1 files changed, 40 insertions, 1 deletions
diff --git a/auth-options.c b/auth-options.c
index a85e40835..ad97e6129 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -10,7 +10,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: auth-options.c,v 1.31 2005/03/10 22:40:38 deraadt Exp $");
+RCSID("$OpenBSD: auth-options.c,v 1.33 2005/12/08 18:34:11 reyk Exp $");
 #include "xmalloc.h"
 #include "match.h"
@@ -35,6 +35,9 @@ char *forced_command = NULL;
 /* "environment=" options. */
 struct envstring *custom_environment = NULL;
+/* "tunnel=" option. */
+int forced_tun_device = -1;
 extern ServerOptions options;
 void
@@ -54,6 +57,7 @@ auth_clear_options(void)
                xfree(forced_command);
                forced_command = NULL;
        }
+        forced_tun_device = -1;
        channel_clear_permitted_opens();
        auth_debug_reset();
 }
@@ -269,6 +273,41 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
                        xfree(patterns);
                        goto next_option;
                }
+                cp = "tunnel=\"";
+                if (strncasecmp(opts, cp, strlen(cp)) == 0) {
+                        char *tun = NULL;
+                        opts += strlen(cp);
+                        tun = xmalloc(strlen(opts) + 1);
+                        i = 0;
+                        while (*opts) {
+                                if (*opts == '"')
+                                        break;
+                                tun[i++] = *opts++;
+                        }
+                        if (!*opts) {
+                                debug("%.100s, line %lu: missing end quote",
+                                    file, linenum);
+                                auth_debug_add("%.100s, line %lu: missing end quote",
+                                    file, linenum);
+                                xfree(tun);
+                                forced_tun_device = -1;
+                                goto bad_option;
+                        }
+                        tun[i] = 0;
+                        forced_tun_device = a2tun(tun, NULL);
+                        xfree(tun);
+                        if (forced_tun_device == SSH_TUNID_ERR) {
+                                debug("%.100s, line %lu: invalid tun device",
+                                    file, linenum);
+                                auth_debug_add("%.100s, line %lu: invalid tun device",
+                                    file, linenum);
+                                forced_tun_device = -1;
+                                goto bad_option;
+                        }
+                        auth_debug_add("Forced tun device: %d", forced_tun_device);
+                        opts++;
+                        goto next_option;
+                }
 next_option:
                /*
                 * Skip the comma, and move to the next option

diff --git a/auth-options.c b/auth-options.c index a85e40835..ad97e6129 100644 --- a/auth-options.c +++ b/auth-options.c
@@ -10,7 +10,7 @@
10	*/	10	*/
11		11
12	#include "includes.h"	12	#include "includes.h"
13	RCSID("$OpenBSD: auth-options.c,v 1.31 2005/03/10 22:40:38 deraadt Exp $");	13	RCSID("$OpenBSD: auth-options.c,v 1.33 2005/12/08 18:34:11 reyk Exp $");
14		14
15	#include "xmalloc.h"	15	#include "xmalloc.h"
16	#include "match.h"	16	#include "match.h"
@@ -35,6 +35,9 @@ char *forced_command = NULL;
35	/* "environment=" options. */	35	/* "environment=" options. */
36	struct envstring *custom_environment = NULL;	36	struct envstring *custom_environment = NULL;
37		37
		38	/* "tunnel=" option. */
		39	int forced_tun_device = -1;
		40
38	extern ServerOptions options;	41	extern ServerOptions options;
39		42
40	void	43	void
@@ -54,6 +57,7 @@ auth_clear_options(void)
54	xfree(forced_command);	57	xfree(forced_command);
55	forced_command = NULL;	58	forced_command = NULL;
56	}	59	}
		60	forced_tun_device = -1;
57	channel_clear_permitted_opens();	61	channel_clear_permitted_opens();
58	auth_debug_reset();	62	auth_debug_reset();
59	}	63	}
@@ -269,6 +273,41 @@ auth_parse_options(struct passwd pw, char opts, char *file, u_long linenum)
269	xfree(patterns);	273	xfree(patterns);
270	goto next_option;	274	goto next_option;
271	}	275	}
		276	cp = "tunnel=\"";
		277	if (strncasecmp(opts, cp, strlen(cp)) == 0) {
		278	char *tun = NULL;
		279	opts += strlen(cp);
		280	tun = xmalloc(strlen(opts) + 1);
		281	i = 0;
		282	while (*opts) {
		283	if (*opts == '"')
		284	break;
		285	tun[i++] = *opts++;
		286	}
		287	if (!*opts) {
		288	debug("%.100s, line %lu: missing end quote",
		289	file, linenum);
		290	auth_debug_add("%.100s, line %lu: missing end quote",
		291	file, linenum);
		292	xfree(tun);
		293	forced_tun_device = -1;
		294	goto bad_option;
		295	}
		296	tun[i] = 0;
		297	forced_tun_device = a2tun(tun, NULL);
		298	xfree(tun);
		299	if (forced_tun_device == SSH_TUNID_ERR) {
		300	debug("%.100s, line %lu: invalid tun device",
		301	file, linenum);
		302	auth_debug_add("%.100s, line %lu: invalid tun device",
		303	file, linenum);
		304	forced_tun_device = -1;
		305	goto bad_option;
		306	}
		307	auth_debug_add("Forced tun device: %d", forced_tun_device);
		308	opts++;
		309	goto next_option;
		310	}
272	next_option:	311	next_option:
273	/*	312	/*
274	* Skip the comma, and move to the next option	313	* Skip the comma, and move to the next option