Bugzilla – Attachment 3384 Details for
Bug 3122
New Include functionality does not work as documented
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
servconf: Unbreak match blocks in included files
file_3122.txt (text/plain), 15.43 KB, created by
Jakub Jelen
on 2020-04-17 21:52:03 AEST
(
hide
)
Description:
servconf: Unbreak match blocks in included files
Filename:
MIME Type:
Creator:
Jakub Jelen
Created:
2020-04-17 21:52:03 AEST
Size:
15.43 KB
patch
obsolete
>commit 828c71733a4bb10681789e6361db2b83b3348a2b >Author: Jakub Jelen <jjelen@redhat.com> >Date: Fri Apr 17 13:42:32 2020 +0200 > > servconf: Unbreak match blocks in included files > >diff --git a/servconf.c b/servconf.c >index fb0de9d9..fdc0f28a 100644 >--- a/servconf.c >+++ b/servconf.c >@@ -1304,7 +1304,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > cmdline = 1; > activep = &cmdline; > } >- if (*activep && opcode != sMatch && opcode != sInclude) >+ if (*activep == 1 && opcode != sMatch && opcode != sInclude) > debug3("%s:%d setting %s %s", filename, linenum, arg, cp); > if (*activep == 0 && !(flags & SSHCFG_MATCH)) { > if (connectinfo == NULL) { >@@ -1353,7 +1353,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if ((value = convtime(arg)) == -1) > fatal("%s line %d: invalid time value.", > filename, linenum); >- if (*activep && *intptr == -1) >+ if (*activep == 1 && *intptr == -1) > *intptr = value; > break; > >@@ -1415,7 +1415,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (value == -1) > fatal("%s line %d: unsupported option \"%s\".", > filename, linenum, arg); >- if (*activep && *intptr == -1) >+ if (*activep == 1 && *intptr == -1) > *intptr = value; > break; > >@@ -1424,7 +1424,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (!arg || *arg == '\0') > fatal("%s line %d: missing file name.", > filename, linenum); >- if (*activep) { >+ if (*activep == 1) { > servconf_add_hostkey(filename, linenum, > options, arg, 1); > } >@@ -1436,7 +1436,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (!arg || *arg == '\0') > fatal("%s line %d: missing socket name.", > filename, linenum); >- if (*activep && *charptr == NULL) >+ if (*activep == 1 && *charptr == NULL) > *charptr = !strcmp(arg, SSH_AUTHSOCKET_ENV_NAME) ? > xstrdup(arg) : derelativise_path(arg); > break; >@@ -1446,7 +1446,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (!arg || *arg == '\0') > fatal("%s line %d: missing file name.", > filename, linenum); >- if (*activep) >+ if (*activep == 1) > servconf_add_hostcert(filename, linenum, options, arg); > break; > >@@ -1457,7 +1457,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (!arg || *arg == '\0') > fatal("%s line %d: missing file name.", > filename, linenum); >- if (*activep && *charptr == NULL) { >+ if (*activep == 1 && *charptr == NULL) { > *charptr = derelativise_path(arg); > /* increase optional counter */ > if (intptr != NULL) >@@ -1500,7 +1500,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > arg + 1 : arg, 1)) > fatal("%s line %d: Bad key types '%s'.", > filename, linenum, arg ? arg : "<NONE>"); >- if (*activep && *charptr == NULL) >+ if (*activep == 1 && *charptr == NULL) > *charptr = xstrdup(arg); > break; > >@@ -1534,7 +1534,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > filename, linenum, arg); > } > } >- if (*activep && *intptr == -1) >+ if (*activep == 1 && *intptr == -1) > *intptr = value; > break; > >@@ -1601,7 +1601,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if ((errstr = atoi_err(arg, &value)) != NULL) > fatal("%s line %d: integer value %s.", > filename, linenum, errstr); >- if (*activep && *intptr == -1) >+ if (*activep == 1 && *intptr == -1) > *intptr = value; > break; > >@@ -1651,7 +1651,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > value = 1; > p = xstrdup(arg); > } >- if (*activep && *intptr == -1) { >+ if (*activep == 1 && *intptr == -1) { > *intptr = value; > *charptr = p; > p = NULL; >@@ -1679,7 +1679,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > fatal("%.200s line %d: RekeyLimit too small", > filename, linenum); > } >- if (*activep && options->rekey_limit == -1) >+ if (*activep == 1 && options->rekey_limit == -1) > options->rekey_limit = val64; > if (cp != NULL) { /* optional rekey interval present */ > if (strcmp(cp, "none") == 0) { >@@ -1718,7 +1718,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (value == SYSLOG_LEVEL_NOT_SET) > fatal("%.200s line %d: unsupported log level '%s'", > filename, linenum, arg ? arg : "<NONE>"); >- if (*activep && *log_level_ptr == -1) >+ if (*activep == 1 && *log_level_ptr == -1) > *log_level_ptr = (LogLevel) value; > break; > >@@ -1745,7 +1745,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (match_user(NULL, NULL, NULL, arg) == -1) > fatal("%s line %d: invalid AllowUsers pattern: " > "\"%.100s\"", filename, linenum, arg); >- if (!