options: Do not attempt to expand percents in PKCS#11 URIs

With the old token parser, the data was simply broken on the = sign even if the uri was in quotes and ignored. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Anderson Toshiyuki Sasaki <ansasaki@redhat.com>
2019-09-19 15:03:21 +02:00 · 2019-09-19 15:03:21 +02:00 · 223cc96239
--- a/src/options.c
+++ b/src/options.c
@ -1472,6 +1472,13 @@ int ssh_options_apply(ssh_session session) {
         it != NULL;
         it = it->next) {
        char *id = (char *) it->data;
+        if (strncmp(id, "pkcs11:", 6) == 0) {
+            /* PKCS#11 URIs are using percent-encoding so we can not mix
+             * it with ssh expansion of ssh escape characters.
+             * Skip these identities now, before we will have PKCS#11 support
+             */
+             continue;
+        }
        tmp = ssh_path_expand_escape(session, id);
        if (tmp == NULL) {
            return -1;