upstream: Add a PermitListen directive to control which server-side

addresses may be listened on when the client requests remote forwarding (ssh -R). This is the converse of the existing PermitOpen directive and this includes some refactoring to share much of its implementation. feedback and ok markus@ OpenBSD-Commit-ID: 15a931238c61a3f2ac74ea18a98c933e358e277f
author: djm@openbsd.org <djm@openbsd.org> 2018-06-06 18:22:41 +0000
committer: Damien Miller <djm@mindrot.org> 2018-06-07 04:27:20 +1000
commit: 115063a6647007286cc8ca70abfd2a7585f26ccc (patch)
tree: 7bd8d46ae55ff7fc1f8699740d2d2e106c3d5fe8 /ssh.c
parent: 7703ae5f5d42eb302ded51705166ff6e19c92892 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/ssh.c b/ssh.c
index d25960bce..a8505a0ee 100644
--- a/ssh.c
+++ b/ssh.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.479 2018/06/01 03:33:53 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.480 2018/06/06 18:22:41 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1654,10 +1654,10 @@ ssh_confirm_remote_forward(struct ssh *ssh, int type, u_int32_t seq, void *ctxt)
                        logit("Allocated port %u for remote forward to %s:%d",
                            rfwd->allocated_port,
                            rfwd->connect_host, rfwd->connect_port);
-                        channel_update_permitted_opens(ssh,
+                        channel_update_permission(ssh,
                            rfwd->handle, rfwd->allocated_port);
                } else {
-                        channel_update_permitted_opens(ssh, rfwd->handle, -1);
+                        channel_update_permission(ssh, rfwd->handle, -1);
                }
        }
author	djm@openbsd.org <djm@openbsd.org>	2018-06-06 18:22:41 +0000
committer	Damien Miller <djm@mindrot.org>	2018-06-07 04:27:20 +1000
commit	115063a6647007286cc8ca70abfd2a7585f26ccc (patch)
tree	7bd8d46ae55ff7fc1f8699740d2d2e106c3d5fe8 /ssh.c
parent	7703ae5f5d42eb302ded51705166ff6e19c92892 (diff)

diff --git a/ssh.c b/ssh.c index d25960bce..a8505a0ee 100644 --- a/ssh.c +++ b/ssh.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssh.c,v 1.479 2018/06/01 03:33:53 djm Exp $ */	1	/* $OpenBSD: ssh.c,v 1.480 2018/06/06 18:22:41 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1654,10 +1654,10 @@ ssh_confirm_remote_forward(struct ssh ssh, int type, u_int32_t seq, void ctxt)
1654	logit("Allocated port %u for remote forward to %s:%d",	1654	logit("Allocated port %u for remote forward to %s:%d",
1655	rfwd->allocated_port,	1655	rfwd->allocated_port,
1656	rfwd->connect_host, rfwd->connect_port);	1656	rfwd->connect_host, rfwd->connect_port);
1657	channel_update_permitted_opens(ssh,	1657	channel_update_permission(ssh,
1658	rfwd->handle, rfwd->allocated_port);	1658	rfwd->handle, rfwd->allocated_port);
1659	} else {	1659	} else {
1660	channel_update_permitted_opens(ssh, rfwd->handle, -1);	1660	channel_update_permission(ssh, rfwd->handle, -1);
1661	}	1661	}
1662	}	1662	}
1663		1663