diff options
Diffstat (limited to 'channels.c')
| -rw-r--r-- | channels.c | 24 |
1 files changed, 21 insertions, 3 deletions
diff --git a/channels.c b/channels.c index 07cb4f9a7..674a6a001 100644 --- a/channels.c +++ b/channels.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: channels.c,v 1.390 2019/05/03 04:11:00 dtucker Exp $ */ | 1 | /* $OpenBSD: channels.c,v 1.391 2019/05/10 18:55:17 florian Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -3823,6 +3823,23 @@ channel_setup_remote_fwd_listener(struct ssh *ssh, struct Forward *fwd, | |||
| 3823 | { | 3823 | { |
| 3824 | if (!check_rfwd_permission(ssh, fwd)) { | 3824 | if (!check_rfwd_permission(ssh, fwd)) { |
| 3825 | ssh_packet_send_debug(ssh, "port forwarding refused"); | 3825 | ssh_packet_send_debug(ssh, "port forwarding refused"); |
| 3826 | if (fwd->listen_path != NULL) | ||
| 3827 | /* XXX always allowed, see remote_open_match() */ | ||
| 3828 | logit("Received request from %.100s port %d to " | ||
| 3829 | "remote forward to path \"%.100s\", " | ||
| 3830 | "but the request was denied.", | ||
| 3831 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), | ||
| 3832 | fwd->listen_path); | ||
| 3833 | else if(fwd->listen_host != NULL) | ||
| 3834 | logit("Received request from %.100s port %d to " | ||
| 3835 | "remote forward to host %.100s port %d, " | ||
| 3836 | "but the request was denied.", | ||
| 3837 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), | ||
| 3838 | fwd->listen_host, fwd->listen_port ); | ||
| 3839 | else | ||
| 3840 | logit("Received request from %.100s port %d to remote " | ||
| 3841 | "forward, but the request was denied.", | ||
| 3842 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh)); | ||
| 3826 | return 0; | 3843 | return 0; |
| 3827 | } | 3844 | } |
| 3828 | if (fwd->listen_path != NULL) { | 3845 | if (fwd->listen_path != NULL) { |
| @@ -4418,8 +4435,9 @@ channel_connect_to_port(struct ssh *ssh, const char *host, u_short port, | |||
| 4418 | } | 4435 | } |
| 4419 | 4436 | ||
| 4420 | if (!permit || !permit_adm) { | 4437 | if (!permit || !permit_adm) { |
| 4421 | logit("Received request to connect to host %.100s port %d, " | 4438 | logit("Received request from %.100s port %d to connect to " |
| 4422 | "but the request was denied.", host, port); | 4439 | "host %.100s port %d, but the request was denied.", |
| 4440 | ssh_remote_ipaddr(ssh), ssh_remote_port(ssh), host, port); | ||
| 4423 | if (reason != NULL) | 4441 | if (reason != NULL) |
| 4424 | *reason = SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED; | 4442 | *reason = SSH2_OPEN_ADMINISTRATIVELY_PROHIBITED; |
| 4425 | return NULL; | 4443 | return NULL; |