search for: percent_expand

https://bugzilla.mindrot.org/show_bug.cgi?id=1377 Summary: getpwuid called twice without pwcopy (percent_expand: NULL replacement) Classification: Unclassified Product: Portable OpenSSH Version: 4.4p1 Platform: ix86 OS/Version: Mac OS X Status: NEW Severity: major Priority: P2 Component: ssh Assig...

https://bugzilla.mindrot.org/show_bug.cgi?id=1562 Summary: EXPAND_MAX_KEYS in percent_expand is actually (EXPAND_MAX_KEYS - 1) Product: Portable OpenSSH Version: 5.2p1 Platform: Other OS/Version: Solaris Status: NEW Severity: minor Priority: P4 Component: Miscellaneous AssignedTo: u...

...+701,7 @@ main(int ac, char **av) options.port = sp ? ntohs(sp->s_port) : SSH_DEFAULT_PORT; } - /* preserve host name given on command line for %n expansion */ + /* preserve host name given on command line for %h expansion */ host_arg = host; if (options.hostname != NULL) { host = percent_expand(options.hostname, @@ -750,6 +750,8 @@ main(int ac, char **av) options.control_path = percent_expand(cp, "h", host, "l", thishost, "n", host_arg, "r", options.user, "p", portstr, "u", pw->pw_name, "L", shorthos...

Gives GSSAPI-MIC the same options capability currently provided for public key logins by the AuthorizedKeysFile. Uses krb5_principal_match() to support widcard matches. Uses percent_expand() to expand tokens for: credential USER[/INSTANCE]@REALM homedir /home/user username user cred name USER cred instance INSTANCE cred realm REALM My intended application: # cat ~svn/.ssh/authorized_credentials command="/usr/bin/svnserve -t -r /var/svn/ --tunnel-user=%n" */svn@%r...

...t stat st; struct passwd *pw; int dummy, timeout_ms; @@ -693,6 +693,8 @@ main(int ac, char **av) options.port = sp ? ntohs(sp->s_port) : SSH_DEFAULT_PORT; } + /* preserve host name given on command line for %n expansion */ + host_arg = host; if (options.hostname != NULL) { host = percent_expand(options.hostname, "h", host, (char *)NULL); @@ -707,7 +709,7 @@ main(int ac, char **av) debug3("expanding LocalCommand: %s", options.local_command); cp = options.local_command; options.local_command = percent_expand(cp, "d", pw->pw_dir, - "...

To provide a bit more backwards-compatible (which is nice for eg. NFS- shared /home directories) try a few version-number based names. Eg., for "OpenSSH_7.3" the strings that are tried after "~/.ssh/config" are "_7.3", "_7", and "". --- ssh.c | 37 ++++++++++++++++++++++++++++++------- 1 file changed, 30 insertions(+), 7 deletions(-) diff --git

...& *arg != '~') { - xasprintf(&arg2, "%s/%s", + xasprintf(&arg_pre, "%s/%s", (flags & SSHCONF_USERCONF) ? "~/" _PATH_SSH_USER_DIR : SSHDIR, arg); } else - arg2 = xstrdup(arg); + arg_pre = xstrdup(arg); + arg2 = percent_expand(arg_pre, + "l", thishost, "L", shorthost, (char *) NULL); + free(arg_pre); memset(&gl, 0, sizeof(gl)); r = glob(arg2, GLOB_TILDE, NULL, &gl); if (r == GLOB_NOMATCH) { base-commit: 64e0600f23c6dec36c3875392ac95b8a9100c2d6 -- 2.42.1

...& *arg != '~') { - xasprintf(&arg2, "%s/%s", + xasprintf(&arg_pre, "%s/%s", (flags & SSHCONF_USERCONF) ? "~/" _PATH_SSH_USER_DIR : SSHDIR, arg); } else - arg2 = xstrdup(arg); + arg_pre = xstrdup(arg); + arg2 = percent_expand(arg_pre, + "l", thishost, "L", shorthost, (char *) NULL); + free(arg_pre); memset(&gl, 0, sizeof(gl)); r = glob(arg2, GLOB_TILDE, NULL, &gl); if (r == GLOB_NOMATCH) { -- 2.45.2

Using these escapes, the include directive can be crafted to include differing, host-specific configuration. Ronan Pigott (2): Permit %L and %l percent escapes in ssh Include Permit %L and %l percent escapes in sshd Include readconf.c | 16 +++++++++++++--- servconf.c | 17 ++++++++++++++--- 2 files changed, 27 insertions(+), 6 deletions(-) base-commit:

Using these escapes, the include directive can be crafted to include differing, host-specific configuration. Ronan Pigott (2): Permit %L and %l percent escapes in Include Permit %L and %l percent escapes in server Include readconf.c | 16 +++++++++++++--- servconf.c | 21 ++++++++++++++++----- 2 files changed, 29 insertions(+), 8 deletions(-) base-commit:

