shinys000114/libssh
1
0
Fork 0
mirror of https://git.libssh.org/projects/libssh.git synced 2026-02-09 09:54:25 +09:00
Code Issues Packages Projects Releases Wiki Activity

knownhosts: Handle wildcard ports matches against standard one

Browse Source 
Fixes T110

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
This commit is contained in:
Jakub Jelen
2019-02-07 17:42:10 +01:00
committed by Andreas Schneider
parent 1e22a089eb
commit 962bdf806c
1 changed files with 21 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
src/knownhosts.c
View File

@@ -440,8 +440,8 @@ int ssh_known_hosts_parse_line(const char *hostname,
} }
if (hostname != NULL) { if (hostname != NULL) {
char *match_pattern = NULL; char *host_port = NULL;
char *q; char *q = NULL;
/* Hashed */ /* Hashed */
if (p[0] == '|') { if (p[0] == '|') {
@@ -453,13 +453,30 @@ int ssh_known_hosts_parse_line(const char *hostname,
q = strtok(NULL, ",")) { q = strtok(NULL, ",")) {
int cmp; int cmp;
cmp = match_hostname(hostname, q, strlen(q)); if (q[0] == '[' && hostname[0] != '[') {
/* Corner case: We have standard port so we do not have
* hostname in square braces. But the patern is enclosed
* in braces with, possibly standard or wildcard, port.
* We need to test against [host]:port pair here.
*/
if (host_port == NULL) {
host_port = ssh_hostport(hostname, 22);
if (host_port == NULL) {
rc = SSH_ERROR;
goto out;
}
}
cmp = match_hostname(host_port, q, strlen(q));
} else {
cmp = match_hostname(hostname, q, strlen(q));
}
if (cmp == 1) { if (cmp == 1) {
match = 1; match = 1;
break; break;
} }
} }
SAFE_FREE(match_pattern); free(host_port);
if (match == 0) { if (match == 0) {
rc = SSH_AGAIN; rc = SSH_AGAIN;