Hi,
as recently noticed by one of our customers, ssh tends to perform
hostname matching in a case sensitive manner since the lowercasing has
been delayed till after configuration parsing (by commits
d56b44d2dfa093883a5c4e91be3f72d99946b170 and
eb6d870a0ea8661299bb2ea8f013d3ace04e2024).
Given that hostnames are ususally interpreted in a case insensitive way
(and the code actually expects the input to be lowercased anyway) it
might be good to perform the comparisons as such. We can either make
sure match_hostname() receives a lowercased string indeed or perform the
lowercasing there (carefully as not to introduce side effects).
One question is, whether *any* hostname matching should be case
insensitive or whether originalhost is better left alone (I can think of
reasons for case sensitive matching there, yet they seem to be bordering
on misuse of the code).
I've also opened https://bugzilla.mindrot.org/show_bug.cgi?id=2685
(patch is attached there as well).
Thanks
Kind regards
Petr
--
Petr Cerny
Mozilla/OpenSSH maintainer for SUSE Linux
Case insensitive hostname matching in ssh.
diff --git a/readconf.c b/readconf.c
index e51481b1..c7ba563d 100644
--- a/readconf.c
+++ b/readconf.c
@@ -550,6 +550,7 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
const char *filename, int linenum)
{
char *arg, *oattrib, *attrib, *cmd, *cp = *condition, *host, *criteria;
+ char *hostlc;
const char *ruser;
int r, port, this_result, result = 1, attributes = 0, negate;
char thishost[NI_MAXHOST], shorthost[NI_MAXHOST], portstr[NI_MAXSERV];
@@ -570,6 +571,10 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
host = xstrdup(host_arg);
}
+ /* match_hostname() requires the hostname to be lowercase */
+ hostlc = xstrdup(host);
+ lowercase(hostlc);
+
debug2("checking match for '%s' host %s originally %s",
cp, host, original_host);
while ((oattrib = attrib = strdelim(&cp)) && *attrib != '\0') {
@@ -608,8 +613,8 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
goto out;
}
if (strcasecmp(attrib, "host") == 0) {
- criteria = xstrdup(host);
- r = match_hostname(host, arg) == 1;
+ criteria = xstrdup(hostlc);
+ r = match_hostname(hostlc, arg) == 1;
if (r == (negate ? 1 : 0))
this_result = result = 0;
} else if (strcasecmp(attrib, "originalhost") == 0) {
@@ -682,6 +687,7 @@ match_cfg_line(Options *options, char **condition, struct passwd *pw,
if (result != -1)
debug2("match %sfound", result ? "" : "not ");
*condition = cp;
+ free(hostlc);
free(host);
return result;
}
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
