You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@mina.apache.org by "Cong-Xin Qiu (JIRA)" <ji...@apache.org> on 2018/01/29 21:37:00 UTC

[jira] [Created] (SSHD-796) AuthorizedKeyEntry parses `loginOptions` in a wrong way

Cong-Xin Qiu created SSHD-796:
---------------------------------

             Summary: AuthorizedKeyEntry parses `loginOptions` in a wrong way
                 Key: SSHD-796
                 URL: https://issues.apache.org/jira/browse/SSHD-796
             Project: MINA SSHD
          Issue Type: Bug
    Affects Versions: 1.7.0
         Environment: Ubuntu 16.04
openjdk version "1.8.0_151"
            Reporter: Cong-Xin Qiu
         Attachments: ApacheMinaSshdTest.java

For `.ssh/authorized_keys` to have forced commands, sometimes AuthorizedKeyEntry parses it in the wrong way.

For
{code:java}
command="./an-executable-script-without-arguments.sh",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3N...
{code}
AuthorizedKeyEntry.getLoginOptions gives Map<String,String> with value
{code:java}
command            ./an-executable-script-without-arguments.sh
no-agent-forwarding            true
no-port-forwarding            true
no-pty            true
no-x11-forwarding            true
{code}
which is correct.

But for forced commands with arguments
{code:java}
command="./an-executable-script.sh arg1 arg2",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty ssh-rsa AAAAB3N...
{code}
It gives
{code:java}
command            "./an-executable-script.sh
{code}
Which is wrong.

It seems skip the blank space, so missed all following options. And it also didn't remove the quotation mark.

Maybe there is some parsing error in here.



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)