diff options
| author | dtucker@openbsd.org <dtucker@openbsd.org> | 2019-04-18 18:56:16 +0000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2019-05-08 18:42:03 +1000 |
| commit | e826bbcafe26dac349a8593da5569e82faa45ab8 (patch) | |
| tree | c5518bd5996bf258819c31ad07035588e752134a /servconf.c | |
| parent | 5696512d7ad57e85e89f8011ce8dec617be686aa (diff) | |
upstream: When running sshd -T, assume any attibute not provided by
-C does not match, which allows it to work when sshd_config contains a Match
directive with or without -C. bz#2858, ok djm@
OpenBSD-Commit-ID: 1a701f0a33e3bc96753cfda2fe0b0378520b82eb
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 18 |
1 files changed, 10 insertions, 8 deletions
diff --git a/servconf.c b/servconf.c index ffac5d2c7..340045b28 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -1,5 +1,5 @@ | |||
| 1 | 1 | ||
| 2 | /* $OpenBSD: servconf.c,v 1.350 2019/03/25 22:33:44 djm Exp $ */ | 2 | /* $OpenBSD: servconf.c,v 1.351 2019/04/18 18:56:16 dtucker Exp $ */ |
| 3 | /* | 3 | /* |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| 5 | * All rights reserved | 5 | * All rights reserved |
| @@ -1042,7 +1042,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
| 1042 | return -1; | 1042 | return -1; |
| 1043 | } | 1043 | } |
| 1044 | if (strcasecmp(attrib, "user") == 0) { | 1044 | if (strcasecmp(attrib, "user") == 0) { |
| 1045 | if (ci == NULL) { | 1045 | if (ci == NULL || (ci->test && ci->user == NULL)) { |
| 1046 | result = 0; | 1046 | result = 0; |
| 1047 | continue; | 1047 | continue; |
| 1048 | } | 1048 | } |
| @@ -1054,7 +1054,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
| 1054 | debug("user %.100s matched 'User %.100s' at " | 1054 | debug("user %.100s matched 'User %.100s' at " |
| 1055 | "line %d", ci->user, arg, line); | 1055 | "line %d", ci->user, arg, line); |
| 1056 | } else if (strcasecmp(attrib, "group") == 0) { | 1056 | } else if (strcasecmp(attrib, "group") == 0) { |
| 1057 | if (ci == NULL) { | 1057 | if (ci == NULL || (ci->test && ci->user == NULL)) { |
| 1058 | result = 0; | 1058 | result = 0; |
| 1059 | continue; | 1059 | continue; |
| 1060 | } | 1060 | } |
| @@ -1067,7 +1067,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
| 1067 | result = 0; | 1067 | result = 0; |
| 1068 | } | 1068 | } |
| 1069 | } else if (strcasecmp(attrib, "host") == 0) { | 1069 | } else if (strcasecmp(attrib, "host") == 0) { |
| 1070 | if (ci == NULL) { | 1070 | if (ci == NULL || (ci->test && ci->host == NULL)) { |
| 1071 | result = 0; | 1071 | result = 0; |
| 1072 | continue; | 1072 | continue; |
| 1073 | } | 1073 | } |
| @@ -1079,7 +1079,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
| 1079 | debug("connection from %.100s matched 'Host " | 1079 | debug("connection from %.100s matched 'Host " |
| 1080 | "%.100s' at line %d", ci->host, arg, line); | 1080 | "%.100s' at line %d", ci->host, arg, line); |
| 1081 | } else if (strcasecmp(attrib, "address") == 0) { | 1081 | } else if (strcasecmp(attrib, "address") == 0) { |
| 1082 | if (ci == NULL) { | 1082 | if (ci == NULL || (ci->test && ci->address == NULL)) { |
| 1083 | result = 0; | 1083 | result = 0; |
| 1084 | continue; | 1084 | continue; |
| 1085 | } | 1085 | } |
| @@ -1098,7 +1098,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
| 1098 | return -1; | 1098 | return -1; |
| 1099 | } | 1099 | } |
| 1100 | } else if (strcasecmp(attrib, "localaddress") == 0){ | 1100 | } else if (strcasecmp(attrib, "localaddress") == 0){ |
| 1101 | if (ci == NULL) { | 1101 | if (ci == NULL || (ci->test && ci->laddress == NULL)) { |
| 1102 | result = 0; | 1102 | result = 0; |
| 1103 | continue; | 1103 | continue; |
| 1104 | } | 1104 | } |
| @@ -1124,7 +1124,7 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
| 1124 | arg); | 1124 | arg); |
| 1125 | return -1; | 1125 | return -1; |
| 1126 | } | 1126 | } |
| 1127 | if (ci == NULL) { | 1127 | if (ci == NULL || (ci->test && ci->lport == -1)) { |
| 1128 | result = 0; | 1128 | result = 0; |
| 1129 | continue; | 1129 | continue; |
| 1130 | } | 1130 | } |
| @@ -1138,10 +1138,12 @@ match_cfg_line(char **condition, int line, struct connection_info *ci) | |||
| 1138 | else | 1138 | else |
| 1139 | result = 0; | 1139 | result = 0; |
| 1140 | } else if (strcasecmp(attrib, "rdomain") == 0) { | 1140 | } else if (strcasecmp(attrib, "rdomain") == 0) { |
| 1141 | if (ci == NULL || ci->rdomain == NULL) { | 1141 | if (ci == NULL || (ci->test && ci->rdomain == NULL)) { |
| 1142 | result = 0; | 1142 | result = 0; |
| 1143 | continue; | 1143 | continue; |
| 1144 | } | 1144 | } |
| 1145 | if (ci->rdomain == NULL) | ||
| 1146 | match_test_missing_fatal("RDomain", "rdomain"); | ||
| 1145 | if (match_pattern_list(ci->rdomain, arg, 0) != 1) | 1147 | if (match_pattern_list(ci->rdomain, arg, 0) != 1) |
| 1146 | result = 0; | 1148 | result = 0; |
| 1147 | else | 1149 | else |