The block of code that canonicallizes the hostname supplied on

the command line added by patch-ssh.c misapplies to 7.7p1 and
moves from main() to to ssh_session2(). This breaks ssh SSHFP
support for non-canonical hostnames. For example, "ssh zinc"
correctly discovers the FQDN (zinc.ee.lbl.gov) and uses it to
look up A and AAAA records but the non-canonical version (zinc)
is used in the SSHFP record lookup which or course fails.

Regenerate the patch.

Reviewed by:	bdrewery, ler (mentor)
Approved by:	bdrewery, ler (mentor)
Differential Revision:	https://reviews.freebsd.org/D15053

1 files changed, 8 insertions, 8 deletions

diff --git a/security/openssh-portable/files/patch-ssh.c b/security/openssh-portable/files/patch-ssh.c
index 9b679c297df2..c49535dcf868 100644
--- a/security/openssh-portable/files/patch-ssh.c
+++ b/security/openssh-portable/files/patch-ssh.c
@@ -5,11 +5,11 @@ Changed paths:
 
 Canonicize the host name before looking it up in the host file.
 
---- ssh.c.orig	2010-08-16 09:59:31.000000000 -0600
-+++ ssh.c	2010-08-25 17:55:01.000000000 -0600
-@@ -699,6 +699,23 @@
- 		    "h", host, (char *)NULL);
- 	}
+--- ssh.c.orig	2018-04-02 05:38:28 UTC
++++ ssh.c
+@@ -1281,6 +1281,23 @@ main(int ac, char **av)
+ 	ssh_digest_free(md);
+ 	conn_hash_hex = tohex(conn_hash, ssh_digest_bytes(SSH_DIGEST_SHA1));
  
 +	/* Find canonic host name. */
 +	if (strchr(host, '.') == 0) {
@@ -28,6 +28,6 @@ Canonicize the host name before looking it up in the host file.
 +		}
 +	}
 +
- 	if (options.local_command != NULL) {
- 		char thishost[NI_MAXHOST];
- 
+ 	/*
+ 	 * Expand tokens in arguments. NB. LocalCommand is expanded later,
+ 	 * after port-forwarding is set up, so it may pick up any local