ -87,6 +87,12 @@ #include <kafs.h> #endif +#define IS_INTERNAL_SFTP(c) \ + (!strncmp(c, INTERNAL_SFTP_NAME, sizeof(INTERNAL_SFTP_NAME) - 1) && \ + (c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\0' || \ + c[sizeof(INTERNAL_SFTP_NAME) - 1] == ' ' || \ + c[sizeof(INTERNAL_SFTP_NAME) - 1] == '\t')) + /* func */ Session *session_new(void); @@ -701,7 +707,7 @@ do_exec(Session *s, const char *command) if (options.adm_forced_command) { original_command = command; command = options.adm_forced_command; - if (strcmp(INTERNAL_SFTP_NAME, command) == 0) + if (IS_INTERNAL_SFTP(command)) s->is_subsystem = SUBSYSTEM_INT_SFTP; else if (s->is_subsystem) s->is_subsystem = SUBSYSTEM_EXT; @@ -709,7 +715,7 @@ do_exec(Session *s, const char *command) } else if (forced_command) { original_command = command; command = forced_command; - if (strcmp(INTERNAL_SFTP_NAME, command) == 0) + if (IS_INTERNAL_SFTP(command)) s->is_subsystem = SUBSYSTEM_INT_SFTP; else if (s->is_subsystem) s->is_subsystem = SUBSYSTEM_EXT;
Reasonably Related Threads
- [patch] fix to ForceCommand to support additional arguments to internal-sftp
- [Bug 1599] New: "ForceCommand internal-sftp" not working as expected
- New Subsystem criteria for Match option block in OpenSSH server
- [Bug 1606] New: internal-sftp does not drop conections properly, it will hang
- Disabling ForceCommand in a Match block