search for: strdelim

https://bugzilla.mindrot.org/show_bug.cgi?id=1757 Summary: strdelim has a bug caused only one user with quote Product: Portable OpenSSH Version: 5.4p1 Platform: Other OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: unassigned-bug...

Could people please test -current? We will be making a release fairly soon. -d -- | By convention there is color, \\ Damien Miller <djm at mindrot.org> | By convention sweetness, By convention bitterness, \\ www.mindrot.org | But in reality there are atoms and space - Democritus (c. 400 BCE)

https://bugzilla.mindrot.org/show_bug.cgi?id=3474 Bug ID: 3474 Summary: ssh_config can escape double quotes with a backslash Product: Portable OpenSSH Version: v9.0p1 Hardware: Other OS: Linux Status: NEW Severity: enhancement Priority: P5 Component: ssh Assignee:

Hello, I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1 concerning the AFS token forwarding. That means that the new versions are not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this problem already existed in Openssh 2.9.9p1, but I have never used this version (I only looked at the

...yusers", oControlDenyUsers }, + { "controlallowgroups", oControlAllowUsers }, + { "controldenygroups", oControlDenyGroups }, { "hashknownhosts", oHashKnownHosts }, { NULL, oBadOption } }; @@ -790,6 +796,17 @@ } break; + case oControlBindMask: + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing ControlBindMask argument.", + filename, linenum); + value = strtol(arg, &endofnumber, 0); + if (*endofnumber != '\0' || value < 0 || value > 0777) + fatal("%.200s line %d: Bad...

...f.c. As a result, ssh crashes on strlen(string) when it parses this option. --- readconf.c:X Mon Aug 6 23:35:52 2001 +++ readconf.c Wed Aug 15 16:11:44 2001 @@ -475,6 +475,7 @@ case oProxyCommand: charptr = &options->proxy_command; + string = xstrdup(""); while ((arg = strdelim(&s)) != NULL && *arg != '\0') { string = xrealloc(string, strlen(string) + strlen(arg) + 2); strcat(string, " "); --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assim...

...sPubkeyDenyGroups }, { NULL, sBadOption } }; @@ -751,6 +760,43 @@ fatal("%s line %d: too many deny groups.", filename, linenum); options->deny_groups[options->num_deny_groups++] = xstrdup(arg); + } + break; + + + case sPubkeyAllowUsers: + while ((arg = strdelim(&cp)) && *arg != '\0') { + if (options->num_pkey_allow_users >= MAX_ALLOW_USERS) + fatal("%s line %d: too many public key allow users.", + filename, linenum); + options->pkey_allow_users[options->num_pkey_allow_users++] = xstrdup(arg); +...

...users", sDenyUsers }, + { "chrootusers", sChrootUsers }, { "allowgroups", sAllowGroups }, { "denygroups", sDenyGroups }, { "ciphers", sCiphers }, @@ -779,6 +780,16 @@ } break; + case sChrootUsers: + while ((arg = strdelim(&cp)) && *arg != '\0') { + if (options->num_chroot_users >= MAX_CHROOT_USERS) + fatal( "%s line %d: too many chroot users.", + filename, linenum); + op...

Hello! I'm hoping that Gmail won't HTML format this mail so that I'll get flamed :) Anyway, my question relates to ssh_config. The problem I find is that the Host pattern is only applied to the argument given on the command line, as outlined in the man page: "The host is the hostname argument given on the command line (i.e. the name is not converted to a canonicalized host name

This patch series consists of minor fixes and cleanups I made during update to openssh V_4_6 branch. openssh/auth-pam.c | 9 ++++----- openssh/auth2.c | 2 -- openssh/readconf.c | 7 ++++--- openssh/servconf.c | 14 ++++++++------ openssh/sftp-server.c | 9 ++++++--- openssh/sshd.c | 2 +- 6 files changed, 23 insertions(+), 20 deletions(-) -- ldv

...rofpasswordprompts", oNumberOfPasswordPrompts }, { "loglevel", oLogLevel }, + { "pkalgorithms", oPKAlgorithms }, { NULL, 0 } }; *************** *** 516,521 **** --- 518,532 ---- options->macs = xstrdup(arg); break; + case oPKAlgorithms: + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing argument.", filename, linenum); + /* XXX validate pkalg list? */ + if (*activep && options->pkalgorithms == NULL) + options->pkalgorithms = xstrdup(arg); + break; + case oProtocol...

...-550,6 +558,8 @@ int result = 1; char *arg, *attrib, *cp = *condition; size_t len; + int not = 0; + char* notstr; if (user == NULL) debug3("checking syntax for 'Match %s'", cp); @@ -559,6 +569,13 @@ address ? address : "(null)"); while ((attrib = strdelim(&cp)) && *attrib != '\0') { + while(*attrib == '!') { /* Parse a '!' to mean invert the condition */ + not ^= 1; + attrib++; + } + if(*attrib == '\0') /* Maybe a ! was followed by white space */ + continue; + notstr = not ? "!" : &qu...

