From: Ingo Schwarze <schwarze@usta.de>
Subject: Re: [PATCH] Make incorrect ftp(1) usage more obvious
To: Michał Markowski <markowski1@gmail.com>
Cc: tech@openbsd.org
Date: Tue, 13 May 2025 22:53:34 +0200

Hello,

Michal Markowski wrote on Tue, May 13, 2025 at 09:47:43PM +0200:
> Petr Rockai <m.v0adgys6@fixp.eu:
>> On Fri, May 02, 2025 at 05:48:48PM +0200, Theo de Raadt wrote:

>>> We follow original POSIX getopt(3) rules in every program, using libc code.
>>> This applies to ALL commands.  No commands are different.

>> This surprised me a bit, because:
>>
>>     $ which grep
>>     /usr/bin/grep
>>     $ grep foo -i foo.txt
>>     FOO

> And this one:
> 
> source$ ssh destination -o "Compression yes"
> destination$

Hrmpf.

From /usr/src/usr.bin/ssh/ssh.c:

 again:
	while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx"
	    "AB:CD:E:F:GI:J:KL:MNO:P:Q:R:S:TVw:W:XYy")) != -1) { /* HUZdhjruz */
		switch (opt) {
			[...]
		}
	}
        if (optind > 1 && strcmp(av[optind - 1], "--") == 0)
                opt_terminated = 1;

        ac -= optind;
        av += optind;

	if (ac > 0 && !host) {
		int tport;
		char *tuser;
		switch (parse_ssh_uri(*av, &tuser, &host, &tport)) {
			[...]
		}
		if (ac > 1 && !opt_terminated) {
			optind = optreset = 1;
			goto again;  /* WTH? */

So even though the code in ssh(1) does not use the gnuish getopt_long(1),
it goes to great lengths specifically to break POSIX.

But note that ssh(1) was imported into OpenBSD in 1999 building on
third-party code from Tatu Ylonen, and the command line user interface
of the program was already well established in the wild before that point.
In 1999, there were certainly more pressing matters than pushing in
backward-incompatible changes in this respect.

Should we change this now?  I'm not convinced because there is probably
no OpenBSD software more widely used now than OpenSSH.  Given that GNU
people usually want POSIX violation in this respect and ssh(1) isn't
even a POSIX utility, the likely consequence of us fixing this would be
that several Linux distros would patch it back - and the world certainly
hasn't become a better place by Linux distros patching OpenSSH.

So i guess in OpenSSH land, there are still more rewarding hills
to die on, if die you want.  Like slowly and steadily retiring
old, unsafe algorithms and protocols and resisting insane feature
requests, both of which are being done where needed, and both of
which cause blowback from the Heard & McDonald Islands more often
than we might like.  No need to gratuitiously provoke additional
consternation over less important matters, i presume.

Yours,
  Ingo