*activep) >+ if (*activep != 1) > continue; > array_append(filename, linenum, "AllowUsers", > &options->allow_users, &options->num_allow_users, >@@ -1758,7 +1758,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (match_user(NULL, NULL, NULL, arg) == -1) > fatal("%s line %d: invalid DenyUsers pattern: " > "\"%.100s\"", filename, linenum, arg); >- if (!*activep) >+ if (*activep != 1) > continue; > array_append(filename, linenum, "DenyUsers", > &options->deny_users, &options->num_deny_users, >@@ -1768,7 +1768,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > > case sAllowGroups: > while ((arg = strdelim(&cp)) && *arg != '\0') { >- if (!*activep) >+ if (*activep != 1) > continue; > array_append(filename, linenum, "AllowGroups", > &options->allow_groups, &options->num_allow_groups, >@@ -1778,7 +1778,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > > case sDenyGroups: > while ((arg = strdelim(&cp)) && *arg != '\0') { >- if (!*activep) >+ if (*activep != 1) > continue; > array_append(filename, linenum, "DenyGroups", > &options->deny_groups, &options->num_deny_groups, >@@ -1833,7 +1833,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (!arg || *arg == '\0') > fatal("%s line %d: Missing subsystem name.", > filename, linenum); >- if (!*activep) { >+ if (*activep != 1) { > arg = strdelim(&cp); > break; > } >@@ -1902,7 +1902,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > * AuthorizedKeysFile /etc/ssh_keys/%u > */ > case sAuthorizedKeysFile: >- if (*activep && options->num_authkeys_files == 0) { >+ if (*activep == 1 && options->num_authkeys_files == 0) { > while ((arg = strdelim(&cp)) && *arg != '\0') { > arg = tilde_expand_filename(arg, getuid()); > array_append(filename, linenum, >@@ -1920,7 +1920,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (!arg || *arg == '\0') > fatal("%s line %d: missing file name.", > filename, linenum); >- if (*activep && *charptr == NULL) { >+ if (*activep == 1 && *charptr == NULL) { > *charptr = tilde_expand_filename(arg, getuid()); > /* increase optional counter */ > if (intptr != NULL) >@@ -1941,7 +1941,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (strchr(arg, '=') != NULL) > fatal("%s line %d: Invalid environment name.", > filename, linenum); >- if (!*activep) >+ if (*activep != 1) > continue; > array_append(filename, linenum, "AcceptEnv", > &options->accept_env, &options->num_accept_env, >@@ -1955,7 +1955,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (strchr(arg, '=') == NULL) > fatal("%s line %d: Invalid environment.", > filename, linenum); >- if (!*activep || uvalue != 0) >+ if (*activep != 1 || uvalue != 0) > continue; > array_append(filename, linenum, "SetEnv", > &options->setenv, &options->num_setenv, arg); >@@ -1977,7 +1977,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (value == -1) > fatal("%s line %d: Bad yes/point-to-point/ethernet/" > "no argument: %s", filename, linenum, arg); >- if (*activep && *intptr == -1) >+ if (*activep == 1 && *intptr == -1) > *intptr = value; > break; > >@@ -2006,6 +2006,10 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (strcmp(item->selector, arg) != 0) > continue; > if (item->filename != NULL) { >+ debug2("%s line %d: including %s " >+ "depth %d%s", filename, linenum, >+ item->filename, depth, >+ oactive == 1 ? "" : " (parse only)"); > parse_server_config_depth(options, > item->filename, item->contents, > includes, connectinfo, >@@ -2043,8 +2047,9 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (gbuf.gl_pathc > INT_MAX) > fatal("%s: too many glob results", __func__); > for (n = 0; n < (int)gbuf.gl_pathc; n++) { >- debug2("%s line %d: including %s", >- filename, linenum, gbuf.gl_pathv[n]); >+ debug2("%s line %d: including %s depth %d%s", >+ filename, linenum, gbuf.gl_pathv[n], >+ depth, oactive ? "" : " (parse only)"); > item = xcalloc(1, sizeof(*item)); > item->selector = strdup(arg); > item->filename = strdup(gbuf.gl_pathv[n]); >@@ -2079,6 +2084,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (value < 0) > fatal("%s line %d: Bad Match condition", filename, > linenum); >+ /* The first match overwrites special value 2 when reparsing */ > *activep = (inc_flags & SSHCFG_NEVERMATCH) ? 