[openssh-commits] [openssh] 01/01: upstream: allow %n to be expanded in ProxyCommand strings
git+noreply at mindrot.org
git+noreply at mindrot.org
Fri Sep 13 14:28:50 AEST 2019
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit fbe24b142915331ceb2a3a76be3dc5b6d204fddf
Author: djm at openbsd.org <djm at openbsd.org>
Date: Fri Sep 13 04:27:35 2019 +0000
upstream: allow %n to be expanded in ProxyCommand strings
From Zachary Harmany via github.com/openssh/openssh-portable/pull/118
ok dtucker@
OpenBSD-Commit-ID: 7eebf1b7695f50c66d42053d352a4db9e8fb84b6
---
ssh.c | 4 ++--
ssh_config.5 | 4 ++--
sshconnect.c | 35 ++++++++++++++++++++---------------
sshconnect.h | 7 ++++---
4 files changed, 28 insertions(+), 22 deletions(-)
diff --git a/ssh.c b/ssh.c
index cb321bcf..ee51823c 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.506 2019/09/06 14:45:34 naddy Exp $ */
+/* $OpenBSD: ssh.c,v 1.507 2019/09/13 04:27:35 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -1369,7 +1369,7 @@ main(int ac, char **av)
timeout_ms = options.connection_timeout * 1000;
/* Open a connection to the remote host. */
- if (ssh_connect(ssh, host, addrs, &hostaddr, options.port,
+ if (ssh_connect(ssh, host_arg, host, addrs, &hostaddr, options.port,
options.address_family, options.connection_attempts,
&timeout_ms, options.tcp_keep_alive) != 0)
exit(255);
diff --git a/ssh_config.5 b/ssh_config.5
index b10c5549..867c916a 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,7 +33,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.302 2019/09/13 04:07:42 djm Exp $
+.\" $OpenBSD: ssh_config.5,v 1.303 2019/09/13 04:27:35 djm Exp $
.Dd $Mdocdate: September 13 2019 $
.Dt SSH_CONFIG 5
.Os
@@ -1821,7 +1821,7 @@ accept the tokens %%, %d, %h, %i, %l, %r, and %u.
accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, %T, and %u.
.Pp
.Cm ProxyCommand
-accepts the tokens %%, %h, %p, and %r.
+accepts the tokens %%, %h, %n, %p, and %r.
.Pp
.Cm RemoteCommand
accepts the tokens %%, %C, %d, %h, %i, %l, %n, %p, %r, and %u.
diff --git a/sshconnect.c b/sshconnect.c
index ed44fccb..74078044 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.317 2019/06/28 13:35:04 deraadt Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.318 2019/09/13 04:27:35 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -87,14 +87,18 @@ static void warn_changed_key(struct sshkey *);
/* Expand a proxy command */
static char *
expand_proxy_command(const char *proxy_command, const char *user,
- const char *host, int port)
+ const char *host, const char *host_arg, int port)
{
char *tmp, *ret, strport[NI_MAXSERV];
snprintf(strport, sizeof strport, "%d", port);
xasprintf(&tmp, "exec %s", proxy_command);
- ret = percent_expand(tmp, "h", host, "p", strport,
- "r", options.user, (char *)NULL);
+ ret = percent_expand(tmp,
+ "h", host,
+ "n", host_arg,
+ "p", strport,
+ "r", options.user,
+ (char *)NULL);
free(tmp);
return ret;
}
@@ -122,8 +126,8 @@ stderr_null(void)
* a connected fd back to us.
*/
static int
-ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
- const char *proxy_command)
+ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host,
+ const char *host_arg, u_short port, const char *proxy_command)
{
char *command_string;
int sp[2], sock;
@@ -138,7 +142,7 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
"proxy dialer: %.100s", strerror(errno));
command_string = expand_proxy_command(proxy_command, options.user,
- host, port);
+ host_arg, host, port);
debug("Executing proxy dialer command: %.500s", command_string);
/* Fork and execute the proxy command. */
@@ -204,8 +208,8 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
* Connect to the given ssh server using a proxy command.
*/
static int
-ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
- const char *proxy_command)
+ssh_proxy_connect(struct ssh *ssh, const char *host, const char *host_arg,
+ u_short port, const char *proxy_command)
{
char *command_string;
int pin[2], pout[2];
@@ -221,7 +225,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
strerror(errno));
command_string = expand_proxy_command(proxy_command, options.user,
- host, port);
+ host_arg, host, port);
debug("Executing proxy command: %.500s", command_string);
/* Fork and execute the proxy command. */
@@ -543,9 +547,9 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
}
int
-ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs,
- struct sockaddr_storage *hostaddr, u_short port, int family,
- int connection_attempts, int *timeout_ms, int want_keepalive)
+ssh_connect(struct ssh *ssh, const char *host, const char *host_arg,
+ struct addrinfo *addrs, struct sockaddr_storage *hostaddr, u_short port,
+ int family, int connection_attempts, int *timeout_ms, int want_keepalive)
{
int in, out;
@@ -564,10 +568,11 @@ ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs,
return -1; /* ssh_packet_set_connection logs error */
return 0;
} else if (options.proxy_use_fdpass) {
- return ssh_proxy_fdpass_connect(ssh, host, port,
+ return ssh_proxy_fdpass_connect(ssh, host, host_arg, port,
options.proxy_command);
}
- return ssh_proxy_connect(ssh, host, port, options.proxy_command);
+ return ssh_proxy_connect(ssh, host, host_arg, port,
+ options.proxy_command);
}
/* defaults to 'no' */
diff --git a/sshconnect.h b/sshconnect.h
index b455d7c2..2e84b8bc 100644
--- a/sshconnect.h
+++ b/sshconnect.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.h,v 1.38 2019/06/21 04:21:05 djm Exp $ */
+/* $OpenBSD: sshconnect.h,v 1.39 2019/09/13 04:27:35 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@@ -33,8 +33,9 @@ struct Sensitive {
struct addrinfo;
struct ssh;
-int ssh_connect(struct ssh *, const char *, struct addrinfo *,
- struct sockaddr_storage *, u_short, int, int, int *, int);
+int ssh_connect(struct ssh *, const char *, const char *,
+ struct addrinfo *, struct sockaddr_storage *, u_short,
+ int, int, int *, int);
void ssh_kill_proxy_command(void);
void ssh_login(struct ssh *, Sensitive *, const char *,
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list