1 files changed, 36 insertions, 7 deletions

diff --git a/ssh.c b/ssh.c
index 6625557bd..54f1dbd0a 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.404 2014/06/27 16:41:56 markus Exp $ */
+/* $OpenBSD: ssh.c,v 1.405 2014/07/03 06:39:19 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -85,6 +85,7 @@
 #include "canohost.h"
 #include "compat.h"
 #include "cipher.h"
+#include "digest.h"
 #include "packet.h"
 #include "buffer.h"
 #include "channels.h"
@@ -424,6 +425,9 @@ main(int ac, char **av)
         extern char *optarg;
         Forward fwd;
         struct addrinfo *addrs = NULL;
+        struct ssh_digest_ctx *md;
+        u_char conn_hash[SSH_DIGEST_MAX_LENGTH];
+        char *conn_hash_hex;
 
         /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
         sanitise_stdfd();
@@ -1002,12 +1006,29 @@ main(int ac, char **av)
         shorthost[strcspn(thishost, ".")] = '\0';
         snprintf(portstr, sizeof(portstr), "%d", options.port);
 
+        if ((md = ssh_digest_start(SSH_DIGEST_SHA1)) == NULL ||
+            ssh_digest_update(md, thishost, strlen(thishost)) < 0 ||
+            ssh_digest_update(md, host, strlen(host)) < 0 ||
+            ssh_digest_update(md, portstr, strlen(portstr)) < 0 ||
+            ssh_digest_update(md, options.user, strlen(options.user)) < 0 ||
+            ssh_digest_final(md, conn_hash, sizeof(conn_hash)) < 0)
+                fatal("%s: mux digest failed", __func__);
+        ssh_digest_free(md);
+        conn_hash_hex = tohex(conn_hash, ssh_digest_bytes(SSH_DIGEST_SHA1));
+
         if (options.local_command != NULL) {
                 debug3("expanding LocalCommand: %s", options.local_command);
                 cp = options.local_command;
-                options.local_command = percent_expand(cp, "d", pw->pw_dir,
-                    "h", host, "l", thishost, "n", host_arg, "r", options.user,
-                    "p", portstr, "u", pw->pw_name, "L", shorthost,
+                options.local_command = percent_expand(cp,
+                    "C", conn_hash_hex,
+                    "L", shorthost,
+                    "d", pw->pw_dir,
+                    "h", host,
+                    "l", thishost,
+                    "n", host_arg,
+                    "p", portstr,
+                    "r", options.user,
+                    "u", pw->pw_name,
                     (char *)NULL);
                 debug3("expanded LocalCommand: %s", options.local_command);
                 free(cp);
@@ -1017,12 +1038,20 @@ main(int ac, char **av)
                 cp = tilde_expand_filename(options.control_path,
                     original_real_uid);
                 free(options.control_path);
-                options.control_path = percent_expand(cp, "h", host,
-                    "l", thishost, "n", host_arg, "r", options.user,
-                    "p", portstr, "u", pw->pw_name, "L", shorthost,
+                options.control_path = percent_expand(cp,
+                    "C", conn_hash_hex,
+                    "L", shorthost,
+                    "h", host,
+                    "l", thishost,
+                    "n", host_arg,
+                    "p", portstr,
+                    "r", options.user,
+                    "u", pw->pw_name,
                     (char *)NULL);
                 free(cp);
         }
+        free(conn_hash_hex);
+
         if (muxclient_command != 0 && options.control_path == NULL)
                 fatal("No ControlPath specified for \"-O\" command");
         if (options.control_path != NULL)