summaryrefslogtreecommitdiff
path: root/ssh.c
diff options
context:
space:
mode:
Diffstat (limited to 'ssh.c')
-rw-r--r--ssh.c137
1 files changed, 87 insertions, 50 deletions
diff --git a/ssh.c b/ssh.c
index 176085647..98b6ce788 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: ssh.c,v 1.526 2020/04/03 06:07:57 djm Exp $ */ 1/* $OpenBSD: ssh.c,v 1.527 2020/04/10 00:52:07 dtucker Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -176,13 +176,6 @@ char *forward_agent_sock_path = NULL;
176/* Various strings used to to percent_expand() arguments */ 176/* Various strings used to to percent_expand() arguments */
177static char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV]; 177static char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV];
178static char uidstr[32], *host_arg, *conn_hash_hex; 178static char uidstr[32], *host_arg, *conn_hash_hex;
179#define DEFAULT_CLIENT_PERCENT_EXPAND_ARGS \
180 "C", conn_hash_hex, \
181 "L", shorthost, \
182 "i", uidstr, \
183 "l", thishost, \
184 "n", host_arg, \
185 "p", portstr
186 179
187/* socket address the host resolves to */ 180/* socket address the host resolves to */
188struct sockaddr_storage hostaddr; 181struct sockaddr_storage hostaddr;
@@ -238,6 +231,34 @@ tilde_expand_paths(char **paths, u_int num_paths)
238 } 231 }
239} 232}
240 233
234#define DEFAULT_CLIENT_PERCENT_EXPAND_ARGS \
235 "C", conn_hash_hex, \
236 "L", shorthost, \
237 "i", uidstr, \
238 "l", thishost, \
239 "n", host_arg, \
240 "p", portstr
241
242/*
243 * Expands the set of percent_expand options used by the majority of keywords
244 * in the client that support percent expansion.
245 * Caller must free returned string.
246 */
247static char *
248default_client_percent_expand(const char *str, const char *homedir,
249 const char *remhost, const char *remuser, const char *locuser)
250{
251 return percent_expand(str,
252 /* values from statics above */
253 DEFAULT_CLIENT_PERCENT_EXPAND_ARGS,
254 /* values from arguments */
255 "d", homedir,
256 "h", remhost,
257 "r", remuser,
258 "u", locuser,
259 (char *)NULL);
260}
261
241/* 262/*
242 * Attempt to resolve a host name / port to a set of addresses and 263 * Attempt to resolve a host name / port to a set of addresses and
243 * optionally return any CNAMEs encountered along the way. 264 * optionally return any CNAMEs encountered along the way.
@@ -1345,13 +1366,8 @@ main(int ac, char **av)
1345 if (options.remote_command != NULL) { 1366 if (options.remote_command != NULL) {
1346 debug3("expanding RemoteCommand: %s", options.remote_command); 1367 debug3("expanding RemoteCommand: %s", options.remote_command);
1347 cp = options.remote_command; 1368 cp = options.remote_command;
1348 options.remote_command = percent_expand(cp, 1369 options.remote_command = default_client_percent_expand(cp,
1349 DEFAULT_CLIENT_PERCENT_EXPAND_ARGS, 1370 pw->pw_dir, host, options.user, pw->pw_name);
1350 "d", pw->pw_dir,
1351 "h", host,
1352 "r", options.user,
1353 "u", pw->pw_name,
1354 (char *)NULL);
1355 debug3("expanded RemoteCommand: %s", options.remote_command); 1371 debug3("expanded RemoteCommand: %s", options.remote_command);
1356 free(cp); 1372 free(cp);
1357 if ((r = sshbuf_put(command, options.remote_command, 1373 if ((r = sshbuf_put(command, options.remote_command,
@@ -1362,25 +1378,15 @@ main(int ac, char **av)
1362 if (options.control_path != NULL) { 1378 if (options.control_path != NULL) {
1363 cp = tilde_expand_filename(options.control_path, getuid()); 1379 cp = tilde_expand_filename(options.control_path, getuid());
1364 free(options.control_path); 1380 free(options.control_path);
1365 options.control_path = percent_expand(cp, 1381 options.control_path = default_client_percent_expand(cp,
1366 DEFAULT_CLIENT_PERCENT_EXPAND_ARGS, 1382 pw->pw_dir, host, options.user, pw->pw_name);
1367 "d", pw->pw_dir,
1368 "h", host,
1369 "r", options.user,
1370 "u", pw->pw_name,
1371 (char *)NULL);
1372 free(cp); 1383 free(cp);
1373 } 1384 }
1374 1385
1375 if (options.identity_agent != NULL) { 1386 if (options.identity_agent != NULL) {
1376 p = tilde_expand_filename(options.identity_agent, getuid()); 1387 p = tilde_expand_filename(options.identity_agent, getuid());
1377 cp = percent_expand(p, 1388 cp = default_client_percent_expand(p,
1378 DEFAULT_CLIENT_PERCENT_EXPAND_ARGS, 1389 pw->pw_dir, host, options.user, pw->pw_name);
1379 "d", pw->pw_dir,
1380 "h", host,
1381 "r", options.user,
