From 9c38643c5cd47a19db2cc28279dcc28abadc22b3 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Thu, 3 Jul 2014 21:27:46 +1000
Subject:    - djm@cvs.openbsd.org 2014/07/03 06:39:19      [ssh.c
 ssh_config.5]      Add a %C escape sequence for LocalCommand and ControlPath
 that expands      to a unique identifer based on a has of the tuple of (local
 host,      remote user, hostname, port).

     Helps avoid exceeding sockaddr_un's miserly pathname limits for mux
     control paths.

     bz#2220, based on patch from mancha1 AT zoho.com; ok markus@
---
 ChangeLog    | 10 ++++++++++
 ssh.c        | 43 ++++++++++++++++++++++++++++++++++++-------
 ssh_config.5 | 14 +++++++++-----
 3 files changed, 55 insertions(+), 12 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 58f2379ab..93e4c9aee 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -45,6 +45,16 @@
      [ssh.1]
      document that -g will only work in the multiplexed case if applied to
      the mux master
+   - djm@cvs.openbsd.org 2014/07/03 06:39:19
+     [ssh.c ssh_config.5]
+     Add a %C escape sequence for LocalCommand and ControlPath that expands
+     to a unique identifer based on a has of the tuple of (local host,
+     remote user, hostname, port).
+     
+     Helps avoid exceeding sockaddr_un's miserly pathname limits for mux
+     control paths.
+     
+     bz#2220, based on patch from mancha1 AT zoho.com; ok markus@
 
 20140702
  - OpenBSD CVS Sync
diff --git a/ssh.c b/ssh.c
index 6625557bd..54f1dbd0a 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.404 2014/06/27 16:41:56 markus Exp $ */
+/* $OpenBSD: ssh.c,v 1.405 2014/07/03 06:39:19 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -85,6 +85,7 @@
 #include "canohost.h"
 #include "compat.h"
 #include "cipher.h"
+#include "digest.h"
 #include "packet.h"
 #include "buffer.h"
 #include "channels.h"
@@ -424,6 +425,9 @@ main(int ac, char **av)
 	extern char *optarg;
 	Forward fwd;
 	struct addrinfo *addrs = NULL;
+	struct ssh_digest_ctx *md;
+	u_char conn_hash[SSH_DIGEST_MAX_LENGTH];
+	char *conn_hash_hex;
 
 	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
 	sanitise_stdfd();
@@ -1002,12 +1006,29 @@ main(int ac, char **av)
 	shorthost[strcspn(thishost, ".")] = '\0';
 	snprintf(portstr, sizeof(portstr), "%d", options.port);
 
+	if ((md = ssh_digest_start(SSH_DIGEST_SHA1)) == NULL ||
+	    ssh_digest_update(md, thishost, strlen(thishost)) < 0 ||
+	    ssh_digest_update(md, host, strlen(host)) < 0 ||
+	    ssh_digest_update(md, portstr, strlen(portstr)) < 0 ||
+	    ssh_digest_update(md, options.user, strlen(options.user)) < 0 ||
+	    ssh_digest_final(md, conn_hash, sizeof(conn_hash)) < 0)
+		fatal("%s: mux digest failed", __func__);
+	ssh_digest_free(md);
+	conn_hash_hex = tohex(conn_hash, ssh_digest_bytes(SSH_DIGEST_SHA1));
+
 	if (options.local_command != NULL) {
 		debug3("expanding LocalCommand: %s", options.local_command);
 		cp = options.local_command;
-		options.local_command = percent_expand(cp, "d", pw->pw_dir,
-		    "h", host, "l", thishost, "n", host_arg, "r", options.user,
-		    "p", portstr, "u", pw->pw_name, "L", shorthost,
+		options.local_command = percent_expand(cp,
+		    "C", conn_hash_hex,
+		    "L", shorthost,
+		    "d", pw->pw_dir,
+		    "h", host,
+		    "l", thishost,
+		    "n", host_arg,
+		    "p", portstr,
+		    "r", options.user,
+		    "u", pw->pw_name,
 		    (char *)NULL);
 		debug3("expanded LocalCommand: %s", options.local_command);
 		free(cp);
@@ -1017,12 +1038,20 @@ main(int ac, char **av)
 		cp = tilde_expand_filename(options.control_path,
 		    original_real_uid);
 		free(options.control_path);
-		options.control_path = percent_expand(cp, "h", host,
-		    "l", thishost, "n", host_arg, "r", options.user,
-		    "p", portstr, "u", pw->pw_name, "L", shorthost,
+		options.control_path = percent_expand(cp,
+		    "C", conn_hash_hex,
+		    "L", shorthost,
+		    "h", host,
+		    "l", thishost,
+		    "n", host_arg,
+		    "p", portstr,
+		    "r", options.user,
+		    "u", pw->pw_name,
 		    (char *)NULL);
 		free(cp);
 	}
+	free(conn_hash_hex);
+
 	if (muxclient_command != 0 && options.control_path == NULL)
 		fatal("No ControlPath specified for \"-O\" command");
 	if (options.control_path != NULL)
diff --git a/ssh_config.5 b/ssh_config.5
index 5c6bd29ea..756762e49 100644
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,7 +33,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.187 2014/07/03 05:32:36 djm Exp $
+.\" $OpenBSD: ssh_config.5,v 1.188 2014/07/03 06:39:19 djm Exp $
 .Dd $Mdocdate: July 3 2014 $
 .Dt SSH_CONFIG 5
 .Os
@@ -499,14 +499,16 @@ specified on the command line,
 .Ql %p
 the destination port,
 .Ql %r
-by the remote login username, and
+by the remote login username,
 .Ql %u
 by the username of the user running
-.Xr ssh 1 .
+.Xr ssh 1 , and
+.Ql %C
+by a hash of the concatenation: %l%h%p%r.
 It is recommended that any
 .Cm ControlPath
 used for opportunistic connection sharing include
-at least %h, %p, and %r.
+at least %h, %p, and %r (or alternatively %C).
 This ensures that shared connections are uniquely identified.
 .It Cm ControlPersist
 When used in conjunction with
@@ -939,7 +941,9 @@ The following escape character substitutions will be performed:
 .Ql %r
 (remote user name) or
 .Ql %u
-(local user name).
+(local user name) or
+.Ql %C
+by a hash of the concatenation: %l%h%p%r.
 .Pp
 The command is run synchronously and does not have access to the
 session of the
-- 
cgit v1.2.3