Feature request/EOI: Match interactive config?

openssh at tr.id.au openssh at tr.id.au
Mon May 6 13:40:22 AEST 2024


Hey Damien,

> Would something like this help?
> 
> Match sessiontype shell
> User foo
> Match remotecommand "none"
> User foo2
> Match sessiontype exec remotecommand "/rsync"
> User bar
> Match sessiontype subsystem remotecommand "sftp"
> User baz
> 
> 
> diff --git a/readconf.c b/readconf.c
> <snip>

Thanks for looking into it, much appreciated. I think it's looking on the right track, but after applying the patch locally to test it, openssh-portable ceases to compile:

```
cc -g -O2 -pipe -Wno-error=format-truncation -Wall -Wextra -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-parameter -Wno-unused-result -Wimplicit-fallthrough -Wmisleading-indentation -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fzero-call-used-regs=used -ftrivial-auto-var-init=zero -fno-builtin-memset -fstack-protector-strong -fPIE   -I. -I.  -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_GNU_SOURCE -DOPENSSL_API_COMPAT=0x10100000L  -DSSHDIR=\"/usr/local/etc\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_SK_HELPER=\"/usr/local/libexec/ssh-sk-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c session.c -o session.o
ranlib libssh.a
readconf.c:1033:1: error: conflicting types for ‘process_config_line’; have ‘int(Options *, struct passwd *, const char *, const char *, char *, const char *, int,  int *, int)’
 1033 | process_config_line(Options *options, struct passwd *pw, const char *host,
      | ^~~~~~~~~~~~~~~~~~~
In file included from readconf.c:66:
readconf.h:243:10: note: previous declaration of ‘process_config_line’ with type ‘int(Options *, struct passwd *, const char *, const char *, struct sshbuf *, char *, const char *, int,  int *, int)’
  243 | int      process_config_line(Options *, struct passwd *, const char *,
      |          ^~~~~~~~~~~~~~~~~~~
...
cc -g -O2 -pipe -Wno-error=format-truncation -Wall -Wextra -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -Wsizeof-pointer-memaccess -Wno-pointer-sign -Wno-unused-parameter -Wno-unused-result -Wimplicit-fallthrough -Wmisleading-indentation -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -ftrapv -fzero-call-used-regs=used -ftrivial-auto-var-init=zero -fno-builtin-memset -fstack-protector-strong -fPIE   -I. -I.  -D_XOPEN_SOURCE=600 -D_BSD_SOURCE -D_DEFAULT_SOURCE -D_GNU_SOURCE -DOPENSSL_API_COMPAT=0x10100000L  -DSSHDIR=\"/usr/local/etc\" -D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\" -D_PATH_SSH_ASKPASS_DEFAULT=\"/usr/local/libexec/ssh-askpass\" -D_PATH_SFTP_SERVER=\"/usr/local/libexec/sftp-server\" -D_PATH_SSH_KEY_SIGN=\"/usr/local/libexec/ssh-keysign\" -D_PATH_SSH_PKCS11_HELPER=\"/usr/local/libexec/ssh-pkcs11-helper\" -D_PATH_SSH_SK_HELPER=\"/usr/local/libexec/ssh-sk-helper\" -D_PATH_SSH_PIDDIR=\"/var/run\" -D_PATH_PRIVSEP_CHROOT_DIR=\"/var/empty\" -DHAVE_CONFIG_H -c auth2-hostbased.c -o auth2-hostbased.o
readconf.c:2431:1: error: conflicting types for ‘read_config_file’; have ‘int(const char *, struct passwd *, const char *, const char *, Options *, int,  int *)’
 2431 | read_config_file(const char *filename, struct passwd *pw, const char *host,
      | ^~~~~~~~~~~~~~~~
readconf.h:245:10: note: previous declaration of ‘read_config_file’ with type ‘int(const char *, struct passwd *, const char *, const char *, struct sshbuf *, Options *, int,  int *)’
  245 | int      read_config_file(const char *, struct passwd *, const char *,
      |          ^~~~~~~~~~~~~~~~
```

I think there could be something incorrect about those lines changed in readconf.h?

~ Tim



More information about the openssh-unix-dev mailing list