Port 22 isn't caught by [hostname]:*. Reproducer added.
Revisions and Commits
|rLIBSSH962bdf806c6f knownhosts: Handle wildcard ports matches against standard one|
Actually, man page for sshd from OpenSSH says the following:
A hostname or address may optionally be enclosed within ‘[’ and ‘]’ brackets then followed by ‘:’ and a non-standard port number.
And according this the implementation in libssh is written. Note, that port 22 is standard port and therefore libssh does not attempt to match against the "expanded" version of the [host]:port syntax. Technically, this is a problem of your provided configuration and OpenSSH accepting this pattern, but since OpenSSH is the base that we are trying to be compatible should probably fix this to be compatible.
Internally, there is used generic pattern match, which does not know anything about the square braces.
Whatever I tried so far did not end with nice generic code, but with awkward handling of this single corner case, mostly because the ssh_known_hosts_parse_line() is in public api, which already expects the input in this way, but handling this case inside this function results in.
There is my WIP branch with a reproducers and a fix, that works, but I am not happy with:
Any comments, suggestions or proposals how this would be best handled are welcomed
@asn On the second though, I reworked the branch to optimize the pass and pass the given test cases. Can you check if the following would be acceptable?
@Gundersanne verification from your side would be also helpful, even though I tried to cover your use case in the project testsuite.