File 9901-Add-I-option-to-ProxyCommand-which-expands-to-the-re.patch of Package openssh
From 7f8ad3ed9456507b1c01b453d806de0b35fa1e10 Mon Sep 17 00:00:00 2001
From: Ciprian Dorin Craciun <ciprian@volution.ro>
Date: Sat, 15 Apr 2017 14:45:36 +0300
Subject: [PATCH] Add `%I` option to `ProxyCommand` which expands to the
resolved IP of the remote as resolved from the local machine (thus before
jumping)
---
sshconnect.c | 34 ++++++++++++++++++++++++++++++++++
1 file changed, 34 insertions(+)
diff --git a/sshconnect.c b/sshconnect.c
index 6d819279..1328c325 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -84,23 +84,57 @@ extern char *__progname;
static int show_other_keys(struct hostkeys *, struct sshkey *);
static void warn_changed_key(struct sshkey *);
/* Expand a proxy command */
static char *
expand_proxy_command(const char *proxy_command, const char *user,
const char *host, int port)
{
char *tmp, *ret, strport[NI_MAXSERV];
+ char *address, straddr[NI_MAXHOST];
+ struct addrinfo hints, *addressinfo;
+ struct sockaddr_in *sockinfo;
+ int gaierr;
+
+ if (port <= 0)
+ port = default_ssh_port();
snprintf(strport, sizeof strport, "%d", port);
+
+ memset(&hints, 0, sizeof(hints));
+ hints.ai_family = options.address_family == -1 ?
+ AF_UNSPEC : options.address_family;
+ hints.ai_socktype = SOCK_STREAM;
+ hints.ai_flags = AI_NUMERICSERV;
+ if ((gaierr = getaddrinfo(host, strport, &hints, &addressinfo)) != 0) {
+ debug("%s: could not resolve name %.100s as address: %s",
+ __func__, host, ssh_gai_strerror(gaierr));
+ addressinfo = NULL;
+ }
+ if (addressinfo != NULL && addressinfo->ai_next != NULL) {
+ debug("%s: getaddrinfo %.100s returned multiple addresses",
+ __func__, host);
+ }
+
+ if (addressinfo == NULL)
+ address = host;
+ else {
+ sockinfo = (struct sockaddr_in *) addressinfo->ai_addr;
+ address = inet_ntop(sockinfo->sin_family, &sockinfo->sin_addr, straddr, sizeof(straddr));
+ if (address == NULL)
+ address = host;
+ freeaddrinfo(addressinfo);
+ }
+
xasprintf(&tmp, "exec %s", proxy_command);
ret = percent_expand(tmp, "h", host, "p", strport,
+ "I", address,
"r", options.user, (char *)NULL);
free(tmp);
return ret;
}
/*
* Connect to the given ssh server using a proxy command that passes a
* a connected fd back to us.
*/
static int
--
2.21.0