Revert two recent changes to negated address matching. The
new behaviour offers unintuitive surprises. We'll find a better way to deal
with single negated matches.
match.c 1.31:
> fix matching for pattern lists that contain a single negated match,
> e.g. "Host !example"
>
> report and patch from Robin Becker. bz#1918 ok dtucker@
addrmatch.c 1.11:
> fix negated address matching where the address list consists of a
> single negated match, e.g. "Match addr !192.20.0.1"
>
> Report and patch from Jakub Jelen. bz#2397 ok dtucker@
Upstream-ID:
ec96c770f0f5b9a54e5e72fda25387545e9c80c6
-/* $OpenBSD: addrmatch.c,v 1.12 2016/08/23 08:17:42 djm Exp $ */
+/* $OpenBSD: addrmatch.c,v 1.13 2016/09/21 16:55:42 djm Exp $ */
/*
* Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org>
break;
}
ret = 1;
- } else if (neg)
- ret = 1;
+ }
continue;
} else {
/* If CIDR parse failed, try wildcard string match */
-/* $OpenBSD: match.c,v 1.31 2016/08/23 03:22:49 djm Exp $ */
+/* $OpenBSD: match.c,v 1.32 2016/09/21 16:55:42 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
return -1; /* Negative */
else
got_positive = 1; /* Positive */
- } else if (negated)
- got_positive = 1;
+ }
}
/*
projects / thirdparty / openssh-portable.git / commitdiff
