- djm@cvs.openbsd.org 2014/06/24 02:19:48
[ssh.c] don't fatal() when hostname canonicalisation fails with a ProxyCommand in use; continue and allow the ProxyCommand to connect anyway (e.g. to a host with a name outside the DNS behind a bastion)
This commit is contained in:
parent
8668706d0f
commit
19439e9a2a
|
@ -44,6 +44,12 @@
|
||||||
Dempsky and Ron Bowes for a detailed review a few months ago.
|
Dempsky and Ron Bowes for a detailed review a few months ago.
|
||||||
NB. This commit also removes portable OpenSSH support for OpenSSL
|
NB. This commit also removes portable OpenSSH support for OpenSSL
|
||||||
<0.9.8e.
|
<0.9.8e.
|
||||||
|
- djm@cvs.openbsd.org 2014/06/24 02:19:48
|
||||||
|
[ssh.c]
|
||||||
|
don't fatal() when hostname canonicalisation fails with a
|
||||||
|
ProxyCommand in use; continue and allow the ProxyCommand to
|
||||||
|
connect anyway (e.g. to a host with a name outside the DNS
|
||||||
|
behind a bastion)
|
||||||
|
|
||||||
20140618
|
20140618
|
||||||
- (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare
|
- (tim) [openssh/session.c] Work around to get chroot sftp working on UnixWare
|
||||||
|
|
14
ssh.c
14
ssh.c
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: ssh.c,v 1.402 2014/04/29 18:01:49 markus Exp $ */
|
/* $OpenBSD: ssh.c,v 1.403 2014/06/24 02:19:48 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
* Author: Tatu Ylonen <ylo@cs.hut.fi>
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
|
@ -930,10 +930,14 @@ main(int ac, char **av)
|
||||||
if (addrs == NULL && options.num_permitted_cnames != 0 &&
|
if (addrs == NULL && options.num_permitted_cnames != 0 &&
|
||||||
(option_clear_or_none(options.proxy_command) ||
|
(option_clear_or_none(options.proxy_command) ||
|
||||||
options.canonicalize_hostname == SSH_CANONICALISE_ALWAYS)) {
|
options.canonicalize_hostname == SSH_CANONICALISE_ALWAYS)) {
|
||||||
if ((addrs = resolve_host(host, options.port, 1,
|
if ((addrs = resolve_host(host, options.port,
|
||||||
cname, sizeof(cname))) == NULL)
|
option_clear_or_none(options.proxy_command),
|
||||||
cleanup_exit(255); /* resolve_host logs the error */
|
cname, sizeof(cname))) == NULL) {
|
||||||
check_follow_cname(&host, cname);
|
/* Don't fatal proxied host names not in the DNS */
|
||||||
|
if (option_clear_or_none(options.proxy_command))
|
||||||
|
cleanup_exit(255); /* logged in resolve_host */
|
||||||
|
} else
|
||||||
|
check_follow_cname(&host, cname);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
Loading…
Reference in New Issue