git: 375bb3704d13 - stable/13 - ssh: fix bug in PermitRemoteOpen which caused it to ignore...
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 08 Feb 2023 21:05:52 UTC
The branch stable/13 has been updated by emaste:
URL: https://cgit.FreeBSD.org/src/commit/?id=375bb3704d1371dec08f49cf8767f7b98162da34
commit 375bb3704d1371dec08f49cf8767f7b98162da34
Author: Ed Maste <emaste@FreeBSD.org>
AuthorDate: 2023-02-06 16:33:38 +0000
Commit: Ed Maste <emaste@FreeBSD.org>
CommitDate: 2023-02-08 21:04:36 +0000
ssh: fix bug in PermitRemoteOpen which caused it to ignore...
its first argument unless it was one of the special keywords "any" or
"none".
Obtained from: OpenSSH-portable commit b3daa8dc5823
Sponsored by: The FreeBSD Foundation
(cherry picked from commit 94e21add45344f0669f910ea77db499e8c892c90)
---
crypto/openssh/readconf.c | 62 +++++++++++++++++++++++++----------------------
1 file changed, 33 insertions(+), 29 deletions(-)
diff --git a/crypto/openssh/readconf.c b/crypto/openssh/readconf.c
index c4453540c47c..fda7937582f4 100644
--- a/crypto/openssh/readconf.c
+++ b/crypto/openssh/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.369 2022/09/17 10:33:18 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.371 2023/01/02 07:03:30 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1576,37 +1576,37 @@ parse_pubkey_algos:
case oPermitRemoteOpen:
uintptr = &options->num_permitted_remote_opens;
cppptr = &options->permitted_remote_opens;
- arg = argv_next(&ac, &av);
- if (!arg || *arg == '\0')
- fatal("%s line %d: missing %s specification",
- filename, linenum, lookup_opcode_name(opcode));
uvalue = *uintptr; /* modified later */
- if (strcmp(arg, "any") == 0 || strcmp(arg, "none") == 0) {
- if (*activep && uvalue == 0) {
- *uintptr = 1;
- *cppptr = xcalloc(1, sizeof(**cppptr));
- (*cppptr)[0] = xstrdup(arg);
- }
- break;
- }
+ i = 0;
while ((arg = argv_next(&ac, &av)) != NULL) {
arg2 = xstrdup(arg);
- p = hpdelim(&arg);
- if (p == NULL) {
- fatal("%s line %d: missing host in %s",
- filename, linenum,
- lookup_opcode_name(opcode));
- }
- p = cleanhostname(p);
- /*
- * don't want to use permitopen_port to avoid
- * dependency on channels.[ch] here.
- */
- if (arg == NULL ||
- (strcmp(arg, "*") != 0 && a2port(arg) <= 0)) {
- fatal("%s line %d: bad port number in %s",
- filename, linenum,
- lookup_opcode_name(opcode));
+ /* Allow any/none only in first position */
+ if (strcasecmp(arg, "none") == 0 ||
+ strcasecmp(arg, "any") == 0) {
+ if (i > 0 || ac > 0) {
+ error("%s line %d: keyword %s \"%s\" "
+ "argument must appear alone.",
+ filename, linenum, keyword, arg);
+ goto out;
+ }
+ } else {
+ p = hpdelim(&arg);
+ if (p == NULL) {
+ fatal("%s line %d: missing host in %s",
+ filename, linenum,
+ lookup_opcode_name(opcode));
+ }
+ p = cleanhostname(p);
+ /*
+ * don't want to use permitopen_port to avoid
+ * dependency on channels.[ch] here.
+ */
+ if (arg == NULL || (strcmp(arg, "*") != 0 &&
+ a2port(arg) <= 0)) {
+ fatal("%s line %d: bad port number "
+ "in %s", filename, linenum,
+ lookup_opcode_name(opcode));
+ }
}
if (*activep && uvalue == 0) {
opt_array_append(filename, linenum,
@@ -1614,7 +1614,11 @@ parse_pubkey_algos:
cppptr, uintptr, arg2);
}
free(arg2);
+ i++;
}
+ if (i == 0)
+ fatal("%s line %d: missing %s specification",
+ filename, linenum, lookup_opcode_name(opcode));
break;
case oClearAllForwardings: