diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2010-01-10 10:31:12 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2010-01-10 10:31:12 +1100 |
| commit | 7bd98e7f74ebd8bd32157b607acedcb68201b7de (patch) | |
| tree | b62a62fcc4def0b22e48f6dde5e414a77e4d2244 /misc.c | |
| parent | 8c65f646a93ed2f61da65ba0ecf65a99bd585b79 (diff) | |
- dtucker@cvs.openbsd.org 2010/01/09 23:04:13
[channels.c ssh.1 servconf.c sshd_config.5 sshd.c channels.h servconf.h
ssh-keyscan.1 ssh-keyscan.c readconf.c sshconnect.c misc.c ssh.c
readconf.h scp.1 sftp.1 ssh_config.5 misc.h]
Remove RoutingDomain from ssh since it's now not needed. It can be
replaced with "route exec" or "nc -V" as a proxycommand. "route exec"
also ensures that trafic such as DNS lookups stays withing the specified
routingdomain. For example (from reyk):
# route -T 2 exec /usr/sbin/sshd
or inherited from the parent process
$ route -T 2 exec sh
$ ssh 10.1.2.3
ok deraadt@ markus@ stevesk@ reyk@
Diffstat (limited to 'misc.c')
| -rw-r--r-- | misc.c | 51 |
1 files changed, 1 insertions, 50 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: misc.c,v 1.74 2009/12/25 19:40:21 stevesk Exp $ */ | 1 | /* $OpenBSD: misc.c,v 1.75 2010/01/09 23:04:13 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * Copyright (c) 2005,2006 Damien Miller. All rights reserved. | 4 | * Copyright (c) 2005,2006 Damien Miller. All rights reserved. |
| @@ -151,43 +151,6 @@ set_nodelay(int fd) | |||
| 151 | error("setsockopt TCP_NODELAY: %.100s", strerror(errno)); | 151 | error("setsockopt TCP_NODELAY: %.100s", strerror(errno)); |
| 152 | } | 152 | } |
| 153 | 153 | ||
| 154 | /* open a socket in the specified routing domain */ | ||
| 155 | int | ||
| 156 | socket_rdomain(int domain, int type, int protocol, int rdomain) | ||
| 157 | { | ||
| 158 | int sock, ipproto = IPPROTO_IP; | ||
| 159 | |||
| 160 | if ((sock = socket(domain, type, protocol)) == -1) | ||
| 161 | return (-1); | ||
| 162 | |||
| 163 | if (rdomain == -1) | ||
| 164 | return (sock); | ||
| 165 | |||
| 166 | switch (domain) { | ||
| 167 | case AF_INET6: | ||
| 168 | ipproto = IPPROTO_IPV6; | ||
| 169 | /* FALLTHROUGH */ | ||
| 170 | case AF_INET: | ||
| 171 | debug2("socket %d af %d setting rdomain %d", | ||
| 172 | sock, domain, rdomain); | ||
| 173 | if (setsockopt(sock, ipproto, SO_RDOMAIN, &rdomain, | ||
| 174 | sizeof(rdomain)) == -1) { | ||
| 175 | debug("setsockopt SO_RDOMAIN: %.100s", | ||
| 176 | strerror(errno)); | ||
| 177 | close(sock); | ||
| 178 | return (-1); | ||
| 179 | } | ||
| 180 | break; | ||
| 181 | default: | ||
| 182 | debug("socket %d af %d does not support rdomain %d", | ||
| 183 | sock, domain, rdomain); | ||
| 184 | close(sock); | ||
| 185 | return (-1); | ||
| 186 | } | ||
| 187 | |||
| 188 | return (sock); | ||
| 189 | } | ||
| 190 | |||
| 191 | /* Characters considered whitespace in strsep calls. */ | 154 | /* Characters considered whitespace in strsep calls. */ |
| 192 | #define WHITESPACE " \t\r\n" | 155 | #define WHITESPACE " \t\r\n" |
| 193 | #define QUOTE "\"" | 156 | #define QUOTE "\"" |
| @@ -274,18 +237,6 @@ a2port(const char *s) | |||
| 274 | } | 237 | } |
| 275 | 238 | ||
| 276 | int | 239 | int |
| 277 | a2rdomain(const char *s) | ||
| 278 | { | ||
| 279 | long long rdomain; | ||
| 280 | const char *errstr; | ||
| 281 | |||
| 282 | rdomain = strtonum(s, 0, RT_TABLEID_MAX, &errstr); | ||
| 283 | if (errstr != NULL) | ||
| 284 | return -1; | ||
| 285 | return (int)rdomain; | ||
| 286 | } | ||
| 287 | |||
| 288 | int | ||
| 289 | a2tun(const char *s, int *remote) | 240 | a2tun(const char *s, int *remote) |
| 290 | { | 241 | { |
| 291 | const char *errstr = NULL; | 242 | const char *errstr = NULL; |