3 files changed, 44 insertions, 10 deletions
diff --git a/ChangeLog b/ChangeLog
index 0aec356d3..cbf5a0851 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -112,6 +112,9 @@
     [clientloop.h channels.h clientloop.c channels.c mux.c]
     The multiplexing escape char handler commit last night introduced a
     small memory leak per session; plug it.
+   - dtucker@cvs.openbsd.org 2008/06/12 16:35:31
+     [ssh_config.5 ssh.c]
+     keyword expansion for localcommand.  ok djm@
 20080611
 - (djm) [channels.c configure.ac]
@@ -4274,4 +4277,4 @@
   OpenServer 6 and add osr5bigcrypt support so when someone migrates
   passwords between UnixWare and OpenServer they will still work. OK dtucker@
-$Id: ChangeLog,v 1.4984 2008/06/12 18:55:46 dtucker Exp $
+$Id: ChangeLog,v 1.4985 2008/06/12 18:56:37 dtucker Exp $
diff --git a/ssh.c b/ssh.c
index 96bfed9d5..c15a1e483 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.316 2008/06/12 04:24:06 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.317 2008/06/12 16:35:31 dtucker Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -647,6 +647,28 @@ main(int ac, char **av)
        if (options.user == NULL)
                options.user = xstrdup(pw->pw_name);
+        /* Get default port if port has not been set. */
+        if (options.port == 0) {
+                sp = getservbyname(SSH_SERVICE_NAME, "tcp");
+                options.port = sp ? ntohs(sp->s_port) : SSH_DEFAULT_PORT;
+        }
+        if (options.local_command != NULL) {
+                char thishost[NI_MAXHOST];
+                if (gethostname(thishost, sizeof(thishost)) == -1)
+                        fatal("gethostname: %s", strerror(errno));
+                snprintf(buf, sizeof(buf), "%d", options.port);
+                debug3("expanding LocalCommand: %s", options.local_command);
+                cp = options.local_command;
+                options.local_command = percent_expand(cp, "d", pw->pw_dir,
+                    "h", options.hostname? options.hostname : host,
+                    "l", thishost, "n", host, "r", options.user, "p", buf,
+                    "u", pw->pw_name, (char *)NULL);
+                debug3("expanded LocalCommand: %s", options.local_command);
+                xfree(cp);
+        }
        if (options.hostname != NULL)
                host = options.hostname;
@@ -657,12 +679,6 @@ main(int ac, char **av)
                                *p = (char)tolower(*p);
        }
-        /* Get default port if port has not been set. */
-        if (options.port == 0) {
-                sp = getservbyname(SSH_SERVICE_NAME, "tcp");
-                options.port = sp ? ntohs(sp->s_port) : SSH_DEFAULT_PORT;
-        }
        if (options.proxy_command != NULL &&
            strcmp(options.proxy_command, "none") == 0) {
                xfree(options.proxy_command);
diff --git a/ssh_config.5 b/ssh_config.5
index 8bcf323cc..98cd9ac5b 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -34,8 +34,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.108 2008/06/11 23:03:56 grunk Exp $
+.\" $OpenBSD: ssh_config.5,v 1.109 2008/06/12 16:35:31 dtucker Exp $
-.Dd $Mdocdate: June 11 2008 $
+.Dd $Mdocdate: June 12 2008 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -606,6 +606,21 @@ Specifies a command to execute on the local machine after successfully
 connecting to the server.
 The command string extends to the end of the line, and is executed with
 the user's shell.
+The following escape character substitutions will be performed:
+.Ql %d
+(local user's home directory),
+.Ql %h
+(remote host name),
+.Ql %l
+(local host name),
+.Ql %n
+(host name as provided on the command line),
+.Ql %p
+(remote port),
+.Ql %r
+(remote user name) or
+.Ql %u
+(local user name).
 This directive is ignored unless
 .Cm PermitLocalCommand
 has been enabled.