Bugzilla – Attachment 1131 Details for
Bug 910
known_hosts port numbers
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Update patch #1073.
openssh-bug910.patch (text/plain), 4.97 KB, created by
Darren Tucker
on 2006-05-06 14:31:18 AEST
(
hide
)
Description:
Update patch #1073.
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2006-05-06 14:31:18 AEST
Size:
4.97 KB
patch
obsolete
>? scard/Ssh.bin >? scp/scp >? scp/scp.cat1 >? sftp/sftp >? sftp/sftp.cat1 >? sftp-server/sftp-server >? sftp-server/sftp-server.cat8 >? ssh/ssh >? ssh/ssh.cat1 >? ssh/ssh_config.cat5 >? ssh-add/ssh-add >? ssh-add/ssh-add.cat1 >? ssh-agent/ssh-agent >? ssh-agent/ssh-agent.cat1 >? ssh-keygen/ssh-keygen >? ssh-keygen/ssh-keygen.cat1 >? ssh-keyscan/ssh-keyscan >? ssh-keyscan/ssh-keyscan.cat1 >? ssh-keysign/ssh-keysign >? ssh-keysign/ssh-keysign.cat8 >? sshd/sshd >? sshd/sshd.cat8 >? sshd/sshd_config.cat5 >Index: misc.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/misc.c,v >retrieving revision 1.52 >diff -u -p -r1.52 misc.c >--- misc.c 2006/03/30 09:58:15 1.52 >+++ misc.c 2006/05/06 04:21:35 >@@ -36,6 +36,7 @@ > #include "misc.h" > #include "log.h" > #include "xmalloc.h" >+#include "ssh.h" > > /* remove newline at end of string */ > char * >@@ -319,6 +320,23 @@ convtime(const char *s) > } > > return total; >+} >+ >+/* >+ * Returns a standardized host+port identifier string. >+ * Caller must free returned string. >+ */ >+char * >+put_host_port(const char *host, u_short port) >+{ >+ char *hoststr; >+ >+ if (port == 0 || port == SSH_DEFAULT_PORT) >+ return(xstrdup(host)); >+ if (asprintf(&hoststr, "[%s]:%d", host, (int)port) < 0) >+ fatal("put_host_port: asprintf: %s", strerror(errno)); >+ debug3("put_host_port: %s", hoststr); >+ return hoststr; > } > > /* >Index: misc.h >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/misc.h,v >retrieving revision 1.31 >diff -u -p -r1.31 misc.h >--- misc.h 2006/03/30 09:58:15 1.31 >+++ misc.h 2006/05/06 04:21:35 >@@ -24,6 +24,7 @@ int unset_nonblock(int); > void set_nodelay(int); > int a2port(const char *); > int a2tun(const char *, int *); >+char *put_host_port(const char *, u_short); > char *hpdelim(char **); > char *cleanhostname(char *); > char *colon(char *); >Index: sshconnect.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/sshconnect.c,v >retrieving revision 1.181 >diff -u -p -r1.181 sshconnect.c >--- sshconnect.c 2006/04/20 09:47:59 1.181 >+++ sshconnect.c 2006/05/06 04:21:35 >@@ -502,12 +502,12 @@ confirm(const char *prompt) > * is not valid. the user_hostfile will not be updated if 'readonly' is true. > */ > static int >-check_host_key(char *host, struct sockaddr *hostaddr, Key *host_key, >+check_host_key(char *hostname, struct sockaddr *hostaddr, Key *host_key, > int readonly, const char *user_hostfile, const char *system_hostfile) > { > Key *file_key; > const char *type = key_type(host_key); >- char *ip = NULL; >+ char *ip = NULL, *host = NULL; > char hostline[1000], *hostp, *fp; > HostStatus host_status; > HostStatus ip_status; >@@ -554,7 +554,7 @@ check_host_key(char *host, struct sockad > if (getnameinfo(hostaddr, hostaddr->sa_len, ntop, sizeof(ntop), > NULL, 0, NI_NUMERICHOST) != 0) > fatal("check_host_key: getnameinfo failed"); >- ip = xstrdup(ntop); >+ ip = put_host_port(ntop, options.port); > } else { > ip = xstrdup("<no hostip for proxy command>"); > } >@@ -562,18 +562,21 @@ check_host_key(char *host, struct sockad > * Turn off check_host_ip if the connection is to localhost, via proxy > * command or if we don't have a hostname to compare with > */ >- if (options.check_host_ip && >- (local || strcmp(host, ip) == 0 || options.proxy_command != NULL)) >+ if (options.check_host_ip && (local || >+ strcmp(hostname, ip) == 0 || options.proxy_command != NULL)) > options.check_host_ip = 0; > > /* >- * Allow the user to record the key under a different name. This is >- * useful for ssh tunneling over forwarded connections or if you run >- * multiple sshd's on different ports on the same machine. >+ * Allow the user to record the key under a different name or >+ * differentiate a non-standard port. This is useful for ssh >+ * tunneling over forwarded connections or if you run multiple >+ * sshd's on different ports on the same machine. > */ > if (options.host_key_alias != NULL) { >- host = options.host_key_alias; >+ host = xstrdup(options.host_key_alias); > debug("using hostkeyalias: %s", host); >+ } else { >+ host = put_host_port(hostname, options.port); > } > > /* >@@ -835,10 +838,12 @@ check_host_key(char *host, struct sockad > } > > xfree(ip); >+ xfree(host); > return 0; > > fail: > xfree(ip); >+ xfree(host); > return -1; > } > >Index: sshd.8 >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/sshd.8,v >retrieving revision 1.230 >diff -u -p -r1.230 sshd.8 >--- sshd.8 2006/02/24 20:31:31 1.230 >+++ sshd.8 2006/05/06 04:21:35 >@@ -562,6 +562,13 @@ A pattern may also be preceded by > to indicate negation: if the host name matches a negated > pattern, it is not accepted (by that line) even if it matched another > pattern on the line. >+A hostname or address may optionally be enclosed within >+.Ql \&[ >+and >+.Ql \&] >+brackets then followed by >+.Ql \&: >+and and a non-standard port number. > .Pp > Alternately, hostnames may be stored in a hashed form which hides host names > and addresses should the file's contents be disclosed.
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1131">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 910
:
716
|
717
|
719
|
912
|
913
|
914
|
920
|
946
|
954
|
980
|
1051
|
1052
|
1073
| 1131 |
1132