From d05ea255678d9402beda4416cd0360f3e5dfe938 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Wed, 23 Jan 2019 21:50:56 +0000 Subject: [PATCH] upstream: Remove support for obsolete host/port syntax. host/port was added in 2001 as an alternative to host:port syntax for the benefit of IPv6 users. These days there are establised standards for this like [::1]:22 and the slash syntax is easily mistaken for CIDR notation, which OpenSSH now supports for some things. Remove the slash notation from ListenAddress and PermitOpen. bz#2335, patch from jjelen at redhat.com, ok markus@ OpenBSD-Commit-ID: fae5f4e23c51a368d6b2d98376069ac2b10ad4b7 --- misc.c | 4 ++-- misc.h | 3 ++- servconf.c | 20 ++++++++++++-------- 3 files changed, 16 insertions(+), 11 deletions(-) diff --git a/misc.c b/misc.c index bfd786ef8..009e02bc5 100644 --- a/misc.c +++ b/misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.c,v 1.136 2018/12/27 03:25:25 djm Exp $ */ +/* $OpenBSD: misc.c,v 1.137 2019/01/23 21:50:56 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2005,2006 Damien Miller. All rights reserved. @@ -564,7 +564,7 @@ put_host_port(const char *host, u_short port) * The delimiter char, if present, is stored in delim. * If this is the last field, *cp is set to NULL. */ -static char * +char * hpdelim2(char **cp, char *delim) { char *s, *old; diff --git a/misc.h b/misc.h index 47177d838..5b4325aba 100644 --- a/misc.h +++ b/misc.h @@ -1,4 +1,4 @@ -/* $OpenBSD: misc.h,v 1.78 2018/12/27 03:25:25 djm Exp $ */ +/* $OpenBSD: misc.h,v 1.79 2019/01/23 21:50:56 dtucker Exp $ */ /* * Author: Tatu Ylonen @@ -57,6 +57,7 @@ int timeout_connect(int, const struct sockaddr *, socklen_t, int *); int a2port(const char *); int a2tun(const char *, int *); char *put_host_port(const char *, u_short); +char *hpdelim2(char **, char *); char *hpdelim(char **); char *cleanhostname(char *); char *colon(char *); diff --git a/servconf.c b/servconf.c index 86c631bb0..1562bd875 100644 --- a/servconf.c +++ b/servconf.c @@ -1,5 +1,5 @@ -/* $OpenBSD: servconf.c,v 1.346 2019/01/19 21:37:48 djm Exp $ */ +/* $OpenBSD: servconf.c,v 1.347 2019/01/23 21:50:56 dtucker Exp $ */ /* * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland * All rights reserved @@ -878,7 +878,7 @@ process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode, { u_int i; int port; - char *host, *arg, *oarg; + char *host, *arg, *oarg, ch; int where = opcode == sPermitOpen ? FORWARD_LOCAL : FORWARD_REMOTE; const char *what = lookup_opcode_name(opcode); @@ -896,8 +896,8 @@ process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode, /* Otherwise treat it as a list of permitted host:port */ for (i = 0; i < num_opens; i++) { oarg = arg = xstrdup(opens[i]); - host = hpdelim(&arg); - if (host == NULL) + host = hpdelim2(&arg, &ch); + if (host == NULL || ch == '/') fatal("%s: missing host in %s", __func__, what); host = cleanhostname(host); if (arg == NULL || ((port = permitopen_port(arg)) < 0)) @@ -1314,8 +1314,10 @@ process_server_config_line(ServerOptions *options, char *line, port = 0; p = arg; } else { - p = hpdelim(&arg); - if (p == NULL) + char ch; + arg2 = NULL; + p = hpdelim2(&arg, &ch); + if (p == NULL || ch == '/') fatal("%s line %d: bad address:port usage", filename, linenum); p = cleanhostname(p); @@ -1942,9 +1944,11 @@ process_server_config_line(ServerOptions *options, char *line, */ xasprintf(&arg2, "*:%s", arg); } else { + char ch; + arg2 = xstrdup(arg); - p = hpdelim(&arg); - if (p == NULL) { + p = hpdelim2(&arg, &ch); + if (p == NULL || ch == '/') { fatal("%s line %d: missing host in %s", filename, linenum, lookup_opcode_name(opcode));