aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorJakub Jelen <jjelen@redhat.com>2019-02-07 17:42:10 +0100
committerAndreas Schneider <asn@cryptomilk.org>2019-05-14 17:26:27 +0200
commit962bdf806c6fd71a64be828933caf4932fa11fa0 (patch)
tree538491a28e91eb32467f854493a238bbd9654290 /src
parent1e22a089eba5bfec1ff20d198571647e356bee69 (diff)
downloadlibssh-962bdf806c6fd71a64be828933caf4932fa11fa0.tar.gz
libssh-962bdf806c6fd71a64be828933caf4932fa11fa0.tar.xz
libssh-962bdf806c6fd71a64be828933caf4932fa11fa0.zip
knownhosts: Handle wildcard ports matches against standard one
Fixes T110 Signed-off-by: Jakub Jelen <jjelen@redhat.com> Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
Diffstat (limited to 'src')
-rw-r--r--src/knownhosts.c25
1 files changed, 21 insertions, 4 deletions
diff --git a/src/knownhosts.c b/src/knownhosts.c
index bc5e6176..c2189b13 100644
--- a/src/knownhosts.c
+++ b/src/knownhosts.c
@@ -440,8 +440,8 @@ int ssh_known_hosts_parse_line(const char *hostname,
}
if (hostname != NULL) {
- char *match_pattern = NULL;
- char *q;
+ char *host_port = NULL;
+ char *q = NULL;
/* Hashed */
if (p[0] == '|') {
@@ -453,13 +453,30 @@ int ssh_known_hosts_parse_line(const char *hostname,
q = strtok(NULL, ",")) {
int cmp;
- cmp = match_hostname(hostname, q, strlen(q));
+ if (q[0] == '[' && hostname[0] != '[') {
+ /* Corner case: We have standard port so we do not have
+ * hostname in square braces. But the patern is enclosed
+ * in braces with, possibly standard or wildcard, port.
+ * We need to test against [host]:port pair here.
+ */
+ if (host_port == NULL) {
+ host_port = ssh_hostport(hostname, 22);
+ if (host_port == NULL) {
+ rc = SSH_ERROR;
+ goto out;
+ }
+ }
+
+ cmp = match_hostname(host_port, q, strlen(q));
+ } else {
+ cmp = match_hostname(hostname, q, strlen(q));
+ }
if (cmp == 1) {
match = 1;
break;
}
}
- SAFE_FREE(match_pattern);
+ free(host_port);
if (match == 0) {
rc = SSH_AGAIN;