1382 "u", pw->pw_name,
1383 (char *)NULL);
1384 free(p); 1390 free(p);
1385 free(options.identity_agent); 1391 free(options.identity_agent);
1386 options.identity_agent = cp; 1392 options.identity_agent = cp;
@@ -1389,18 +1395,59 @@ main(int ac, char **av)
1389 if (options.forward_agent_sock_path != NULL) { 1395 if (options.forward_agent_sock_path != NULL) {
1390 p = tilde_expand_filename(options.forward_agent_sock_path, 1396 p = tilde_expand_filename(options.forward_agent_sock_path,
1391 getuid()); 1397 getuid());
1392 cp = percent_expand(p, 1398 cp = default_client_percent_expand(p,
1393 DEFAULT_CLIENT_PERCENT_EXPAND_ARGS, 1399 pw->pw_dir, host, options.user, pw->pw_name);
1394 "d", pw->pw_dir,
1395 "h", host,
1396 "r", options.user,
1397 "u", pw->pw_name,
1398 (char *)NULL);
1399 free(p); 1400 free(p);
1400 free(options.forward_agent_sock_path); 1401 free(options.forward_agent_sock_path);
1401 options.forward_agent_sock_path = cp; 1402 options.forward_agent_sock_path = cp;
1402 } 1403 }
1403 1404
1405 for (i = 0; i < options.num_local_forwards; i++) {
1406 if (options.local_forwards[i].listen_path != NULL) {
1407 cp = options.local_forwards[i].listen_path;
1408 p = options.local_forwards[i].listen_path =
1409 default_client_percent_expand(cp,
1410 pw->pw_dir, host, options.user, pw->pw_name);
1411 if (strcmp(cp, p) != 0)
1412 debug3("expanded LocalForward listen path "
1413 "'%s' -> '%s'", cp, p);
1414 free(cp);
1415 }
1416 if (options.local_forwards[i].connect_path != NULL) {
1417 cp = options.local_forwards[i].connect_path;
1418 p = options.local_forwards[i].connect_path =
1419 default_client_percent_expand(cp,
1420 pw->pw_dir, host, options.user, pw->pw_name);
1421 if (strcmp(cp, p) != 0)
1422 debug3("expanded LocalForward connect path "
1423 "'%s' -> '%s'", cp, p);
1424 free(cp);
1425 }
1426 }
1427
1428 for (i = 0; i < options.num_remote_forwards; i++) {
1429 if (options.remote_forwards[i].listen_path != NULL) {
1430 cp = options.remote_forwards[i].listen_path;
1431 p = options.remote_forwards[i].listen_path =
1432 default_client_percent_expand(cp,
1433 pw->pw_dir, host, options.user, pw->pw_name);
1434 if (strcmp(cp, p) != 0)
1435 debug3("expanded RemoteForward listen path "
1436 "'%s' -> '%s'", cp, p);
1437 free(cp);
1438 }
1439 if (options.remote_forwards[i].connect_path != NULL) {
1440 cp = options.remote_forwards[i].connect_path;
1441 p = options.remote_forwards[i].connect_path =
1442 default_client_percent_expand(cp,
1443 pw->pw_dir, host, options.user, pw->pw_name);
1444 if (strcmp(cp, p) != 0)
1445 debug3("expanded RemoteForward connect path "
1446 "'%s' -> '%s'", cp, p);
1447 free(cp);
1448 }
1449 }
1450
1404 if (config_test) { 1451 if (config_test) {
1405 dump_client_config(&options, host); 1452 dump_client_config(&options, host);
1406 exit(0); 1453 exit(0);
@@ -2154,13 +2201,8 @@ load_public_identity_files(struct passwd *pw)
2154 continue; 2201 continue;
2155 } 2202 }
2156 cp = tilde_expand_filename(options.identity_files[i], getuid()); 2203 cp = tilde_expand_filename(options.identity_files[i], getuid());
2157 filename = percent_expand(cp, 2204 filename = default_client_percent_expand(cp,
2158 DEFAULT_CLIENT_PERCENT_EXPAND_ARGS, 2205 pw->pw_dir, host, options.user, pw->pw_name);
2159 "d", pw->pw_dir,
2160 "h", host,
2161 "r", options.user,
2162 "u", pw->pw_name,
2163 (char *)NULL);
2164 free(cp); 2206 free(cp);
2165 check_load(sshkey_load_public(filename, &public, NULL), 2207 check_load(sshkey_load_public(filename, &public, NULL),
2166 filename, "pubkey"); 2208 filename, "pubkey");
@@ -2209,13 +2251,8 @@ load_public_identity_files(struct passwd *pw)
2209 for (i = 0; i < options.num_certificate_files; i++) { 2251 for (i = 0; i < options.num_certificate_files; i++) {
2210 cp = tilde_expand_filename(options.certificate_files[i], 2252 cp = tilde_expand_filename(options.certificate_files[i],
2211 getuid()); 2253 getuid());
2212 filename = percent_expand(cp, 2254 filename = default_client_percent_expand(cp,
2213 DEFAULT_CLIENT_PERCENT_EXPAND_ARGS, 2255 pw->pw_dir, host, options.user, pw->pw_name);
2214 "d", pw->pw_dir,
2215 "h", host,
2216 "r", options.user,
2217 "u", pw->pw_name,
2218 (char *)NULL);
2219 free(cp); 2256 free(cp);
2220 2257
2221 check_load(sshkey_load_public(filename, &public, NULL), 2258 check_load(sshkey_load_public(filename, &public, NULL),
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-26 21:44:56 +0000