diff options
Diffstat (limited to 'usr.bin/ssh/ssh.c')
| -rw-r--r-- | usr.bin/ssh/ssh.c | 40 |
1 files changed, 33 insertions, 7 deletions
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 8d701c56ba9..dd7648ac00f 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.527 2020/04/10 00:52:07 dtucker Exp $ */ +/* $OpenBSD: ssh.c,v 1.528 2020/05/29 04:25:40 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -244,6 +244,31 @@ default_client_percent_expand(const char *str, const char *homedir, } /* + * Expands the set of percent_expand options used by the majority of keywords + * AND perform environment variable substitution. + * Caller must free returned string. + */ +static char * +default_client_percent_dollar_expand(const char *str, const char *homedir, + const char *remhost, const char *remuser, const char *locuser) +{ + char *ret; + + ret = percent_dollar_expand(str, + /* values from statics above */ + DEFAULT_CLIENT_PERCENT_EXPAND_ARGS, + /* values from arguments */ + "d", homedir, + "h", remhost, + "r", remuser, + "u", locuser, + (char *)NULL); + if (ret == NULL) + fatal("invalid environment variable expansion"); + return ret; +} + +/* * Attempt to resolve a host name / port to a set of addresses and * optionally return any CNAMEs encountered along the way. * Returns NULL on failure. @@ -1357,14 +1382,14 @@ main(int ac, char **av) if (options.control_path != NULL) { cp = tilde_expand_filename(options.control_path, getuid()); free(options.control_path); - options.control_path = default_client_percent_expand(cp, + options.control_path = default_client_percent_dollar_expand(cp, pw->pw_dir, host, options.user, pw->pw_name); free(cp); } if (options.identity_agent != NULL) { p = tilde_expand_filename(options.identity_agent, getuid()); - cp = default_client_percent_expand(p, + cp = default_client_percent_dollar_expand(p, pw->pw_dir, host, options.user, pw->pw_name); free(p); free(options.identity_agent); @@ -1374,7 +1399,7 @@ main(int ac, char **av) if (options.forward_agent_sock_path != NULL) { p = tilde_expand_filename(options.forward_agent_sock_path, getuid()); - cp = default_client_percent_expand(p, + cp = default_client_percent_dollar_expand(p, pw->pw_dir, host, options.user, pw->pw_name); free(p); free(options.forward_agent_sock_path); @@ -1546,7 +1571,8 @@ main(int ac, char **av) unsetenv(SSH_AUTHSOCKET_ENV_NAME); } else { cp = options.identity_agent; - if (cp[0] == '$') { + /* legacy (limited) format */ + if (cp[0] == '$' && cp[1] != '{') { if (!valid_env_name(cp + 1)) { fatal("Invalid IdentityAgent " "environment variable name %s", cp); @@ -2174,7 +2200,7 @@ load_public_identity_files(struct passwd *pw) continue; } cp = tilde_expand_filename(options.identity_files[i], getuid()); - filename = default_client_percent_expand(cp, + filename = default_client_percent_dollar_expand(cp, pw->pw_dir, host, options.user, pw->pw_name); free(cp); check_load(sshkey_load_public(filename, &public, NULL), @@ -2224,7 +2250,7 @@ load_public_identity_files(struct passwd *pw) for (i = 0; i < options.num_certificate_files; i++) { cp = tilde_expand_filename(options.certificate_files[i], getuid()); - filename = default_client_percent_expand(cp, + filename = default_client_percent_dollar_expand(cp, pw->pw_dir, host, options.user, pw->pw_name); free(cp); |