[openssh-commits] [openssh] 01/02: upstream: Add tilde and environment variable expansion to
git+noreply at mindrot.org
git+noreply at mindrot.org
Mon Mar 27 15:04:56 AEDT 2023
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit f1a17de150f8d309d0c52f9abfaebf11c51a8537
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date: Mon Mar 27 03:56:11 2023 +0000
upstream: Add tilde and environment variable expansion to
RevokedHostKeys. bz#3552, ok djm@
OpenBSD-Commit-ID: ce5d8e0219b63cded594c17d4c2958c06918ec0d
---
ssh.c | 10 +++++++++-
ssh_config.5 | 13 +++++++++++--
2 files changed, 20 insertions(+), 3 deletions(-)
diff --git a/ssh.c b/ssh.c
index 918389bc..edf2f119 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.585 2023/02/10 04:40:28 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.586 2023/03/27 03:56:11 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -1421,6 +1421,14 @@ main(int ac, char **av)
options.identity_agent = cp;
}
+ if (options.revoked_host_keys != NULL) {
+ p = tilde_expand_filename(options.revoked_host_keys, getuid());
+ cp = default_client_percent_dollar_expand(p, cinfo);
+ free(p);
+ free(options.revoked_host_keys);
+ options.revoked_host_keys = cp;
+ }
+
if (options.forward_agent_sock_path != NULL) {
p = tilde_expand_filename(options.forward_agent_sock_path,
getuid());
diff --git a/ssh_config.5 b/ssh_config.5
index c56b9d7b..0b7d4d19 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh_config.5,v 1.379 2023/03/10 02:32:04 djm Exp $
-.Dd $Mdocdate: March 10 2023 $
+.\" $OpenBSD: ssh_config.5,v 1.380 2023/03/27 03:56:11 dtucker Exp $
+.Dd $Mdocdate: March 27 2023 $
.Dt SSH_CONFIG 5
.Os
.Sh NAME
@@ -1665,6 +1665,14 @@ an OpenSSH Key Revocation List (KRL) as generated by
.Xr ssh-keygen 1 .
For more information on KRLs, see the KEY REVOCATION LISTS section in
.Xr ssh-keygen 1 .
+Arguments to
+.Cm RevokedHostKeys
+may use the tilde syntax to refer to a user's home directory,
+the tokens described in the
+.Sx TOKENS
+section and environment variables as described in the
+.Sx ENVIRONMENT VARIABLES
+section.
.It Cm SecurityKeyProvider
Specifies a path to a library that will be used when loading any
FIDO authenticator-hosted keys, overriding the default of using
@@ -2135,6 +2143,7 @@ The local username.
.Cm Match exec ,
.Cm RemoteCommand ,
.Cm RemoteForward ,
+.Cm RevokedHostKeys ,
and
.Cm UserKnownHostsFile
accept the tokens %%, %C, %d, %h, %i, %k, %L, %l, %n, %p, %r, and %u.
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list