https://bugzilla.mindrot.org/show_bug.cgi?id=2081
--- Comment #24 from Alon Bar-Lev <[email protected]> --- (In reply to Sami Hartikainen from comment #23) > Created attachment 2479 [details] > Reworked patch enabling optional %-expanded arguments > > Revised based on feedback, e.g. %h expansion added. > > > 2. still open issue is if we need to skip calling the > > utility if no public key, I leave this to openssh > > developers to decide, I think we should execute with > > empty value. > > I would like to hear comments from other people on this as > well. But consider an AuthorizedKeysCommand of: > > /usr/local/sbin/myauth --user %u --key %k non-option-arg > > If %k is missing (due to sshkey_to_base64() failing), > the 'non-option-arg' will be read as the option value for > --key, possibly breaking the 'myauth' utility. I thought there is other reason for that... :) If you first split it based on delimiters, then substitute each then you will be ok. > > 6. not sure the sshkey_to_base64 is first requirement to perform > > that conversion... maybe something should be shared with ssh-keygen. > > sshkey_write() is almost the same, so perhaps the 'guts' of it could > be refactored to be usable for this. this is for openssh developers to instruct. minor comments: xrealloc(argv, argc, sizeof(char *)); please use the type of argv[0] instead char*. thanks!!!! -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
