ProxyCommand not working if $SHELL not defined

Thu Sep 17 22:47:19 EST 2009

Ok, but the case with a not valid shell (non executable)
is not covered.
It is also a user (or sysadm) fault, though, if SHELL is not
properly set.

Bye.

2009/9/17 Damien Miller <djm at mindrot.org>:
> On Thu, 17 Sep 2009, Antonio Mignolli wrote:
>
>> Maybe the mailing list cuts the attachments.
>
> Yes, we strip pretty much everything but text/plain to avoid spam and
> malware.
>
>> patch.openssh-5.2p1.SHELLfix:
>>
>> 8<-----------------------------------------------------------------
>> Common subdirectories: openssh-5.2p1/contrib and openssh-5.2p1.new/contrib
>> diff -NupwB openssh-5.2p1/misc.c openssh-5.2p1.new/misc.c
>> --- openssh-5.2p1/misc.c      2009-02-21 22:47:02.000000000 +0100
>> +++ openssh-5.2p1.new/misc.c  2009-09-16 02:21:11.000000000 +0200
>> @@ -849,3 +849,29 @@ ms_to_timeval(struct timeval *tv, int ms
>>       tv->tv_usec = (ms % 1000) * 1000;
>>  }
>>
>> +/*
>> + * Get shell from env or use default '/bin/sh'
>> + */
>> +char *
>> +get_shell_from_env()
>
> ...
>
> I think that this is quite overcomplicated. This is probably sufficient.
>
> Index: sftp.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/ssh/sftp.c,v
> retrieving revision 1.111
> diff -u -p -r1.111 sftp.c
> --- sftp.c      18 Aug 2009 18:36:21 -0000      1.111
> +++ sftp.c      17 Sep 2009 12:26:04 -0000
> @@ -236,7 +236,7 @@ local_do_shell(const char *args)
>        if (!*args)
>                args = NULL;
>
> -       if ((shell = getenv("SHELL")) == NULL)
> +       if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
>                shell = _PATH_BSHELL;
>
>        if ((pid = fork()) == -1)
> Index: sshconnect.c
> ===================================================================
> RCS file: /cvs/src/usr.bin/ssh/sshconnect.c,v
> retrieving revision 1.214
> diff -u -p -r1.214 sshconnect.c
> --- sshconnect.c        28 May 2009 16:50:16 -0000      1.214
> +++ sshconnect.c        17 Sep 2009 12:26:05 -0000
> @@ -76,7 +76,7 @@ ssh_proxy_connect(const char *host, u_sh
>        pid_t pid;
>        char *shell, strport[NI_MAXSERV];
>
> -       if ((shell = getenv("SHELL")) == NULL)
> +       if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
>                shell = _PATH_BSHELL;
>
>        /* Convert the port number into a string. */
> @@ -1148,7 +1148,7 @@ ssh_local_cmd(const char *args)
>            args == NULL || !*args)
>                return (1);
>
> -       if ((shell = getenv("SHELL")) == NULL)
> +       if ((shell = getenv("SHELL")) == NULL || *shell == '\0')
>                shell = _PATH_BSHELL;
>
>        pid = fork();
>