Attachment #2451 for bug #2220

Lines 76-81 Link Here

(-)ssh.c (-7 / +35 lines)
76	#include "canohost.h"	76	#include "canohost.h"
77	#include "compat.h"	77	#include "compat.h"
78	#include "cipher.h"	78	#include "cipher.h"
		79	#include "digest.h"
79	#include "packet.h"	80	#include "packet.h"
80	#include "buffer.h"	81	#include "buffer.h"
81	#include "channels.h"	82	#include "channels.h"
Lines 178-184 static int remote_forward_confirms_received = 0; Link Here
178	extern int muxserver_sock;	179	extern int muxserver_sock;
179	extern u_int muxclient_command;	180	extern u_int muxclient_command;
180		181
181
182	/* Prints a help message to the user. This function never returns. */	182	/* Prints a help message to the user. This function never returns. */
183		183
184	static void	184	static void
Lines 411-416 main(int ac, char **av) Link Here
411	extern char *optarg;	411	extern char *optarg;
412	Forward fwd;	412	Forward fwd;
413	struct addrinfo *addrs = NULL;	413	struct addrinfo *addrs = NULL;
		414	struct ssh_digest_ctx *md;
		415	u_char conn_hash[SSH_DIGEST_MAX_LENGTH];
		416	char *conn_hash_hex;
414		417
415	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */	418	/* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
416	sanitise_stdfd();	419	sanitise_stdfd();
Lines 970-981 main(int ac, char **av) Link Here
970	shorthost[strcspn(thishost, ".")] = '\0';	973	shorthost[strcspn(thishost, ".")] = '\0';
971	snprintf(portstr, sizeof(portstr), "%d", options.port);	974	snprintf(portstr, sizeof(portstr), "%d", options.port);
972		975
		976	if ((md = ssh_digest_start(SSH_DIGEST_SHA1)) == NULL \|\|
		977	ssh_digest_update(md, thishost, strlen(thishost)) < 0 \|\|
		978	ssh_digest_update(md, host, strlen(host)) < 0 \|\|
		979	ssh_digest_update(md, portstr, strlen(portstr)) < 0 \|\|
		980	ssh_digest_update(md, options.user, strlen(options.user)) < 0 \|\|
		981	ssh_digest_final(md, conn_hash, sizeof(conn_hash)) < 0)
		982	fatal("%s: mux digest failed", __func__);
		983	ssh_digest_free(md);
		984	conn_hash_hex = tohex(conn_hash, ssh_digest_bytes(SSH_DIGEST_SHA1));
		985
973	if (options.local_command != NULL) {	986	if (options.local_command != NULL) {
974	debug3("expanding LocalCommand: %s", options.local_command);	987	debug3("expanding LocalCommand: %s", options.local_command);
975	cp = options.local_command;	988	cp = options.local_command;
976	options.local_command = percent_expand(cp, "d", pw->pw_dir,	989	options.local_command = percent_expand(cp,
977	"h", host, "l", thishost, "n", host_arg, "r", options.user,	990	"C", conn_hash_hex,
978	"p", portstr, "u", pw->pw_name, "L", shorthost,	991	"L", shorthost,
		992	"d", pw->pw_dir,
		993	"h", host,
		994	"l", thishost,
		995	"n", host_arg,
		996	"p", portstr,
		997	"r", options.user,
		998	"u", pw->pw_name,
979	(char *)NULL);	999	(char *)NULL);
980	debug3("expanded LocalCommand: %s", options.local_command);	1000	debug3("expanded LocalCommand: %s", options.local_command);
981	free(cp);	1001	free(cp);
Lines 985-996 main(int ac, char **av) Link Here
985	cp = tilde_expand_filename(options.control_path,	1005	cp = tilde_expand_filename(options.control_path,
986	original_real_uid);	1006	original_real_uid);
987	free(options.control_path);	1007	free(options.control_path);
988	options.control_path = percent_expand(cp, "h", host,	1008	options.control_path = percent_expand(cp,
989	"l", thishost, "n", host_arg, "r", options.user,	1009	"C", conn_hash_hex,
990	"p", portstr, "u", pw->pw_name, "L", shorthost,	1010	"L", shorthost,
		1011	"h", host,
		1012	"l", thishost,
		1013	"n", host_arg,
		1014	"p", portstr,
		1015	"r", options.user,
		1016	"u", pw->pw_name,
991	(char *)NULL);	1017	(char *)NULL);
992	free(cp);	1018	free(cp);
993	}	1019	}
		1020	free(conn_hash_hex);
		1021
994	if (muxclient_command != 0 && options.control_path == NULL)	1022	if (muxclient_command != 0 && options.control_path == NULL)
995	fatal("No ControlPath specified for \"-O\" command");	1023	fatal("No ControlPath specified for \"-O\" command");
996	if (options.control_path != NULL)	1024	if (options.control_path != NULL)

Lines 499-512 specified on the command line, Link Here

(-)ssh_config.5 (-4 / +8 lines)
499	.Ql %p	499	.Ql %p
500	the destination port,	500	the destination port,
501	.Ql %r	501	.Ql %r
502	by the remote login username, and	502	by the remote login username,
503	.Ql %u	503	.Ql %u
504	by the username of the user running	504	by the username of the user running
505	.Xr ssh 1 .	505	.Xr ssh 1 , and
		506	.Ql %C
		507	by a hash of the concatenation: %l%h%p%r.
506	It is recommended that any	508	It is recommended that any
507	.Cm ControlPath	509	.Cm ControlPath
508	used for opportunistic connection sharing include	510	used for opportunistic connection sharing include
509	at least %h, %p, and %r.	511	at least %h, %p, and %r (or alternatively %C).
510	This ensures that shared connections are uniquely identified.	512	This ensures that shared connections are uniquely identified.
511	.It Cm ControlPersist	513	.It Cm ControlPersist
512	When used in conjunction with	514	When used in conjunction with
Lines 933-939 The following escape character substitutions will be performed: Link Here
933	.Ql %r	935	.Ql %r
934	(remote user name) or	936	(remote user name) or
935	.Ql %u	937	.Ql %u
936	(local user name).	938	(local user name) or
		939	.Ql %C
		940	by a hash of the concatenation: %l%h%p%r.
937	.Pp	941	.Pp
938	The command is run synchronously and does not have access to the	942	The command is run synchronously and does not have access to the
939	session of the	943	session of the

Return to bug 2220