diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2016-08-23 03:24:11 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2016-08-23 03:24:11 +0000 |
| commit | acbb22216790cf3c611ae52cc1c28256e05a2a28 (patch) | |
| tree | d5b43ecd42b1c65af94881015bee456ba07e7dae /usr.bin | |
| parent | 0eec2fff803723ce89b4ed0989418607f983ff19 (diff) | |
fix negated address matching where the address list consists of a
single negated match, e.g. "Match addr !192.20.0.1"
Report and patch from Jakub Jelen. bz#2397 ok dtucker@
Diffstat (limited to 'usr.bin')
| -rw-r--r-- | usr.bin/ssh/addrmatch.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/usr.bin/ssh/addrmatch.c b/usr.bin/ssh/addrmatch.c index 10c3fda4588..1b86f6fd0a0 100644 --- a/usr.bin/ssh/addrmatch.c +++ b/usr.bin/ssh/addrmatch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: addrmatch.c,v 1.10 2015/07/08 19:04:21 markus Exp $ */ +/* $OpenBSD: addrmatch.c,v 1.11 2016/08/23 03:24:10 djm Exp $ */ /* * Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org> @@ -407,7 +407,8 @@ addr_match_list(const char *addr, const char *_list) break; } ret = 1; - } + } else if (neg) + ret = 1; continue; } else { /* If CIDR parse failed, try wildcard string match */ |