tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream: refactor client percent_expand() argument passing; 

consolidate the common arguments into a single struct and pass that around
instead of using a bunch of globals. ok markus@

OpenBSD-Commit-ID: 035e6d7ca9145ad504f6af5a021943f1958cd19b
This commit is contained in:
djm@openbsd.org 2020-12-17 23:26:11 +00:00 committed by Damien Miller
parent 43026da035
commit d060bc7f6e
2 changed files with 95 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

145
ssh.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh.c,v 1.543 2020/12/17 23:10:27 djm Exp $ */
/* $OpenBSD: ssh.c,v 1.544 2020/12/17 23:26:11 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -173,11 +173,6 @@ char *host;
*/
char *forward_agent_sock_path = NULL;
/* Various strings used to to percent_expand() arguments */
static char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV];
static char uidstr[32], *host_arg, *conn_hash_hex;
static const char *keyalias;
/* socket address the host resolves to */
struct sockaddr_storage hostaddr;
@ -214,8 +209,8 @@ usage(void)
exit(255);
}
static int ssh_session2(struct ssh *, struct passwd *);
static void load_public_identity_files(struct passwd *);
static int ssh_session2(struct ssh *, const struct ssh_conn_info *);
static void load_public_identity_files(const struct ssh_conn_info *);
static void main_sigchld_handler(int);
/* ~/ expand a list of paths. NB. assumes path[n] is heap-allocated. */
@ -233,13 +228,13 @@ tilde_expand_paths(char **paths, u_int num_paths)
}
#define DEFAULT_CLIENT_PERCENT_EXPAND_ARGS \
"C", conn_hash_hex, \
"L", shorthost, \
"i", uidstr, \
"k", keyalias, \
"l", thishost, \
"n", host_arg, \
"p", portstr
"C", cinfo->conn_hash_hex, \
"L", cinfo->shorthost, \
"i", cinfo->uidstr, \
"k", cinfo->keyalias, \
"l", cinfo->thishost, \
"n", cinfo->host_arg, \
"p", cinfo->portstr
/*
* Expands the set of percent_expand options used by the majority of keywords
@ -247,17 +242,17 @@ tilde_expand_paths(char **paths, u_int num_paths)
* Caller must free returned string.
*/
static char *
default_client_percent_expand(const char *str, const char *homedir,
const char *remhost, const char *remuser, const char *locuser)
default_client_percent_expand(const char *str,
const struct ssh_conn_info *cinfo)
{
return percent_expand(str,
/* values from statics above */
DEFAULT_CLIENT_PERCENT_EXPAND_ARGS,
/* values from arguments */
"d", homedir,
"h", remhost,
"r", remuser,
"u", locuser,
"d", cinfo->homedir,
"h", cinfo->remhost,
"r", cinfo->remuser,
"u", cinfo->locuser,
(char *)NULL);
}
@ -267,8 +262,8 @@ default_client_percent_expand(const char *str, const char *homedir,
* Caller must free returned string.
*/
static char *
default_client_percent_dollar_expand(const char *str, const char *homedir,
const char *remhost, const char *remuser, const char *locuser)
default_client_percent_dollar_expand(const char *str,
const struct ssh_conn_info *cinfo)
{
char *ret;
@ -276,10 +271,10 @@ default_client_percent_dollar_expand(const char *str, const char *homedir,
/* values from statics above */
DEFAULT_CLIENT_PERCENT_EXPAND_ARGS,
/* values from arguments */
"d", homedir,
"h", remhost,
"r", remuser,
"u", locuser,
"d", cinfo->homedir,
"h", cinfo->remhost,
"r", cinfo->remuser,
"u", cinfo->locuser,
(char *)NULL);
if (ret == NULL)
fatal("invalid environment variable expansion");
@ -634,6 +629,25 @@ set_addrinfo_port(struct addrinfo *addrs, int port)
}
}
static void
ssh_conn_info_free(struct ssh_conn_info *cinfo)
{
if (cinfo == NULL)
return;
free(cinfo->conn_hash_hex);
free(cinfo->shorthost);
free(cinfo->uidstr);
free(cinfo->keyalias);
free(cinfo->thishost);
free(cinfo->host_arg);
free(cinfo->portstr);
free(cinfo->remhost);
free(cinfo->remuser);
free(cinfo->homedir);
free(cinfo->locuser);
free(cinfo);
}
/*
* Main program for the ssh client.
