summaryrefslogtreecommitdiff
path: root/usr.bin
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@cvs.openbsd.org>2020-08-28 03:15:53 +0000
committerDarren Tucker <dtucker@cvs.openbsd.org>2020-08-28 03:15:53 +0000
commite9e415a6678d11b6f2e08f8b3ebc619ed6d0716f (patch)
tree6ffe450a21400cd83dcbf421d95243ee655d7bdb /usr.bin
parentc627549d2ccb77e6325ac21d7cc33392049c3098 (diff)
Check that the addresses supplied to Match Address and Match
LocalAddress are valid when parsing in config-test mode. This will catch address/mask mismatches before they cause problems at runtime. Found by Daniel Stocker, ok djm@
Diffstat (limited to 'usr.bin')
-rw-r--r--usr.bin/ssh/servconf.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/usr.bin/ssh/servconf.c b/usr.bin/ssh/servconf.c
index 359ee3833de..317f5dbd4e7 100644
--- a/usr.bin/ssh/servconf.c
+++ b/usr.bin/ssh/servconf.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.368 2020/08/27 01:07:09 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.369 2020/08/28 03:15:52 dtucker Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -1058,6 +1058,9 @@ match_cfg_line(char **condition, int line, struct connection_info *ci)
"%.100s' at line %d", ci->host, arg, line);
} else if (strcasecmp(attrib, "address") == 0) {
if (ci == NULL || (ci->test && ci->address == NULL)) {
+ if (addr_match_list(NULL, arg) != 0)
+ fatal("Invalid Match address argument "
+ "'%s' at line %d", arg, line);
result = 0;
continue;
}
@@ -1077,6 +1080,10 @@ match_cfg_line(char **condition, int line, struct connection_info *ci)
}
} else if (strcasecmp(attrib, "localaddress") == 0){
if (ci == NULL || (ci->test && ci->laddress == NULL)) {
+ if (addr_match_list(NULL, arg) != 0)
+ fatal("Invalid Match localaddress "
+ "argument '%s' at line %d", arg,
+ line);
result = 0;
continue;
}