upstream: Add %-TOKEN, environment variable and tilde expansion to

UserKnownHostsFile, allowing the file to be automagically split up in the
configuration (eg bz#1654).  ok djm@, man page parts jmc@

OpenBSD-Commit-ID: 7e1b406caf147638bb51558836a72d6cc0bd1b18

diff --git a/ssh.c b/ssh.c
index b13783d439f926db24681a82905244d6918b0460..5c93c3d2fb2a5671646d0cb489f388de94074b69 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.531 2020/07/05 23:59:45 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.532 2020/07/17 03:23:10 dtucker Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -654,6 +654,7 @@ main(int ac, char **av)
        struct Forward fwd;
        struct addrinfo *addrs = NULL;
        size_t n, len;
+       u_int j;
 
        /* Ensure that fds 0, 1 and 2 are open or directed to /dev/null */
        sanitise_stdfd();
@@ -1427,6 +1428,21 @@ main(int ac, char **av)
                options.forward_agent_sock_path = cp;
        }
 
+       for (j = 0; j < options.num_user_hostfiles; j++) {
+               if (options.user_hostfiles[j] != NULL) {
+                       cp = tilde_expand_filename(options.user_hostfiles[j],
+                           getuid());
+                       p = default_client_percent_dollar_expand(cp,
+                           pw->pw_dir, host, options.user, pw->pw_name);
+                       if (strcmp(options.user_hostfiles[j], p) != 0)
+                               debug3("expanded UserKnownHostsFile '%s' -> "
+                                   "'%s'", options.user_hostfiles[j], p);
+                       free(options.user_hostfiles[j]);
+                       free(cp);
+                       options.user_hostfiles[j] = p;
+               }
+       }
+
        for (i = 0; i < options.num_local_forwards; i++) {
                if (options.local_forwards[i].listen_path != NULL) {
                        cp = options.local_forwards[i].listen_path;

diff --git a/ssh_config.5 b/ssh_config.5
index d5c561a1099066e328d93b2c807e5a36164558bc..fce59d13a00ae87d85bcb2685f3b6f5313c03c14 100644 (file)
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.328 2020/05/29 05:48:39 jmc Exp $
-.Dd $Mdocdate: May 29 2020 $
+.\" $OpenBSD: ssh_config.5,v 1.329 2020/07/17 03:23:10 dtucker Exp $
+.Dd $Mdocdate: July 17 2020 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -1738,6 +1738,12 @@ having to remember to give the user name on the command line.
 .It Cm UserKnownHostsFile
 Specifies one or more files to use for the user
 host key database, separated by whitespace.
+Each filename may use tilde notation to refer to the user's home directory,
+the tokens described in the
+.Sx TOKENS
+section and environment variables as described in the
+.Sx ENVIRONMENT VARIABLES
+section.
 The default is
 .Pa ~/.ssh/known_hosts ,
 .Pa ~/.ssh/known_hosts2 .
@@ -1874,8 +1880,9 @@ The local username.
 .Cm LocalForward ,
 .Cm Match exec ,
 .Cm RemoteCommand ,
+.Cm RemoteForward ,
 and
-.Cm RemoteForward
+.Com UserKnownHostsFile
 accept the tokens %%, %C, %d, %h, %i, %L, %l, %n, %p, %r, and %u.
 .Pp
 .Cm Hostname
@@ -1899,9 +1906,10 @@ returned and the setting for that keyword will be ignored.
 The keywords
 .Cm CertificateFile ,
 .Cm ControlPath ,
-.Cm IdentityAgent
-and
+.Cm IdentityAgent ,
 .Cm IdentityFile
+and
+.Cm UserKnownHostsFile
 support environment variables.
 The keywords
 .Cm LocalForward