upstream: replace recently-added valid_domain() check for hostnames

going to known_hosts with a more relaxed check for bad characters; previous
commit broke address literals. Reported by/feedback from florian@

OpenBSD-Commit-ID: 10b86dc6a4b206adaa0c11b58b6d5933898d43e0
This commit is contained in:
djm@openbsd.org 2022-11-03 21:59:20 +00:00 committed by Damien Miller
parent 9655217231
commit 3cae9f92a3
No known key found for this signature in database
1 changed files with 12 additions and 8 deletions

View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshconnect.c,v 1.359 2022/10/24 22:43:36 djm Exp $ */ /* $OpenBSD: sshconnect.c,v 1.360 2022/11/03 21:59:20 djm Exp $ */
/* /*
* Author: Tatu Ylonen <ylo@cs.hut.fi> * Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -960,6 +960,17 @@ check_host_key(char *hostname, const struct ssh_conn_info *cinfo,
return 0; return 0;
} }
/*
* Don't ever try to write an invalid name to a known hosts file.
* Note: do this before get_hostfile_hostname_ipaddr() to catch
* '[' or ']' in the name before they are added.
*/
if (strcspn(hostname, "@?*#[]|'\'\"\\") != strlen(hostname)) {
debug_f("invalid hostname \"%s\"; will not record: %s",
hostname, fail_reason);
readonly = RDONLY;
}
/* /*
* Prepare the hostname and address strings used for hostkey lookup. * Prepare the hostname and address strings used for hostkey lookup.
* In some cases, these will have a port number appended. * In some cases, these will have a port number appended.
@ -1018,13 +1029,6 @@ check_host_key(char *hostname, const struct ssh_conn_info *cinfo,
(host_found != NULL && host_found->note != 0))) (host_found != NULL && host_found->note != 0)))
readonly = RDONLY; readonly = RDONLY;
/* Don't ever try to write an invalid name to a known hosts file */
if (!valid_domain(hostname, 0, &fail_reason)) {
debug_f("invalid hostname \"%s\"; will not record: %s",
hostname, fail_reason);
readonly = RDONLY;
}
/* /*
* Also perform check for the ip address, skip the check if we are * Also perform check for the ip address, skip the check if we are
* localhost, looking for a certificate, or the hostname was an ip * localhost, looking for a certificate, or the hostname was an ip