diff options
Diffstat (limited to 'auth.c')
-rw-r--r-- | auth.c | 15 |
1 files changed, 12 insertions, 3 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: auth.c,v 1.129 2018/06/01 03:33:53 djm Exp $ */ | 1 | /* $OpenBSD: auth.c,v 1.130 2018/06/06 18:23:32 djm Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
4 | * | 4 | * |
@@ -1005,17 +1005,20 @@ auth_log_authopts(const char *loc, const struct sshauthopt *opts, int do_remote) | |||
1005 | int do_env = options.permit_user_env && opts->nenv > 0; | 1005 | int do_env = options.permit_user_env && opts->nenv > 0; |
1006 | int do_permitopen = opts->npermitopen > 0 && | 1006 | int do_permitopen = opts->npermitopen > 0 && |
1007 | (options.allow_tcp_forwarding & FORWARD_LOCAL) != 0; | 1007 | (options.allow_tcp_forwarding & FORWARD_LOCAL) != 0; |
1008 | int do_permitlisten = opts->npermitlisten > 0 && | ||
1009 | (options.allow_tcp_forwarding & FORWARD_REMOTE) != 0; | ||
1008 | size_t i; | 1010 | size_t i; |
1009 | char msg[1024], buf[64]; | 1011 | char msg[1024], buf[64]; |
1010 | 1012 | ||
1011 | snprintf(buf, sizeof(buf), "%d", opts->force_tun_device); | 1013 | snprintf(buf, sizeof(buf), "%d", opts->force_tun_device); |
1012 | /* Try to keep this alphabetically sorted */ | 1014 | /* Try to keep this alphabetically sorted */ |
1013 | snprintf(msg, sizeof(msg), "key options:%s%s%s%s%s%s%s%s%s%s%s%s", | 1015 | snprintf(msg, sizeof(msg), "key options:%s%s%s%s%s%s%s%s%s%s%s%s%s", |
1014 | opts->permit_agent_forwarding_flag ? " agent-forwarding" : "", | 1016 | opts->permit_agent_forwarding_flag ? " agent-forwarding" : "", |
1015 | opts->force_command == NULL ? "" : " command", | 1017 | opts->force_command == NULL ? "" : " command", |
1016 | do_env ? " environment" : "", | 1018 | do_env ? " environment" : "", |
1017 | opts->valid_before == 0 ? "" : "expires", | 1019 | opts->valid_before == 0 ? "" : "expires", |
1018 | do_permitopen ? " permitopen" : "", | 1020 | do_permitopen ? " permitopen" : "", |
1021 | do_permitlisten ? " permitlisten" : "", | ||
1019 | opts->permit_port_forwarding_flag ? " port-forwarding" : "", | 1022 | opts->permit_port_forwarding_flag ? " port-forwarding" : "", |
1020 | opts->cert_principals == NULL ? "" : " principals", | 1023 | opts->cert_principals == NULL ? "" : " principals", |
1021 | opts->permit_pty_flag ? " pty" : "", | 1024 | opts->permit_pty_flag ? " pty" : "", |
@@ -1049,12 +1052,18 @@ auth_log_authopts(const char *loc, const struct sshauthopt *opts, int do_remote) | |||
1049 | } | 1052 | } |
1050 | if (opts->force_command != NULL) | 1053 | if (opts->force_command != NULL) |
1051 | debug("%s: forced command: \"%s\"", loc, opts->force_command); | 1054 | debug("%s: forced command: \"%s\"", loc, opts->force_command); |
1052 | if ((options.allow_tcp_forwarding & FORWARD_LOCAL) != 0) { | 1055 | if (do_permitopen) { |
1053 | for (i = 0; i < opts->npermitopen; i++) { | 1056 | for (i = 0; i < opts->npermitopen; i++) { |
1054 | debug("%s: permitted open: %s", | 1057 | debug("%s: permitted open: %s", |
1055 | loc, opts->permitopen[i]); | 1058 | loc, opts->permitopen[i]); |
1056 | } | 1059 | } |
1057 | } | 1060 | } |
1061 | if (do_permitlisten) { | ||
1062 | for (i = 0; i < opts->npermitlisten; i++) { | ||
1063 | debug("%s: permitted listen: %s", | ||
1064 | loc, opts->permitlisten[i]); | ||
1065 | } | ||
1066 | } | ||
1058 | } | 1067 | } |
1059 | 1068 | ||
1060 | /* Activate a new set of key/cert options; merging with what is there. */ | 1069 | /* Activate a new set of key/cert options; merging with what is there. */ |