upstream: Remove support for obsolete host/port syntax.

host/port was added in 2001 as an alternative to host:port syntax for
the benefit of IPv6 users.  These days there are establised standards
for this like [::1]:22 and the slash syntax is easily mistaken for CIDR
notation, which OpenSSH now supports for some things.  Remove the slash
notation from ListenAddress and PermitOpen.  bz#2335, patch from jjelen
at redhat.com, ok markus@

OpenBSD-Commit-ID: fae5f4e23c51a368d6b2d98376069ac2b10ad4b7

diff --git a/misc.c b/misc.c
index bfd786ef8a6d0f44d0a7ceb41341db622d851708..009e02bc55c11d500c22f78066ee46748f574d57 100644 (file)
--- a/misc.c
+++ b/misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.c,v 1.136 2018/12/27 03:25:25 djm Exp $ */
+/* $OpenBSD: misc.c,v 1.137 2019/01/23 21:50:56 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  * Copyright (c) 2005,2006 Damien Miller.  All rights reserved.
@@ -564,7 +564,7 @@ put_host_port(const char *host, u_short port)
  * The delimiter char, if present, is stored in delim.
  * If this is the last field, *cp is set to NULL.
  */
-static char *
+char *
 hpdelim2(char **cp, char *delim)
 {
        char *s, *old;

diff --git a/misc.h b/misc.h
index 47177d838c53974a81c4944ab25b2d72f2b7dc2a..5b4325aba2b8a54bd454991524bed4e852ad834a 100644 (file)
--- a/misc.h
+++ b/misc.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: misc.h,v 1.78 2018/12/27 03:25:25 djm Exp $ */
+/* $OpenBSD: misc.h,v 1.79 2019/01/23 21:50:56 dtucker Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -57,6 +57,7 @@ int    timeout_connect(int, const struct sockaddr *, socklen_t, int *);
 int     a2port(const char *);
 int     a2tun(const char *, int *);
 char   *put_host_port(const char *, u_short);
+char   *hpdelim2(char **, char *);
 char   *hpdelim(char **);
 char   *cleanhostname(char *);
 char   *colon(char *);

diff --git a/servconf.c b/servconf.c
index 86c631bb05aa9a9027c37060793c18905ac8fc4e..1562bd875f3147db0219de503c641e1c24e5d5bd 100644 (file)
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
 
-/* $OpenBSD: servconf.c,v 1.346 2019/01/19 21:37:48 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.347 2019/01/23 21:50:56 dtucker Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -878,7 +878,7 @@ process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode,
 {
        u_int i;
        int port;
-       char *host, *arg, *oarg;
+       char *host, *arg, *oarg, ch;
        int where = opcode == sPermitOpen ? FORWARD_LOCAL : FORWARD_REMOTE;
        const char *what = lookup_opcode_name(opcode);
 
@@ -896,8 +896,8 @@ process_permitopen_list(struct ssh *ssh, ServerOpCodes opcode,
        /* Otherwise treat it as a list of permitted host:port */
        for (i = 0; i < num_opens; i++) {
                oarg = arg = xstrdup(opens[i]);
-               host = hpdelim(&arg);
-               if (host == NULL)
+               host = hpdelim2(&arg, &ch);
+               if (host == NULL || ch == '/')
                        fatal("%s: missing host in %s", __func__, what);
                host = cleanhostname(host);
                if (arg == NULL || ((port = permitopen_port(arg)) < 0))
@@ -1314,8 +1314,10 @@ process_server_config_line(ServerOptions *options, char *line,
                        port = 0;
                        p = arg;
                } else {
-                       p = hpdelim(&arg);
-                       if (p == NULL)
+                       char ch;
+                       arg2 = NULL;
+                       p = hpdelim2(&arg, &ch);
+                       if (p == NULL || ch == '/')
                                fatal("%s line %d: bad address:port usage",
                                    filename, linenum);
                        p = cleanhostname(p);
@@ -1942,9 +1944,11 @@ process_server_config_line(ServerOptions *options, char *line,
                                 */
                                xasprintf(&arg2, "*:%s", arg);
                        } else {
+                               char ch;
+
                                arg2 = xstrdup(arg);
-                               p = hpdelim(&arg);
-                               if (p == NULL) {
+                               p = hpdelim2(&arg, &ch);
+                               if (p == NULL || ch == '/') {
                                        fatal("%s line %d: missing host in %s",
                                            filename, linenum,
                                            lookup_opcode_name(opcode));