*/
@ -643,8 +657,8 @@ main(int ac, char **av)
struct ssh *ssh = NULL;
int i, r, opt, exit_status, use_syslog, direct, timeout_ms;
int was_addr, config_test = 0, opt_terminated = 0, want_final_pass = 0;
char *p, *cp, *line, *argv0, *logfile;
char cname[NI_MAXHOST];
char *p, *cp, *line, *argv0, *logfile, *host_arg;
char cname[NI_MAXHOST], thishost[NI_MAXHOST];
struct stat st;
struct passwd *pw;
extern int optind, optreset;
@ -653,6 +667,8 @@ main(int ac, char **av)
struct addrinfo *addrs = NULL;
size_t n, len;
u_int j;
struct ssh_conn_info *cinfo = NULL;
/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
sanitise_stdfd();
@ -1364,17 +1380,24 @@ main(int ac, char **av)
}
/* Set up strings used to percent_expand() arguments */
cinfo = xcalloc(1, sizeof(*cinfo));
if (gethostname(thishost, sizeof(thishost)) == -1)
fatal("gethostname: %s", strerror(errno));
strlcpy(shorthost, thishost, sizeof(shorthost));
shorthost[strcspn(thishost, ".")] = '\0';
snprintf(portstr, sizeof(portstr), "%d", options.port);
snprintf(uidstr, sizeof(uidstr), "%llu",
cinfo->thishost = xstrdup(thishost);
thishost[strcspn(thishost, ".")] = '\0';
cinfo->shorthost = xstrdup(thishost);
xasprintf(&cinfo->portstr, "%d", options.port);
xasprintf(&cinfo->uidstr, "%llu",
(unsigned long long)pw->pw_uid);
keyalias = options.host_key_alias ? options.host_key_alias : host_arg;
conn_hash_hex = ssh_connection_hash(thishost, host, portstr,
options.user);
cinfo->keyalias = xstrdup(options.host_key_alias ?
options.host_key_alias : host_arg);
cinfo->conn_hash_hex = ssh_connection_hash(cinfo->thishost, host,
cinfo->portstr, options.user);
cinfo->host_arg = xstrdup(host_arg);
cinfo->remhost = xstrdup(host);
cinfo->remuser = xstrdup(options.user);
cinfo->homedir = xstrdup(pw->pw_dir);
cinfo->locuser = xstrdup(pw->pw_name);
/*
* Expand tokens in arguments. NB. LocalCommand is expanded later,
@ -1385,7 +1408,7 @@ main(int ac, char **av)
debug3("expanding RemoteCommand: %s", options.remote_command);
cp = options.remote_command;
options.remote_command = default_client_percent_expand(cp,
pw->pw_dir, host, options.user, pw->pw_name);
cinfo);
debug3("expanded RemoteCommand: %s", options.remote_command);
free(cp);
if ((r = sshbuf_put(command, options.remote_command,
@ -1397,14 +1420,13 @@ main(int ac, char **av)
cp = tilde_expand_filename(options.control_path, getuid());
free(options.control_path);
options.control_path = default_client_percent_dollar_expand(cp,
pw->pw_dir, host, options.user, pw->pw_name);
cinfo);
free(cp);
}
if (options.identity_agent != NULL) {
p = tilde_expand_filename(options.identity_agent, getuid());
cp = default_client_percent_dollar_expand(p,
pw->pw_dir, host, options.user, pw->pw_name);
cp = default_client_percent_dollar_expand(p, cinfo);
free(p);
free(options.identity_agent);
options.identity_agent = cp;
@ -1413,8 +1435,7 @@ main(int ac, char **av)
if (options.forward_agent_sock_path != NULL) {
p = tilde_expand_filename(options.forward_agent_sock_path,
getuid());
cp = default_client_percent_dollar_expand(p,
pw->pw_dir, host, options.user, pw->pw_name);
cp = default_client_percent_dollar_expand(p, cinfo);
free(p);
free(options.forward_agent_sock_path);
options.forward_agent_sock_path = cp;
@ -1424,8 +1445,7 @@ main(int ac, char **av)
if (options.user_hostfiles[j] != NULL) {
cp = tilde_expand_filename(options.user_hostfiles[j],
getuid());
p = default_client_percent_dollar_expand(cp,
pw->pw_dir, host, options.user, pw->pw_name);
p = default_client_percent_dollar_expand(cp, cinfo);
if (strcmp(options.user_hostfiles[j], p) != 0)
debug3("expanded UserKnownHostsFile '%s' -> "
"'%s'", options.user_hostfiles[j], p);
@ -1439,8 +1459,7 @@ main(int ac, char **av)
if (options.local_forwards[i].listen_path != NULL) {
cp = options.local_forwards[i].listen_path;
p = options.local_forwards[i].listen_path =
default_client_percent_expand(cp,
pw->pw_dir, host, options.user, pw->pw_name);
default_client_percent_expand(cp, cinfo);
if (strcmp(cp, p) != 0)
debug3("expanded LocalForward listen path "
