[Bug 2685] Case sensitive hostname matching

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Mon Mar 6 20:49:07 AEDT 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2685

--- Comment #2 from Petr Cerny [:hrosik] <pcerny at suse.cz> ---
(In reply to Richard Birkett from comment #1)
> Historically, matching in ssh_config was always case-sensitive. 
> This stopped happening sometime in 2013/2014, which I guess is why
> the commits you mention were considered to be a bug-fix, not a new
> feature.

If I remember correctly, the Match Host was actually introduced as case
insensitive at first.

> I'm not sure the argument of the "Host" keyword should necessarily
> be expected to behave exactly like a DNS hostname, including all the
> equivalence rules like RFC 4343.  Despite the keyword's name, in
> practice it's just a pattern to match against whatever text was
> supplied on the command-line.  That's *usually* a hostname, but
> there are valid use-cases which treat it as an arbitrary label, with
> the real hostname specified by HostName.

That was my thought when I saw that first, yet reading ssh_config(5):
    ...
    The criteria for the host keyword are matched against the target
    hostname, after any substitution by the Hostname option.
    originalhost keyword matches against the hostname as it was
    specified on the command-line
    ...

That is why the proposed patch leaves _originalhost_ alone, so that it
can be used for this purpose. One more hint that it should be
case-insensitive is the comment preceding match_hostname().

> Maybe the best of both worlds (though not entirely
> backward-compatible) would be for matching of the Host keyword to be
> case-insensitive, but add an optional modifier on the Match keyword
> so that people who specifically want case-sensitive matching can
> have it, eg.
> 
>     Match caseful originalhost WeIrDlAbEl

Or making this a global option (e.g. MatchHostCaseSensitive) - would be
less flexible, yet much simpler and "more" backwards compatible.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list