Attachment #2274 for bug #1585




	oAddressFamily, oGssAuthentication, oGssDelegateCreds,
	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
	oSendEnv, oControlPath, oControlMaster, oControlPersist,
	oHashKnownHosts, oInclude,
	oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
	oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
	oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown,

	{ "controlmaster", oControlMaster },
	{ "controlpersist", oControlPersist },
	{ "hashknownhosts", oHashKnownHosts },
	{ "include", oInclude },
	{ "tunnel", oTunnel },
	{ "tunneldevice", oTunnelDevice },
	{ "localcommand", oLocalCommand },

		intptr = &options->visual_host_key;
		goto parse_flag;

	case oInclude:
		arg = strdelim(&s);
		if (!arg || *arg == '\0')
			fatal("%.200s line %d: Missing argument.", filename, linenum);
		char *newfile = NULL;
		/*
		 * expand "~/some/file" into "$HOME/some/file"
		 * expand "~username/some/file" into "$HOME/some/file" for
		 * username's $HOME. "~" on its own will not expand
		 */
		if (*arg == '~') {
			if (arg[1] == '/') {
				/* ~/some/file or ~/ case: */

				/*
				 * get passwd entry for uid
				 */
				const uid_t uid = getuid();
				struct passwd *pwd = getpwuid(uid);
				if (!pwd)
					fatal("%.200s line %d: Couldn't get user info for uid \"%ld\": %s",
						filename, linenum, (const long)(uid), strerror(errno));

				if (!pwd->pw_dir)
					fatal("%.200s line %d: Couldn't expand home directory for \"%s\"",
						filename, linenum, arg);

				/*
				 * construct expanded string
				 */
				const size_t pwddirlen = strlen(pwd->pw_dir);
				newfile = (char *)(malloc(pwddirlen + 1 + strlen(arg)));
				if (!newfile)
					abort();
				strcpy(newfile, pwd->pw_dir);
				strcpy(newfile + pwddirlen, arg+1);
			} else if (arg[1] != '\0') {
				/* ~username/ or ~username case: */

				/*
				 * parse username portion
				 */
				unsigned int i;
				for (i = 1; arg[i] != '/' && arg[i] != '\0'; ++i) {}
				/* allocate for i-1 chars and 1 '\0' terminator */
				char *username = (char *)(malloc(i));
				if (!username)
					abort();
				memset(username, 0, i);
				strncpy(username, arg+1, i-1);

				/*
				 * get passwd entry
				 */
				struct passwd *pwd = getpwnam(username);
				if (!pwd)
					fatal("%.200s line %d: Couldn't get user info for username \"%s\": %s",
						filename, linenum, username, strerror(errno));
				free(username);

				if (!pwd->pw_dir)
					fatal("%.200s line %d: Couldn't expand home directory for \"%s\"",
						filename, linenum, arg);

				/*
				 * construct expanded string
				 */
				const size_t pwddirlen = strlen(pwd->pw_dir);
				newfile = (char *)(malloc(pwddirlen + 1 + strlen(arg)));
				if (!newfile)
					abort();
				strcpy(newfile, pwd->pw_dir);
				strcpy(newfile + pwddirlen, arg+i);
			}
		}
		int ret;
		char *readfile = newfile ? newfile : arg;
		if ((ret = (read_config_file(readfile, host, options, 1) ? 0 : -1)) != 0)
			error("%s line %d: Error reading Include file \"%s\".",
				filename, linenum, readfile);
		if (newfile)
			free(newfile);
		if (ret)
			return ret;
		break;

	case oIPQoS:
		arg = strdelim(&s);
		if ((value = parse_ipqos(arg)) == -1)




