Bugzilla – Attachment 2839 Details for
Bug 2103
remote command as an option in ssh_config
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
RemoteCommand for openssh-7.2_p2
remotecommand.patch (text/plain), 6.38 KB, created by
main.haarp
on 2016-06-17 18:16:00 AEST
(
hide
)
Description:
RemoteCommand for openssh-7.2_p2
Filename:
MIME Type:
Creator:
main.haarp
Created:
2016-06-17 18:16:00 AEST
Size:
6.38 KB
patch
obsolete
>diff -W 119 -Naupr /tmp/openssh-7.2p2/readconf.c ./readconf.c >--- a/readconf.c 2016-06-17 09:16:36.000000000 +0200 >+++ b/readconf.c 2016-06-17 09:24:19.552589577 +0200 >@@ -159,6 +159,7 @@ typedef enum { > oStreamLocalBindMask, oStreamLocalBindUnlink, oRevokedHostKeys, > oFingerprintHash, oUpdateHostkeys, oHostbasedKeyTypes, > oPubkeyAcceptedKeyTypes, >+ oRemoteCommand, > oIgnoredUnknownOption, oDeprecated, oUnsupported > } OpCodes; > >@@ -281,6 +282,7 @@ static struct { > { "hostbasedkeytypes", oHostbasedKeyTypes }, > { "pubkeyacceptedkeytypes", oPubkeyAcceptedKeyTypes }, > { "ignoreunknown", oIgnoreUnknown }, >+ { "remotecommand", oRemoteCommand }, > > { NULL, oBadOption } > }; >@@ -1399,6 +1401,10 @@ parse_keytypes: > charptr = &options->local_command; > goto parse_command; > >+ case oRemoteCommand: >+ charptr = &options->remote_command; >+ goto parse_command; >+ > case oPermitLocalCommand: > intptr = &options->permit_local_command; > goto parse_flag; >@@ -1708,6 +1714,7 @@ initialize_options(Options * options) > options->tun_remote = -1; > options->local_command = NULL; > options->permit_local_command = -1; >+ options->remote_command = NULL; > options->add_keys_to_agent = -1; > options->visual_host_key = -1; > options->ip_qos_interactive = -1; >diff -W 119 -Naupr /tmp/openssh-7.2p2/readconf.h ./readconf.h >--- a/readconf.h 2016-06-17 09:16:36.000000000 +0200 >+++ b/readconf.h 2016-06-17 09:24:51.745923019 +0200 >@@ -135,6 +135,7 @@ typedef struct { > > char *local_command; > int permit_local_command; >+ char *remote_command; > int visual_host_key; > > int request_tty; >diff -W 119 -Naupr /tmp/openssh-7.2p2/regress/Makefile ./regress/Makefile >--- a/regress/Makefile 2016-03-09 19:04:48.000000000 +0100 >+++ b/regress/Makefile 2016-06-17 09:37:24.129258893 +0200 >@@ -75,7 +75,9 @@ LTESTS= connect \ > keygen-knownhosts \ > hostkey-rotate \ > principals-command \ >- cert-file >+ cert-file \ >+ remotecommand \ >+ remote_host_expand > > > # dhgex \ >diff -W 119 -Naupr /tmp/openssh-7.2p2/regress/remotecommand.sh ./regress/remotecommand.sh >--- a/regress/remotecommand.sh 1970-01-01 01:00:00.000000000 +0100 >+++ b/regress/remotecommand.sh 2016-06-17 09:41:16.225926343 +0200 >@@ -0,0 +1,33 @@ >+# $OpenBSD: Exp $ >+# Placed in the Public Domain. >+ >+tid="remotecommand" >+ >+echo "RemoteCommand touch $OBJ/remote_test" >> $OBJ/ssh_proxy >+ >+for p1 in disabled enabled; do >+ for p in 1 2; do >+ verbose "test $tid: proto $p remotecommand cmd override. $p1" >+ ${SSH} -F $OBJ/ssh_proxy -$p somehost touch $OBJ/remote_command_tt >+ if [ -f $OBJ/remote_test ] ; then >+ fail "$tid proto $p cmd override failed" >+ fi >+ if [ ! -f $OBJ/remote_command_tt ] ; then >+ fail "$tid proto $p cmd override no cmdline" >+ fi >+ [ -f $OBJ/remote_test ] && rm $OBJ/remote_test >+ [ -f $OBJ/remote_command_tt ] && rm $OBJ/remote_command_tt >+ done >+ echo 'PermitRemoteCommand yes' >> $OBJ/ssh_proxy >+done >+ >+ >+for p in 1 2; do >+ verbose "test $tid: proto $p remotecommand cmd override" >+ ${SSH} -F $OBJ/ssh_proxy -$p somehost >+ if [ ! -f $OBJ/remote_test ] ; then >+ fail "$tid