diff options
| author | dtucker@openbsd.org <dtucker@openbsd.org> | 2020-05-29 04:25:40 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2020-05-29 15:46:47 +1000 |
| commit | 4a1b46e6d032608b7ec00ae51c4e25b82f460b05 (patch) | |
| tree | 7f345cd0424c5b6f7eff6e5d0f1b52747a960f9e /readconf.c | |
| parent | c9bab1d3a9e183cef3a3412f57880a0374cc8cb2 (diff) | |
upstream: Allow some keywords to expand shell-style ${ENV}
environment variables on the client side. The supported keywords are
CertificateFile, ControlPath, IdentityAgent and IdentityFile, plus
LocalForward and RemoteForward when used for Unix domain socket paths. This
would for example allow forwarding of Unix domain socket paths that change at
runtime. bz#3140, ok djm@
OpenBSD-Commit-ID: a4a2e801fc2d4df2fe0e58f50d9c81b03822dffa
Diffstat (limited to 'readconf.c')
| -rw-r--r-- | readconf.c | 20 |
1 files changed, 16 insertions, 4 deletions
diff --git a/readconf.c b/readconf.c index 63ed7fd5f..c0595a52b 100644 --- a/readconf.c +++ b/readconf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: readconf.c,v 1.330 2020/05/27 21:25:18 djm Exp $ */ | 1 | /* $OpenBSD: readconf.c,v 1.331 2020/05/29 04:25:40 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -1809,7 +1809,12 @@ parse_keytypes: | |||
| 1809 | filename, linenum); | 1809 | filename, linenum); |
| 1810 | parse_agent_path: | 1810 | parse_agent_path: |
| 1811 | /* Extra validation if the string represents an env var. */ | 1811 | /* Extra validation if the string represents an env var. */ |
| 1812 | if (arg[0] == '$' && !valid_env_name(arg + 1)) { | 1812 | if ((arg2 = dollar_expand(&r, arg)) == NULL || r) |
| 1813 | fatal("%.200s line %d: Invalid environment expansion " | ||
| 1814 | "%s.", filename, linenum, arg); | ||
| 1815 | free(arg2); | ||
| 1816 | /* check for legacy environment format */ | ||
| 1817 | if (arg[0] == '$' && arg[1] != '{' && !valid_env_name(arg + 1)) { | ||
| 1813 | fatal("%.200s line %d: Invalid environment name %s.", | 1818 | fatal("%.200s line %d: Invalid environment name %s.", |
| 1814 | filename, linenum, arg); | 1819 | filename, linenum, arg); |
| 1815 | } | 1820 | } |
| @@ -2355,12 +2360,19 @@ parse_forward(struct Forward *fwd, const char *fwdspec, int dynamicfwd, int remo | |||
| 2355 | { | 2360 | { |
| 2356 | struct fwdarg fwdargs[4]; | 2361 | struct fwdarg fwdargs[4]; |
| 2357 | char *p, *cp; | 2362 | char *p, *cp; |
| 2358 | int i; | 2363 | int i, err; |
| 2359 | 2364 | ||
| 2360 | memset(fwd, 0, sizeof(*fwd)); | 2365 | memset(fwd, 0, sizeof(*fwd)); |
| 2361 | memset(fwdargs, 0, sizeof(fwdargs)); | 2366 | memset(fwdargs, 0, sizeof(fwdargs)); |
| 2362 | 2367 | ||
| 2363 | cp = p = xstrdup(fwdspec); | 2368 | /* |
| 2369 | * We expand environment variables before checking if we think they're | ||
| 2370 | * paths so that if ${VAR} expands to a fully qualified path it is | ||
| 2371 | * treated as a path. | ||
| 2372 | */ | ||
| 2373 | cp = p = dollar_expand(&err, fwdspec); | ||
| 2374 | if (p == NULL || err) | ||
| 2375 | return 0; | ||
| 2364 | 2376 | ||
| 2365 | /* skip leading spaces */ | 2377 | /* skip leading spaces */ |
| 2366 | while (isspace((u_char)*cp)) | 2378 | while (isspace((u_char)*cp)) |