[Bug 3423] New: Regression in ProxyJump functionality since 8.7p1
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Apr 15 05:40:52 AEST 2022
https://bugzilla.mindrot.org/show_bug.cgi?id=3423
Bug ID: 3423
Summary: Regression in ProxyJump functionality since 8.7p1
Product: Portable OpenSSH
Version: 8.9p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: minor
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: kellenhfox at gmail.com
Hello folks,
I for a number of years have had a reasonably complicated ssh config
that heavily used ProxyJump. I noticed that this broke a while back,
but only recently had the time to dig in and try and figure out what
the cause was.
Basically I was using the fact that ProxyJump was turned into a
ProxyCommand to inject some amount of shell scripting to template out
the destination of my ProxyJump
An example that shows the error is as follows
```
Host ?m* ??m* ???m*
ProxyJump $(echo %h|grep -oE '[0-9]+'|head -1).ssh.my.org
```
This would turn a command to ssh into `7m123` into `ssh -J 7.ssh.my.org
7m123`
My bisecting leads me to believe that this change was part of
dc72fd12af9d5398f4d9e159d671f9269c5b14d5
Specifically with the addition of the following to the parse_jump
function in readconf.c
```
/* Remove comment and trailing whitespace */
if ((cp = strchr(orig, '#')) != NULL)
*cp = '\0';
rtrim(orig);
```
So questions here is: Was my abuse of the ProxyJump directive wrong or
Should the parsing of the ProxyJump directive allow arbitrary content
including spaces to be passed along?
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list