fix negated address matching where the address list consists of a

author djm <djm@openbsd.org>

Tue, 23 Aug 2016 03:24:10 +0000 (03:24 +0000)

committer djm <djm@openbsd.org>

Tue, 23 Aug 2016 03:24:10 +0000 (03:24 +0000)
author djm <djm@openbsd.org>
Tue, 23 Aug 2016 03:24:10 +0000 (03:24 +0000)
committer djm <djm@openbsd.org>
Tue, 23 Aug 2016 03:24:10 +0000 (03:24 +0000)
diff --git a/usr.bin/ssh/addrmatch.c b/usr.bin/ssh/addrmatch.c

index 10c3fda..1b86f6f 100644 (file)
--- a/usr.bin/ssh/addrmatch.c
+++ b/usr.bin/ssh/addrmatch.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: addrmatch.c,v 1.10 2015/07/08 19:04:21 markus Exp $ */
+/*     $OpenBSD: addrmatch.c,v 1.11 2016/08/23 03:24:10 djm Exp $ */
  
  /*
   * Copyright (c) 2004-2008 Damien Miller <djm@mindrot.org>
@@ -407,7 +407,8 @@ addr_match_list(const char *addr, const char *_list)
                                         break;
                                 }
                                 ret = 1;
-                       }
+                       } else if (neg)
+                               ret = 1;
                         continue;
                 } else {
                         /* If CIDR parse failed, try wildcard string match */
author	djm <djm@openbsd.org>
	Tue, 23 Aug 2016 03:24:10 +0000 (03:24 +0000)
committer	djm <djm@openbsd.org>
	Tue, 23 Aug 2016 03:24:10 +0000 (03:24 +0000)