diff options
author | djm@openbsd.org <djm@openbsd.org> | 2018-06-06 18:22:41 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2018-06-07 04:27:20 +1000 |
commit | 115063a6647007286cc8ca70abfd2a7585f26ccc (patch) | |
tree | 7bd8d46ae55ff7fc1f8699740d2d2e106c3d5fe8 /mux.c | |
parent | 7703ae5f5d42eb302ded51705166ff6e19c92892 (diff) |
upstream: Add a PermitListen directive to control which server-side
addresses may be listened on when the client requests remote forwarding (ssh
-R).
This is the converse of the existing PermitOpen directive and this
includes some refactoring to share much of its implementation.
feedback and ok markus@
OpenBSD-Commit-ID: 15a931238c61a3f2ac74ea18a98c933e358e277f
Diffstat (limited to 'mux.c')
-rw-r--r-- | mux.c | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mux.c,v 1.69 2017/09/20 05:19:00 dtucker Exp $ */ | 1 | /* $OpenBSD: mux.c,v 1.70 2018/06/06 18:22:41 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> |
4 | * | 4 | * |
@@ -634,7 +634,7 @@ mux_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt) | |||
634 | buffer_put_int(&out, MUX_S_REMOTE_PORT); | 634 | buffer_put_int(&out, MUX_S_REMOTE_PORT); |
635 | buffer_put_int(&out, fctx->rid); | 635 | buffer_put_int(&out, fctx->rid); |
636 | buffer_put_int(&out, rfwd->allocated_port); | 636 | buffer_put_int(&out, rfwd->allocated_port); |
637 | channel_update_permitted_opens(ssh, rfwd->handle, | 637 | channel_update_permission(ssh, rfwd->handle, |
638 | rfwd->allocated_port); | 638 | rfwd->allocated_port); |
639 | } else { | 639 | } else { |
640 | buffer_put_int(&out, MUX_S_OK); | 640 | buffer_put_int(&out, MUX_S_OK); |
@@ -643,7 +643,7 @@ mux_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt) | |||
643 | goto out; | 643 | goto out; |
644 | } else { | 644 | } else { |
645 | if (rfwd->listen_port == 0) | 645 | if (rfwd->listen_port == 0) |
646 | channel_update_permitted_opens(ssh, rfwd->handle, -1); | 646 | channel_update_permission(ssh, rfwd->handle, -1); |
647 | if (rfwd->listen_path != NULL) | 647 | if (rfwd->listen_path != NULL) |
648 | xasprintf(&failmsg, "remote port forwarding failed for " | 648 | xasprintf(&failmsg, "remote port forwarding failed for " |
649 | "listen path %s", rfwd->listen_path); | 649 | "listen path %s", rfwd->listen_path); |