From bccb8513fa4a836aef0519d65eb33bb212606fe1 Mon Sep 17 00:00:00 2001 From: Thomas Baag Date: Wed, 21 Sep 2022 20:55:27 +0200 Subject: [PATCH] config: Escape brackets in ProxyCommand build from ProxyJump Missing escaping results in syntax errors in Zsh shell because of square brackets getting interpreted as being a pattern for globbing. Signed-off-by: Thomas Baag Reviewed-by: Jakub Jelen --- src/config.c | 2 +- tests/unittests/torture_config.c | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/src/config.c b/src/config.c index c048418ec..308928429 100644 --- a/src/config.c +++ b/src/config.c @@ -491,7 +491,7 @@ ssh_config_parse_proxy_jump(ssh_session session, const char *s, bool do_parsing) if (hostname != NULL && do_parsing) { char com[512] = {0}; - rv = snprintf(com, sizeof(com), "ssh%s%s%s%s%s%s -W [%%h]:%%p %s", + rv = snprintf(com, sizeof(com), "ssh%s%s%s%s%s%s -W '[%%h]:%%p' %s", username ? " -l " : "", username ? username : "", port ? " -p " : "", diff --git a/tests/unittests/torture_config.c b/tests/unittests/torture_config.c index 31dadae37..5ff20c99a 100644 --- a/tests/unittests/torture_config.c +++ b/tests/unittests/torture_config.c @@ -649,7 +649,7 @@ static void torture_config_unknown(void **state, /* test corner cases */ _parse_config(session, file, string, SSH_OK); assert_string_equal(session->opts.ProxyCommand, - "ssh -W [%h]:%p many-spaces.com"); + "ssh -W '[%h]:%p' many-spaces.com"); assert_string_equal(session->opts.host, "equal.sign"); ret = ssh_config_parse_file(session, "/etc/ssh/ssh_config"); @@ -945,28 +945,28 @@ static void torture_config_proxyjump(void **state, torture_reset_config(session); ssh_options_set(session, SSH_OPTIONS_HOST, "simple"); _parse_config(session, file, string, SSH_OK); - assert_string_equal(session->opts.ProxyCommand, "ssh -W [%h]:%p jumpbox"); + assert_string_equal(session->opts.ProxyCommand, "ssh -W '[%h]:%p' jumpbox"); /* With username */ torture_reset_config(session); ssh_options_set(session, SSH_OPTIONS_HOST, "user"); _parse_config(session, file, string, SSH_OK); assert_string_equal(session->opts.ProxyCommand, - "ssh -l user -W [%h]:%p jumpbox"); + "ssh -l user -W '[%h]:%p' jumpbox"); /* With port */ torture_reset_config(session); ssh_options_set(session, SSH_OPTIONS_HOST, "port"); _parse_config(session, file, string, SSH_OK); assert_string_equal(session->opts.ProxyCommand, - "ssh -p 2222 -W [%h]:%p jumpbox"); + "ssh -p 2222 -W '[%h]:%p' jumpbox"); /* Two step jump */ torture_reset_config(session); ssh_options_set(session, SSH_OPTIONS_HOST, "two-step"); _parse_config(session, file, string, SSH_OK); assert_string_equal(session->opts.ProxyCommand, - "ssh -l u1 -p 222 -J u2@second:33 -W [%h]:%p first"); + "ssh -l u1 -p 222 -J u2@second:33 -W '[%h]:%p' first"); /* none */ torture_reset_config(session); @@ -985,14 +985,14 @@ static void torture_config_proxyjump(void **state, ssh_options_set(session, SSH_OPTIONS_HOST, "only-jump"); _parse_config(session, file, string, SSH_OK); assert_string_equal(session->opts.ProxyCommand, - "ssh -W [%h]:%p jumpbox"); + "ssh -W '[%h]:%p' jumpbox"); /* IPv6 address */ torture_reset_config(session); ssh_options_set(session, SSH_OPTIONS_HOST, "ipv6"); _parse_config(session, file, string, SSH_OK); assert_string_equal(session->opts.ProxyCommand, - "ssh -W [%h]:%p 2620:52:0::fed"); + "ssh -W '[%h]:%p' 2620:52:0::fed"); /* Multiple @ is allowed in second jump */ config = "Host allowed-hostname\n" -- GitLab