0 : value; > break; > >@@ -2097,7 +2103,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > filename, linenum, lookup_opcode_name(opcode)); > uvalue = *uintptr; /* modified later */ > if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) { >- if (*activep && uvalue == 0) { >+ if (*activep == 1 && uvalue == 0) { > *uintptr = 1; > *chararrayptr = xcalloc(1, > sizeof(**chararrayptr)); >@@ -2130,7 +2136,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > filename, linenum, > lookup_opcode_name(opcode)); > } >- if (*activep && uvalue == 0) { >+ if (*activep == 1 && uvalue == 0) { > array_append(filename, linenum, > lookup_opcode_name(opcode), > chararrayptr, uintptr, arg2); >@@ -2144,7 +2150,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > fatal("%.200s line %d: Missing argument.", filename, > linenum); > len = strspn(cp, WHITESPACE); >- if (*activep && options->adm_forced_command == NULL) >+ if (*activep == 1 && options->adm_forced_command == NULL) > options->adm_forced_command = xstrdup(cp + len); > return 0; > >@@ -2155,7 +2161,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (!arg || *arg == '\0') > fatal("%s line %d: missing file name.", > filename, linenum); >- if (*activep && *charptr == NULL) >+ if (*activep == 1 && *charptr == NULL) > *charptr = xstrdup(arg); > break; > >@@ -2173,7 +2179,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (!arg || *arg == '\0') > fatal("%s line %d: missing file name.", > filename, linenum); >- if (*activep && *charptr == NULL) { >+ if (*activep == 1 && *charptr == NULL) { > *charptr = strcasecmp(arg, "internal") == 0 ? > xstrdup(arg) : derelativise_path(arg); > /* increase optional counter */ >@@ -2193,7 +2199,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > else if ((value2 = parse_ipqos(arg)) == -1) > fatal("%s line %d: Bad IPQoS value: %s", > filename, linenum, arg); >- if (*activep) { >+ if (*activep == 1) { > options->ip_qos_interactive = value; > options->ip_qos_bulk = value2; > } >@@ -2204,7 +2210,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > fatal("%.200s line %d: Missing argument.", filename, > linenum); > len = strspn(cp, WHITESPACE); >- if (*activep && options->version_addendum == NULL) { >+ if (*activep == 1 && options->version_addendum == NULL) { > if (strcasecmp(cp + len, "none") == 0) > options->version_addendum = xstrdup(""); > else if (strchr(cp + len, '\r') != NULL) >@@ -2220,7 +2226,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > fatal("%.200s line %d: Missing argument.", filename, > linenum); > len = strspn(cp, WHITESPACE); >- if (*activep && options->authorized_keys_command == NULL) { >+ if (*activep == 1 && options->authorized_keys_command == NULL) { > if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) > fatal("%.200s line %d: AuthorizedKeysCommand " > "must be an absolute path", >@@ -2236,7 +2242,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if (!arg || *arg == '\0') > fatal("%s line %d: missing AuthorizedKeysCommandUser " > "argument.", filename, linenum); >- if (*activep && *charptr == NULL) >+ if (*activep == 1 && *charptr == NULL) > *charptr = xstrdup(arg); > break; > >@@ -2245,7 +2251,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > fatal("%.200s line %d: Missing argument.", filename, > linenum); > len = strspn(cp, WHITESPACE); >- if (*activep && >+ if (*activep == 1 && > options->authorized_principals_command == NULL) { > if (cp[len] != '/' && strcasecmp(cp + len, "none") != 0) > fatal("%.200s line %d: " >@@ -2264,7 +2270,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > fatal("%s line %d: missing " > "AuthorizedPrincipalsCommandUser argument.", > filename, linenum); >- if (*activep && *charptr == NULL) >+ if (*activep == 1 && *charptr == NULL) > *charptr = xstrdup(arg); > break; > >@@ -2291,7 +2297,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > filename, linenum); > } > value2 = 1; >- if (!*activep) >+ if (*activep != 1) > continue; > array_append(filename, linenum, > "AuthenticationMethods", >@@ -2314,7 +2320,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > value = strtol(arg, &p, 8); > if (arg == p || value < 0 || value > 0777) > fatal("%s line %d: Bad mask.", filename, linenum); >- if (*activep) >+ if (*activep == 1) > options->fwd_opts.streamlocal_bind_mask = (mode_t)value; > break; > >@@ -2330,7 +2336,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > if ((value = ssh_digest_alg_by_name(arg)) == -1) > fatal("%.200s line %d: Invalid hash algorithm \"%s\".", > filename, linenum, arg); >- if (*activep) >+ if (*activep == 1) > options->fingerprint_hash = value; > break; > >@@ -2348,7 +2354,7 @@ process_server_config_line_depth(ServerOptions *options, char *line, > !valid_rdomain(arg)) > fatal("%s line %d: bad routing domain", > filename, linenum); >- if (*activep && *charptr == NULL) >+ if (*activep == 1 && *charptr == NULL) > *charptr = xstrdup(arg); > break; > >@@ -2606,7 +2612,7 @@ parse_server_config(ServerOptions *options, const char *filename, > struct sshbuf *conf, struct include_list *includes, > struct connection_info *connectinfo) > { >- int active = connectinfo ? 0 : 1; >+ int active = connectinfo ? 2 : 1; > parse_server_config_depth(options, filename, conf, includes, > connectinfo, 0, &active, 0); > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3384">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 3122
:
3384
|
3399