bbf61daf97
New upstream release including: * Dropping entropy patch * Remove default support for MD5 fingerprints * Porting all the downstream patches and pam_ssh_agent_auth to new sshbuf and sshkey API * pam_ssh_agent_auth is no longer using MD5 fingerprints
73 lines
2.4 KiB
Diff
73 lines
2.4 KiB
Diff
diff -up openssh/misc.c.config openssh/misc.c
|
|
--- openssh/misc.c.config 2018-08-22 13:58:54.922807799 +0200
|
|
+++ openssh/misc.c 2018-08-22 13:58:55.000808428 +0200
|
|
@@ -485,7 +485,7 @@ put_host_port(const char *host, u_short
|
|
* The delimiter char, if present, is stored in delim.
|
|
* If this is the last field, *cp is set to NULL.
|
|
*/
|
|
-static char *
|
|
+char *
|
|
hpdelim2(char **cp, char *delim)
|
|
{
|
|
char *s, *old;
|
|
diff -up openssh/misc.h.config openssh/misc.h
|
|
--- openssh/misc.h.config 2018-08-20 07:57:29.000000000 +0200
|
|
+++ openssh/misc.h 2018-08-22 13:58:55.001808436 +0200
|
|
@@ -54,6 +54,7 @@ int set_rdomain(int, const char *);
|
|
int a2port(const char *);
|
|
int a2tun(const char *, int *);
|
|
char *put_host_port(const char *, u_short);
|
|
+char *hpdelim2(char **, char *);
|
|
char *hpdelim(char **);
|
|
char *cleanhostname(char *);
|
|
char *colon(char *);
|
|
diff -up openssh/servconf.c.config openssh/servconf.c
|
|
--- openssh/servconf.c.config 2018-08-22 13:58:54.989808340 +0200
|
|
+++ openssh/servconf.c 2018-08-22 14:18:49.235443937 +0200
|
|
@@ -886,7 +886,7 @@ process_permitopen_list(struct ssh *ssh,
|
|
{
|
|
u_int i;
|
|
int port;
|
|
- char *host, *arg, *oarg;
|
|
+ char *host, *arg, *oarg, ch;
|
|
int where = opcode == sPermitOpen ? FORWARD_LOCAL : FORWARD_REMOTE;
|
|
const char *what = lookup_opcode_name(opcode);
|
|
|
|
@@ -904,8 +904,8 @@ process_permitopen_list(struct ssh *ssh,
|
|
/* Otherwise treat it as a list of permitted host:port */
|
|
for (i = 0; i < num_opens; i++) {
|
|
oarg = arg = xstrdup(opens[i]);
|
|
- host = hpdelim(&arg);
|
|
- if (host == NULL)
|
|
+ host = hpdelim2(&arg, &ch);
|
|
+ if (host == NULL || ch == '/')
|
|
fatal("%s: missing host in %s", __func__, what);
|
|
host = cleanhostname(host);
|
|
if (arg == NULL || ((port = permitopen_port(arg)) < 0))
|
|
@@ -1323,8 +1323,10 @@ process_server_config_line(ServerOptions
|
|
port = 0;
|
|
p = arg;
|
|
} else {
|
|
- p = hpdelim(&arg);
|
|
- if (p == NULL)
|
|
+ char ch;
|
|
+ arg2 = NULL;
|
|
+ p = hpdelim2(&arg, &ch);
|
|
+ if (p == NULL || ch == '/')
|
|
fatal("%s line %d: bad address:port usage",
|
|
filename, linenum);
|
|
p = cleanhostname(p);
|
|
@@ -1965,9 +1967,10 @@ process_server_config_line(ServerOptions
|
|
*/
|
|
xasprintf(&arg2, "*:%s", arg);
|
|
} else {
|
|
+ char ch;
|
|
arg2 = xstrdup(arg);
|
|
- p = hpdelim(&arg);
|
|
- if (p == NULL) {
|
|
+ p = hpdelim2(&arg, &ch);
|
|
+ if (p == NULL || ch == '/') {
|
|
fatal("%s line %d: missing host in %s",
|
|
filename, linenum,
|
|
lookup_opcode_name(opcode));
|