diff options
| author | djm@openbsd.org <djm@openbsd.org> | 2015-10-16 18:40:49 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2015-10-17 05:45:11 +1100 |
| commit | 5ee0063f024bf5b3f3ffb275b8cd20055d62b4b9 (patch) | |
| tree | 35f193239500c48f5fcd0c4c3156cf39265ba2d4 | |
| parent | e92c499a75477ecfe94dd7b4aed89f20b1fac5a7 (diff) | |
upstream commit
better handle anchored FQDNs (e.g. 'cvs.openbsd.org.') in
hostname canonicalisation - treat them as already canonical and remove the
trailing '.' before matching ssh_config; ok markus@
Upstream-ID: f7619652e074ac3febe8363f19622aa4853b679a
| -rw-r--r-- | ssh.c | 15 |
1 files changed, 14 insertions, 1 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh.c,v 1.427 2015/10/15 23:51:40 djm Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.428 2015/10/16 18:40:49 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -404,6 +404,17 @@ resolve_canonicalize(char **hostp, int port) | |||
| 404 | return addrs; | 404 | return addrs; |
| 405 | } | 405 | } |
| 406 | 406 | ||
| 407 | /* If domain name is anchored, then resolve it now */ | ||
| 408 | if ((*hostp)[strlen(*hostp) - 1] == '.') { | ||
| 409 | debug3("%s: name is fully qualified", __func__); | ||
| 410 | fullhost = xstrdup(*hostp); | ||
| 411 | if ((addrs = resolve_host(fullhost, port, 0, | ||
| 412 | newname, sizeof(newname))) != NULL) | ||
| 413 | goto found; | ||
| 414 | free(fullhost); | ||
| 415 | goto notfound; | ||
| 416 | } | ||
| 417 | |||
| 407 | /* Don't apply canonicalization to sufficiently-qualified hostnames */ | 418 | /* Don't apply canonicalization to sufficiently-qualified hostnames */ |
| 408 | ndots = 0; | 419 | ndots = 0; |
| 409 | for (cp = *hostp; *cp != '\0'; cp++) { | 420 | for (cp = *hostp; *cp != '\0'; cp++) { |
| @@ -427,6 +438,7 @@ resolve_canonicalize(char **hostp, int port) | |||
| 427 | free(fullhost); | 438 | free(fullhost); |
| 428 | continue; | 439 | continue; |
| 429 | } | 440 | } |
| 441 | found: | ||
| 430 | /* Remove trailing '.' */ | 442 | /* Remove trailing '.' */ |
| 431 | fullhost[strlen(fullhost) - 1] = '\0'; | 443 | fullhost[strlen(fullhost) - 1] = '\0'; |
| 432 | /* Follow CNAME if requested */ | 444 | /* Follow CNAME if requested */ |
| @@ -438,6 +450,7 @@ resolve_canonicalize(char **hostp, int port) | |||
| 438 | *hostp = fullhost; | 450 | *hostp = fullhost; |
| 439 | return addrs; | 451 | return addrs; |
| 440 | } | 452 | } |
| 453 | notfound: | ||
| 441 | if (!options.canonicalize_fallback_local) | 454 | if (!options.canonicalize_fallback_local) |
| 442 | fatal("%s: Could not resolve host \"%s\"", __progname, *hostp); | 455 | fatal("%s: Could not resolve host \"%s\"", __progname, *hostp); |
| 443 | debug2("%s: host %s not found in any suffix", __func__, *hostp); | 456 | debug2("%s: host %s not found in any suffix", __func__, *hostp); |