You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@mina.apache.org by "Cong-Xin Qiu (JIRA)" <ji...@apache.org> on 2018/01/29 21:37:00 UTC
[jira] [Created] (SSHD-796) AuthorizedKeyEntry parses
`loginOptions` in a wrong way
Cong-Xin Qiu created SSHD-796:
---------------------------------
Summary: AuthorizedKeyEntry parses `loginOptions` in a wrong way
Key: SSHD-796
URL: https://issues.apache.org/jira/browse/SSHD-796
Project: MINA SSHD
Issue Type: Bug
Affects Versions: 1.7.0
Environment: Ubuntu 16.04
openjdk version "1.8.0_151"
Reporter: Cong-Xin Qiu
Attachments: ApacheMinaSshdTest.java
For `.ssh/authorized_keys` to have forced commands, sometimes AuthorizedKeyEntry parses it in the wrong way.
For
{code:java}
command="./an-executable-script-without-arguments.sh",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3N...
{code}
AuthorizedKeyEntry.getLoginOptions gives Map<String,String> with value
{code:java}
command ./an-executable-script-without-arguments.sh
no-agent-forwarding true
no-port-forwarding true
no-pty true
no-x11-forwarding true
{code}
which is correct.
But for forced commands with arguments
{code:java}
command="./an-executable-script.sh arg1 arg2",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3N...
{code}
It gives
{code:java}
command "./an-executable-script.sh
{code}
Which is wrong.
It seems skip the blank space, so missed all following options. And it also didn't remove the quotation mark.
Maybe there is some parsing error in here.
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)