openssh-5.4p1/misc.c 154 /* Characters considered whitespace in strsep calls. */ 155 #define WHITESPACE " \t\r\n" 156 #define QUOTE "\"" 157 158 /* return next token in configuration line */ 159 char * 160 strdelim(char **s) 161 { ... 179 } else { 180 *s[0] = '\0'; 181 return (old); 182 } ... It should be: } else { *s[0] = '\0'; *s += strspn(*s + 1, WHITESPACE) + 1; return (old); }
Thanks for the report. Could you give an example of the bug? E.g. a testcase of what this code does wrong.
To reproduce this bug, set AllowUsers to something like: > "user name 1" "user name 2" user name 2 won't be allowed to login > "user name a" userb userb won't be allowed to login Thanks.
Created attachment 1893 [details] /home/djm/misc-strdelim-quote.diff Patch version of proposed fix
patch applied, this will be in OpenSSH 5.6. Thanks.
Move resolved bugs to CLOSED after 5.7 release