.Cm IgnoreUnknown
be listed early in the configuration file as it will not be applied
to unknown options that appear before it.
.It Cm Include
Read the specified file as if its contents were pasted here.
Files of the form
.Dq ~/path/to/config
will expand to
.Dq $HOME/path/to/config
where
.Dq $HOME
is the user's home directoy.
Files of the form
.Dq ~username/path/to/config
will expand to
.Dq $HOME/path/to/config
where
.Dq $HOME
is
.Dq username
\'s home directory.
A single
.Dq ~
will not expand at all.
Bad error counts are unique to each configuration file.
.It Cm IPQoS
Specifies the IPv4 type-of-service or DSCP class for connections.
Accepted values are

Lines 448-453 For full details of the options listed b Link Here

(-)openssh-cvs.bak/ssh.1 (+1 lines)
448	.It HostName	448	.It HostName
449	.It IdentityFile	449	.It IdentityFile
450	.It IdentitiesOnly	450	.It IdentitiesOnly
		451	.It Include
451	.It IPQoS	452	.It IPQoS
452	.It KbdInteractiveAuthentication	453	.It KbdInteractiveAuthentication
453	.It KbdInteractiveDevices	454	.It KbdInteractiveDevices

Return to bug 1585

Lines 134-140 typedef enum { Link Here

(-)openssh-cvs.bak/readconf.c (-1 / +88 lines)
134	oAddressFamily, oGssAuthentication, oGssDelegateCreds,	134	oAddressFamily, oGssAuthentication, oGssDelegateCreds,
135	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,	135	oServerAliveInterval, oServerAliveCountMax, oIdentitiesOnly,
136	oSendEnv, oControlPath, oControlMaster, oControlPersist,	136	oSendEnv, oControlPath, oControlMaster, oControlPersist,
137	oHashKnownHosts,	137	oHashKnownHosts, oInclude,
138	oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,	138	oTunnel, oTunnelDevice, oLocalCommand, oPermitLocalCommand,
139	oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,	139	oVisualHostKey, oUseRoaming, oZeroKnowledgePasswordAuthentication,
140	oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown,	140	oKexAlgorithms, oIPQoS, oRequestTTY, oIgnoreUnknown,
Lines 234-239 static struct { Link Here
234	{ "controlmaster", oControlMaster },	234	{ "controlmaster", oControlMaster },
235	{ "controlpersist", oControlPersist },	235	{ "controlpersist", oControlPersist },
236	{ "hashknownhosts", oHashKnownHosts },	236	{ "hashknownhosts", oHashKnownHosts },
		237	{ "include", oInclude },
237	{ "tunnel", oTunnel },	238	{ "tunnel", oTunnel },
238	{ "tunneldevice", oTunnelDevice },	239	{ "tunneldevice", oTunnelDevice },
239	{ "localcommand", oLocalCommand },	240	{ "localcommand", oLocalCommand },
Lines 1029-1034 parse_int: Link Here
1029	intptr = &options->visual_host_key;	1030	intptr = &options->visual_host_key;
1030	goto parse_flag;	1031	goto parse_flag;
1031		1032
		1033	case oInclude:
		1034	arg = strdelim(&s);
		1035	if (!arg \|\| *arg == '\0')
		1036	fatal("%.200s line %d: Missing argument.", filename, linenum);
		1037	char *newfile = NULL;
		1038	/*
		1039	* expand "~/some/file" into "$HOME/some/file"
		1040	* expand "~username/some/file" into "$HOME/some/file" for
		1041	* username's $HOME. "~" on its own will not expand
		1042	*/
		1043	if (*arg == '~') {
		1044	if (arg[1] == '/') {
		1045	/* ~/some/file or ~/ case: */
		1046
		1047	/*
		1048	* get passwd entry for uid
		1049	*/
		1050	const uid_t uid = getuid();
		1051	struct passwd *pwd = getpwuid(uid);
		1052	if (!pwd)
