upstream: allow CanonicalizePermittedCNAMEs=none in ssh_config; ok

markus@

OpenBSD-Commit-ID: 668a82ba8e56d731b26ffc5703213bfe071df623

diff --git a/readconf.c b/readconf.c
index 03369a0866e6c2469ee639543509c0f22c916cda..b99ad3b2611f5844c67859b4fd0a07ae94267b96 100644 (file)
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.361 2021/07/23 04:04:52 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.362 2021/09/15 06:56:01 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2011,11 +2011,23 @@ parse_pubkey_algos:
 
        case oCanonicalizePermittedCNAMEs:
                value = options->num_permitted_cnames != 0;
+               i = 0;
                while ((arg = argv_next(&ac, &av)) != NULL) {
-                       /* Either '*' for everything or 'list:list' */
-                       if (strcmp(arg, "*") == 0)
+                       /*
+                        * Either 'none' (only in first position), '*' for
+                        * everything or 'list:list'
+                        */
+                       if (strcasecmp(arg, "none") == 0) {
+                               if (i > 0 || ac > 0) {
+                                       error("%s line %d: keyword %s \"none\" "
+                                           "argument must appear alone.",
+                                           filename, linenum, keyword);
+                                       goto out;
+                               }
+                               arg2 = "";
+                       } else if (strcmp(arg, "*") == 0) {
                                arg2 = arg;
-                       else {
+                       } else {
                                lowercase(arg);
                                if ((arg2 = strchr(arg, ':')) == NULL ||
                                    arg2[1] == '\0') {
@@ -2027,6 +2039,7 @@ parse_pubkey_algos:
                                *arg2 = '\0';
                                arg2++;
                        }
+                       i++;
                        if (!*activep || value)
                                continue;
                        if (options->num_permitted_cnames >=
@@ -2280,6 +2293,20 @@ option_clear_or_none(const char *o)
        return o == NULL || strcasecmp(o, "none") == 0;
 }
 
+/*
+ * Returns 1 if CanonicalizePermittedCNAMEs have been specified, 0 otherwise.
+ * Allowed to be called on non-final configuration.
+ */
+int
+config_has_permitted_cnames(Options *options)
+{
+       if (options->num_permitted_cnames == 1 &&
+           strcasecmp(options->permitted_cnames[0].source_list, "none") == 0 &&
+           strcmp(options->permitted_cnames[0].target_list, "") == 0)
+               return 0;
+       return options->num_permitted_cnames > 0;
+}
+
 /*
  * Initializes options to special values that indicate that they have not yet
  * been set.  Read_config_file will only set options with this value. Options
@@ -2648,6 +2675,15 @@ fill_default_options(Options * options)
                free(options->jump_host);
                options->jump_host = NULL;
        }
+       if (options->num_permitted_cnames == 1 &&
+           !config_has_permitted_cnames(options)) {
+               /* clean up CanonicalizePermittedCNAMEs=none */
+               free(options->permitted_cnames[0].source_list);
+               free(options->permitted_cnames[0].target_list);
+               memset(options->permitted_cnames, '\0',
+                   sizeof(*options->permitted_cnames));
+               options->num_permitted_cnames = 0;
+       }
        /* options->identity_agent distinguishes NULL from 'none' */
        /* options->user will be set in the main program if appropriate */
        /* options->hostname will be set in the main program if appropriate */
@@ -3363,14 +3399,14 @@ dump_client_config(Options *o, const char *host)
        printf("\n");
 
        /* oCanonicalizePermittedCNAMEs */
-       if ( o->num_permitted_cnames > 0) {
-               printf("canonicalizePermittedcnames");
-               for (i = 0; i < o->num_permitted_cnames; i++) {
-                       printf(" %s:%s", o->permitted_cnames[i].source_list,
-                           o->permitted_cnames[i].target_list);
-               }
-               printf("\n");
+       printf("canonicalizePermittedcnames");
+       if (o->num_permitted_cnames == 0)
+               printf("none");
+       for (i = 0; i < o->num_permitted_cnames; i++) {
+               printf(" %s:%s", o->permitted_cnames[i].source_list,
+                   o->permitted_cnames[i].target_list);
        }
+       printf("\n");
 
