anvil_ssh/ssh_config/mod.rs
1// SPDX-License-Identifier: GPL-3.0-or-later
2// Rust guideline compliant 2026-03-30
3//! `ssh_config(5)` parser and resolver for Anvil.
4//!
5//! Implements the subset of OpenSSH `ssh_config` directives required by
6//! Gitway PRD §5.8.1. Layered as:
7//!
8//! - [`lexer`] — line-oriented tokenizer. Strips comments, joins
9//! continuation lines, splits on whitespace honoring quoted arguments,
10//! recognizes the `keyword=value` form. Also exposes argument-level
11//! helpers ([`lexer::expand_tilde`], [`lexer::expand_env`],
12//! [`lexer::wildcard_match`]) used by include resolution and the
13//! directive resolver.
14//! - [`parser`] — groups token lines into Host blocks, handling implicit
15//! global directives (before the first `Host`) and the `Match` keyword.
16//! - [`include`] — recursively resolves `Include` directives, with
17//! tilde/env expansion, glob matching on the final component, a 16-deep
18//! nesting limit, and cycle detection by canonicalized path.
19//! - [`matcher`] — flattens parsed blocks to the directives that apply
20//! to a given host, honoring positive/negated patterns and case-
21//! insensitive comparison. `Match` blocks are silently skipped per
22//! PRD §12 Q1.
23//! - [`resolver`] — public entry point. Composes the above into one
24//! [`resolve`] call returning a [`ResolvedSshConfig`] with first-wins
25//! precedence and per-directive provenance.
26//!
27//! `Match` blocks are explicitly deferred to v1.1 per PRD §12 Q1; they
28//! are recognized at parse time so directive grouping stays correct,
29//! but never match a host.
30//!
31//! Only the items re-exported below are part of the crate's public API;
32//! the sub-modules themselves are crate-private building blocks.
33
34pub(crate) mod include;
35pub(crate) mod lexer;
36pub(crate) mod matcher;
37pub(crate) mod parser;
38pub(crate) mod resolver;
39
40pub use resolver::{
41 resolve, AlgList, DirectiveSource, ResolvedSshConfig, SshConfigPaths, StrictHostKeyChecking,
42};