===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/match.c,v
retrieving revision 1.32
retrieving revision 1.33
diff -u -r1.32 -r1.33
--- src/usr.bin/ssh/match.c	2016/09/21 16:55:42	1.32
+++ src/usr.bin/ssh/match.c	2016/11/06 05:46:37	1.33
@@ -1,4 +1,4 @@
-/* $OpenBSD: match.c,v 1.32 2016/09/21 16:55:42 djm Exp $ */
+/* $OpenBSD: match.c,v 1.33 2016/11/06 05:46:37 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -189,11 +189,10 @@
 {
 	int mhost, mip;
 
-	/* error in ipaddr match */
 	if ((mip = addr_match_list(ipaddr, patterns)) == -2)
-		return -1;
-	else if (mip == -1) /* negative ip address match */
-		return 0;
+		return -1; /* error in ipaddr match */
+	else if (host == NULL || ipaddr == NULL || mip == -1)
+		return 0; /* negative ip address match, or testing pattern */
 
 	/* negative hostname match */
 	if ((mhost = match_hostname(host, patterns)) == -1)
@@ -205,7 +204,9 @@
 }
 
 /*
- * match user, user@host_or_ip, user@host_or_ip_list against pattern
+ * Match user, user@host_or_ip, user@host_or_ip_list against pattern.
+ * If user, host and ipaddr are all NULL then validate pattern/
+ * Returns -1 on invalid pattern, 0 on no match, 1 on match.
  */
 int
 match_user(const char *user, const char *host, const char *ipaddr,
@@ -213,6 +214,14 @@
 {
 	char *p, *pat;
 	int ret;
+
+	/* test mode */
+	if (user == NULL && host == NULL && ipaddr == NULL) {
+		if ((p = strchr(pattern, '@')) != NULL &&
+		    match_host_and_ip(NULL, NULL, p + 1) < 0)
+			return -1;
+		return 0;
+	}
 
 	if ((p = strchr(pattern,'@')) == NULL)
 		return match_pattern(user, pattern);