diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2019-09-13 04:27:35 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-09-13 14:28:44 +1000 |
| commit | fbe24b142915331ceb2a3a76be3dc5b6d204fddf (patch) | |
| tree | 6adb5c456a64cdd74ca004a6ec8633cc53f4eac9 | |
| parent | 2ce1d11600e13bee0667d6b717ffcc18a057b821 (diff) | |
upstream: allow %n to be expanded in ProxyCommand strings
From Zachary Harmany via github.com/openssh/openssh-portable/pull/118
ok dtucker@
OpenBSD-Commit-ID: 7eebf1b7695f50c66d42053d352a4db9e8fb84b6
| -rw-r--r-- | ssh.c | 4 | ||||
| -rw-r--r-- | ssh_config.5 | 4 | ||||
| -rw-r--r-- | sshconnect.c | 35 | ||||
| -rw-r--r-- | sshconnect.h | 7 |
4 files changed, 28 insertions, 22 deletions
@@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.506 2019/09/06 14:45:34 naddy Exp $ */ +/* $OpenBSD: ssh.c,v 1.507 2019/09/13 04:27:35 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1369,7 +1369,7 @@ main(int ac, char **av) timeout_ms = options.connection_timeout * 1000; /* Open a connection to the remote host. */ - if (ssh_connect(ssh, host, addrs, &hostaddr, options.port, + if (ssh_connect(ssh, host_arg, host, addrs, &hostaddr, options.port, options.address_family, options.connection_attempts, &timeout_ms, options.tcp_keep_alive) != 0) exit(255); diff --git a/ssh_config.5 b/ssh_config.5 index b10c5549..867c916a 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,7 +33,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.302 2019/09/13 04:07:42 djm Exp $ +.\" $OpenBSD: ssh_config.5,v 1.303 2019/09/13 04:27:35 djm Exp $ .Dd $Mdocdate: September 13 2019 $ .Dt SSH_CONFIG 5 .Os @@ -1821,7 +1821,7 @@ accept the tokens %%, %d, %h, %i, %l, %r, and %u. accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, %T, and %u. .Pp .Cm ProxyCommand -accepts the tokens %%, %h, %p, and %r. +accepts the tokens %%, %h, %n, %p, and %r. .Pp .Cm RemoteCommand accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, and %u. diff --git a/sshconnect.c b/sshconnect.c index ed44fccb..74078044 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.317 2019/06/28 13:35:04 deraadt Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.318 2019/09/13 04:27:35 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -87,14 +87,18 @@ static void warn_changed_key(struct sshkey *); /* Expand a proxy command */ static char * expand_proxy_command(const char *proxy_command, const char *user, - const char *host, int port) + const char *host, const char *host_arg, int port) { char *tmp, *ret, strport[NI_MAXSERV]; snprintf(strport, sizeof strport, "%d", port); xasprintf(&tmp, "exec %s", proxy_command); - ret = percent_expand(tmp, "h", host, "p", strport, - "r", options.user, (char *)NULL); + ret = percent_expand(tmp, + "h", host, + "n", host_arg, + "p", strport, + "r", options.user, + (char *)NULL); free(tmp); return ret; } @@ -122,8 +126,8 @@ stderr_null(void) * a connected fd back to us. */ static int -ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port, - const char *proxy_command) +ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, + const char *host_arg, u_short port, const char *proxy_command) { char *command_string; int sp[2], sock; @@ -138,7 +142,7 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port, "proxy dialer: %.100s", strerror(errno)); command_string = expand_proxy_command(proxy_command, options.user, - host, port); + host_arg, host, port); debug("Executing proxy dialer command: %.500s", command_string); /* Fork and execute the proxy command. */ @@ -204,8 +208,8 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port, * Connect to the given ssh server using a proxy command. */ static int -ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port, - const char *proxy_command) +ssh_proxy_connect(struct ssh *ssh, const char *host, const char *host_arg, + u_short port, const char *proxy_command) { char *command_string; int pin[2], pout[2]; @@ -221,7 +225,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port, strerror(errno)); command_string = expand_proxy_command(proxy_command, options.user, - host, port); + host_arg, host, port); debug("Executing proxy command: %.500s", command_string); /* Fork and execute the proxy command. */ @@ -543,9 +547,9 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop, } int -ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs, - struct sockaddr_storage *hostaddr, u_short port, int family, - int connection_attempts, int *timeout_ms, int want_keepalive) +ssh_connect(struct ssh *ssh, const char *host, const char *host_arg, + struct addrinfo *addrs, struct sockaddr_storage *hostaddr, u_short port, + int family, int connection_attempts, int *timeout_ms, int want_keepalive) { int in, out; @@ -564,10 +568,11 @@ ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs, return -1; /* ssh_packet_set_connection logs error */ return 0; } else if (options.proxy_use_fdpass) { - return ssh_proxy_fdpass_connect(ssh, host, port, + return ssh_proxy_fdpass_connect(ssh, host, host_arg, port, options.proxy_command); } - return ssh_proxy_connect(ssh, host, port, options.proxy_command); + return ssh_proxy_connect(ssh, host, host_arg, port, + options.proxy_command); } /* defaults to 'no' */ diff --git a/sshconnect.h b/sshconnect.h index b455d7c2..2e84b8bc 100644 --- a/sshconnect.h +++ b/sshconnect.h @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.h,v 1.38 2019/06/21 04:21:05 djm Exp $ */ +/* $OpenBSD: sshconnect.h,v 1.39 2019/09/13 04:27:35 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -33,8 +33,9 @@ struct Sensitive { struct addrinfo; struct ssh; -int ssh_connect(struct ssh *, const char *, struct addrinfo *, - struct sockaddr_storage *, u_short, int, int, int *, int); +int ssh_connect(struct ssh *, const char *, const char *, + struct addrinfo *, struct sockaddr_storage *, u_short, + int, int, int *, int); void ssh_kill_proxy_command(void); void ssh_login(struct ssh *, Sensitive *, const char *, |