New upstream release (8.1p1)

author: Colin Watson <cjwatson@debian.org> 2019-10-09 22:59:48 +0100
committer: Colin Watson <cjwatson@debian.org> 2019-10-09 23:39:39 +0100
commit: 767ee84d3465b6d244a9108de5c167a9ab866df9 (patch)
tree: 69b14ef6a62d7f133298a21d2ad6046f130b7801 /servconf.c
parent: ddeaf9ee7d5c6612b88f1c4a83fc6fbccb93bf60 (diff)
parent: efef12825b9582c1710da3b7e50135870963d4f4 (diff)
1 files changed, 18 insertions, 12 deletions
diff --git a/servconf.c b/servconf.c
index 365e6ff1e..4464d51a5 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.350 2019/03/25 22:33:44 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.352 2019/09/06 14:45:34 naddy Exp $ */
 /*
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
 *                    All rights reserved
@@ -1071,7 +1071,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci)
                        return -1;
                }
                if (strcasecmp(attrib, "user") == 0) {
-                        if (ci == NULL) {
+                        if (ci == NULL || (ci->test && ci->user == NULL)) {
                                result = 0;
                                continue;
                        }
@@ -1083,7 +1083,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci)
                                debug("user %.100s matched 'User %.100s' at "
                                    "line %d", ci->user, arg, line);
                } else if (strcasecmp(attrib, "group") == 0) {
-                        if (ci == NULL) {
+                        if (ci == NULL || (ci->test && ci->user == NULL)) {
                                result = 0;
                                continue;
                        }
@@ -1096,7 +1096,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci)
                                result = 0;
                        }
                } else if (strcasecmp(attrib, "host") == 0) {
-                        if (ci == NULL) {
+                        if (ci == NULL || (ci->test && ci->host == NULL)) {
                                result = 0;
                                continue;
                        }
@@ -1108,7 +1108,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci)
                                debug("connection from %.100s matched 'Host "
                                    "%.100s' at line %d", ci->host, arg, line);
                } else if (strcasecmp(attrib, "address") == 0) {
-                        if (ci == NULL) {
+                        if (ci == NULL || (ci->test && ci->address == NULL)) {
                                result = 0;
                                continue;
                        }
@@ -1127,7 +1127,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci)
                                return -1;
                        }
                } else if (strcasecmp(attrib, "localaddress") == 0){
-                        if (ci == NULL) {
+                        if (ci == NULL || (ci->test && ci->laddress == NULL)) {
                                result = 0;
                                continue;
                        }
@@ -1153,7 +1153,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci)
                                    arg);
                                return -1;
                        }
-                        if (ci == NULL) {
+                        if (ci == NULL || (ci->test && ci->lport == -1)) {
                                result = 0;
                                continue;
                        }
@@ -1167,10 +1167,12 @@ match_cfg_line(char **condition, int line, struct connection_info *ci)
                        else
                                result = 0;
                } else if (strcasecmp(attrib, "rdomain") == 0) {
-                        if (ci == NULL || ci->rdomain == NULL) {
+                        if (ci == NULL || (ci->test && ci->rdomain == NULL)) {
                                result = 0;
                                continue;
                        }
+                        if (ci->rdomain == NULL)
+                                match_test_missing_fatal("RDomain", "rdomain");
                        if (match_pattern_list(ci->rdomain, arg, 0) != 1)
                                result = 0;
                        else
@@ -1471,7 +1473,8 @@ process_server_config_line(ServerOptions *options, char *line,
                        fatal("%s line %d: Missing argument.",
                            filename, linenum);
                if (*arg != '-' &&
-                    !sshkey_names_valid2(*arg == '+' ? arg + 1 : arg, 1))
+                    !sshkey_names_valid2(*arg == '+' || *arg == '^' ?
+                    arg + 1 : arg, 1))
                        fatal("%s line %d: Bad key types '%s'.",
                            filename, linenum, arg ? arg : "<NONE>");
                if (*activep && *charptr == NULL)
@@ -1762,7 +1765,8 @@ process_server_config_line(ServerOptions *options, char *line,
                arg = strdelim(&cp);
                if (!arg || *arg == '\0')
                        fatal("%s line %d: Missing argument.", filename, linenum);
-                if (*arg != '-' && !ciphers_valid(*arg == '+' ? arg + 1 : arg))
+                if (*arg != '-' &&
+                    !ciphers_valid(*arg == '+' || *arg == '^' ? arg + 1 : arg))
                        fatal("%s line %d: Bad SSH2 cipher spec '%s'.",
                            filename, linenum, arg ? arg : "<NONE>");
                if (options->ciphers == NULL)
@@ -1773,7 +1777,8 @@ process_server_config_line(ServerOptions *options, char *line,
                arg = strdelim(&cp);
                if (!arg || *arg == '\0')
                        fatal("%s line %d: Missing argument.", filename, linenum);
-                if (*arg != '-' && !mac_valid(*arg == '+' ? arg + 1 : arg))
+                if (*arg != '-' &&
+                    !mac_valid(*arg == '+' || *arg == '^' ? arg + 1 : arg))
                        fatal("%s line %d: Bad SSH2 mac spec '%s'.",
                            filename, linenum, arg ? arg : "<NONE>");
                if (options->macs == NULL)
@@ -1786,7 +1791,8 @@ process_server_config_line(ServerOptions *options, char *line,
                        fatal("%s line %d: Missing argument.",
                            filename, linenum);
                if (*arg != '-' &&
-                    !kex_names_valid(*arg == '+' ? arg + 1 : arg))
+                    !kex_names_valid(*arg == '+' || *arg == '^' ?
+                    arg + 1 : arg))
                        fatal("%s line %d: Bad SSH2 KexAlgorithms '%s'.",
                            filename, linenum, arg ? arg : "<NONE>");
                if (options->kex_algorithms == NULL)
author	Colin Watson <cjwatson@debian.org>	2019-10-09 22:59:48 +0100
committer	Colin Watson <cjwatson@debian.org>	2019-10-09 23:39:39 +0100
commit	767ee84d3465b6d244a9108de5c167a9ab866df9 (patch)
tree	69b14ef6a62d7f133298a21d2ad6046f130b7801 /servconf.c
parent	ddeaf9ee7d5c6612b88f1c4a83fc6fbccb93bf60 (diff)
parent	efef12825b9582c1710da3b7e50135870963d4f4 (diff)