ssh-proxy: use % as an alternative separator

Since OpenSSH 10.0p1, specifically
https://anongit.mindrot.org/openssh.git/commit/?id=487cf4c18c123b66c1f3f733398cd37e6b2ab6ab
ssh refuses comma in hostname by default.

Let's use % as an alternative separator.

Follow-up for defd5060d6.

man/systemd-ssh-proxy.xml

@@ -24,7 +24,7 @@
 
   <refsynopsisdiv>
     <programlisting>
-Host unix/* unix,* vsock/* vsock,* vsock-mux/* vsock-mux,*
+Host unix/* unix%* vsock/* vsock%* vsock-mux/* vsock-mux%*
     ProxyCommand /usr/lib/systemd/systemd-ssh-proxy %h %p
     ProxyUseFdpass yes
 </programlisting>
@@ -46,7 +46,7 @@ Host unix/* unix,* vsock/* vsock,* vsock-mux/* vsock-mux,*
     configuration fragment like the following:</para>
 
     <programlisting>
-Host unix/* unix,* vsock/* vsock,* vsock-mux/* vsock-mux,*
+Host unix/* unix%* vsock/* vsock%* vsock-mux/* vsock-mux%*
     ProxyCommand /usr/lib/systemd/systemd-ssh-proxy %h %p
     ProxyUseFdpass yes
     CheckHostIP no
@@ -70,7 +70,7 @@ Host .host
     multiplexer over <constant>AF_UNIX</constant> sockets. See
     <ulink url="https://github.com/cloud-hypervisor/cloud-hypervisor/blob/main/docs/vsock.md">cloud-hypervisor VSOCK support</ulink>
     and <ulink url="https://github.com/firecracker-microvm/firecracker/blob/main/docs/vsock.md">Using the Firecracker Virtio-vsock Device</ulink>.
-    Note that <literal>,</literal> can be used as a separator instead of <literal>/</literal> to be
+    Note that <literal>%</literal> can be used as a separator instead of <literal>/</literal> to be
     compatible with tools like <literal>scp</literal> and <literal>rsync</literal>.</para>
 
     <para>Moreover, connecting to <literal>.host</literal> will connect to the local host via SSH, without
@@ -119,7 +119,7 @@ Host .host
     <example>
       <title>Copy local 'foo' file to a local VM with CID 1348</title>
 
-      <programlisting>scp foo vsock,1348:</programlisting>
+      <programlisting>scp foo vsock%1348:</programlisting>
     </example>
   </refsect1>
 

src/ssh-generator/20-systemd-ssh-proxy.conf.in

@@ -9,7 +9,7 @@ Host .host machine/.host
 # Make sure unix/* and vsock/* can be used to connect to AF_UNIX and AF_VSOCK paths.
 # Make sure machine/* can be used to connect to local machines registered in machined.
 #
-Host unix/* unix,* vsock/* vsock,* vsock-mux/* vsock-mux,* machine/* machine,*
+Host unix/* unix%* vsock/* vsock%* vsock-mux/* vsock-mux%* machine/* machine%*
         ProxyCommand {{LIBEXECDIR}}/systemd-ssh-proxy %h %p
         ProxyUseFdpass yes
         CheckHostIP no

src/ssh-generator/ssh-proxy.c

@@ -178,7 +178,7 @@ static int process_machine(const char *machine, const char *port) {
 static char *startswith_sep(const char *s, const char *prefix) {
         const char *p = startswith(s, prefix);
 
-        if (p && IN_SET(*p, '/', ','))
+        if (p && IN_SET(*p, '/', '%'))
                 return (char*) p + 1;
 
         return NULL;

test/units/TEST-74-AUX-UTILS.ssh.sh

@@ -66,7 +66,7 @@ if test -e /dev/vsock -a -d /sys/module/vsock_loopback ; then
         echo "scp not found, skipping subtest" >&2
     else
         OUT_FILE=$(mktemp -u)
-        scp -o StrictHostKeyChecking=no -v -i "$ROOTID" vsock,1:/etc/machine-id "$OUT_FILE"
+        scp -o StrictHostKeyChecking=no -v -i "$ROOTID" vsock%1:/etc/machine-id "$OUT_FILE"
         cmp "$OUT_FILE" /etc/machine-id
         rm -f "$OUT_FILE"
     fi