V8.03.256.2025.06.02

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

lib/lib_arg_parser.sh

@@ -212,23 +212,56 @@ arg_parser() {
           ;;
 
         --jump-host)
-          if [[ -n "${2}" && "${2}" != -* ]]; then
+            if [[ -n "${2}" && "${2}" != -* ]]; then
+            ### Take the entire blob in raw and split it later
+            declare raw="${2}"
+            ### Remove control characters:
+            raw=$(printf '%s' "${raw}" | tr -d '[:cntrl:]')
+            ### Split into a temporary array using spaces:
+            declare split_hosts
+            IFS=' ' read -r -a split_hosts <<< "${raw}"
             declare -i count=0
-            shift
-            while [[ "${#}" -gt 0 && "${1}" != -* && count -lt 10 ]]; do
-              declare -g ARY_HANDLER_JUMPHOST+=("$1")
-              count=$((count + 1))
-              shift
-            done
-            while [[ "${#}" -gt 0 && "${1}" != -* ]]; do
+            ### Insert up to ten entries in ARY_HANDLER_JUMPHOST:
+            declare count h
+            for h in "${split_hosts[@]}"; do
+              if [[ ${count} -lt 10 ]]; then
+                ARY_HANDLER_JUMPHOST+=("${h}")
+                count=$((count + 1))
+              else
+                break
+              fi
+            done
+            ### Then skip all host values that were originally specified after --jump-host
+            shift  ### Remove: --jump-host
+            ### Now one must perform as many shifts as there were words in the raw blob:
+            declare _
+            for _ in "${split_hosts[@]}"; do
               shift
             done
+            unset count h raw split_hosts _
           else
             if ! $VAR_HANDLER_AUTOBUILD; then boot_screen_cleaner; fi
             printf "\e[91m❌ Error: --jump-host MUST contain one or up to ten IPs.\e[0m\n" >&2
             read -p -r $'\e[92m✅ Press \'ENTER\' to exit the script ... \e[0m'
             exit "${ERR_ARG_MSMTCH}"
           fi
+          #if [[ -n "${2}" && "${2}" != -* ]]; then
+          #  declare -i count=0
+          #  shift
+          #  while [[ "${#}" -gt 0 && "${1}" != -* && count -lt 10 ]]; do
+          #    declare -g ARY_HANDLER_JUMPHOST+=("$1")
+          #    count=$((count + 1))
+          #    shift
+          #  done
+          #  while [[ "${#}" -gt 0 && "${1}" != -* ]]; do
+          #    shift
+          #  done
+          #else
+          #  if ! $VAR_HANDLER_AUTOBUILD; then boot_screen_cleaner; fi
+          #  printf "\e[91m❌ Error: --jump-host MUST contain one or up to ten IPs.\e[0m\n" >&2
+          #  read -p -r $'\e[92m✅ Press \'ENTER\' to exit the script ... \e[0m'
+          #  exit "${ERR_ARG_MSMTCH}"
+          #fi
           ;;
 
         --log-statistics-only)

lib/lib_hardening_ultra.sh

@@ -148,7 +148,7 @@ hardening_ultra() {
       declare host
       for host in "${ARY_HANDLER_JUMPHOST_UNIQUE[@]}"; do
         ((line++))
-        sed -i "${line}a ufw allow from \"${host}\" to any port \"${sshport}\" proto tcp comment \"Incoming SSH ([${host}]:${sshport})\"" "$file"
+        sed -i "${line}a ufw allow from ${host} to any port ${sshport} proto tcp comment \"Incoming SSH ([${host}]:${sshport})\"" "$file"
       done
     fi
 
@@ -179,7 +179,7 @@ hardening_ultra() {
       declare host
       for host in "${ARY_HANDLER_JUMPHOST_UNIQUE[@]}"; do
         ((line++))
-        sed -i "${line}a ufw allow from \"${host}\" to any port \"${sshport}\" proto tcp comment \"Incoming SSH ([${host}]:${sshport})\"" "$file"
+        sed -i "${line}a ufw allow from ${host} to any port ${sshport} proto tcp comment \"Incoming SSH ([${host}]:${sshport})\"" "$file"
       done
     fi
   fi