[openssh-commits] [openssh] branch master updated: Add proxyjump.sh omitted from previous commit.

git+noreply at mindrot.org git+noreply at mindrot.org
Mon Mar 30 21:59:30 AEDT 2026 

This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

The following commit(s) were added to refs/heads/master by this push:
     new 1340d3fa8 Add proxyjump.sh omitted from previous commit.
1340d3fa8 is described below

commit 1340d3fa8e4bb122906a82159c4c9b91584d65ce
Author: Darren Tucker <dtucker at dtucker.net>
AuthorDate: Mon Mar 30 21:58:44 2026 +1100

    Add proxyjump.sh omitted from previous commit.
---
 regress/proxyjump.sh | 102 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 102 insertions(+)

diff --git a/regress/proxyjump.sh b/regress/proxyjump.sh
new file mode 100644
index 000000000..af472e963
--- /dev/null
+++ b/regress/proxyjump.sh
@@ -0,0 +1,102 @@
+#	$OpenBSD: proxyjump.sh,v 1.1 2026/03/30 07:19:02 djm Exp $
+#	Placed in the Public Domain.
+
+tid="proxyjump"
+
+# Parsing tests
+verbose "basic parsing"
+for jspec in \
+	"jump1" \
+	"user at jump1" \
+	"jump1:2222" \
+	"user at jump1:2222" \
+	"jump1,jump2" \
+	"user1 at jump1:2221,user2 at jump2:2222" \
+	"ssh://user@host:2223" \
+	; do
+	case "$jspec" in
+	"jump1")		expected="jump1" ;;
+	"user at jump1")		expected="user at jump1" ;;
+	"jump1:2222")		expected="jump1:2222" ;;
+	"user at jump1:2222")	expected="user at jump1:2222" ;;
+	"jump1,jump2")		expected="jump1,jump2" ;;
+	"user1 at jump1:2221,user2 at jump2:2222")
+		expected="user1 at jump1:2221,user2 at jump2:2222" ;;
+	"ssh://user@host:2223")	expected="user at host:2223" ;;
+	esac
+	f=`${SSH} -GF /dev/null -oProxyJump="$jspec" somehost | \
+		awk '/^proxyjump /{print $2}'`
+	if [ "$f" != "$expected" ]; then
+		fail "ProxyJump $jspec: expected $expected, got $f"
+	fi
+	f=`${SSH} -GF /dev/null -J "$jspec" somehost | \
+		awk '/^proxyjump /{print $2}'`
+	if [ "$f" != "$expected" ]; then
+		fail "ssh -J $jspec: expected $expected, got $f"
+	fi
+done
+
+verbose "precedence"
+f=`${SSH} -GF /dev/null -oProxyJump=none -oProxyJump=jump1 somehost | \
+	grep "^proxyjump "`
+if [ -n "$f" ]; then
+	fail "ProxyJump=none first did not win"
+fi
+f=`${SSH} -GF /dev/null -oProxyJump=jump -oProxyCommand=foo somehost | \
+	grep "^proxyjump "`
+if [ "$f" != "proxyjump jump" ]; then
+	fail "ProxyJump first did not win over ProxyCommand"
+fi
+f=`${SSH} -GF /dev/null -oProxyCommand=foo -oProxyJump=jump somehost | \
+	grep "^proxycommand "`
+if [ "$f" != "proxycommand foo" ]; then
+	fail "ProxyCommand first did not win over ProxyJump"
+fi
+
+verbose "command-line -J invalid characters"
+cp $OBJ/ssh_config $OBJ/ssh_config.orig
+for jspec in \
+	"host;with;semicolon" \
+	"host'with'quote" \
+	"host\`with\`backtick" \
+	"host\$with\$dollar" \
+	"host(with)brace" \
+	"user;with;semicolon at host" \
+	"user'with'quote at host" \
+	"user\`with\`backtick at host" \
+	"user(with)brace at host" ; do
+	${SSH} -GF /dev/null -J "$jspec" somehost >/dev/null 2>&1
+	if [ $? -ne 255 ]; then
+		fail "ssh -J \"$jspec\" was not rejected"
+	fi
+	${SSH} -GF /dev/null -oProxyJump="$jspec" somehost >/dev/null 2>&1
+	if [ $? -ne 255 ]; then
+		fail "ssh -oProxyJump=\"$jspec\" was not rejected"
+	fi
+done
+# Special characters should be accepted in the config though.
+echo "ProxyJump user;with;semicolon at host;with;semicolon" >> $OBJ/ssh_config
+f=`${SSH} -GF $OBJ/ssh_config somehost | grep "^proxyjump "`
+if [ "$f" != "proxyjump user;with;semicolon at host;with;semicolon" ]; then
+	fail "ProxyJump did not allow special characters in config: $f"
+fi
+
+verbose "functional test"
+# Use different names to avoid the loop detection in ssh.c
+grep -iv HostKeyAlias $OBJ/ssh_config.orig > $OBJ/ssh_config
+cat << _EOF >> $OBJ/ssh_config
+Host jump-host
+	HostkeyAlias jump-host
+Host target-host
+	HostkeyAlias target-host
+_EOF
+cp $OBJ/known_hosts $OBJ/known_hosts.orig
+sed 's/^[^ ]* /jump-host /' < $OBJ/known_hosts.orig > $OBJ/known_hosts
+sed 's/^[^ ]* /target-host /' < $OBJ/known_hosts.orig >> $OBJ/known_hosts
+start_sshd
+
+verbose "functional ProxyJump"
+res=`${REAL_SSH} -F $OBJ/ssh_config -J jump-host target-host echo "SUCCESS" 2>/dev/null`
+if [ "$res" != "SUCCESS" ]; then
+	fail "functional test failed: expected SUCCESS, got $res"
+fi

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.

More information about the openssh-commits mailing list