summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--ChangeLog6
-rw-r--r--readconf.c26
-rw-r--r--readconf.h3
-rw-r--r--scp.c17
-rw-r--r--sftp.c3
-rw-r--r--ssh.118
6 files changed, 61 insertions, 12 deletions
diff --git a/ChangeLog b/ChangeLog
index ad4084955..fe725c799 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,10 @@
6 - markus@cvs.openbsd.org 2001/09/19 13:23:29 6 - markus@cvs.openbsd.org 2001/09/19 13:23:29
7 [key.c] 7 [key.c]
8 key_read() now returns -1 on type mismatch, too 8 key_read() now returns -1 on type mismatch, too
9 - stevesk@cvs.openbsd.org 2001/09/19 19:24:19
10 [readconf.c readconf.h scp.c sftp.c ssh.1]
11 add ClearAllForwardings ssh option and set it in scp and sftp; ok
12 markus@
9 13
1020010918 1420010918
11 - (djm) Configure support for smartcards. Based on Ben's work. 15 - (djm) Configure support for smartcards. Based on Ben's work.
@@ -6513,4 +6517,4 @@
6513 - Wrote replacements for strlcpy and mkdtemp 6517 - Wrote replacements for strlcpy and mkdtemp
6514 - Released 1.0pre1 6518 - Released 1.0pre1
6515 6519
6516$Id: ChangeLog,v 1.1543 2001/09/20 00:55:53 mouring Exp $ 6520$Id: ChangeLog,v 1.1544 2001/09/20 00:57:55 mouring Exp $
diff --git a/readconf.c b/readconf.c
index 6a426ae05..83069d3ad 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
12 */ 12 */
13 13
14#include "includes.h" 14#include "includes.h"
15RCSID("$OpenBSD: readconf.c,v 1.89 2001/09/03 20:58:33 stevesk Exp $"); 15RCSID("$OpenBSD: readconf.c,v 1.90 2001/09/19 19:24:18 stevesk Exp $");
16 16
17#include "ssh.h" 17#include "ssh.h"
18#include "xmalloc.h" 18#include "xmalloc.h"
@@ -114,7 +114,8 @@ typedef enum {
114 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, 114 oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
115 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, 115 oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
116 oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, 116 oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
117 oHostKeyAlgorithms, oBindAddress, oSmartcardDevice 117 oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
118 oClearAllForwardings
118} OpCodes; 119} OpCodes;
119 120
120/* Textual representations of the tokens. */ 121/* Textual representations of the tokens. */
@@ -184,6 +185,7 @@ static struct {
184 { "hostkeyalgorithms", oHostKeyAlgorithms }, 185 { "hostkeyalgorithms", oHostKeyAlgorithms },
185 { "bindaddress", oBindAddress }, 186 { "bindaddress", oBindAddress },
186 { "smartcarddevice", oSmartcardDevice }, 187 { "smartcarddevice", oSmartcardDevice },
188 { "clearallforwardings", oClearAllForwardings },
187 { NULL, 0 } 189 { NULL, 0 }
188}; 190};
189 191
@@ -229,6 +231,19 @@ add_remote_forward(Options *options, u_short port, const char *host,
229 fwd->host_port = host_port; 231 fwd->host_port = host_port;
230} 232}
231 233
234static void
235clear_forwardings(Options *options)
236{
237 int i;
238
239 for (i = 0; i < options->num_local_forwards; i++)
240 xfree(options->local_forwards[i].host);
241 options->num_local_forwards = 0;
242 for (i = 0; i < options->num_remote_forwards; i++)
243 xfree(options->remote_forwards[i].host);
244 options->num_remote_forwards = 0;
245}
246
232/* 247/*
233 * Returns the number of the token pointed to by cp or oBadOption. 248 * Returns the number of the token pointed to by cp or oBadOption.
