CVSROOT: /cvs Module name: src Changes by: d...@cvs.openbsd.org 2019/01/26 15:41:28
Modified files: usr.bin/ssh : scp.1 scp.c Log message: check in scp client that filenames sent during remote->local directory copies satisfy the wildcard specified by the user. This checking provides some protection against a malicious server sending unexpected filenames, but it comes at a risk of rejecting wanted files due to differences between client and server wildcard expansion rules. For this reason, this also adds a new -T flag to disable the check. reported by Harry Sintonen fix approach suggested by markus@; has been in snaps for ~1wk courtesy deraadt@