...+ { "pkalg", oPkalg }, { "protocol", oProtocol }, { "remoteforward", oRemoteForward }, { "localforward", oLocalForward }, *************** *** 516,521 **** --- 518,534 ---- options->macs = xstrdup(arg); break; + case oPkalg: + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (!pkalg_valid(arg)) + fatal("%.200s line %d: Bad SSH2 PKalg spec '%s'.", + filename, linenum, arg ? arg : "<NONE>"); +...

...}, { "uselogin", sUseLogin }, { "randomseed", sRandomSeedFile }, + { "prngcommandfile", sPrngCommandFile }, { "keepalive", sKeepAlives }, { "allowusers", sAllowUsers }, { "denyusers", sDenyUsers }, @@ -406,6 +410,10 @@ arg = strdelim(&cp); break; + case sPrngCommandFile: + charptr = &ssh_prng_command_file; /* globally def in ssh.h */ + goto parse_filename; + case sPermitRootLogin: intptr = &options->permit_root_login; arg = strdelim(&cp); diff -ur openssh-SNAP-20000823.orig/ssh.1 ope...

...or www.openssh.com. How do I submit a patch to it? - Dave Dykstra --- readconf.c.O Fri Oct 26 10:45:15 2001 +++ readconf.c Fri Oct 26 11:42:22 2001 @@ -296,28 +296,44 @@ /* NOTREACHED */ case oForwardAgent: intptr = &options->forward_agent; -parse_flag: +parse_yesnowarn: arg = strdelim(&s); if (!arg || *arg == '\0') - fatal("%.200s line %d: Missing yes/no argument.", filename, linenum); + fatal("%.200s line %d: Missing yes/no/warn argument.", + filename, linenum); value = 0; /* To avoid compiler warning... */ if (strcmp(arg, &q...

...NumberOfPasswordPrompts }, { "loglevel", oLogLevel }, { "dynamicforward", oDynamicForward }, @@ -394,6 +396,42 @@ intptr = &options->keepalives; goto parse_flag; + case oBogusTrafficIntervalMax: + intptr = &options->bogus_traffic_interval_max; + arg = strdelim(&s); + if (!arg || *arg == '\0') + fatal("%.200s line %d: Missing argument.", filename, linenum); + if (arg[0] < '0' || arg[0] > '9') + fatal("%.200s line %d: Bad number.", filename, linenum); + + /* Octal, decimal, or hex format? */ + v...

...unt; +} + struct passwd * pwcopy(struct passwd *pw) { diff -u -r openssh-3.8p1/misc.h openssh-3.8p1-localbind/misc.h --- openssh-3.8p1/misc.h 2003-08-24 18:16:21.000000000 -0700 +++ openssh-3.8p1-localbind/misc.h 2004-08-05 11:02:08.916639344 -0700 @@ -14,6 +14,7 @@ char *chop(char *); char *strdelim(char **); +int strcount( char *, char ); void set_nonblock(int); void unset_nonblock(int); void set_nodelay(int); diff -u -r openssh-3.8p1/readconf.c openssh-3.8p1-localbind/readconf.c --- openssh-3.8p1/readconf.c 2004-08-05 08:59:24.775159000 -0700 +++ openssh-3.8p1-localbind/readconf.c 200...

...4,36 @@ if (options->num_allow_users >= MAX_ALLOW_USERS) fatal("%s line %d: too many allow users.", filename, linenum); options->allow_users[options->num_allow_users++] = xstrdup(arg); } break; + case sAllowUsersFixedname: + while ((arg = strdelim(&cp)) && *arg != '\0') { + if (options->num_allow_users_fixedname >= MAX_ALLOW_USERS) + fatal("%s line %d: too many allow users (fixedname).", + filename, linenum); + options->allow_users_fixedname[options->num_allow_users_fixedname++] = +...

...ups }, { "banner", sBanner }, { "verifyreversemapping", sVerifyReverseMapping }, @@ -835,6 +840,10 @@ options->num_subsystems++; break; + case sCheckMaxStartups: + intptr = &options->check_max_startups; + goto_parse_flag; + case sMaxStartups: arg = strdelim(&cp); if (!arg || *arg == '\0') --- sshd.8 2002/05/29 03:50:10 1.1 +++ sshd.8 2002/05/29 03:54:38 @@ -656,6 +656,11 @@ Multiple algorithms must be comma-separated. The default is .Dq hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 . +.It Cm CheckMaxStartups +Specifies w...

Hi, sorry if it is the wrong approuch to suggest improvments to OpenSSH, but here comes my suggestion: I recently stumbled upon the scponly shell which in it's chroot:ed form is an ideal solution when you want to share some files with people you trust more or less. The problem is, if you use the scponlyc as shell, port forwarding is still allowed. This can of course be dissallowed in