upstream: mention that permitopen=/PermitOpen do no name to address

translation; prompted by bz3099 OpenBSD-Commit-ID: 0dda8e54d566b29855e76bebf9cfecce573f5c23
author: djm@openbsd.org <djm@openbsd.org> 2020-01-25 06:03:10 +0000
committer: Damien Miller <djm@mindrot.org> 2020-01-25 17:04:14 +1100
commit: 734f2f83f5ff86f2967a99d67be9ce22dd0394dd (patch)
tree: e4c1821822ec1b21d27b66a7ffe7441406ca2dfd
parent: e1e97cae19ff07b7a7f7e82556bc048c3c54af63 (diff)
2 files changed, 9 insertions, 7 deletions
diff --git a/sshd.8 b/sshd.8
index b7042cb5e..c5f8987d2 100644
--- a/sshd.8
+++ b/sshd.8
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd.8,v 1.311 2019/12/21 20:22:34 naddy Exp $
+.\" $OpenBSD: sshd.8,v 1.312 2020/01/25 06:03:10 djm Exp $
-.Dd $Mdocdate: December 21 2019 $
+.Dd $Mdocdate: January 25 2020 $
 .Dt SSHD 8
 .Os
 .Sh NAME
@@ -600,8 +600,8 @@ IPv6 addresses can be specified by enclosing the address in square brackets.
 Multiple
 .Cm permitopen
 options may be applied separated by commas.
-No pattern matching is performed on the specified hostnames,
+No pattern matching or name lookup is performed on the
-they must be literal domains or addresses.
+specified hostnames, they must be literal host names and/or addresses.
 A port specification of
 .Cm *
 matches any port.
diff --git a/sshd_config.5 b/sshd_config.5
index 3a64317a6..53d943760 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: sshd_config.5,v 1.298 2020/01/21 06:09:56 dtucker Exp $
+.\" $OpenBSD: sshd_config.5,v 1.299 2020/01/25 06:03:11 djm Exp $
-.Dd $Mdocdate: January 21 2020 $
+.Dd $Mdocdate: January 25 2020 $
 .Dt SSHD_CONFIG 5
 .Os
 .Sh NAME
@@ -1299,7 +1299,9 @@ An argument of
 can be used to prohibit all forwarding requests.
 The wildcard
 .Sq *
-can be used for host or port to allow all hosts or ports, respectively.
+can be used for host or port to allow all hosts or ports respectively.
+Otherwise, no pattern matching or address lookups are performed on supplied
+names.
 By default all port forwarding requests are permitted.
 .It Cm PermitRootLogin
 Specifies whether root can log in using
author	djm@openbsd.org <djm@openbsd.org>	2020-01-25 06:03:10 +0000
committer	Damien Miller <djm@mindrot.org>	2020-01-25 17:04:14 +1100
commit	734f2f83f5ff86f2967a99d67be9ce22dd0394dd (patch)
tree	e4c1821822ec1b21d27b66a7ffe7441406ca2dfd
parent	e1e97cae19ff07b7a7f7e82556bc048c3c54af63 (diff)

diff --git a/sshd.8 b/sshd.8 index b7042cb5e..c5f8987d2 100644 --- a/sshd.8 +++ b/sshd.8
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: sshd.8,v 1.311 2019/12/21 20:22:34 naddy Exp $	36	.\" $OpenBSD: sshd.8,v 1.312 2020/01/25 06:03:10 djm Exp $
37	.Dd $Mdocdate: December 21 2019 $	37	.Dd $Mdocdate: January 25 2020 $
38	.Dt SSHD 8	38	.Dt SSHD 8
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -600,8 +600,8 @@ IPv6 addresses can be specified by enclosing the address in square brackets.
600	Multiple	600	Multiple
601	.Cm permitopen	601	.Cm permitopen
602	options may be applied separated by commas.	602	options may be applied separated by commas.
603	No pattern matching is performed on the specified hostnames,	603	No pattern matching or name lookup is performed on the
604	they must be literal domains or addresses.	604	specified hostnames, they must be literal host names and/or addresses.
605	A port specification of	605	A port specification of
606	.Cm *	606	.Cm *
607	matches any port.	607	matches any port.


diff --git a/sshd_config.5 b/sshd_config.5 index 3a64317a6..53d943760 100644 --- a/sshd_config.5 +++ b/sshd_config.5
@@ -33,8 +33,8 @@
33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	33	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	34	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35	.\"	35	.\"
36	.\" $OpenBSD: sshd_config.5,v 1.298 2020/01/21 06:09:56 dtucker Exp $	36	.\" $OpenBSD: sshd_config.5,v 1.299 2020/01/25 06:03:11 djm Exp $
37	.Dd $Mdocdate: January 21 2020 $	37	.Dd $Mdocdate: January 25 2020 $
38	.Dt SSHD_CONFIG 5	38	.Dt SSHD_CONFIG 5
39	.Os	39	.Os
40	.Sh NAME	40	.Sh NAME
@@ -1299,7 +1299,9 @@ An argument of
1299	can be used to prohibit all forwarding requests.	1299	can be used to prohibit all forwarding requests.
1300	The wildcard	1300	The wildcard
1301	.Sq *	1301	.Sq *
1302	can be used for host or port to allow all hosts or ports, respectively.	1302	can be used for host or port to allow all hosts or ports respectively.
		1303	Otherwise, no pattern matching or address lookups are performed on supplied
		1304	names.
1303	By default all port forwarding requests are permitted.	1305	By default all port forwarding requests are permitted.
1304	.It Cm PermitRootLogin	1306	.It Cm PermitRootLogin
1305	Specifies whether root can log in using	1307	Specifies whether root can log in using