Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenSSH>
  3. Bugs
[Bug 596] "ProxyCommand none" doesn't work
bugzilla-daemon at mindrot
Jun 16, 2003, 1:54 PM
Post #1 of 3 (854 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=596

Summary: "ProxyCommand none" doesn't work
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: openssh-bugs@mindrot.org
ReportedBy: jimb@redhat.com


Using

According to the man page, putting "ProxyCommand none" in my .ssh/config file
should make SSH not use a proxy command to connect to that host. However, when
I do this, SSH tries to execute "none" as a proxy command:

$ cat ~/.ssh/config
ProxyCommand none
$ ssh -V
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
$ ssh -v www.red-bean.com
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /home/jimb/.ssh/config
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: Executing proxy command: exec none

debug1: identity file /home/jimb/.ssh/identity type 0
debug1: identity file /home/jimb/.ssh/id_rsa type -1
/bin/sh: line 1: exec: none: not found
debug1: identity file /home/jimb/.ssh/id_dsa type 2
ssh_exchange_identification: Connection closed by remote host
debug1: Calling cleanup 0x805f31c(0x0)
$

The problem seems to be in process_config_line: on entry, 'line' contains a
terminating newline:

$ gdb ./ssh
GNU gdb 2003-04-17-cvs
Copyright 2003 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i686-pc-linux-gnu"...
(gdb) break process_config_line
Breakpoint 1 at 0x804d42c: file readconf.c, line 284.
(gdb) run www.red-bean.com
Starting program: /rigel/jimb/TARS/openssh/openssh-3.6.1p2/ssh www.red-bean.com

Breakpoint 1, process_config_line (options=0x807fba0, host=0xbfffc2ee
"www.red-bean.com", line=0xbfffb7bc "\001", filename=0xbfffbc70
"/home/jimb/.ssh/config",
linenum=1, activep=0xbfffb7bc) at readconf.c:284
284 s = line;
(gdb) next
286 keyword = strdelim(&s);
(gdb) print line
$1 = 0xbfffb7c0 "ProxyCommand none\n"
(gdb)

The newline at the end gets copied through into the options structure:

(gdb) dis 1
(gdb) break ssh.c:604
Breakpoint 2 at 0x804bece: file ssh.c, line 604.
(gdb) c
Continuing.

Breakpoint 2, main (ac=0, av=0xbfffbdfc) at ssh.c:604
604 if (options.proxy_command != NULL &&
(gdb) print options.proxy_command
$2 = 0x8085da0 "none\n"
(gdb)

This means that the following code doesn't do what it's supposed to do:

if (options.proxy_command != NULL &&
strcmp(options.proxy_command, "none") == 0)
options.proxy_command = NULL;

I suspect that none of the configuration options that retain the entire rest of
the line want that trailing newline. I'll attach a patch to process_config_line
that removes a trailing newline, if present, from the value before doing any
more per-option parsing.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 596] "ProxyCommand none" doesn't work [ In reply to ]
bugzilla-daemon at mindrot
Jun 16, 2003, 1:57 PM
Post #2 of 3 (837 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=596





------- Additional Comments From jimb@redhat.com 2003-06-17 07:57 -------
Created an attachment (id=328)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=328&action=view)
Patch to strip terminating newlines from config file lines

With this patch, SSH recognizes the "ProxyCommand none" line in ~/.ssh/config
properly:

$ ssh www.red-bean.com
Linux sanpietro 2.4.19 #1 SMP Wed Oct 16 10:36:57 CDT 2002 sparc64 unknown

"It now remains to be seen what are the methods and rules for a
prince as regards his subjects and friends. And as I know that
many have written of this, I fear that my writing about it may be
deemed presumptuous, differing as I do, especially in this matter,
from the opinions of others. But my intention being to write
something of use to those who understand, it appears to me more
proper to go to the real truth of the matter than to its
imagination; and many have imagined republics and principalities
which have never been seen or known to exist in reality; for how
we live is so far removed from how we ought to live, that he who
abandons what is done for what ought to be done, will rather learn
to bring about his own ruin than his preservation. A man who
wishes to make a profession of goodness in everything must
necessarily come to grief among so many who are not good.
Therefore it is necessary for a prince, who wishes to maintain
himself, to learn how not to be good, and to use this knowledge
and not use it, according to the necessity of the case."
-- Niccolo Machiavelli, "The Prince", chapter 15
You have new mail.
Last login: Mon Jun 16 16:54:46 2003 from 12-223-225-216.client.insightbb.com
jimb@sanpietro:~$




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
[Bug 596] "ProxyCommand none" doesn't work [ In reply to ]
bugzilla-daemon at mindrot
Jun 16, 2003, 2:12 PM
Post #3 of 3 (836 views)
Permalink
http://bugzilla.mindrot.org/show_bug.cgi?id=596

jimb@redhat.com changed:

What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |DUPLICATE



------- Additional Comments From jimb@redhat.com 2003-06-17 08:12 -------


*** This bug has been marked as a duplicate of 528 ***



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal