openssh/openssh-7.2p2-ssh_case_insensitive_host_matching.patch

88 lines
2.8 KiB
Diff
Raw Normal View History

# HG changeset patch
# Parent 1b99f71db584917a37c5e9140bf63dcb860e8b59
Match hostnames in a case-insensitive manner.
bsc#1017099
diff --git a/openssh-7.2p2/readconf.c b/openssh-7.2p2/readconf.c
--- a/openssh-7.2p2/readconf.c
+++ b/openssh-7.2p2/readconf.c
@@ -526,16 +526,17 @@ execute_in_shell(const char *cmd)
* Parse and execute a Match directive.
*/
static int
match_cfg_line(Options *options, char **condition, struct passwd *pw,
const char *host_arg, const char *original_host, int post_canon,
const char *filename, int linenum)
{
char *arg, *oattrib, *attrib, *cmd, *cp = *condition, *host, *criteria;
+ char *hostlc;
const char *ruser;
int r, port, this_result, result = 1, attributes = 0, negate;
char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV];
/*
* Configuration is likely to be incomplete at this point so we
* must be prepared to use default values.
*/
@@ -546,16 +547,20 @@ match_cfg_line(Options *options, char **
} else if (options->hostname != NULL) {
/* NB. Please keep in sync with ssh.c:main() */
host = percent_expand(options->hostname,
"h", host_arg, (char *)NULL);
} else {
host = xstrdup(host_arg);
}
+ /* match_hostname() requires the hostname to be lowercase */
+ hostlc = xstrdup(host);
+ lowercase(hostlc);
+
debug2("checking match for '%s' host %s originally %s",
cp, host, original_host);
while ((oattrib = attrib = strdelim(&cp)) && *attrib != '\0') {
criteria = NULL;
this_result = 1;
if ((negate = attrib[0] == '!'))
attrib++;
/* criteria "all" and "canonical" have no argument */
@@ -584,18 +589,18 @@ match_cfg_line(Options *options, char **
}
/* All other criteria require an argument */
if ((arg = strdelim(&cp)) == NULL || *arg == '\0') {
error("Missing Match criteria for %s", attrib);
result = -1;
goto out;
}
if (strcasecmp(attrib, "host") == 0) {
- criteria = xstrdup(host);
- r = match_hostname(host, arg) == 1;
+ criteria = xstrdup(hostlc);
+ r = match_hostname(hostlc, arg) == 1;
if (r == (negate ? 1 : 0))
this_result = result = 0;
} else if (strcasecmp(attrib, "originalhost") == 0) {
criteria = xstrdup(original_host);
r = match_hostname(original_host, arg) == 1;
if (r == (negate ? 1 : 0))
this_result = result = 0;
} else if (strcasecmp(attrib, "user") == 0) {
@@ -658,16 +663,17 @@ match_cfg_line(Options *options, char **
error("One or more attributes required for Match");
result = -1;
goto out;
}
out:
if (result != -1)
debug2("match %sfound", result ? "" : "not ");
*condition = cp;
+ free(hostlc);
free(host);
return result;
}
/* Check and prepare a domain name: removes trailing '.' and lowercases */
static void
valid_domain(char *name, const char *filename, int linenum)
{