=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/readconf.c,v retrieving revision 1.382 retrieving revision 1.383 diff -u -r1.382 -r1.383 --- src/usr.bin/ssh/readconf.c 2023/10/11 22:42:26 1.382 +++ src/usr.bin/ssh/readconf.c 2023/10/12 02:18:18 1.383 @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.382 2023/10/11 22:42:26 djm Exp $ */ +/* $OpenBSD: readconf.c,v 1.383 2023/10/12 02:18:18 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -336,7 +336,7 @@ char * ssh_connection_hash(const char *thishost, const char *host, const char *portstr, - const char *user) + const char *user, const char *jumphost) { struct ssh_digest_ctx *md; u_char conn_hash[SSH_DIGEST_MAX_LENGTH]; @@ -346,6 +346,7 @@ ssh_digest_update(md, host, strlen(host)) < 0 || ssh_digest_update(md, portstr, strlen(portstr)) < 0 || ssh_digest_update(md, user, strlen(user)) < 0 || + ssh_digest_update(md, jumphost, strlen(jumphost)) < 0 || ssh_digest_final(md, conn_hash, sizeof(conn_hash)) < 0) fatal_f("mux digest failed"); ssh_digest_free(md); @@ -741,17 +742,19 @@ if (r == (negate ? 1 : 0)) this_result = result = 0; } else if (strcasecmp(attrib, "exec") == 0) { - char *conn_hash_hex, *keyalias; + char *conn_hash_hex, *keyalias, *jmphost; if (gethostname(thishost, sizeof(thishost)) == -1) fatal("gethostname: %s", strerror(errno)); + jmphost = option_clear_or_none(options->jump_host) ? + "" : options->jump_host; strlcpy(shorthost, thishost, sizeof(shorthost)); shorthost[strcspn(thishost, ".")] = '\0'; snprintf(portstr, sizeof(portstr), "%d", port); snprintf(uidstr, sizeof(uidstr), "%llu", (unsigned long long)pw->pw_uid); conn_hash_hex = ssh_connection_hash(thishost, host, - portstr, ruser); + portstr, ruser, jmphost); keyalias = options->host_key_alias ? options->host_key_alias : host; @@ -767,6 +770,7 @@ "r", ruser, "u", pw->pw_name, "i", uidstr, + "j", jmphost, (char *)NULL); free(conn_hash_hex); if (result != 1) {