https://bugzilla.mindrot.org/show_bug.cgi?id=3782
Bug ID: 3782
Summary: Existing configs broken by
baec3f7f4c60cd5aa1bb9adbeb6dfa4a172502a8
Product: Portable OpenSSH
Version: 9.9p1
Hardware: 68k
OS: Mac OS X
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-b...@mindrot.org
Reporter: jmcrawfor...@gmail.com
With the recent change to the parser for match directives, some complex
configs that were working with previous releases no longer work. Here's
a simplified example Match demonstrating a couple of the
non-backwards-compatible changes:
```
Match Host %* exec "bash -c 'test -z $INSTANCE_SSH_DISABLED &&
cmd=$(instance-lookup --port %p -f '\''instance-ssh --user %r --asg
'\'\\\'\''{{.Group}}'\'\\\'\'' '\'' %h) && eval $cmd'"
```
This no longer parses in 9.9p1 due to a lack of $ escaping and due to
an inconsistency on what types of quote escapes are allowed in both
versions. I spent a bit of time trying to get to a syntax that was both
forwards and backwards compatible, but I finally just gave up and
stuffed the command into a separate file so the Match simplifies to
e.g.
Match Host %* exec "bash ~/.ssh/instance-ssh.sh %p %r %h"
I don't know if there's a good forward fix for this as the parsers seem
to differ pretty significantly, but I just wanted to call it out as a
breaking change and give the separate script file approach as a
workaround for settings that have to support configs for older versions
as well.
--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs
