Page MenuHomePhabricator

Match exec with arguments breaks .ssh/config parse
Closed, ResolvedPublic

Description

Hello,

Match exec can use commands with arguments. LibSSH used to accept (ignore?) Match exec with arguments
but now libssh4-0.8.7-2.2.x86_64 (OpenSUSE Tumbleweed) fails to parse config and aborts.

This is accepted:

Match exec /bin/true
    RemoteCommand none

While this fails to parse with ssh_options_parse_config():

Match exec /bin/true 1
    RemoteCommand none

Event Timeline

luizluca created this task.Jun 6 2019, 10:02 PM
Jakuje added a subscriber: Jakuje.Jun 13 2019, 4:52 PM

If I read correctly the manual page for ssh_config, your example is invalid:

The exec keyword executes the specified command under the user's shell. If the command returns a zero exit status then the condition is considered true. Commands containing whitespace characters must be quoted.
Arguments to exec accept the tokens described in the TOKENS section.

This means if your command that you mean to execute is /bin/true and 1 is invalid match keyword. You should be able to see an error like this:

ERROR - Unknown argument '1' for Match keyword

The configuration for running /bin/true 1 should look like this:

Match exec "/bin/true 1"

Only this way, the keywords following the Match block can be combined to use multiple keywords on one line, without the exec eating the whole line.

But anyway the parsing of the quoted command does not work at this moment either so I will try to have a look into that.

asn closed this task as Resolved.Jun 14 2019, 12:02 PM
asn claimed this task.