upstream: allow %n to be expanded in ProxyCommand strings

From Zachary Harmany via github.com/openssh/openssh-portable/pull/118 ok dtucker@ OpenBSD-Commit-ID: 7eebf1b7695f50c66d42053d352a4db9e8fb84b6
author: djm@openbsd.org <djm@openbsd.org> 2019-09-13 04:27:35 +0000
committer: Damien Miller <djm@mindrot.org> 2019-09-13 14:28:44 +1000
commit: fbe24b142915331ceb2a3a76be3dc5b6d204fddf (patch)
tree: 6adb5c456a64cdd74ca004a6ec8633cc53f4eac9 /sshconnect.c
parent: 2ce1d11600e13bee0667d6b717ffcc18a057b821 (diff)
1 files changed, 20 insertions, 15 deletions
diff --git a/sshconnect.c b/sshconnect.c
index ed44fccb8..740780443 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.317 2019/06/28 13:35:04 deraadt Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.318 2019/09/13 04:27:35 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -87,14 +87,18 @@ static void warn_changed_key(struct sshkey *);
 /* Expand a proxy command */
 static char *
 expand_proxy_command(const char *proxy_command, const char *user,
-    const char *host, int port)
+    const char *host, const char *host_arg, int port)
 {
        char *tmp, *ret, strport[NI_MAXSERV];
        snprintf(strport, sizeof strport, "%d", port);
        xasprintf(&tmp, "exec %s", proxy_command);
-        ret = percent_expand(tmp, "h", host, "p", strport,
+        ret = percent_expand(tmp,
-            "r", options.user, (char *)NULL);
+            "h", host,
+            "n", host_arg,
+            "p", strport,
+            "r", options.user,
+            (char *)NULL);
        free(tmp);
        return ret;
 }
@@ -122,8 +126,8 @@ stderr_null(void)
 * a connected fd back to us.
 */
 static int
-ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
+ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host,
-    const char *proxy_command)
+    const char *host_arg, u_short port, const char *proxy_command)
 {
        char *command_string;
        int sp[2], sock;
@@ -138,7 +142,7 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
                    "proxy dialer: %.100s", strerror(errno));
        command_string = expand_proxy_command(proxy_command, options.user,
-            host, port);
+            host_arg, host, port);
        debug("Executing proxy dialer command: %.500s", command_string);
        /* Fork and execute the proxy command. */
@@ -204,8 +208,8 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const char *host, u_short port,
 * Connect to the given ssh server using a proxy command.
 */
 static int
-ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
+ssh_proxy_connect(struct ssh *ssh, const char *host, const char *host_arg,
-    const char *proxy_command)
+    u_short port, const char *proxy_command)
 {
        char *command_string;
        int pin[2], pout[2];
@@ -221,7 +225,7 @@ ssh_proxy_connect(struct ssh *ssh, const char *host, u_short port,
                    strerror(errno));
        command_string = expand_proxy_command(proxy_command, options.user,
-            host, port);
+            host_arg, host, port);
        debug("Executing proxy command: %.500s", command_string);
        /* Fork and execute the proxy command. */
@@ -543,9 +547,9 @@ ssh_connect_direct(struct ssh *ssh, const char *host, struct addrinfo *aitop,
 }
 int
-ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs,
+ssh_connect(struct ssh *ssh, const char *host, const char *host_arg,
-    struct sockaddr_storage *hostaddr, u_short port, int family,
+    struct addrinfo *addrs, struct sockaddr_storage *hostaddr, u_short port,
-    int connection_attempts, int *timeout_ms, int want_keepalive)
+    int family, int connection_attempts, int *timeout_ms, int want_keepalive)
 {
        int in, out;
@@ -564,10 +568,11 @@ ssh_connect(struct ssh *ssh, const char *host, struct addrinfo *addrs,
                        return -1; /* ssh_packet_set_connection logs error */
                return 0;
        } else if (options.proxy_use_fdpass) {
-                return ssh_proxy_fdpass_connect(ssh, host, port,
+                return ssh_proxy_fdpass_connect(ssh, host, host_arg, port,
                    options.proxy_command);
        }
-        return ssh_proxy_connect(ssh, host, port, options.proxy_command);
+        return ssh_proxy_connect(ssh, host, host_arg, port,
+            options.proxy_command);
 }
 /* defaults to 'no' */
author	djm@openbsd.org <djm@openbsd.org>	2019-09-13 04:27:35 +0000
committer	Damien Miller <djm@mindrot.org>	2019-09-13 14:28:44 +1000
commit	fbe24b142915331ceb2a3a76be3dc5b6d204fddf (patch)
tree	6adb5c456a64cdd74ca004a6ec8633cc53f4eac9 /sshconnect.c
parent	2ce1d11600e13bee0667d6b717ffcc18a057b821 (diff)