[Bug 1918] New: match_pattern_list fails for negated failure

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Wed Jul 6 02:10:13 EST 2011


             Bug #: 1918
           Summary: match_pattern_list fails for negated failure
    Classification: Unclassified
           Product: Portable OpenSSH
           Version: 5.8p2
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: sshd
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: robin at reportlab.com

Created attachment 2061
  --> https://bugzilla.mindrot.org/attachment.cgi?id=2061
patch to fix the 'bug'

The code in match_pattern_list will never return 1 for a pattern with
all negated entries. In particular this match line can never succeed

Match User !adminguy Group sftponly

The problem is that the code at match.c line 157 only tests for
negation in the case of successful matching. In this case we want the
User test to succeed if the user is not adminguy. That can happen if
the code is patched to set get_positive if a failed match is negated.
The attached trivial patch does that.

Of course I am making the rather feeble assumption that

negated failure == true

Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.

More information about the openssh-bugs mailing list