upstream: properly fix ProxyJump parsing; Thanks to tb@ for

pointing out my error (parse_ssh_uri() can return -1/0/1, that I missed).
Reported by Raf Czlonka via bugs@

ok tb@

OpenBSD-Commit-ID: a2991a3794bcaf1ca2b025212cce11cdb5f6b7d6

1 files changed, 9 insertions, 4 deletions

diff --git a/readconf.c b/readconf.c
index c8ba5ddb5..12995a184 100644
--- a/readconf.c
+++ b/readconf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readconf.c,v 1.344 2020/12/17 23:10:27 djm Exp $ */
+/* $OpenBSD: readconf.c,v 1.345 2020/12/21 09:19:53 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2783,7 +2783,7 @@ parse_jump(const char *s, Options *o, int active)
 {
 	char *orig, *sdup, *cp;
 	char *host = NULL, *user = NULL;
-	int ret = -1, port = -1, first;
+	int r, ret = -1, port = -1, first;
 
 	active &= o->proxy_command == NULL && o->jump_host == NULL;
 
@@ -2799,14 +2799,19 @@ parse_jump(const char *s, Options *o, int active)
 
 		if (first) {
 			/* First argument and configuration is active */
-			if (parse_ssh_uri(cp, &user, &host, &port) == -1 &&
-			    parse_user_host_port(cp, &user, &host, &port) != 0)
+			r = parse_ssh_uri(cp, &user, &host, &port);
+			if (r == -1 || (r == 1 &&
+			    parse_user_host_port(cp, &user, &host, &port) != 0))
 				goto out;
 		} else {
 			/* Subsequent argument or inactive configuration */
 			if (parse_ssh_uri(cp, NULL, NULL, NULL) == -1 &&
 			    parse_user_host_port(cp, NULL, NULL, NULL) != 0)
 				goto out;
+			r = parse_ssh_uri(cp, NULL, NULL, NULL);
+			if (r == -1 || (r == 1 &&
+			    parse_user_host_port(cp, NULL, NULL, NULL) != 0))
+				goto out;
 		}
 		first = 0; /* only check syntax for subsequent hosts */
 	} while (cp != sdup);