upstream: Add %-TOKEN, environment variable and tilde expansion to

UserKnownHostsFile, allowing the file to be automagically split up in the
configuration (eg bz#1654).  ok djm@, man page parts jmc@

OpenBSD-Commit-ID: 7e1b406caf147638bb51558836a72d6cc0bd1b18

2 files changed, 30 insertions, 6 deletions

diff --git a/ssh.c b/ssh.c
index b13783d43..5c93c3d2f 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.531 2020/07/05 23:59:45 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.532 2020/07/17 03:23:10 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -654,6 +654,7 @@ main(int ac, char **av)
         struct Forward fwd;
         struct addrinfo *addrs = NULL;
         size_t n, len;
+        u_int j;
 
         /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
         sanitise_stdfd();
@@ -1427,6 +1428,21 @@ main(int ac, char **av)
                 options.forward_agent_sock_path = cp;
         }
 
+        for (j = 0; j < options.num_user_hostfiles; j++) {
+                if (options.user_hostfiles[j] != NULL) {
+                        cp = tilde_expand_filename(options.user_hostfiles[j],
+                            getuid());
+                        p = default_client_percent_dollar_expand(cp,
+                            pw->pw_dir, host, options.user, pw->pw_name);
+                        if (strcmp(options.user_hostfiles[j], p) != 0)
+                                debug3("expanded UserKnownHostsFile '%s' -> "
+                                    "'%s'", options.user_hostfiles[j], p);
+                        free(options.user_hostfiles[j]);
+                        free(cp);
+                        options.user_hostfiles[j] = p;
+                }
+        }
+
         for (i = 0; i < options.num_local_forwards; i++) {
                 if (options.local_forwards[i].listen_path != NULL) {
                         cp = options.local_forwards[i].listen_path;
diff --git a/ssh_config.5 b/ssh_config.5
index d5c561a10..fce59d13a 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.328 2020/05/29 05:48:39 jmc Exp $
-.Dd $Mdocdate: May 29 2020 $
+.\" $OpenBSD: ssh_config.5,v 1.329 2020/07/17 03:23:10 dtucker Exp $
+.Dd $Mdocdate: July 17 2020 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -1738,6 +1738,12 @@ having to remember to give the user name on the command line.
 .It Cm UserKnownHostsFile
 Specifies one or more files to use for the user
 host key database, separated by whitespace.
+Each filename may use tilde notation to refer to the user's home directory,
+the tokens described in the
+.Sx TOKENS
+section and environment variables as described in the
+.Sx ENVIRONMENT VARIABLES
+section.
 The default is
 .Pa ~/.ssh/known_hosts ,
 .Pa ~/.ssh/known_hosts2 .
@@ -1874,8 +1880,9 @@ The local username.
 .Cm LocalForward ,
 .Cm Match exec ,
 .Cm RemoteCommand ,
+.Cm RemoteForward ,
 and
-.Cm RemoteForward
+.Com UserKnownHostsFile
 accept the tokens %%, %C, %d, %h, %i, %L, %l, %n, %p, %r, and %u.
 .Pp
 .Cm Hostname
@@ -1899,9 +1906,10 @@ returned and the setting for that keyword will be ignored.
 The keywords
 .Cm CertificateFile ,
 .Cm ControlPath ,
-.Cm IdentityAgent
-and
+.Cm IdentityAgent ,
 .Cm IdentityFile
+and
+.Cm UserKnownHostsFile
 support environment variables.
 The keywords
 .Cm LocalForward