upstream: Treat connections with ProxyJump specified the same as ones

with a ProxyCommand set with regards to hostname canonicalisation (i.e. don't
try to canonicalise the hostname unless CanonicalizeHostname is set to
'always').

Patch from Sven Wegener via bz#2896

OpenBSD-Commit-ID: 527ff501cf98bf65fb4b29ed0cb847dda10f4d37

diff --git a/ssh.c b/ssh.c
index f4204c88d93981e8cdc0905d5376192b5f89d98d..849fae355fd33e8e47c248cf265ce5394eb7a177 100644 (file)
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.492 2018/09/20 03:31:49 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.493 2018/09/21 03:11:36 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1137,10 +1137,9 @@ main(int ac, char **av)
        if (addrs == NULL && options.num_permitted_cnames != 0 && (direct ||
            options.canonicalize_hostname == SSH_CANONICALISE_ALWAYS)) {
                if ((addrs = resolve_host(host, options.port,
-                   option_clear_or_none(options.proxy_command),
-                   cname, sizeof(cname))) == NULL) {
+                   direct, cname, sizeof(cname))) == NULL) {
                        /* Don't fatal proxied host names not in the DNS */
-                       if (option_clear_or_none(options.proxy_command))
+                       if (direct)
                                cleanup_exit(255); /* logged in resolve_host */
                } else
                        check_follow_cname(direct, &host, cname);

diff --git a/ssh_config.5 b/ssh_config.5
index c7192665fd5926a15f5cc25fb77cfdb563f0d180..2df1165f187a5aace61fce30ae9586082e8c6801 100644 (file)
--- a/ssh_config.5
+++ b/ssh_config.5
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh_config.5,v 1.283 2018/09/20 06:58:48 jmc Exp $
-.Dd $Mdocdate: September 20 2018 $
+.\" $OpenBSD: ssh_config.5,v 1.284 2018/09/21 03:11:36 djm Exp $
+.Dd $Mdocdate: September 21 2018 $
 .Dt SSH_CONFIG 5
 .Os
 .Sh NAME
@@ -290,7 +290,9 @@ hostname lookups.
 If set to
 .Cm yes
 then, for connections that do not use a
-.Cm ProxyCommand ,
+.Cm ProxyCommand
+or
+.Cm ProxyJump ,
 .Xr ssh 1
 will attempt to canonicalize the hostname specified on the command line
 using the