summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog6
-rw-r--r--ssh.c22
-rw-r--r--ssh_config.517
3 files changed, 36 insertions, 9 deletions
diff --git a/ChangeLog b/ChangeLog
index 827719c9c..792d4fd68 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -30,6 +30,10 @@
30 silencing a heap of lint warnings. also allows them to use 30 silencing a heap of lint warnings. also allows them to use
31 __bounded__ checking which can't be applied to macros; requested 31 __bounded__ checking which can't be applied to macros; requested
32 by and feedback from deraadt@ 32 by and feedback from deraadt@
33 - djm@cvs.openbsd.org 2006/03/30 10:41:25
34 [ssh.c ssh_config.5]
35 add percent escape chars to the IdentityFile option, bz #1159 based
36 on a patch by imaging AT math.ualberta.ca; feedback and ok dtucker@
33 37
3420060326 3820060326
35 - OpenBSD CVS Sync 39 - OpenBSD CVS Sync
@@ -4479,4 +4483,4 @@
4479 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 4483 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
4480 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 4484 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
4481 4485
4482$Id: ChangeLog,v 1.4295 2006/03/31 12:13:02 djm Exp $ 4486$Id: ChangeLog,v 1.4296 2006/03/31 12:13:21 djm Exp $
diff --git a/ssh.c b/ssh.c
index 7e0a8ba4b..5eddd41d5 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.c,v 1.274 2006/03/28 00:12:31 deraadt Exp $ */ 1/* $OpenBSD: ssh.c,v 1.275 2006/03/30 10:41:25 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -647,15 +647,15 @@ main(int ac, char **av)
647 options.control_path = NULL; 647 options.control_path = NULL;
648 648
649 if (options.control_path != NULL) { 649 if (options.control_path != NULL) {
650 char me[NI_MAXHOST]; 650 char thishost[NI_MAXHOST];
651 651
652 if (gethostname(me, sizeof(me)) == -1) 652 if (gethostname(thishost, sizeof(thishost)) == -1)
653 fatal("gethostname: %s", strerror(errno)); 653 fatal("gethostname: %s", strerror(errno));
654 snprintf(buf, sizeof(buf), "%d", options.port); 654 snprintf(buf, sizeof(buf), "%d", options.port);
655 cp = tilde_expand_filename(options.control_path, 655 cp = tilde_expand_filename(options.control_path,
656 original_real_uid); 656 original_real_uid);
657 options.control_path = percent_expand(cp, "p", buf, "h", host, 657 options.control_path = percent_expand(cp, "p", buf, "h", host,
658 "r", options.user, "l", me, (char *)NULL); 658 "r", options.user, "l", thishost, (char *)NULL);
659 xfree(cp); 659 xfree(cp);
660 } 660 }
661 if (mux_command != 0 && options.control_path == NULL) 661 if (mux_command != 0 && options.control_path == NULL)
@@ -1194,9 +1194,10 @@ ssh_session2(void)
1194static void 1194static void
1195load_public_identity_files(void) 1195load_public_identity_files(void)
1196{ 1196{
1197 char *filename; 1197 char *filename, *cp, thishost[NI_MAXHOST];
1198 int i = 0; 1198 int i = 0;
1199 Key *public; 1199 Key *public;
1200 struct passwd *pw;
1200#ifdef SMARTCARD 1201#ifdef SMARTCARD
1201 Key **keys; 1202 Key **keys;
1202 1203
@@ -1220,9 +1221,18 @@ load_public_identity_files(void)
1220 xfree(keys); 1221 xfree(keys);
1221 } 1222 }
1222#endif /* SMARTCARD */ 1223#endif /* SMARTCARD */
1224 if ((pw = getpwuid(original_real_uid)) == NULL)
1225 fatal("load_public_identity_files: getpwuid failed");
1226 if (gethostname(thishost, sizeof(thishost)) == -1)
1227 fatal("load_public_identity_files: gethostname: %s",
1228 strerror(errno));
1223 for (; i < options.num_identity_files; i++) { 1229 for (; i < options.num_identity_files; i++) {
1224 filename = tilde_expand_filename(options.identity_files[i], 1230 cp = tilde_expand_filename(options.identity_files[i],
1225 original_real_uid); 1231 original_real_uid);
1232 filename = percent_expand(cp, "d", pw->pw_dir,
1233 "u", pw->pw_name, "l", thishost, "h", host,
1234 "r", options.user, (char *)NULL);
1235 xfree(cp);
1226 public = key_load_public(filename, NULL); 1236 public = key_load_public(filename, NULL);
1227 debug("identity file %s type %d", filename, 1237 debug("identity file %s type %d", filename,
1228 public ? public->type : -1); 1238 public ? public->type : -1);
diff --git a/ssh_config.5 b/ssh_config.5
index 5b02ef821..9c621336e 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: ssh_config.5,v 1.89 2006/03/14 16:32:48 markus Exp $ 37.\" $OpenBSD: ssh_config.5,v 1.90 2006/03/30 10:41:25 djm Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSH_CONFIG 5 39.Dt SSH_CONFIG 5
40.Os 40.Os
@@ -548,8 +548,21 @@ and
548for protocol version 2. 548for protocol version 2.
549Additionally, any identities represented by the authentication agent 549Additionally, any identities represented by the authentication agent
550will be used for authentication. 550will be used for authentication.
551.Pp
551The file name may use the tilde 552The file name may use the tilde
552syntax to refer to a user's home directory. 553syntax to refer to a user's home directory or one of the following
554escape characters:
555.Ql %d
556(local user's home directory),
557.Ql %u
558(local user name),
559.Ql %l
560(local host name),
561.Ql %h
562(remote host name) or
563.Ql %h
564(remote user name).
565.Pp
553It is possible to have 566It is possible to have
554multiple identity files specified in configuration files; all these 567multiple identity files specified in configuration files; all these
555identities will be tried in sequence. 568identities will be tried in sequence.
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-01 21:06:46 +0000