diff options
| author | Damien Miller <djm@mindrot.org> | 2014-02-24 15:56:45 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2014-02-24 15:56:45 +1100 |
| commit | 0628780abe61e7e50cba48cdafb1837f49ff23b2 (patch) | |
| tree | 306239f5d1de77fc6ab9678299f8e0be35747599 | |
| parent | 0890dc8191bb201eb01c3429feec0300a9d3a930 (diff) | |
- djm@cvs.openbsd.org 2014/02/22 01:32:19
[readconf.c]
when processing Match blocks, skip 'exec' clauses if previous predicates
failed to match; ok markus@
| -rw-r--r-- | ChangeLog | 7 | ||||
| -rw-r--r-- | readconf.c | 31 |
2 files changed, 25 insertions, 13 deletions
| @@ -8,9 +8,10 @@ | |||
| 8 | [channels.c] | 8 | [channels.c] |
| 9 | avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W; | 9 | avoid spurious "getsockname failed: Bad file descriptor" errors in ssh -W; |
| 10 | bz#2200, debian#738692 via Colin Watson; ok dtucker@ | 10 | bz#2200, debian#738692 via Colin Watson; ok dtucker@ |
| 11 | 11 | - djm@cvs.openbsd.org 2014/02/22 01:32:19 | |
| 12 | 20140221 | 12 | [readconf.c] |
| 13 | - (tim) [configure.ac] Fix cut-and-paste error. Patch from Bryan Drewery. | 13 | when processing Match blocks, skip 'exec' clauses if previous predicates |
| 14 | failed to match; ok markus@ | ||
| 14 | 15 | ||
| 15 | 20140213 | 16 | 20140213 |
| 16 | - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add compat | 17 | - (dtucker) [configure.ac openbsd-compat/openssl-compat.{c,h}] Add compat |
diff --git a/readconf.c b/readconf.c index f80d1ccbc..94e645908 100644 --- a/readconf.c +++ b/readconf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: readconf.c,v 1.216 2014/01/29 06:18:35 djm Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.217 2014/02/22 01:32:19 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -537,16 +537,27 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw, | |||
| 537 | "r", ruser, | 537 | "r", ruser, |
| 538 | "u", pw->pw_name, | 538 | "u", pw->pw_name, |
| 539 | (char *)NULL); | 539 | (char *)NULL); |
| 540 | r = execute_in_shell(cmd); | 540 | if (result != 1) { |
| 541 | if (r == -1) { | 541 | /* skip execution if prior predicate failed */ |
| 542 | fatal("%.200s line %d: match exec '%.100s' " | 542 | debug("%.200s line %d: skipped exec \"%.100s\"", |
| 543 | "error", filename, linenum, cmd); | ||
| 544 | } else if (r == 0) { | ||
| 545 | debug("%.200s line %d: matched " | ||
| 546 | "'exec \"%.100s\"' ", | ||
| 547 | filename, linenum, cmd); | 543 | filename, linenum, cmd); |
| 548 | } else | 544 | } else { |
| 549 | result = 0; | 545 | r = execute_in_shell(cmd); |
| 546 | if (r == -1) { | ||
| 547 | fatal("%.200s line %d: match exec " | ||
| 548 | "'%.100s' error", filename, | ||
| 549 | linenum, cmd); | ||
| 550 | } else if (r == 0) { | ||
| 551 | debug("%.200s line %d: matched " | ||
| 552 | "'exec \"%.100s\"'", filename, | ||
| 553 | linenum, cmd); | ||
| 554 | } else { | ||
| 555 | debug("%.200s line %d: no match " | ||
| 556 | "'exec \"%.100s\"'", filename, | ||
| 557 | linenum, cmd); | ||
| 558 | result = 0; | ||
| 559 | } | ||
| 560 | } | ||
| 550 | free(cmd); | 561 | free(cmd); |
| 551 | } else { | 562 | } else { |
| 552 | error("Unsupported Match attribute %s", attrib); | 563 | error("Unsupported Match attribute %s", attrib); |