diff options
| author | Damien Miller <djm@mindrot.org> | 2000-10-16 12:14:42 +1100 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2000-10-16 12:14:42 +1100 |
| commit | 50a41ed079629fdcd9a1d2a781b73170422fc73a (patch) | |
| tree | dbac99a364edff124412c16f079975a2e89a0389 /session.c | |
| parent | 5993935f76e66c957f02efaa8fc0c8ff8a3f92c9 (diff) | |
- (djm) Sync with OpenBSD:
- markus@cvs.openbsd.org 2000/10/14 04:01:15
[cipher.c]
debug3
- markus@cvs.openbsd.org 2000/10/14 04:07:23
[scp.c]
remove spaces from arguments; from djm@mindrot.org
- markus@cvs.openbsd.org 2000/10/14 06:09:46
[ssh.1]
Cipher is for SSH-1 only
- markus@cvs.openbsd.org 2000/10/14 06:12:09
[servconf.c servconf.h serverloop.c session.c sshd.8]
AllowTcpForwarding; from naddy@
- markus@cvs.openbsd.org 2000/10/14 06:16:56
[auth2.c compat.c compat.h sshconnect2.c version.h]
OpenSSH_2.3; note that is is not complete, but the version number
needs to be changed for interoperability reasons
- markus@cvs.openbsd.org 2000/10/14 06:19:45
[auth-rsa.c]
do not send RSA challenge if key is not allowed by key-options; from
eivind@ThinkSec.com
- markus@cvs.openbsd.org 2000/10/15 08:14:01
[rijndael.c session.c]
typos; from stevesk@sweden.hp.com
- markus@cvs.openbsd.org 2000/10/15 08:18:31
[rijndael.c]
typo
- Copy manpages back over from OpenBSD - too tedious to wade through diffs
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 8 |
1 files changed, 6 insertions, 2 deletions
| @@ -33,7 +33,7 @@ | |||
| 33 | */ | 33 | */ |
| 34 | 34 | ||
| 35 | #include "includes.h" | 35 | #include "includes.h" |
| 36 | RCSID("$OpenBSD: session.c,v 1.38 2000/10/11 20:27:23 markus Exp $"); | 36 | RCSID("$OpenBSD: session.c,v 1.40 2000/10/15 14:14:01 markus Exp $"); |
| 37 | 37 | ||
| 38 | #include "xmalloc.h" | 38 | #include "xmalloc.h" |
| 39 | #include "ssh.h" | 39 | #include "ssh.h" |
| @@ -236,7 +236,7 @@ do_authenticated(struct passwd * pw) | |||
| 236 | * by the client telling us, so we can equally well trust the client | 236 | * by the client telling us, so we can equally well trust the client |
| 237 | * not to request anything bogus.) | 237 | * not to request anything bogus.) |
| 238 | */ | 238 | */ |
| 239 | if (!no_port_forwarding_flag) | 239 | if (!no_port_forwarding_flag && options.allow_tcp_forwarding) |
| 240 | channel_permit_all_opens(); | 240 | channel_permit_all_opens(); |
| 241 | 241 | ||
| 242 | s = session_new(); | 242 | s = session_new(); |
| @@ -388,6 +388,10 @@ do_authenticated(struct passwd * pw) | |||
| 388 | debug("Port forwarding not permitted for this authentication."); | 388 | debug("Port forwarding not permitted for this authentication."); |
| 389 | break; | 389 | break; |
| 390 | } | 390 | } |
| 391 | if (!options.allow_tcp_forwarding) { | ||
| 392 | debug("Port forwarding not permitted."); | ||
| 393 | break; | ||
| 394 | } | ||
| 391 | debug("Received TCP/IP port forwarding request."); | 395 | debug("Received TCP/IP port forwarding request."); |
| 392 | channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports); | 396 | channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports); |
| 393 | success = 1; | 397 | success = 1; |