234 */ 249 */
@@ -621,6 +636,10 @@ parse_int:
621 add_local_forward(options, fwd_port, "socks4", 0); 636 add_local_forward(options, fwd_port, "socks4", 0);
622 break; 637 break;
623 638
639 case oClearAllForwardings:
640 intptr = &options->clear_forwardings;
641 goto parse_flag;
642
624 case oHost: 643 case oHost:
625 *activep = 0; 644 *activep = 0;
626 while ((arg = strdelim(&s)) != NULL && *arg != '\0') 645 while ((arg = strdelim(&s)) != NULL && *arg != '\0')
@@ -769,6 +788,7 @@ initialize_options(Options * options)
769 options->user_hostfile2 = NULL; 788 options->user_hostfile2 = NULL;
770 options->num_local_forwards = 0; 789 options->num_local_forwards = 0;
771 options->num_remote_forwards = 0; 790 options->num_remote_forwards = 0;
791 options->clear_forwardings = -1;
772 options->log_level = (LogLevel) - 1; 792 options->log_level = (LogLevel) - 1;
773 options->preferred_authentications = NULL; 793 options->preferred_authentications = NULL;
774 options->bind_address = NULL; 794 options->bind_address = NULL;
@@ -889,6 +909,8 @@ fill_default_options(Options * options)
889 options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2; 909 options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
890 if (options->log_level == (LogLevel) - 1) 910 if (options->log_level == (LogLevel) - 1)
891 options->log_level = SYSLOG_LEVEL_INFO; 911 options->log_level = SYSLOG_LEVEL_INFO;
912 if (options->clear_forwardings == 1)
913 clear_forwardings(options);
892 /* options->proxy_command should not be set by default */ 914 /* options->proxy_command should not be set by default */
893 /* options->user will be set in the main program if appropriate */ 915 /* options->user will be set in the main program if appropriate */
894 /* options->hostname will be set in the main program if appropriate */ 916 /* options->hostname will be set in the main program if appropriate */
diff --git a/readconf.h b/readconf.h
index faeef1dbf..bde9eaa1c 100644
--- a/readconf.h
+++ b/readconf.h
@@ -11,7 +11,7 @@
11 * called by a name other than "ssh" or "Secure Shell". 11 * called by a name other than "ssh" or "Secure Shell".
12 */ 12 */
13 13
14/* RCSID("$OpenBSD: readconf.h,v 1.38 2001/09/03 20:58:33 stevesk Exp $"); */ 14/* RCSID("$OpenBSD: readconf.h,v 1.39 2001/09/19 19:24:18 stevesk Exp $"); */
15 15
16#ifndef READCONF_H 16#ifndef READCONF_H
17#define READCONF_H 17#define READCONF_H
@@ -100,6 +100,7 @@ typedef struct {
100 /* Remote TCP/IP forward requests. */ 100 /* Remote TCP/IP forward requests. */
101 int num_remote_forwards; 101 int num_remote_forwards;
102 Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; 102 Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION];
103 int clear_forwardings;
103} Options; 104} Options;
104 105
105 106
diff --git a/scp.c b/scp.c
index 512dfa67a..e603646b6 100644
--- a/scp.c
+++ b/scp.c
@@ -75,7 +75,7 @@
75 */ 75 */
76 76
77#include "includes.h" 77#include "includes.h"
78RCSID("$OpenBSD: scp.c,v 1.83 2001/09/17 17:57:56 stevesk Exp $"); 78RCSID("$OpenBSD: scp.c,v 1.84 2001/09/19 19:24:19 stevesk Exp $");
79 79
80#include "xmalloc.h" 80#include "xmalloc.h"
81#include "atomicio.h" 81#include "atomicio.h"
@@ -239,6 +239,7 @@ main(argc, argv)
239 addargs(&args, "-x"); 239 addargs(&args, "-x");
240 addargs(&args, "-oForwardAgent no"); 240 addargs(&args, "-oForwardAgent no");
241 addargs(&args, "-oFallBackToRsh no"); 241 addargs(&args, "-oFallBackToRsh no");
242 addargs(&args, "-oClearAllForwardings yes");
242 243
243 fflag = tflag = 0; 244 fflag = tflag = 0;
244 while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q46S:o:F:")) != -1) 245 while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q46S:o:F:")) != -1)
@@ -371,13 +372,17 @@ toremote(targ, argc, argv)
371 for (i = 0; i < argc - 1; i++) { 372 for (i = 0; i < argc - 1; i++) {
372 src = colon(argv[i]); 373 src = colon(argv[i]);
373 if (src) { /* remote to remote */ 374 if (src) { /* remote to remote */
375 static char *ssh_options =
376 "-x -o'FallBackToRsh no' "
377 "-o'ClearAllForwardings yes'";
