[Bug 3502] New: Include directives are processed regardless of the parent Match result
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Wed Nov 16 19:58:34 AEDT 2022
https://bugzilla.mindrot.org/show_bug.cgi?id=3502
Bug ID: 3502
Summary: Include directives are processed regardless of the
parent Match result
Product: Portable OpenSSH
Version: 9.1p1
Hardware: ARM64
OS: Mac OS X
Status: NEW
Severity: normal
Priority: P5
Component: ssh
Assignee: unassigned-bugs at mindrot.org
Reporter: alinmesser at hotmail.com
When adding Include directives within Match blocks they are carried out
regardless of whether the match is successful or not.
Sample ~/.ssh/config:
# Host *
# SendEnv LANG LC_*
# StrictHostKeyChecking no
# UserKnownHostsFile /dev/null
# LogLevel=ERROR
# AddressFamily inet
# ServerAliveInterval 100
# CheckHostIP no
# User root
#
# Match all
Match localuser myuser exec "[ true = false ]"
Include file1
Match localuser !myuser exec "[ true = false ]"
Include file2
...
Steps to reproduce:
myuser at thishost $ ssh -vvv myhost
OpenSSH_9.1p1, OpenSSL 1.1.1s 1 Nov 2022
debug1: Reading configuration data /Users/myuser/.ssh/config
debug2: checking match for 'localuser myuser exec "[ true = false ]"'
host myhost originally myhost
debug3: /Users/myuser/.ssh/config line 13: matched 'localuser "myuser"'
debug1: Executing command: '[ true = false ]'
debug3: command returned status 1
debug3: /Users/myuser/.ssh/config line 13: not matched 'exec "[ true =
false ]"'
debug2: match not found
debug3: /Users/myuser/.ssh/config line 14: Including file
/Users/myuser/.ssh/file1 depth 0 (parse only)
debug2: checking match for 'localuser !myuser exec "[ true = false ]"'
host myhost originally myhost
debug3: /Users/myuser/.ssh/config line 15: not matched 'localuser
"myuser"'
debug3: /Users/myuser/.ssh/config line 15: skipped exec "[ true = false
]"
debug2: match not found
debug3: /Users/myuser/.ssh/config line 16: Including file
/Users/myuser/.ssh/file2 depth 0 (parse only)
...
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list