From 383a33d160cefbfd1b40fef81f72eadbf9303a66 Mon Sep 17 00:00:00 2001 From: "djm@openbsd.org" Date: Fri, 21 Sep 2018 03:11:36 +0000 Subject: [PATCH] upstream: Treat connections with ProxyJump specified the same as ones with a ProxyCommand set with regards to hostname canonicalisation (i.e. don't try to canonicalise the hostname unless CanonicalizeHostname is set to 'always'). Patch from Sven Wegener via bz#2896 OpenBSD-Commit-ID: 527ff501cf98bf65fb4b29ed0cb847dda10f4d37 --- ssh.c | 7 +++---- ssh_config.5 | 8 +++++--- 2 files changed, 8 insertions(+), 7 deletions(-) diff --git a/ssh.c b/ssh.c index f4204c88d..849fae355 100644 --- a/ssh.c +++ b/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.492 2018/09/20 03:31:49 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.493 2018/09/21 03:11:36 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1137,10 +1137,9 @@ main(int ac, char **av) if (addrs == NULL && options.num_permitted_cnames != 0 && (direct || options.canonicalize_hostname == SSH_CANONICALISE_ALWAYS)) { if ((addrs = resolve_host(host, options.port, - option_clear_or_none(options.proxy_command), - cname, sizeof(cname))) == NULL) { + direct, cname, sizeof(cname))) == NULL) { /* Don't fatal proxied host names not in the DNS */ - if (option_clear_or_none(options.proxy_command)) + if (direct) cleanup_exit(255); /* logged in resolve_host */ } else check_follow_cname(direct, &host, cname); diff --git a/ssh_config.5 b/ssh_config.5 index c7192665f..2df1165f1 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.283 2018/09/20 06:58:48 jmc Exp $ -.Dd $Mdocdate: September 20 2018 $ +.\" $OpenBSD: ssh_config.5,v 1.284 2018/09/21 03:11:36 djm Exp $ +.Dd $Mdocdate: September 21 2018 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -290,7 +290,9 @@ hostname lookups. If set to .Cm yes then, for connections that do not use a -.Cm ProxyCommand , +.Cm ProxyCommand +or +.Cm ProxyJump , .Xr ssh 1 will attempt to canonicalize the hostname specified on the command line using the