From 9f5f10552b54d1e8a21f9ccbcf5bbe37744d36f6 Mon Sep 17 00:00:00 2001
From: Jakub Jelen <jjelen@redhat.com>
Date: Tue, 4 Sep 2018 10:30:09 +0200
Subject: [PATCH] config: Do not overwrite previously matched result in Host
 blocks

The match_hostname() expects comma separated list, while the Host
config keyword in openssh uses spaces separated list by default.
Therefore any subseqent match or negated match in space separated
list will overwrite the previous matches.

This also adjusts the tests to make sure both of the versions work.

Signed-off-by: Jakub Jelen <jjelen@redhat.com>
Reviewed-by: Andreas Schneider <asn@cryptomilk.org>
---
 src/config.c                      | 13 ++++++++-----
 tests/unittests/torture_options.c | 15 ++++++++++++++-
 2 files changed, 22 insertions(+), 6 deletions(-)

diff --git a/src/config.c b/src/config.c
index 6435f860..5d1baa51 100644
--- a/src/config.c
+++ b/src/config.c
@@ -406,7 +406,7 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
       }
       break;
     case SOC_HOST: {
-        int ok = 0;
+        int ok = 0, result = -1;
 
         *parsing = 0;
         lowerhost = (session->opts.host) ? ssh_lowercase(session->opts.host) : NULL;
@@ -415,14 +415,17 @@ static int ssh_config_parse_line(ssh_session session, const char *line,
              p = ssh_config_get_str_tok(&s, NULL)) {
              if (ok >= 0) {
                ok = match_hostname(lowerhost, p, strlen(p));
-               if (ok < 0) {
-                   *parsing = 0;
-               } else if (ok > 0) {
-                   *parsing = 1;
+               if (result == -1 && ok < 0) {
+                   result = 0;
+               } else if (result == -1 && ok > 0) {
+                   result = 1;
                }
             }
         }
         SAFE_FREE(lowerhost);
+        if (result != -1) {
+            *parsing = result;
+        }
         break;
     }
     case SOC_HOSTNAME:
diff --git a/tests/unittests/torture_options.c b/tests/unittests/torture_options.c
index b531b542..be844810 100644
--- a/tests/unittests/torture_options.c
+++ b/tests/unittests/torture_options.c
@@ -359,7 +359,10 @@ static void torture_options_config_host(void **state) {
     /* create a new config file */
     config = fopen("test_config", "w");
     assert_non_null(config);
-    fputs("Host testhost1\nPort 42\nHost testhost2,testhost3\nPort 43\n", config);
+    fputs("Host testhost1\nPort 42\n"
+          "Host testhost2,testhost3\nPort 43\n"
+          "Host testhost4 testhost5\nPort 44\n",
+          config);
     fclose(config);
 
     ssh_options_set(session, SSH_OPTIONS_HOST, "testhost1");
@@ -377,6 +380,16 @@ static void torture_options_config_host(void **state) {
     ssh_options_parse_config(session, "test_config");
     assert_int_equal(session->opts.port, 43);
 
+    ssh_options_set(session, SSH_OPTIONS_HOST, "testhost4");
+    ssh_options_parse_config(session, "test_config");
+    assert_int_equal(session->opts.port, 44);
+
+    session->opts.port = 0;
+
+    ssh_options_set(session, SSH_OPTIONS_HOST, "testhost5");
+    ssh_options_parse_config(session, "test_config");
+    assert_int_equal(session->opts.port, 44);
+
     unlink("test_config");
 }