Date: Thu, 12 Apr 2018 21:54:01 +0000 (UTC) From: Craig Leres <leres@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r467200 - in head/security/openssh-portable: . files Message-ID: <201804122154.w3CLs1mL076856@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: leres Date: Thu Apr 12 21:54:01 2018 New Revision: 467200 URL: https://svnweb.freebsd.org/changeset/ports/467200 Log: The block of code that canonicallizes the hostname supplied on the command line added by patch-ssh.c misapplies to 7.7p1 and moves from main() to to ssh_session2(). This breaks ssh SSHFP support for non-canonical hostnames. For example, "ssh zinc" correctly discovers the FQDN (zinc.ee.lbl.gov) and uses it to look up A and AAAA records but the non-canonical version (zinc) is used in the SSHFP record lookup which or course fails. Regenerate the patch. Reviewed by: bdrewery, ler (mentor) Approved by: bdrewery, ler (mentor) Differential Revision: https://reviews.freebsd.org/D15053 Modified: head/security/openssh-portable/Makefile head/security/openssh-portable/files/patch-ssh.c Modified: head/security/openssh-portable/Makefile ============================================================================== --- head/security/openssh-portable/Makefile Thu Apr 12 21:45:23 2018 (r467199) +++ head/security/openssh-portable/Makefile Thu Apr 12 21:54:01 2018 (r467200) @@ -3,7 +3,7 @@ PORTNAME= openssh DISTVERSION= 7.7p1 -PORTREVISION= 0 +PORTREVISION= 1 PORTEPOCH= 1 CATEGORIES= security ipv6 MASTER_SITES= OPENBSD/OpenSSH/portable Modified: head/security/openssh-portable/files/patch-ssh.c ============================================================================== --- head/security/openssh-portable/files/patch-ssh.c Thu Apr 12 21:45:23 2018 (r467199) +++ head/security/openssh-portable/files/patch-ssh.c Thu Apr 12 21:54:01 2018 (r467200) @@ -5,11 +5,11 @@ Changed paths: Canonicize the host name before looking it up in the host file. ---- ssh.c.orig 2010-08-16 09:59:31.000000000 -0600 -+++ ssh.c 2010-08-25 17:55:01.000000000 -0600 -@@ -699,6 +699,23 @@ - "h", host, (char *)NULL); - } +--- ssh.c.orig 2018-04-02 05:38:28 UTC ++++ ssh.c +@@ -1281,6 +1281,23 @@ main(int ac, char **av) + ssh_digest_free(md); + conn_hash_hex = tohex(conn_hash, ssh_digest_bytes(SSH_DIGEST_SHA1)); + /* Find canonic host name. */ + if (strchr(host, '.') == 0) { @@ -28,6 +28,6 @@ Canonicize the host name before looking it up in the h + } + } + - if (options.local_command != NULL) { - char thishost[NI_MAXHOST]; - + /* + * Expand tokens in arguments. NB. LocalCommand is expanded later, + * after port-forwarding is set up, so it may pick up any local
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201804122154.w3CLs1mL076856>