MFC r344449: scp: validate filenames provided by server against wildcard
... in client
OpenSSH-portable commits:
check in scp client that filenames sent during remote->local directory
copies satisfy the wildcard specified by the user.
This checking provides some protection against a malicious server
sending unexpected filenames, but it comes at a risk of rejecting wanted
files due to differences between client and server wildcard expansion rules.
For this reason, this also adds a new -T flag to disable the check.
reported by Harry Sintonen
fix approach suggested by markus@;
has been in snaps for ~1wk courtesy deraadt@
OpenBSD-Commit-ID:
00f44b50d2be8e321973f3c6d014260f8f7a8eda
Minor patch conflict (getopt) resolved.
Obtained from: OpenSSH-portable
391ffc4b9d31fa1f4ad566499fef9176ff8a07dc
scp: add -T to usage();
OpenBSD-Commit-ID:
a7ae14d9436c64e1bd05022329187ea3a0ce1899
Obtained from: OpenSSH-portable
2c21b75a7be6ebdcbceaebb43157c48dbb36f3d8
PR: 234965
Sponsored by: The FreeBSD Foundation
projects / FreeBSD / FreeBSD.git / commit