diff options
-rw-r--r-- | channels.c | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/channels.c b/channels.c index 07cb4f9a7..674a6a001 100644 --- a/channels.c +++ b/channels.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: channels.c,v 1.390 2019/05/03 04:11:00 dtucker Exp $ */ | 1 | /* $OpenBSD: channels.c,v 1.391 2019/05/10 18:55:17 florian Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -3823,6 +3823,23 @@ channel_setup_remote_fwd_listener(struct ssh *ssh, struct Forward *fwd, | |||
3823 | { | 3823 | { |
3824 | if (!check_rfwd_permission(ssh, fwd)) { | 3824 | if (!check_rfwd_permission(ssh, fwd)) { |
3825 | ssh_packet_send_debug(ssh, "port forwarding refused"); | 3825 | ssh_packet_send_debug(ssh, "port forwarding refused"); |
3826 | if (fwd->listen_path != NULL) | ||
3827 | /* XXX always allowed, see remote_open_match() */ | ||
3828 | logit("Received request from %.100s port %d to " | ||
3829 | "remote forward to path \"%.100s\", " | ||
3830 | "but the request was denied.", | ||
3831 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), | ||
3832 | fwd->listen_path); | ||
3833 | else if(fwd->listen_host != NULL) | ||
3834 | logit("Received request from %.100s port %d to " | ||
3835 | "remote forward to host %.100s port %d, " | ||
3836 | "but the request was denied.", | ||
3837 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), | ||
3838 | fwd->listen_host, fwd->listen_port ); | ||
3839 | else | ||
3840 | logit("Received request from %.100s port %d to remote " | ||
3841 | "forward, but the request was denied.", | ||
3842 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | ||
3826 | return 0; | 3843 | return 0; |
3827 | } | 3844 | } |
3828 | if (fwd->listen_path != NULL) { | 3845 | if (fwd->listen_path != NULL) { |
@@ -4418,8 +4435,9 @@ channel_connect_to_port(struct ssh *ssh, const char *host, u_short port, | |||
4418 | } | 4435 | } |
4419 | 4436 | ||
4420 | if (!permit || !permit_adm) { | 4437 | if (!permit || !permit_adm) { |
4421 | logit("Received request to connect to host %.100s port %d, " | 4438 | logit("Received request from %.100s port %d to connect to " |
4422 | "but the request was denied.", host, port); | 4439 | "host %.100s port %d, but the request was denied.", |
4440 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), host, port); | ||
4423 | if (reason != NULL) | 4441 | if (reason != NULL) |
4424 | *reason = SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED; | 4442 | *reason = SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED; |
4425 | return NULL; | 4443 | return NULL; |