proto $p" >+ else >+ rm $OBJ/remote_test >+ fi >+done >diff -W 119 -Naupr /tmp/openssh-7.2p2/regress/remote_host-expand.sh ./regress/remote_host-expand.sh >--- a/regress/remote_host-expand.sh 1970-01-01 01:00:00.000000000 +0100 >+++ b/regress/remote_host-expand.sh 2016-06-17 09:41:25.409259708 +0200 >@@ -0,0 +1,16 @@ >+# Placed in the Public Domain. >+ >+tid="remote expand %h and %n" >+ >+echo 'PermitRemoteCommand yes' >> $OBJ/ssh_proxy >+echo "RemoteCommand echo \"%n %h\" > $OBJ/actual" >> $OBJ/ssh+ if [ -f $OBJ/remote_test ] ; then >+ fail "$tid proto $p cmd override failed" >+ fi >+ if [ ! -f $OBJ/remote_command_tt ] ; then >+ fail "$tid proto $p cmd override no cmdline" >+ fi >+ [ -f $OBJ/remote_test ] && rm $OBJ/remote_test >+ [ -f $OBJ/remote_command_tt ] && rm $OBJ/remote_command_tt >+ done >+ echo 'PermitRemoteCommand yes' >> $OBJ/ssh_proxy >+done >diff -W 119 -Naupr /tmp/openssh-7.2p2/ssh.1 ./ssh.1 >--- a/ssh.1 2016-06-17 09:16:36.000000000 +0200 >+++ b/ssh.1 2016-06-17 09:26:04.992589933 +0200 >@@ -525,6 +525,7 @@ For full details of the options listed b > .It PubkeyAcceptedKeyTypes > .It PubkeyAuthentication > .It RekeyLimit >+.It RemoteCommand > .It RemoteForward > .It RequestTTY > .It RhostsRSAAuthentication >diff -W 119 -Naupr /tmp/openssh-7.2p2/ssh.c ./ssh.c >--- a/ssh.c 2016-06-17 09:16:36.000000000 +0200 >+++ b/ssh.c 2016-06-17 09:31:41.212591068 +0200 >@@ -1110,7 +1120,8 @@ main(int ac, char **av) > tty_flag = 1; > > /* Allocate a tty by default if no command specified. */ >- if (buffer_len(&command) == 0) >+ if (buffer_len(&command) == 0 || (options.remote_command != NULL && >+ !subsystem_flag)) > tty_flag = options.request_tty != REQUEST_TTY_NO; > > /* Force no tty */ >@@ -1165,6 +1169,20 @@ main(int ac, char **av) > free(cp); > } > >+ if (options.remote_command != NULL && !subsystem_flag && >+ buffer_len(&command) == 0) { >+ debug3("expanding RemoteCommand: %s", options.local_command); >+ cp = options.remote_command; >+ options.remote_command = percent_expand(cp, >+ "h", host, "l", thishost, "n", host_arg, "r", options.user, >+ "p", portstr, "u", pw->pw_name, "L", shorthost, >+ (char *)NULL); >+ buffer_append(&command, options.remote_command, >+ strlen(options.remote_command)); >+ debug3("expanded RemoteCommand: %s", options.remote_command); >+ free(cp); >+ } >+ > if (options.control_path != NULL) { > cp = tilde_expand_filename(options.control_path, > original_real_uid); >diff -W 119 -Naupr /tmp/openssh-7.2p2/ssh_config.5 ./ssh_config.5 >--- a/ssh_config.5 2016-06-17 09:16:36.000000000 +0200 >+++ b/ssh_config.5 2016-06-17 09:36:38.839258740 +0200 >@@ -1373,6 +1373,26 @@ is > .Dq default none , > which means that rekeying is performed after the cipher's default amount > of data has been sent or received and no time based rekeying is done. >+.It Cm RemoteCommand >+Specifies the command that will be executed on the remote machine. >+The following escape character substitutions will be performed: >+.Ql %h >+(remote host name), >+.Ql %l >+(local host name), >+.Ql %n >+(host name as provided on the command line), >+.Ql %p >+(remote port), >+.Ql %r >+(remote user name) or >+.Ql %u >+(local user name). >+.Pp >+Specifing a command on the >+.Xr ssh 1 >+command line will disable the >+.Cm RemoteCommand > .It Cm RemoteForward > Specifies that a TCP port on the remote machine be forwarded over > the secure channel to the specified host and port from the local machine.
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 2103
:
2348
|
2349
|
2350
| 2839 |
3067