diff options
-rw-r--r-- | readconf.c | 15 | ||||
-rw-r--r-- | readconf.h | 3 | ||||
-rw-r--r-- | ssh.1 | 15 | ||||
-rw-r--r-- | ssh.c | 8 | ||||
-rw-r--r-- | ssh_config.5 | 16 |
5 files changed, 48 insertions, 9 deletions
diff --git a/readconf.c b/readconf.c index 28f6acce3..5418ace8b 100644 --- a/readconf.c +++ b/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.378 2023/07/17 04:04:36 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.379 2023/07/17 04:08:31 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -144,7 +144,7 @@ static int process_config_line_depth(Options *options, struct passwd *pw, typedef enum { oBadOption, - oHost, oMatch, oInclude, + oHost, oMatch, oInclude, oTag, oForwardAgent, oForwardX11, oForwardX11Trusted, oForwardX11Timeout, oGatewayPorts, oExitOnForwardFailure, oPasswordAuthentication, @@ -257,6 +257,7 @@ static struct { { "user", oUser }, { "host", oHost }, { "match", oMatch }, + { "tag", oTag }, { "escapechar", oEscapeChar }, { "globalknownhostsfile", oGlobalKnownHostsFile }, { "userknownhostsfile", oUserKnownHostsFile }, @@ -745,6 +746,10 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw, goto out; } r = check_match_ifaddrs(arg) == 1; + } else if (strcasecmp(attrib, "tagged") == 0) { + criteria = xstrdup(options->tag == NULL ? "" : + options->tag); + r = match_pattern_list(criteria, arg, 0) == 1; if (r == (negate ? 1 : 0)) this_result = result = 0; } else if (strcasecmp(attrib, "exec") == 0) { @@ -1365,6 +1370,10 @@ parse_char_array: charptr = &options->hostname; goto parse_string; + case oTag: + charptr = &options->tag; + goto parse_string; + case oHostKeyAlias: charptr = &options->host_key_alias; goto parse_string; @@ -2512,6 +2521,7 @@ initialize_options(Options * options) options->known_hosts_command = NULL; options->required_rsa_size = -1; options->enable_escape_commandline = -1; + options->tag = NULL; } /* @@ -3431,6 +3441,7 @@ dump_client_config(Options *o, const char *host) dump_cfg_string(oRevokedHostKeys, o->revoked_host_keys); dump_cfg_string(oXAuthLocation, o->xauth_location); dump_cfg_string(oKnownHostsCommand, o->known_hosts_command); + dump_cfg_string(oTag, o->tag); /* Forwards */ dump_cfg_forwards(oDynamicForward, o->num_local_forwards, o->local_forwards); diff --git a/readconf.h b/readconf.h index 2ce1b4c33..dfe5bab0a 100644 --- a/readconf.h +++ b/readconf.h @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.h,v 1.150 2023/01/13 02:58:20 dtucker Exp $ */ +/* $OpenBSD: readconf.h,v 1.151 2023/07/17 04:08:31 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> @@ -70,6 +70,7 @@ typedef struct { char *kex_algorithms; /* SSH2 kex methods in order of preference. */ char *ca_sign_algorithms; /* Allowed CA signature algorithms */ char *hostname; /* Real host to connect. */ + char *tag; /* Configuration tag name. */ char *host_key_alias; /* hostname alias for .ssh/known_hosts */ char *proxy_command; /* Proxy command for connecting the host. */ char *user; /* User to log in as. */ @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.434 2023/06/21 05:08:32 djm Exp $ -.Dd $Mdocdate: June 21 2023 $ +.\" $OpenBSD: ssh.1,v 1.435 2023/07/17 04:08:31 djm Exp $ +.Dd $Mdocdate: July 17 2023 $ .Dt SSH 1 .Os .Sh NAME @@ -59,6 +59,7 @@ .Op Fl O Ar ctl_cmd .Op Fl o Ar option .Op Fl p Ar port +.Op Fl P Ar tag .Op Fl Q Ar query_option .Op Fl R Ar address .Op Fl S Ar ctl_path @@ -593,6 +594,16 @@ For full details of the options listed below, and their possible values, see .It XAuthLocation .El .Pp +.It Fl P Ar tag +Specify a tag name that may be used to select configuration in +.Xr ssh_config 5 . +Refer to the +.Cm Tag +and +.Cm Match +keywords in +.Xr ssh_config 5 +for more information. .It Fl p Ar port Port to connect to on the remote host. This can be specified on a @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.590 2023/07/04 03:59:21 dlg Exp $ */ +/* $OpenBSD: ssh.c,v 1.591 2023/07/17 04:08:31 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -708,7 +708,7 @@ main(int ac, char **av) again: while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" - "AB:CD:E:F:GI:J:KL:MNO:PQ:R:S:TVw:W:XYy")) != -1) { /* HUZdhjruz */ + "AB:CD:E:F:GI:J:KL:MNO:P:Q:R:S:TVw:W:XYy")) != -1) { /* HUZdhjruz */ switch (opt) { case '1': fatal("SSH protocol v.1 is no longer supported"); @@ -772,7 +772,9 @@ main(int ac, char **av) else fatal("Invalid multiplex command."); break; - case 'P': /* deprecated */ + case 'P': + if (options.tag == NULL) + options.tag = xstrdup(optarg); break; case 'Q': cp = NULL; diff --git a/ssh_config.5 b/ssh_config.5 index 3d18fb2a2..0c2327e0b 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,7 +33,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.381 2023/07/17 04:04:36 djm Exp $ +.\" $OpenBSD: ssh_config.5,v 1.382 2023/07/17 04:08:31 djm Exp $ .Dd $Mdocdate: July 17 2023 $ .Dt SSH_CONFIG 5 .Os @@ -144,6 +144,7 @@ The available criteria keywords are: .Cm localnetwork , .Cm host , .Cm originalhost , +.Cm Tag , .Cm user , and .Cm localuser . @@ -223,6 +224,15 @@ The .Cm originalhost keyword matches against the hostname as it was specified on the command-line. The +.Cm tagged +keyword matches a tag name specified by a prior +.Cm Tag +directive or on the +.Xr ssh 1 +command-line using the +.Fl P +flag. +The .Cm user keyword matches against the target username on the remote host. The @@ -1886,6 +1896,10 @@ To disable TCP keepalive messages, the value should be set to See also .Cm ServerAliveInterval for protocol-level keepalives. +.It Cm Tag +Specify a configuration tag name that may be later used by a +.Cm Match +directive to select a block of configuation. .It Cm Tunnel Request .Xr tun 4 |