upstream commit
add a "rdomain" criteria for the sshd_config Match
keyword to allow conditional configuration that depends on which rdomain(4) a
connection was recevied on. ok markus@
Upstream-ID: 27d8fd5a3f1bae18c9c6e533afdf99bff887a4fb
diff --git a/servconf.c b/servconf.c
index 51139c3..64a8651 100644
--- a/servconf.c
+++ b/servconf.c
@@ -1,5 +1,5 @@
-/* $OpenBSD: servconf.c,v 1.316 2017/10/25 00:17:08 djm Exp $ */
+/* $OpenBSD: servconf.c,v 1.317 2017/10/25 00:19:47 djm Exp $ */
/*
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
* All rights reserved
@@ -855,6 +855,7 @@
ci.address = ssh_remote_ipaddr(ssh);
ci.laddress = ssh_local_ipaddr(ssh);
ci.lport = ssh_local_port(ssh);
+ ci.rdomain = ssh_packet_rdomain_in(ssh);
return &ci;
}
@@ -1038,6 +1039,16 @@
ci->laddress, port, line);
else
result = 0;
+ } else if (strcasecmp(attrib, "rdomain") == 0) {
+ if (ci == NULL || ci->rdomain == NULL) {
+ result = 0;
+ continue;
+ }
+ if (match_pattern_list(ci->rdomain, arg, 0) != 1)
+ result = 0;
+ else
+ debug("user %.100s matched 'RDomain %.100s' at "
+ "line %d", ci->rdomain, arg, line);
} else {
error("Unsupported Match attribute %s", attrib);
return -1;
@@ -2080,6 +2091,8 @@
ci->user = xstrdup(p + 5);
} else if (strncmp(p, "laddr=", 6) == 0) {
ci->laddress = xstrdup(p + 6);
+ } else if (strncmp(p, "rdomain=", 8) == 0) {
+ ci->rdomain = xstrdup(p + 8);
} else if (strncmp(p, "lport=", 6) == 0) {
ci->lport = a2port(p + 6);
if (ci->lport == -1) {