diff options
author | djm@openbsd.org <djm@openbsd.org> | 2019-12-21 02:19:13 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-12-21 13:22:07 +1100 |
commit | 40be78f503277bd91c958fa25ea9ef918a2ffd3d (patch) | |
tree | b17303fad21f97437b44cf3264a03abfd503ebdf /ssh.c | |
parent | 416f15372bfb5be1709a0ad1d00ef5d8ebfb9e0e (diff) |
upstream: Allow forwarding a different agent socket to the path
specified by $SSH_AUTH_SOCK, by extending the existing ForwardAgent option to
accepting an explicit path or the name of an environment variable in addition
to yes/no.
Patch by Eric Chiang, manpage by me; ok markus@
OpenBSD-Commit-ID: 98f2ed80bf34ea54d8b2ddd19ac14ebbf40e9265
Diffstat (limited to 'ssh.c')
-rw-r--r-- | ssh.c | 34 |
1 files changed, 33 insertions, 1 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh.c,v 1.509 2019/11/18 16:10:05 naddy Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.510 2019/12/21 02:19:13 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -168,6 +168,12 @@ char *config = NULL; | |||
168 | */ | 168 | */ |
169 | char *host; | 169 | char *host; |
170 | 170 | ||
171 | /* | ||
172 | * A config can specify a path to forward, overriding SSH_AUTH_SOCK. If this is | ||
173 | * not NULL, forward the socket at this path instead. | ||
174 | */ | ||
175 | char *forward_agent_sock_path = NULL; | ||
176 | |||
171 | /* Various strings used to to percent_expand() arguments */ | 177 | /* Various strings used to to percent_expand() arguments */ |
172 | static char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; | 178 | static char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; |
173 | static char uidstr[32], *host_arg, *conn_hash_hex; | 179 | static char uidstr[32], *host_arg, *conn_hash_hex; |
@@ -1498,6 +1504,32 @@ main(int ac, char **av) | |||
1498 | } | 1504 | } |
1499 | } | 1505 | } |
1500 | 1506 | ||
1507 | if (options.forward_agent && (options.forward_agent_sock_path != NULL)) { | ||
1508 | p = tilde_expand_filename(options.forward_agent_sock_path, getuid()); | ||
1509 | cp = percent_expand(p, | ||
1510 | "d", pw->pw_dir, | ||
1511 | "h", host, | ||
1512 | "i", uidstr, | ||
1513 | "l", thishost, | ||
1514 | "r", options.user, | ||
1515 | "u", pw->pw_name, | ||
1516 | (char *)NULL); | ||
1517 | free(p); | ||
1518 | |||
1519 | if (cp[0] == '$') { | ||
1520 | if (!valid_env_name(cp + 1)) { | ||
1521 | fatal("Invalid ForwardAgent environment variable name %s", cp); | ||
1522 | } | ||
1523 | if ((p = getenv(cp + 1)) != NULL) | ||
1524 | forward_agent_sock_path = p; | ||
1525 | else | ||
1526 | options.forward_agent = 0; | ||
1527 | free(cp); | ||
1528 | } else { | ||
1529 | forward_agent_sock_path = cp; | ||
1530 | } | ||
1531 | } | ||
1532 | |||
1501 | /* Expand ~ in known host file names. */ | 1533 | /* Expand ~ in known host file names. */ |
1502 | tilde_expand_paths(options.system_hostfiles, | 1534 | tilde_expand_paths(options.system_hostfiles, |
1503 | options.num_system_hostfiles); | 1535 | options.num_system_hostfiles); |