===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/readconf.c,v
retrieving revision 1.361
retrieving revision 1.362
diff -u -r1.361 -r1.362
--- src/usr.bin/ssh/readconf.c	2021/07/23 04:04:52	1.361
+++ src/usr.bin/ssh/readconf.c	2021/09/15 06:56:01	1.362
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.361 2021/07/23 04:04:52 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.362 2021/09/15 06:56:01 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1997,11 +1997,23 @@
 
 	case oCanonicalizePermittedCNAMEs:
 		value = options->num_permitted_cnames != 0;
+		i = 0;
 		while ((arg = argv_next(&ac, &av)) != NULL) {
-			/* Either '*' for everything or 'list:list' */
-			if (strcmp(arg, "*") == 0)
+			/*
+			 * Either 'none' (only in first position), '*' for
+			 * everything or 'list:list'
+			 */
+			if (strcasecmp(arg, "none") == 0) {
+				if (i > 0 || ac > 0) {
+					error("%s line %d: keyword %s \"none\" "
+					    "argument must appear alone.",
+					    filename, linenum, keyword);
+					goto out;
+				}
+				arg2 = "";
+			} else if (strcmp(arg, "*") == 0) {
 				arg2 = arg;
-			else {
+			} else {
 				lowercase(arg);
 				if ((arg2 = strchr(arg, ':')) == NULL ||
 				    arg2[1] == '\0') {
@@ -2013,6 +2025,7 @@
 				*arg2 = '\0';
 				arg2++;
 			}
+			i++;
 			if (!*activep || value)
 				continue;
 			if (options->num_permitted_cnames >=
@@ -2267,6 +2280,20 @@
 }
 
 /*
+ * Returns 1 if CanonicalizePermittedCNAMEs have been specified, 0 otherwise.
+ * Allowed to be called on non-final configuration.
+ */
+int
+config_has_permitted_cnames(Options *options)
+{
+	if (options->num_permitted_cnames == 1 &&
+	    strcasecmp(options->permitted_cnames[0].source_list, "none") == 0 &&
+	    strcmp(options->permitted_cnames[0].target_list, "") == 0)
+		return 0;
+	return options->num_permitted_cnames > 0;
+}
+
+/*
  * Initializes options to special values that indicate that they have not yet
  * been set.  Read_config_file will only set options with this value. Options
  * are processed in the following order: command line, user config file,
@@ -2627,6 +2654,15 @@
 		free(options->jump_host);
 		options->jump_host = NULL;
 	}
+	if (options->num_permitted_cnames == 1 &&
+	    !config_has_permitted_cnames(options)) {
+		/* clean up CanonicalizePermittedCNAMEs=none */
+		free(options->permitted_cnames[0].source_list);
+		free(options->permitted_cnames[0].target_list);
+		memset(options->permitted_cnames, '\0',
+		    sizeof(*options->permitted_cnames));
+		options->num_permitted_cnames = 0;
+	}
 	/* options->identity_agent distinguishes NULL from 'none' */
 	/* options->user will be set in the main program if appropriate */
 	/* options->hostname will be set in the main program if appropriate */
@@ -3342,14 +3378,14 @@
 	printf("\n");
 
 	/* oCanonicalizePermittedCNAMEs */
-	if ( o->num_permitted_cnames > 0) {
-		printf("canonicalizePermittedcnames");
-		for (i = 0; i < o->num_permitted_cnames; i++) {
-			printf(" %s:%s", o->permitted_cnames[i].source_list,
-			    o->permitted_cnames[i].target_list);
-		}
-		printf("\n");
+	printf("canonicalizePermittedcnames");
+	if (o->num_permitted_cnames == 0)
+		printf("none");
+	for (i = 0; i < o->num_permitted_cnames; i++) {
+		printf(" %s:%s", o->permitted_cnames[i].source_list,
+		    o->permitted_cnames[i].target_list);
 	}
+	printf("\n");
 
 	/* oControlPersist */
 	if (o->control_persist == 0 || o->control_persist_timeout == 0)