openssh bugs - Jan 2024 - [Bug 3652] New: KnownHostsCommand should expand tokens and environment variables on first argument

https://bugzilla.mindrot.org/show_bug.cgi?id=3652

            Bug ID: 3652
           Summary: KnownHostsCommand should expand tokens and environment
                    variables on first argument
           Product: Portable OpenSSH
           Version: 9.6p1
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: mindrot.bugzilla at accounts.evybongers.nl

Per ssh_config(5), KnownHostsCommand accepts tokens and will expand
environment variables for its arguments.
> Arguments to KnownHostsCommand accept the tokens described in the ?TOKENS?
section.
> Arguments to some keywords can be expanded at runtime from environment
variables on the client by enclosing them in ${}, for example ${HOME}/.ssh would
refer to the user's .ssh directory. [...] The keywords CertificateFile,
ControlPath, IdentityAgent, IdentityFile, KnownHostsCommand, and
UserKnownHostsFile support environment variables.
In the implementation[1] the first argument (script or binary to be
invoked) is excluded from being parsed. While the documentation quoted
above can be interpreted such that this is the intended behaviour, the
documentation for other options uses the same phrasing and will accept
tokens and environment variables on the first (or only) argument, for
example ControlPath, which only accepts a single argument as value.
> Arguments to ControlPath may use the tilde syntax to refer to a user's
home directory, the tokens described in the ?TOKENS? section and environment
variables as described in the ?ENVIRONMENT VARIABLES? section.
Therefore, I'm inclined to believe that first argument to
KnownHostsCommand should be parsed for tokens and environment
variables.

A use case for using a token or environment variable for this keyword
would be to invoke a script or command that is found relative to a
user's home directory in a portable manner, for example:
${HOME}/.local/bin/get_host_keys <args> (or the token equivalent
%d/.local/bin/get_host_keys <args>)

[1]
https://github.com/openssh/openssh-portable/blob/master/sshconnect.c#L885-L898


P.s.: I'm not sure about the severity of this issue, which is why I
listed it as enhancement.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.

https://bugzilla.mindrot.org/show_bug.cgi?id=3652

Evy <mindrot.bugzilla at accounts.evybongers.nl> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |mindrot.bugzilla at accounts.e
                   |                            |vybongers.nl

--- Comment #1 from Evy <mindrot.bugzilla at accounts.evybongers.nl> ---
Created attachment 3850
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3850&action=edit
Patch for sshconnect.c to also call percent_dollar_expand on the first
argument (the executable path)

Patch was created against openssh-portable 9.9p1

-- 
You are receiving this mail because:
You are watching the assignee of the bug.