upstream commit

Add a ProxyJump ssh_config(5) option and corresponding -J ssh(1) command-line flag to allow simplified indirection through a SSH bastion or "jump host". These options construct a proxy command that connects to the specified jump host(s) (more than one may be specified) and uses port-forwarding to establish a connection to the next destination. This codifies the safest way of indirecting connections through SSH servers and makes it easy to use. ok markus@ Upstream-ID: fa899cb8b26d889da8f142eb9774c1ea36b04397
author: djm@openbsd.org <djm@openbsd.org> 2016-07-15 00:24:30 +0000
committer: Damien Miller <djm@mindrot.org> 2016-07-15 14:20:10 +1000
commit: ed877ef653847d056bb433975d731b7a1132a979 (patch)
tree: 855230b944a0fc2eebdaa4c037f911e28ff21e17 /misc.c
parent: 5c02dd126206a26785379e80f2d3848e4470b711 (diff)
1 files changed, 62 insertions, 1 deletions
diff --git a/misc.c b/misc.c
index 9d59ca6b2..9421b4d39 100644
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.104 2016/04/06 06:42:17 djm Exp $ */
+/* $OpenBSD: misc.c,v 1.105 2016/07/15 00:24:30 djm Exp $ */
 /*
 * Copyright (c) 2000 Markus Friedl.  All rights reserved.
 * Copyright (c) 2005,2006 Damien Miller.  All rights reserved.
@@ -451,6 +451,67 @@ colon(char *cp)
        return NULL;
 }
+/*
+ * Parse a [user@]host[:port] string.
+ * Caller must free returned user and host.
+ * Any of the pointer return arguments may be NULL (useful for syntax checking).
+ * If user was not specified then *userp will be set to NULL.
+ * If port was not specified then *portp will be -1.
+ * Returns 0 on success, -1 on failure.
+ */
+int
+parse_user_host_port(const char *s, char **userp, char **hostp, int *portp)
+{
+        char *sdup, *cp, *tmp;
+        char *user = NULL, *host = NULL;
+        int port = -1, ret = -1;
+        if (userp != NULL)
+                *userp = NULL;
+        if (hostp != NULL)
+                *hostp = NULL;
+        if (portp != NULL)
+                *portp = -1;
+        if ((sdup = tmp = strdup(s)) == NULL)
+                return -1;
+        /* Extract optional username */
+        if ((cp = strchr(tmp, '@')) != NULL) {
+                *cp = '\0';
+                if (*tmp == '\0')
+                        goto out;
+                if ((user = strdup(tmp)) == NULL)
+                        goto out;
+                tmp = cp + 1;
+        }
+        /* Extract mandatory hostname */
+        if ((cp = hpdelim(&tmp)) == NULL || *cp == '\0')
+                goto out;
+        host = xstrdup(cleanhostname(cp));
+        /* Convert and verify optional port */
+        if (tmp != NULL && *tmp != '\0') {
+                if ((port = a2port(tmp)) <= 0)
+                        goto out;
+        }
+        /* Success */
+        if (userp != NULL) {
+                *userp = user;
+                user = NULL;
+        }
+        if (hostp != NULL) {
+                *hostp = host;
+                host = NULL;
+        }
+        if (portp != NULL)
+                *portp = port;
+        ret = 0;
+ out:
+        free(sdup);
+        free(user);
+        free(host);
+        return ret;
+}
 /* function to assist building execv() arguments */
 void
 addargs(arglist *args, char *fmt, ...)
author	djm@openbsd.org <djm@openbsd.org>	2016-07-15 00:24:30 +0000
committer	Damien Miller <djm@mindrot.org>	2016-07-15 14:20:10 +1000
commit	ed877ef653847d056bb433975d731b7a1132a979 (patch)
tree	855230b944a0fc2eebdaa4c037f911e28ff21e17 /misc.c
parent	5c02dd126206a26785379e80f2d3848e4470b711 (diff)

diff --git a/misc.c b/misc.c index 9d59ca6b2..9421b4d39 100644 --- a/misc.c +++ b/misc.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: misc.c,v 1.104 2016/04/06 06:42:17 djm Exp $ */	1	/* $OpenBSD: misc.c,v 1.105 2016/07/15 00:24:30 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2000 Markus Friedl. All rights reserved.	3	* Copyright (c) 2000 Markus Friedl. All rights reserved.
4	* Copyright (c) 2005,2006 Damien Miller. All rights reserved.	4	* Copyright (c) 2005,2006 Damien Miller. All rights reserved.
@@ -451,6 +451,67 @@ colon(char *cp)
451	return NULL;	451	return NULL;
452	}	452	}
453		453
		454	/*
		455	* Parse a [user@]host[:port] string.
		456	* Caller must free returned user and host.
		457	* Any of the pointer return arguments may be NULL (useful for syntax checking).
		458	* If user was not specified then *userp will be set to NULL.
		459	* If port was not specified then *portp will be -1.
		460	* Returns 0 on success, -1 on failure.
		461	*/
		462	int
		463	parse_user_host_port(const char s, char userp, char hostp, int portp)
		464	{
		465	char sdup, cp, *tmp;
		466	char user = NULL, host = NULL;
		467	int port = -1, ret = -1;
		468
		469	if (userp != NULL)
		470	*userp = NULL;
		471	if (hostp != NULL)
		472	*hostp = NULL;
		473	if (portp != NULL)
		474	*portp = -1;
		475
		476	if ((sdup = tmp = strdup(s)) == NULL)
		477	return -1;
		478	/* Extract optional username */
		479	if ((cp = strchr(tmp, '@')) != NULL) {
		480	*cp = '\0';
		481	if (*tmp == '\0')
		482	goto out;
		483	if ((user = strdup(tmp)) == NULL)
		484	goto out;
		485	tmp = cp + 1;
		486	}
		487	/* Extract mandatory hostname */
		488	if ((cp = hpdelim(&tmp)) == NULL \|\| *cp == '\0')
		489	goto out;
		490	host = xstrdup(cleanhostname(cp));
		491	/* Convert and verify optional port */
		492	if (tmp != NULL && *tmp != '\0') {
		493	if ((port = a2port(tmp)) <= 0)
		494	goto out;
		495	}
		496	/* Success */
		497	if (userp != NULL) {
		498	*userp = user;
		499	user = NULL;
		500	}
		501	if (hostp != NULL) {
		502	*hostp = host;
		503	host = NULL;
		504	}
		505	if (portp != NULL)
		506	*portp = port;
		507	ret = 0;
		508	out:
		509	free(sdup);
		510	free(user);
		511	free(host);
		512	return ret;
		513	}
		514
454	/* function to assist building execv() arguments */	515	/* function to assist building execv() arguments */
455	void	516	void
456	addargs(arglist args, char fmt, ...)	517	addargs(arglist args, char fmt, ...)