upstream: replace recently-added valid_domain() check for hostnames

going to known_hosts with a more relaxed check for bad characters; previous
commit broke address literals. Reported by/feedback from florian@

OpenBSD-Commit-ID: 10b86dc6a4b206adaa0c11b58b6d5933898d43e0

1 files changed, 12 insertions, 8 deletions

diff --git a/sshconnect.c b/sshconnect.c
index b6781261..0fca52b2 100644
--- a/sshconnect.c
+++ b/sshconnect.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshconnect.c,v 1.359 2022/10/24 22:43:36 djm Exp $ */
+/* $OpenBSD: sshconnect.c,v 1.360 2022/11/03 21:59:20 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -961,6 +961,17 @@ check_host_key(char *hostname, const struct ssh_conn_info *cinfo,
 	}
 
 	/*
+	 * Don't ever try to write an invalid name to a known hosts file.
+	 * Note: do this before get_hostfile_hostname_ipaddr() to catch
+	 * '[' or ']' in the name before they are added.
+	 */
+	if (strcspn(hostname, "@?*#[]|'\'\"\\") != strlen(hostname)) {
+		debug_f("invalid hostname \"%s\"; will not record: %s",
+		    hostname, fail_reason);
+		readonly = RDONLY;
+	}
+
+	/*
 	 * Prepare the hostname and address strings used for hostkey lookup.
 	 * In some cases, these will have a port number appended.
 	 */
@@ -1018,13 +1029,6 @@ check_host_key(char *hostname, const struct ssh_conn_info *cinfo,
 	    (host_found != NULL && host_found->note != 0)))
 		readonly = RDONLY;
 
-	/* Don't ever try to write an invalid name to a known hosts file */
-	if (!valid_domain(hostname, 0, &fail_reason)) {
-		debug_f("invalid hostname \"%s\"; will not record: %s",
-		    hostname, fail_reason);
-		readonly = RDONLY;
-	}
-
 	/*
 	 * Also perform check for the ip address, skip the check if we are
 	 * localhost, looking for a certificate, or the hostname was an ip