tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

upstream: Add tilde and environment variable expansion to 

RevokedHostKeys. bz#3552, ok djm@

OpenBSD-Commit-ID: ce5d8e0219b63cded594c17d4c2958c06918ec0d
This commit is contained in:
dtucker@openbsd.org 2023-03-27 03:56:11 +00:00 committed by Darren Tucker
parent 009eb4cb48
commit f1a17de150
No known key found for this signature in database
2 changed files with 20 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ssh.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ssh.c,v 1.585 2023/02/10 04:40:28 djm Exp $ */ /* $OpenBSD: ssh.c,v 1.586 2023/03/27 03:56:11 dtucker Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1421,6 +1421,14 @@ main(int ac, char **av)
options.identity_agent = cp; options.identity_agent = cp;
} }
if (options.revoked_host_keys != NULL) {
p = tilde_expand_filename(options.revoked_host_keys, getuid());
cp = default_client_percent_dollar_expand(p, cinfo);
free(p);
free(options.revoked_host_keys);
options.revoked_host_keys = cp;
}
if (options.forward_agent_sock_path != NULL) { if (options.forward_agent_sock_path != NULL) {
p = tilde_expand_filename(options.forward_agent_sock_path, p = tilde_expand_filename(options.forward_agent_sock_path,
getuid()); getuid());

13
ssh_config.5
View File

@ -33,8 +33,8 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: ssh_config.5,v 1.379 2023/03/10 02:32:04 djm Exp $ .\" $OpenBSD: ssh_config.5,v 1.380 2023/03/27 03:56:11 dtucker Exp $
.Dd $Mdocdate: March 10 2023 $ .Dd $Mdocdate: March 27 2023 $
.Dt SSH_CONFIG 5 .Dt SSH_CONFIG 5
.Os .Os
.Sh NAME .Sh NAME
@ -1665,6 +1665,14 @@ an OpenSSH Key Revocation List (KRL) as generated by
.Xr ssh-keygen 1 . .Xr ssh-keygen 1 .
For more information on KRLs, see the KEY REVOCATION LISTS section in For more information on KRLs, see the KEY REVOCATION LISTS section in
.Xr ssh-keygen 1 . .Xr ssh-keygen 1 .
Arguments to
.Cm RevokedHostKeys
may use the tilde syntax to refer to a user's home directory,
the tokens described in the
.Sx TOKENS
section and environment variables as described in the
.Sx ENVIRONMENT VARIABLES
section.
.It Cm SecurityKeyProvider .It Cm SecurityKeyProvider
Specifies a path to a library that will be used when loading any Specifies a path to a library that will be used when loading any
FIDO authenticator-hosted keys, overriding the default of using FIDO authenticator-hosted keys, overriding the default of using
@ -2135,6 +2143,7 @@ The local username.
.Cm Match exec , .Cm Match exec ,
.Cm RemoteCommand , .Cm RemoteCommand ,
.Cm RemoteForward , .Cm RemoteForward ,
.Cm RevokedHostKeys ,
and and
.Cm UserKnownHostsFile .Cm UserKnownHostsFile
accept the tokens %%, %C, %d, %h, %i, %k, %L, %l, %n, %p, %r, and %u. accept the tokens %%, %C, %d, %h, %i, %k, %L, %l, %n, %p, %r, and %u.