"'%s' -> '%s'", cp, p);
@ -1449,8 +1468,7 @@ main(int ac, char **av)
if (options.local_forwards[i].connect_path != NULL) {
cp = options.local_forwards[i].connect_path;
p = options.local_forwards[i].connect_path =
default_client_percent_expand(cp,
pw->pw_dir, host, options.user, pw->pw_name);
default_client_percent_expand(cp, cinfo);
if (strcmp(cp, p) != 0)
debug3("expanded LocalForward connect path "
"'%s' -> '%s'", cp, p);
@ -1462,8 +1480,7 @@ main(int ac, char **av)
if (options.remote_forwards[i].listen_path != NULL) {
cp = options.remote_forwards[i].listen_path;
p = options.remote_forwards[i].listen_path =
default_client_percent_expand(cp,
pw->pw_dir, host, options.user, pw->pw_name);
default_client_percent_expand(cp, cinfo);
if (strcmp(cp, p) != 0)
debug3("expanded RemoteForward listen path "
"'%s' -> '%s'", cp, p);
@ -1472,8 +1489,7 @@ main(int ac, char **av)
if (options.remote_forwards[i].connect_path != NULL) {
cp = options.remote_forwards[i].connect_path;
p = options.remote_forwards[i].connect_path =
default_client_percent_expand(cp,
pw->pw_dir, host, options.user, pw->pw_name);
default_client_percent_expand(cp, cinfo);
if (strcmp(cp, p) != 0)
debug3("expanded RemoteForward connect path "
"'%s' -> '%s'", cp, p);
@ -1584,7 +1600,7 @@ main(int ac, char **av)
}
/* load options.identity_files */
load_public_identity_files(pw);
load_public_identity_files(cinfo);
/* optionally set the SSH_AUTHSOCKET_ENV_NAME variable */
if (options.identity_agent &&
@ -1671,7 +1687,8 @@ main(int ac, char **av)
}
skip_connect:
exit_status = ssh_session2(ssh, pw);
exit_status = ssh_session2(ssh, cinfo);
ssh_conn_info_free(cinfo);
ssh_packet_close(ssh);
if (options.control_path != NULL && muxserver_sock != -1)
@ -2038,7 +2055,7 @@ ssh_session2_open(struct ssh *ssh)
}
static int
ssh_session2(struct ssh *ssh, struct passwd *pw)
ssh_session2(struct ssh *ssh, const struct ssh_conn_info *cinfo)
{
int r, id = -1;
char *cp, *tun_fwd_ifname = NULL;
@ -2054,10 +2071,10 @@ ssh_session2(struct ssh *ssh, struct passwd *pw)
cp = options.local_command;
options.local_command = percent_expand(cp,
DEFAULT_CLIENT_PERCENT_EXPAND_ARGS,
"d", pw->pw_dir,
"h", host,
"r", options.user,
"u", pw->pw_name,
"d", cinfo->homedir,
"h", cinfo->remhost,
"r", cinfo->remuser,
"u", cinfo->locuser,
"T", tun_fwd_ifname == NULL ? "NONE" : tun_fwd_ifname,
(char *)NULL);
debug3("expanded LocalCommand: %s", options.local_command);
@ -2149,7 +2166,7 @@ ssh_session2(struct ssh *ssh, struct passwd *pw)
/* Loads all IdentityFile and CertificateFile keys */
static void
load_public_identity_files(struct passwd *pw)
load_public_identity_files(const struct ssh_conn_info *cinfo)
{
char *filename, *cp;
struct sshkey *public;
@ -2205,8 +2222,7 @@ load_public_identity_files(struct passwd *pw)
continue;
}
cp = tilde_expand_filename(options.identity_files[i], getuid());
filename = default_client_percent_dollar_expand(cp,
pw->pw_dir, host, options.user, pw->pw_name);
filename = default_client_percent_dollar_expand(cp, cinfo);
free(cp);
check_load(sshkey_load_public(filename, &public, NULL),
filename, "pubkey");
@ -2255,8 +2271,7 @@ load_public_identity_files(struct passwd *pw)
for (i = 0; i < options.num_certificate_files; i++) {
cp = tilde_expand_filename(options.certificate_files[i],
getuid());
filename = default_client_percent_dollar_expand(cp,
pw->pw_dir, host, options.user, pw->pw_name);
filename = default_client_percent_dollar_expand(cp, cinfo);
free(cp);
check_load(sshkey_load_public(filename, &public, NULL),

16
sshconnect.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshconnect.h,v 1.43 2020/10/12 08:36:37 kn Exp $ */
/* $OpenBSD: sshconnect.h,v 1.44 2020/12/17 23:26:11 djm Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
@ -30,6 +30,20 @@ struct Sensitive {
int nkeys;
};
struct ssh_conn_info {
char *conn_hash_hex;
char *shorthost;
char *uidstr;
char *keyalias;
char *thishost;
char *host_arg;
char *portstr;
char *remhost;
char *remuser;
char *homedir;
char *locuser;
};
struct addrinfo;
struct ssh;