upstream: Check that the addresses supplied to Match Address and

Match LocalAddress are valid when parsing in config-test mode.  This will
catch address/mask mismatches before they cause problems at runtime. Found by
Daniel Stocker, ok djm@

OpenBSD-Commit-ID: 2d0b10c69fad5d8fda4c703e7c6804935289378b

1 files changed, 8 insertions, 1 deletions

diff --git a/servconf.c b/servconf.c
index 1bc7ee31a..2ce04cf14 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.368 2020/08/27 01:07:09 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.369 2020/08/28 03:15:52 dtucker Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -1119,6 +1119,9 @@ match_cfg_line(char **condition, int line, struct connection_info *ci)
                                     "%.100s' at line %d", ci->host, arg, line);
                 } else if (strcasecmp(attrib, "address") == 0) {
                         if (ci == NULL || (ci->test && ci->address == NULL)) {
+                                if (addr_match_list(NULL, arg) != 0)
+                                        fatal("Invalid Match address argument "
+                                            "'%s' at line %d", arg, line);
                                 result = 0;
                                 continue;
                         }
@@ -1138,6 +1141,10 @@ match_cfg_line(char **condition, int line, struct connection_info *ci)
                         }
                 } else if (strcasecmp(attrib, "localaddress") == 0){
                         if (ci == NULL || (ci->test && ci->laddress == NULL)) {
+                                if (addr_match_list(NULL, arg) != 0)
+                                        fatal("Invalid Match localaddress "
+                                            "argument '%s' at line %d", arg,
+                                            line);
                                 result = 0;
                                 continue;
                         }