On Mon, 17 Aug 2015, Todd C. Miller wrote: > I like the idea but tilde_expand_filename() calls fatal() if it > cannot resolve ~foo. This is not terrible when using -L and -R on > the normal command line but it seems pretty harsh to exit when -L > or -R are used via the ~C escape or the streamlocal-forward at openssh.com > request. > Message-Id: <aea6cdc1d1b42d07 at

Numerous how-tos all over the Internet show how one would set up a tunnel using ssh, e.g.: ssh -f -o Tunnel=ethernet <server_ip> true I was wondering if there's a way to subsequently acquire the names of the local and remote tun/tap interfaces (e.g., using the default "-w any:any") for subsequent automatic tunnel configuration, e.g.: ip link set $TapDev up ip link set

http://bugzilla.mindrot.org/show_bug.cgi?id=1159 Summary: %u and %h not handled in IdentityFile Product: Portable OpenSSH Version: 4.3p2 Platform: All URL: http://www.math.ualberta.ca/imaging/snfs/openssh.html OS/Version: Linux Status: NEW Keywords: patch Severity: normal Priority: P2

Hello, My usage of ProxyCommand just calls the nc utility with various parameters. That in turn after the initial setup just copies copies the data from the network socket to stdin/stdout. This useless coping can be avoided if ssh has an option to receive the socket from the proxy command. I suppose it can improve network error reporting as ssh would talk directly to the network socket rather

...& *arg != '~') { - xasprintf(&arg2, "%s/%s", + xasprintf(&arg_pre, "%s/%s", (flags & SSHCONF_USERCONF) ? "~/" _PATH_SSH_USER_DIR : SSHDIR, arg); } else - arg2 = xstrdup(arg); + arg_pre = xstrdup(arg); + arg2 = percent_expand(arg_pre, + "l", thishost, "L", shorthost, (char *) NULL); + free(arg_pre); memset(&gl, 0, sizeof(gl)); r = glob(arg2, GLOB_TILDE, NULL, &gl); if (r == GLOB_NOMATCH) { base-commit: 64e0600f23c6dec36c3875392ac95b8a9100c2d6 -- 2.42.1

...*line, value++; found = 0; if (*arg2 != '/' && *arg2 != '~') { - xasprintf(&arg, "%s/%s", SSHDIR, arg2); + xasprintf(&arg_pre, "%s/%s", SSHDIR, arg2); } else - arg = xstrdup(arg2); + arg_pre = xstrdup(arg2); + + arg = percent_expand(arg_pre, + "l", thishost, "L", shorthost, (char *) NULL); + free(arg_pre); /* * Don't let included files clobber the containing -- 2.42.1

...*line, value++; found = 0; if (*arg2 != '/' && *arg2 != '~') { - xasprintf(&arg, "%s/%s", SSHDIR, arg2); + xasprintf(&arg_pre, "%s/%s", SSHDIR, arg2); } else - arg = xstrdup(arg2); + arg_pre = xstrdup(arg2); + + arg = percent_expand(arg_pre, + "l", thishost, "L", shorthost, (char *) NULL); + free(arg_pre); /* * Don't let included files clobber the containing -- 2.45.2

...;- xasprintf(&arg2, "%s/%s", >+ xasprintf(&arg_pre, "%s/%s", > (flags & SSHCONF_USERCONF) ? > "~/" _PATH_SSH_USER_DIR : SSHDIR, arg); > } else >- arg2 = xstrdup(arg); >+ arg_pre = xstrdup(arg); >+ arg2 = percent_expand(arg_pre, >+ "l", thishost, "L", shorthost, (char *) NULL); >+ free(arg_pre); > memset(&gl, 0, sizeof(gl)); > r = glob(arg2, GLOB_TILDE, NULL, &gl); > if (r == GLOB_NOMATCH) { >-- >2.45.2 Would you be able to document that "thisHo...

http://bugzilla.mindrot.org/show_bug.cgi?id=95 ------- Additional Comments From djm at mindrot.org 2005-06-06 22:39 ------- There is now (OpenBSD -current 20050606) a misc.c:percent_expand() function that you can use for things like this. Patches welcome. ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.

...-673,9 +673,11 @@ debug3("expanded LocalCommand: %s", options.local_command); xfree(cp); } - - if (options.hostname != NULL) - host = options.hostname; + + if (options.hostname != NULL) { + options.hostname = percent_expand(options.hostname,"h",host); + host = options.hostname; + } /* force lowercase for hostkey matching */ if (options.host_key_alias != NULL) { // Michael -- Michael Madsen - mkm at cs.au.dk