		1053	fatal("%.200s line %d: Couldn't get user info for uid \"%ld\": %s",
		1054	filename, linenum, (const long)(uid), strerror(errno));
		1055
		1056	if (!pwd->pw_dir)
		1057	fatal("%.200s line %d: Couldn't expand home directory for \"%s\"",
		1058	filename, linenum, arg);
		1059
		1060	/*
		1061	* construct expanded string
		1062	*/
		1063	const size_t pwddirlen = strlen(pwd->pw_dir);
		1064	newfile = (char *)(malloc(pwddirlen + 1 + strlen(arg)));
		1065	if (!newfile)
		1066	abort();
		1067	strcpy(newfile, pwd->pw_dir);
		1068	strcpy(newfile + pwddirlen, arg+1);
		1069	} else if (arg[1] != '\0') {
		1070	/* ~username/ or ~username case: */
		1071
		1072	/*
		1073	* parse username portion
		1074	*/
		1075	unsigned int i;
		1076	for (i = 1; arg[i] != '/' && arg[i] != '\0'; ++i) {}
		1077	/* allocate for i-1 chars and 1 '\0' terminator */
		1078	char username = (char )(malloc(i));
		1079	if (!username)
		1080	abort();
		1081	memset(username, 0, i);
		1082	strncpy(username, arg+1, i-1);
		1083
		1084	/*
		1085	* get passwd entry
		1086	*/
		1087	struct passwd *pwd = getpwnam(username);
		1088	if (!pwd)
		1089	fatal("%.200s line %d: Couldn't get user info for username \"%s\": %s",
		1090	filename, linenum, username, strerror(errno));
		1091	free(username);
		1092
		1093	if (!pwd->pw_dir)
		1094	fatal("%.200s line %d: Couldn't expand home directory for \"%s\"",
		1095	filename, linenum, arg);
		1096
1097	/*
1098	* construct expanded string
1099	*/
1100	const size_t pwddirlen = strlen(pwd->pw_dir);
1101	newfile = (char *)(malloc(pwddirlen + 1 + strlen(arg)));
1102	if (!newfile)
1103	abort();
1104	strcpy(newfile, pwd->pw_dir);
1105	strcpy(newfile + pwddirlen, arg+i);
1106	}
1107	}
1108	int ret;
1109	char *readfile = newfile ? newfile : arg;
1110	if ((ret = (read_config_file(readfile, host, options, 1) ? 0 : -1)) != 0)
1111	error("%s line %d: Error reading Include file \"%s\".",
1112	filename, linenum, readfile);
1113	if (newfile)
1114	free(newfile);
1115	if (ret)
1116	return ret;
1117	break;
1118
1032	case oIPQoS:	1119	case oIPQoS:
1033	arg = strdelim(&s);	1120	arg = strdelim(&s);
1034	if ((value = parse_ipqos(arg)) == -1)	1121	if ((value = parse_ipqos(arg)) == -1)

Lines 668-673 It is recommended that Link Here

(-)openssh-cvs.bak/ssh_config.5 (+22 lines)
668	.Cm IgnoreUnknown	668	.Cm IgnoreUnknown
669	be listed early in the configuration file as it will not be applied	669	be listed early in the configuration file as it will not be applied
670	to unknown options that appear before it.	670	to unknown options that appear before it.
		671	.It Cm Include
		672	Read the specified file as if its contents were pasted here.
		673	Files of the form
		674	.Dq ~/path/to/config
		675	will expand to
		676	.Dq $HOME/path/to/config
		677	where
		678	.Dq $HOME
		679	is the user's home directoy.
		680	Files of the form
		681	.Dq ~username/path/to/config
		682	will expand to
		683	.Dq $HOME/path/to/config
		684	where
		685	.Dq $HOME
		686	is
		687	.Dq username
		688	\'s home directory.
		689	A single
		690	.Dq ~
		691	will not expand at all.
		692	Bad error counts are unique to each configuration file.
671	.It Cm IPQoS	693	.It Cm IPQoS
672	Specifies the IPv4 type-of-service or DSCP class for connections.	694	Specifies the IPv4 type-of-service or DSCP class for connections.
673	Accepted values are	695	Accepted values are