summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2003-07-03 13:52:04 +1000
committerDarren Tucker <dtucker@zip.com.au>2003-07-03 13:52:04 +1000
commit9189ff89c3c15f152d8daedb09c4101a96365da4 (patch)
tree9a1752ec22397b948d49dfa7257199f8a681e6a7
parentedeb1f74498db67636f231e8313cc56d4ff112ec (diff)
- markus@cvs.openbsd.org 2003/07/02 12:56:34
[channels.c] deny dynamic forwarding with -R for v1, too; ok djm@
-rw-r--r--ChangeLog5
-rw-r--r--channels.c10
2 files changed, 11 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index ee5276502..40cf07d41 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,9 @@
12 - markus@cvs.openbsd.org 2003/06/29 12:44:38 12 - markus@cvs.openbsd.org 2003/06/29 12:44:38
13 [sshconnect.c] 13 [sshconnect.c]
14 memset 0, not \0; andrushock@korovino.net 14 memset 0, not \0; andrushock@korovino.net
15 - markus@cvs.openbsd.org 2003/07/02 12:56:34
16 [channels.c]
17 deny dynamic forwarding with -R for v1, too; ok djm@
15 18
1620030630 1920030630
17 - (djm) Search for support functions necessary to build our 20 - (djm) Search for support functions necessary to build our
@@ -632,4 +635,4 @@
632 - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. 635 - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
633 Report from murple@murple.net, diagnosis from dtucker@zip.com.au 636 Report from murple@murple.net, diagnosis from dtucker@zip.com.au
634 637
635$Id: ChangeLog,v 1.2838 2003/07/03 03:48:04 dtucker Exp $ 638$Id: ChangeLog,v 1.2839 2003/07/03 03:52:04 dtucker Exp $
diff --git a/channels.c b/channels.c
index 04ef6575c..ce07db5c0 100644
--- a/channels.c
+++ b/channels.c
@@ -39,7 +39,7 @@
39 */ 39 */
40 40
41#include "includes.h" 41#include "includes.h"
42RCSID("$OpenBSD: channels.c,v 1.191 2003/06/24 08:23:46 markus Exp $"); 42RCSID("$OpenBSD: channels.c,v 1.192 2003/07/02 12:56:34 markus Exp $");
43 43
44#include "ssh.h" 44#include "ssh.h"
45#include "ssh1.h" 45#include "ssh1.h"
@@ -2201,9 +2201,13 @@ channel_input_port_forward_request(int is_root, int gateway_ports)
2201 * privileged port. 2201 * privileged port.
2202 */ 2202 */
2203 if (port < IPPORT_RESERVED && !is_root) 2203 if (port < IPPORT_RESERVED && !is_root)
2204 packet_disconnect("Requested forwarding of port %d but user is not root.", 2204 packet_disconnect(
2205 port); 2205 "Requested forwarding of port %d but user is not root.",
2206 port);
2207 if (host_port == 0)
2208 packet_disconnect("Dynamic forwarding denied.");
2206#endif 2209#endif
2210
2207 /* Initiate forwarding */ 2211 /* Initiate forwarding */
2208 channel_setup_local_fwd_listener(port, hostname, host_port, gateway_ports); 2212 channel_setup_local_fwd_listener(port, hostname, host_port, gateway_ports);
2209 2213