upstream: Switch ssh_config parsing to use argv_split()

This fixes a couple of problems with the previous tokeniser,
strdelim()

1. strdelim() is permissive wrt accepting '=' characters. This is
  intended to allow it to tokenise "Option=value" but because it
  cannot keep state, it will incorrectly split "Opt=val=val2".
2. strdelim() has rudimentry handling of quoted strings, but it
  is incomplete and inconsistent. E.g. it doesn't handle escaped
  quotes inside a quoted string.
3. It has no support for stopping on a (unquoted) comment. Because
  of this readconf.c r1.343 added chopping of lines at '#', but
  this caused a regression because these characters may legitimately
  appear inside quoted strings.

The new tokeniser is stricter is a number of cases, including #1 above
but previously it was also possible for some directives to appear
without arguments. AFAIK these were nonsensical in all cases, and the
new tokeniser refuses to accept them.

The new code handles quotes much better, permitting quoted space as
well as escaped closing quotes. Finally, comment handling should be
fixed - the tokeniser will terminate only on unquoted # characters.

feedback & ok markus@

tested in snaps for the last five or so days - thanks Theo and those who
caught bugs

OpenBSD-Commit-ID: dc72fd12af9d5398f4d9e159d671f9269c5b14d5
This commit is contained in:
djm@openbsd.org 2021-06-08 07:07:15 +00:00 committed by Damien Miller
parent d786424986
commit ea9e45c89a
2 changed files with 273 additions and 152 deletions

File diff suppressed because it is too large Load Diff

9
ssh.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh.c,v 1.558 2021/06/04 05:02:40 djm Exp $ */ /* $OpenBSD: ssh.c,v 1.559 2021/06/08 07:07:15 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -504,6 +504,8 @@ resolve_canonicalize(char **hostp, int port)
} }
/* Attempt each supplied suffix */ /* Attempt each supplied suffix */
for (i = 0; i < options.num_canonical_domains; i++) { for (i = 0; i < options.num_canonical_domains; i++) {
if (strcasecmp(options.canonical_domains[i], "none") == 0)
break;
xasprintf(&fullhost, "%s.%s.", *hostp, xasprintf(&fullhost, "%s.%s.", *hostp,
options.canonical_domains[i]); options.canonical_domains[i]);
debug3_f("attempting \"%s\" => \"%s\"", *hostp, fullhost); debug3_f("attempting \"%s\" => \"%s\"", *hostp, fullhost);
@ -1335,8 +1337,11 @@ main(int ac, char **av)
/* reinit */ /* reinit */
log_init(argv0, options.log_level, options.log_facility, !use_syslog); log_init(argv0, options.log_level, options.log_facility, !use_syslog);
for (j = 0; j < options.num_log_verbose; j++) for (j = 0; j < options.num_log_verbose; j++) {
if (strcasecmp(options.log_verbose[j], "none") == 0)
break;
log_verbose_add(options.log_verbose[j]); log_verbose_add(options.log_verbose[j]);
}
if (options.request_tty == REQUEST_TTY_YES || if (options.request_tty == REQUEST_TTY_YES ||
options.request_tty == REQUEST_TTY_FORCE) options.request_tty == REQUEST_TTY_FORCE)