• Kirill Smelkov's avatar
    slaprunner/sshd: Fix quoting in ForceCommand · cff0c969
    Kirill Smelkov authored
    2a733418 (slaprunner: replaces dropbear by openssh) switched slaprunner
    sshd from dropbear to openssh (thanks for it once again) and used
    ForceCommand to imitate login shell to be partitions `${bash:location}/bin/bash -l`.
    
    For case when original ssh command is explicitly provided
    ("$SSH_ORIGINAL_COMMAND" is not empty) the code there tries to just
    execute what was provided by caller.
    
    However the reexecution is not completely correct as for cases when
    origin command contains some quoting, 1 level of quotes is removed.
    
    The case when I hit this in practice is git access to repositories over
    ssh. When git wants to e.g. clone a repository it runs `git-upload-pack
    quoted-path-to-repo.git` and fails this way:
    
    ```
    $ GIT_TRACE=1 git clone ssh://host1/~/B.git
    19:28:23.558858 git.c:350               trace: built-in: git 'clone' 'ssh://host1/~/B.git'
    Cloning into 'B'...
    19:28:23.572994 run-command.c:336       trace: run_command: 'ssh' 'host1' 'git-upload-pack '\''~/B.git'\'''
    fatal: ''~/B.git'' does not appear to be a git repository
    fatal: Could not read from remote repository.
    
    Please make sure you have the correct access rights
    and the repository exists.
    ```
    
    Quoting SSH_ORIGINAL_COMMAND and evaluating it completely via eval fixes this.
    
    /cc @Nicolas, @alain.takoudjou
    cff0c969
common.cfg 6.4 KB