374 *src++ = 0; 378 *src++ = 0;
375 if (*src == 0) 379 if (*src == 0)
376 src = "."; 380 src = ".";
377 host = strchr(argv[i], '@'); 381 host = strchr(argv[i], '@');
378 len = strlen(ssh_program) + strlen(argv[i]) + 382 len = strlen(ssh_program) + strlen(argv[i]) +
379 strlen(src) + (tuser ? strlen(tuser) : 0) + 383 strlen(src) + (tuser ? strlen(tuser) : 0) +
380 strlen(thost) + strlen(targ) + CMDNEEDS + 32; 384 strlen(thost) + strlen(targ) +
385 strlen(ssh_options) + CMDNEEDS + 20;
381 bp = xmalloc(len); 386 bp = xmalloc(len);
382 if (host) { 387 if (host) {
383 *host++ = 0; 388 *host++ = 0;
@@ -388,19 +393,19 @@ toremote(targ, argc, argv)
388 else if (!okname(suser)) 393 else if (!okname(suser))
389 continue; 394 continue;
390 snprintf(bp, len, 395 snprintf(bp, len,
391 "%s%s -x -o'FallBackToRsh no' -n " 396 "%s%s %s -n "
392 "-l %s %s %s %s '%s%s%s:%s'", 397 "-l %s %s %s %s '%s%s%s:%s'",
393 ssh_program, verbose_mode ? " -v" : "", 398 ssh_program, verbose_mode ? " -v" : "",
394 suser, host, cmd, src, 399 ssh_options, suser, host, cmd, src,
395 tuser ? tuser : "", tuser ? "@" : "", 400 tuser ? tuser : "", tuser ? "@" : "",
396 thost, targ); 401 thost, targ);
397 } else { 402 } else {
398 host = cleanhostname(argv[i]); 403 host = cleanhostname(argv[i]);
399 snprintf(bp, len, 404 snprintf(bp, len,
400 "exec %s%s -x -o'FallBackToRsh no' -n %s " 405 "exec %s%s %s -n %s "
401 "%s %s '%s%s%s:%s'", 406 "%s %s '%s%s%s:%s'",
402 ssh_program, verbose_mode ? " -v" : "", 407 ssh_program, verbose_mode ? " -v" : "",
403 host, cmd, src, 408 ssh_options, host, cmd, src,
404 tuser ? tuser : "", tuser ? "@" : "", 409 tuser ? tuser : "", tuser ? "@" : "",
405 thost, targ); 410 thost, targ);
406 } 411 }
diff --git a/sftp.c b/sftp.c
index 519ee6969..06110f9af 100644
--- a/sftp.c
+++ b/sftp.c
@@ -24,7 +24,7 @@
24 24
25#include "includes.h" 25#include "includes.h"
26 26
27RCSID("$OpenBSD: sftp.c,v 1.20 2001/09/17 20:38:09 stevesk Exp $"); 27RCSID("$OpenBSD: sftp.c,v 1.21 2001/09/19 19:24:19 stevesk Exp $");
28 28
29/* XXX: commandline mode */ 29/* XXX: commandline mode */
30/* XXX: short-form remote directory listings (like 'ls -C') */ 30/* XXX: short-form remote directory listings (like 'ls -C') */
@@ -118,6 +118,7 @@ main(int argc, char **argv)
118 addargs(&args, "-oFallBackToRsh no"); 118 addargs(&args, "-oFallBackToRsh no");
119 addargs(&args, "-oForwardX11 no"); 119 addargs(&args, "-oForwardX11 no");
120 addargs(&args, "-oForwardAgent no"); 120 addargs(&args, "-oForwardAgent no");
121 addargs(&args, "-oClearAllForwardings yes");
121 ll = SYSLOG_LEVEL_INFO; 122 ll = SYSLOG_LEVEL_INFO;
122 infile = stdin; /* Read from STDIN unless changed by -b */ 123 infile = stdin; /* Read from STDIN unless changed by -b */
123 124
diff --git a/ssh.1 b/ssh.1
index c7a19e3b4..e3dc75069 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 34.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
36.\" 36.\"
37.\" $OpenBSD: ssh.1,v 1.137 2001/09/05 06:23:07 deraadt Exp $ 37.\" $OpenBSD: ssh.1,v 1.138 2001/09/19 19:24:19 stevesk Exp $
38.Dd September 25, 1999 38.Dd September 25, 1999
39.Dt SSH 1 39.Dt SSH 1
40.Os 40.Os
@@ -767,6 +767,22 @@ The default is
767 ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, 767 ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
768 aes192-cbc,aes256-cbc'' 768 aes192-cbc,aes256-cbc''
769.Ed 769.Ed
770.It Cm ClearAllForwardings
771Specifies that all local, remote and dynamic port forwardings
772specified in the configuration files or on the command line be
773cleared. This option is primarily useful when used from the
774.Nm
775command line to clear port forwardings set in
776configuration files, and is automatically set by
777.Xr scp 1
778and
779.Xr sftp 1 .
780The argument must be
781.Dq yes
782or
783.Dq no .
784The default is
785.Dq no .
770.It Cm Compression 786.It Cm Compression
771Specifies whether to use compression. 787Specifies whether to use compression.
772The argument must be 788The argument must be
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-18 20:00:14 +0000