Attachment 1623 Details for Bug 1585 – Attached is a patch for an almost complete implementation. All that remains is the "file not readable is not an error" logic.

[patch] Attached is a patch for an almost complete implementation. All that remains is the "file not readable is not an error" logic.

openssh-include-w-error-not-readable.patch (text/plain), 5.17 KB, created by Gavin Beatty on 2009-04-02 21:29:47 AEDT

(hide)

Description:

Filename:

MIME Type:

Creator: Gavin Beatty

Created: 2009-04-02 21:29:47 AEDT

Size: 5.17 KB

patch

obsolete

>diff -rU8 openssh-5.2p1/readconf.c nonreentrant/readconf.c
>--- openssh-5.2p1/readconf.c	2009-02-14 05:28:21.000000000 +0000
>+++ nonreentrant/readconf.c	2009-03-25 11:33:44.000000000 +0000
>@@ -126,16 +126,17 @@
> 	oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
> 	oClearAllForwardings, oNoHostAuthenticationForLocalhost,
> 	oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout,
> 	oAddressFamily, oGssAuthentication, oGssDelegateCreds,
> 	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
> 	oSendEnv, oControlPath, oControlMaster, oHashKnownHosts,
> 	oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
> 	oVisualHostKey, oZeroKnowledgePasswordAuthentication,
>+	oInclude,
> 	oDeprecated, oUnsupported
> } OpCodes;
> 
> /* Textual representations of the tokens. */
> 
> static struct {
> 	const char *name;
> 	OpCodes opcode;
>@@ -229,16 +230,17 @@
> 	{ "permitlocalcommand", oPermitLocalCommand },
> 	{ "visualhostkey", oVisualHostKey },
> #ifdef JPAKE
> 	{ "zeroknowledgepasswordauthentication",
> 	    oZeroKnowledgePasswordAuthentication },
> #else
> 	{ "zeroknowledgepasswordauthentication", oUnsupported },
> #endif
>+	{ "include", oInclude },
> 
> 	{ NULL, oBadOption }
> };
> 
> /*
>  * Adds a local TCP/IP port forward to options.  Never returns if there is an
>  * error.
>  */
>@@ -909,16 +911,103 @@
> 	case oPermitLocalCommand:
> 		intptr = &options->permit_local_command;
> 		goto parse_flag;
> 
> 	case oVisualHostKey:
> 		intptr = &options->visual_host_key;
> 		goto parse_flag;
> 
>+	case oInclude:
>+		arg = strdelim(&s);
>+		if (!arg || *arg == '\0')
>+			fatal("%.200s line %d: Missing argument.", filename, linenum);
>+		char* newfile = NULL;
>+		/*
>+		 * expand "~/some/file" into "$HOME/some/file"
>+		 * expand "~username/some/file" into "$HOME/some/file" for username's
>+         * $HOME
>+		 * "~" on its own will not expand
>+		 */
>+		if(*arg == '~') {
>+			if(arg[1] == '/') {
>+				/* ~/some/file or ~/ case: */
>+
>+				/*
>+				 * get passwd entry for uid
>+				 */
>+				const uid_t uid = getuid();
>+				struct passwd *pwd = getpwuid(uid);
>+				if(!pwd)
>+					fatal("%.200s line %d: Couldn't get user info for uid \"%ld\": %s",
>+						filename, linenum, (const long)(uid), strerror(errno));
>+
>+				if(!pwd->pw_dir)
>+					fatal("%.200s line %d: Couldn't expand home directory for \"%s\"",
>+						filename, linenum, arg);
>+
>+				/*
>+				 * construct expanded string
>+				 */
>+				const size_t pwddirlen = strlen(pwd->pw_dir);
>+				newfile = (char*)( malloc(pwddirlen + 1 + strlen(arg)) );
>+				if(!newfile)
>+					abort();
>+				strcpy(newfile, pwd->pw_dir);
>+				strcpy(newfile + pwddirlen, arg+1);
>+			} else if(arg[1] != '\0') {
>+				/* ~username/ or ~username case: */
>+
>+				/*
>+				 * parse username portion
>+				 */
>+				unsigned int i;
>+				for(i = 1; arg[i] != '/' && arg[i] != '\0'; ++i) {}
>+				/* allocate for i-1 chars and 1 '\0' terminator */
>+				char *username = (char*)( malloc(i) );
>+				if(!username)
>+					abort();
>+				memset(username, 0, i);
>+				strncpy(username, arg+1, i-1);
>+
>+				/*
>+				 * get passwd entry
>+				 */
>+				struct passwd *pwd = getpwnam(username);
>+				if(!pwd)
>+					fatal("%.200s line %d: Couldn't get user info for username \"%s\": %s",
>+						filename, linenum, username, strerror(errno));
>+				free(username);
>+
>+				if(!pwd->pw_dir)
>+					fatal("%.200s line %d: Couldn't expand home directory for \"%s\"",
>+						filename, linenum, arg);
>+
>+				/*
>+				 * construct expanded string
>+				 */
>+				const size_t pwddirlen = strlen(pwd->pw_dir);
>+				newfile = (char*)( malloc(pwddirlen + 1 + strlen(arg)) );
>+				if(!newfile)
>+					abort();
>+				strcpy(newfile, pwd->pw_dir);
>+				strcpy(newfile + pwddirlen, arg+i);
>+			}
>+		}
>+		int ret;
>+		char* readfile = newfile ? newfile : arg;
>+		if((ret = (read_config_file(readfile, host, options, 1) ? 0 : -1)) != 0)
>+			error("%s line %d: Error reading Include file \"%s\".",
>+				filename, linenum, readfile);
>+		if(newfile)
>+			free(newfile);
>+		if(ret)
>+			return ret;
>+		break;
>+
> 	case oDeprecated:
> 		debug("%s line %d: Deprecated option \"%s\"",
> 		    filename, linenum, keyword);
> 		return 0;
> 
> 	case oUnsupported:
> 		error("%s line %d: Unsupported option \"%s\"",
> 		    filename, linenum, keyword);
>diff -rU8 openssh-5.2p1/ssh_config.5 nonreentrant/ssh_config.5
>--- openssh-5.2p1/ssh_config.5	2009-02-22 23:53:58.000000000 +0000
>+++ nonreentrant/ssh_config.5	2009-03-24 16:56:47.000000000 +0000
>@@ -572,16 +572,38 @@
> .Ql %h
> (remote host name) or
> .Ql %r
> (remote user name).
> .Pp
> It is possible to have
> multiple identity files specified in configuration files; all these
> identities will be tried in sequence.
>+.It Cm Include
>+Read the specified file as if its contents were pasted here.
>+Files of the form
>+.Dq ~/path/to/config
>+will expand to
>+.Dq $HOME/path/to/config
>+where
>+.Dq $HOME
>+is the user's home directoy.
>+Files of the form
>+.Dq ~username/path/to/config
>+will expand to
>+.Dq $HOME/path/to/config
>+where
>+.Dq $HOME
>+is
>+.Dq username
>+\'s home directory.
>+A single
>+.Dq ~
>+will not expand at all.
>+Bad error counts are unique to each configuration file.
> .It Cm KbdInteractiveAuthentication
> Specifies whether to use keyboard-interactive authentication.
> The argument to this keyword must be
> .Dq yes
> or
> .Dq no .
> The default is
> .Dq yes .
>Only in nonreentrant/: tags

Actions: View | Diff

Attachments on bug 1585: 1623 | 2274 | 2647 | 2790 | 2859