        /* oControlPersist */
        if (o->control_persist == 0 || o->control_persist_timeout == 0)

diff --git a/readconf.h b/readconf.h
index f7d53b067604e39e9101f43bfc8f2b632239d4c9..f24719f982df15421ad16952f9892507efb0f646 100644 (file)
--- a/readconf.h
+++ b/readconf.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.h,v 1.144 2021/07/23 04:04:52 djm Exp $ */
+/* $OpenBSD: readconf.h,v 1.145 2021/09/15 06:56:01 djm Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -228,6 +228,7 @@ int  parse_jump(const char *, Options *, int);
 int     parse_ssh_uri(const char *, char **, char **, int *);
 int     default_ssh_port(void);
 int     option_clear_or_none(const char *);
+int     config_has_permitted_cnames(Options *);
 void    dump_client_config(Options *o, const char *host);
 
 void    add_local_forward(Options *, const struct Forward *);

diff --git a/ssh.c b/ssh.c
index 79b7673d4b07660cbd1913bb7c86a44d18862f57..6c955688d2e5f3d734e8dbcfa4bc64f97989f3ff 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.567 2021/09/10 10:26:02 dtucker Exp $ */
+/* $OpenBSD: ssh.c,v 1.568 2021/09/15 06:56:01 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -259,6 +259,7 @@ resolve_host(const char *name, int port, int logerr, char *cname, size_t clen)
                port = default_ssh_port();
        if (cname != NULL)
                *cname = '\0';
+       debug3_f("lookup %s:%d", name, port);
 
        snprintf(strport, sizeof strport, "%d", port);
        memset(&hints, 0, sizeof(hints));
@@ -382,7 +383,7 @@ check_follow_cname(int direct, char **namep, const char *cname)
        int i;
        struct allowed_cname *rule;
 
-       if (*cname == '\0' || options.num_permitted_cnames == 0 ||
+       if (*cname == '\0' || !config_has_permitted_cnames(&options) ||
            strcmp(*namep, cname) == 0)
                return 0;
        if (options.canonicalize_hostname == SSH_CANONICALISE_NO)
@@ -1186,7 +1187,7 @@ main(int ac, char **av)
         */
        direct = option_clear_or_none(options.proxy_command) &&
            options.jump_host == NULL;
-       if (addrs == NULL && options.num_permitted_cnames != 0 && (direct ||
+       if (addrs == NULL && config_has_permitted_cnames(&options) && (direct ||
            options.canonicalize_hostname == SSH_CANONICALISE_ALWAYS)) {
                if ((addrs = resolve_host(host, options.port,
                    direct, cname, sizeof(cname))) == NULL) {

diff --git a/ssh_config.5 b/ssh_config.5
index 3fd5a6c2b7fda5e7e786df3ab7069f9ca59692f8..9d60887e3ed0327c077a88b9ba55561ccd871493 100644 (file)
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.364 2021/09/03 07:43:23 dtucker Exp $
-.Dd $Mdocdate: September 3 2021 $
+.\" $OpenBSD: ssh_config.5,v 1.365 2021/09/15 06:56:01 djm Exp $
+.Dd $Mdocdate: September 15 2021 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -372,6 +372,11 @@ to be canonicalized to names in the
 or
 .Qq *.c.example.com
 domains.
+.Pp
+A single argument of
+.Qq none
+causes no CNAMEs to be considered for canonicalization.
+This is the default behaviour.
 .It Cm CASignatureAlgorithms
 Specifies which algorithms are allowed for signing of certificates
 by certificate authorities (CAs).