diff options
author | djm@openbsd.org <djm@openbsd.org> | 2020-08-03 02:43:41 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2020-08-03 14:27:59 +1000 |
commit | a8732d74cb8e72f0c6366015687f1e649f60be87 (patch) | |
tree | b2d792042a526741fed21539ec6490629792b1d3 /scp.c | |
parent | ab9105470a83ed5d8197959a1b1f367399958ba1 (diff) |
upstream: allow -A to explicitly enable agent forwarding in scp and
sftp. The default remains to not forward an agent, even when ssh_config
enables it. ok jmc dtucker markus
OpenBSD-Commit-ID: 36cc526aa3b0f94e4704b8d7b969dd63e8576822
Diffstat (limited to 'scp.c')
-rw-r--r-- | scp.c | 11 |
1 files changed, 7 insertions, 4 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: scp.c,v 1.211 2020/05/29 21:22:02 millert Exp $ */ | 1 | /* $OpenBSD: scp.c,v 1.212 2020/08/03 02:43:41 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * scp - secure remote copy. This is basically patched BSD rcp which | 3 | * scp - secure remote copy. This is basically patched BSD rcp which |
4 | * uses ssh to do the data transfer (instead of using rcmd). | 4 | * uses ssh to do the data transfer (instead of using rcmd). |
@@ -425,7 +425,6 @@ main(int argc, char **argv) | |||
425 | args.list = remote_remote_args.list = NULL; | 425 | args.list = remote_remote_args.list = NULL; |
426 | addargs(&args, "%s", ssh_program); | 426 | addargs(&args, "%s", ssh_program); |
427 | addargs(&args, "-x"); | 427 | addargs(&args, "-x"); |
428 | addargs(&args, "-oForwardAgent=no"); | ||
429 | addargs(&args, "-oPermitLocalCommand=no"); | 428 | addargs(&args, "-oPermitLocalCommand=no"); |
430 | addargs(&args, "-oClearAllForwardings=yes"); | 429 | addargs(&args, "-oClearAllForwardings=yes"); |
431 | addargs(&args, "-oRemoteCommand=none"); | 430 | addargs(&args, "-oRemoteCommand=none"); |
@@ -433,7 +432,7 @@ main(int argc, char **argv) | |||
433 | 432 | ||
434 | fflag = Tflag = tflag = 0; | 433 | fflag = Tflag = tflag = 0; |
435 | while ((ch = getopt(argc, argv, | 434 | while ((ch = getopt(argc, argv, |
436 | "dfl:prtTvBCc:i:P:q12346S:o:F:J:")) != -1) { | 435 | "12346ABCTdfpqrtvF:J:P:S:c:i:l:o:")) != -1) { |
437 | switch (ch) { | 436 | switch (ch) { |
438 | /* User-visible flags. */ | 437 | /* User-visible flags. */ |
439 | case '1': | 438 | case '1': |
@@ -442,6 +441,7 @@ main(int argc, char **argv) | |||
442 | case '2': | 441 | case '2': |
443 | /* Ignored */ | 442 | /* Ignored */ |
444 | break; | 443 | break; |
444 | case 'A': | ||
445 | case '4': | 445 | case '4': |
446 | case '6': | 446 | case '6': |
447 | case 'C': | 447 | case 'C': |
@@ -523,6 +523,9 @@ main(int argc, char **argv) | |||
523 | argc -= optind; | 523 | argc -= optind; |
524 | argv += optind; | 524 | argv += optind; |
525 | 525 | ||
526 | /* Do this last because we want the user to be able to override it */ | ||
527 | addargs(&args, "-oForwardAgent=no"); | ||
528 | |||
526 | if ((pwd = getpwuid(userid = getuid())) == NULL) | 529 | if ((pwd = getpwuid(userid = getuid())) == NULL) |
527 | fatal("unknown user %u", (u_int) userid); | 530 | fatal("unknown user %u", (u_int) userid); |
528 | 531 | ||
@@ -1593,7 +1596,7 @@ void | |||
1593 | usage(void) | 1596 | usage(void) |
1594 | { | 1597 | { |
1595 | (void) fprintf(stderr, | 1598 | (void) fprintf(stderr, |
1596 | "usage: scp [-346BCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file]\n" | 1599 | "usage: scp [-346ABCpqrTv] [-c cipher] [-F ssh_config] [-i identity_file]\n" |
1597 | " [-J destination] [-l limit] [-o ssh_option] [-P port]\n" | 1600 | " [-J destination] [-l limit] [-o ssh_option] [-P port]\n" |
1598 | " [-S program] source ... target\n"); | 1601 | " [-S program] source ... target\n"); |
1599 | exit(1); | 1602 | exit(1); |