1763 – Side effects from public key options

Bug 1763 - Side effects from public key options

Summary: Side effects from public key options

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	sshd (show other bugs)
Version:	-current
Hardware:	All All

Importance:	P2 normal
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:	V_5_6
	Show dependency tree / graph

Reported:	2010-04-28 14:57 AEST by Damien Miller
Modified:	2011-01-24 12:33 AEDT (History)
CC List:	0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Damien Miller 2010-04-28 14:57:39 AEST

auth-options.c tries to back out options set for a public key if public key authentication fails, but there are some cases where this is incomplete or buggy:

command= can memory leak if there are multiple command options on a key

permitopen= options are not backed out at all

Comment 1 Damien Miller 2010-06-18 13:06:09 AEST

the leak on multiple command= options is fixed in -current.

Comment 2 Damien Miller 2010-06-18 13:08:12 AEST

... and I was wrong to begin with about permitopen= options not being cleared.

Comment 3 Damien Miller 2011-01-24 12:33:58 AEDT

Move resolved bugs to CLOSED after 5.7 release