bump("Empty host name");
/*
+ * Remove fiddly bits of address: remove a colon suffix, and
+ * the square brackets around an IPv6 literal address.
+ */
+ if (host[0] == '[') {
+ host++;
+ host[strcspn(host, "]")] = '\0';
+ } else {
+ host[strcspn(host, ":")] = '\0';
+ }
+
+ /*
* If we haven't loaded session details already (e.g., from -load),
* try looking for a session called "host".
*/
}
/*
- * Trim a colon suffix off the hostname if it's there.
- */
- cfg.host[strcspn(cfg.host, ":")] = '\0';
-
- /*
* Remove any remaining whitespace from the hostname.
*/
{
*/
static char *colon(char *str)
{
+ /* Check and process IPv6 literal addresses
+ * (eg: 'jeroen@[2001:db8::1]:myfile.txt') */
+ char *ipv6 = strchr(str, '[');
+ if (ipv6) {
+ str = strchr(str, ']');
+ if (str) {
+ /* Terminate on the closing bracket */
+ *str++ = '\0';
+ return (str);
+ }
+ return (NULL);
+ }
+
/* We ignore a leading colon, since the hostname cannot be
empty. We also ignore a colon as second character because
of filenames like f:myfile.txt. */
for (i = 0; i < names->nnames; i++)
ournames[nnames++] = names->names[i];
-
names->nnames = 0; /* prevent free_names */
fxp_free_names(names);
}
namesize += names->nnames + 128;
ournames = sresize(ournames, namesize, struct fxp_name);
}
- for (i = 0; i < names->nnames; i++)
- ournames[nnames++] = names->names[i];
+ for (i = 0; i < names->nnames; i++) {
+ if (!strcmp(names->names[i].filename, ".") ||
+ !strcmp(names->names[i].filename, "..")) {
+ /*
+ * . and .. are normal consequences of
+ * reading a directory, and aren't worth
+ * complaining about.
+ */
+ } else if (!vet_filename(names->names[i].filename)) {
+ tell_user(stderr, "ignoring potentially dangerous server-"
+ "supplied filename '%s'\n",
+ names->names[i].filename);
+ } else
+ ournames[nnames++] = names->names[i];
+ }
names->nnames = 0; /* prevent free_names */
fxp_free_names(names);
}
tell_user(stderr, " when we requested a file "
"called '%s'.", stripsrc);
tell_user(stderr, " If this is a wildcard, "
- "consider upgrading to SSH 2 or using");
+ "consider upgrading to SSH-2 or using");
tell_user(stderr, " the '-unsafe' option. Renaming"
" of this file has been disallowed.");
/* Override the name the server provided with our own. */
*targ++ = '\0';
if (*targ == '\0')
targ = ".";
- /* Substitute "." for emtpy target */
+ /* Substitute "." for empty target */
/* Separate host and username */
user = host;
printf(" -l user connect with specified username\n");
printf(" -pw passw login with specified password\n");
printf(" -1 -2 force use of particular SSH protocol version\n");
+ printf(" -4 -6 force use of IPv4 or IPv6\n");
printf(" -C enable compression\n");
printf(" -i key private key file for authentication\n");
printf(" -batch disable all interactive prompts\n");