From f6d9e2218998559cb67aad55d3f4a0bf53600c41 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sun, 18 Jun 2000 14:50:44 +1000 Subject: - OpenBSD CVS updates: - deraadt@cvs.openbsd.org 2000/06/17 09:58:46 [channels.c] everyone says "nix it" (remove protocol 2 debugging message) - markus@cvs.openbsd.org 2000/06/17 13:24:34 [sshconnect.c] allow extended server banners - markus@cvs.openbsd.org 2000/06/17 14:30:10 [sshconnect.c] missing atomicio, typo - jakob@cvs.openbsd.org 2000/06/17 16:52:34 [servconf.c servconf.h session.c sshd.8 sshd_config] add support for ssh v2 subsystems. ok markus@. - deraadt@cvs.openbsd.org 2000/06/17 18:57:48 [readconf.c servconf.c] include = in WHITESPACE; markus ok - markus@cvs.openbsd.org 2000/06/17 19:09:10 [auth2.c] implement bug compatibility with ssh-2.0.13 pubkey, server side - markus@cvs.openbsd.org 2000/06/17 21:00:28 [compat.c] initial support for ssh.com's 2.2.0 - markus@cvs.openbsd.org 2000/06/17 21:16:09 [scp.c] typo - markus@cvs.openbsd.org 2000/06/17 22:05:02 [auth-rsa.c auth2.c serverloop.c session.c auth-options.c auth-options.h] split auth-rsa option parsing into auth-options add options support to authorized_keys2 - markus@cvs.openbsd.org 2000/06/17 22:42:54 [session.c] typo --- serverloop.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'serverloop.c') diff --git a/serverloop.c b/serverloop.c index b08fcfd92..311a285c3 100644 --- a/serverloop.c +++ b/serverloop.c @@ -23,6 +23,7 @@ #include "ssh2.h" #include "session.h" #include "dispatch.h" +#include "auth-options.h" static Buffer stdin_buffer; /* Buffer for stdin data. */ static Buffer stdout_buffer; /* Buffer for stdout data. */ @@ -719,7 +720,13 @@ input_direct_tcpip(void) debug("open direct-tcpip: from %s port %d to %s port %d", originator, originator_port, target, target_port); + /* XXX check permission */ + if (! no_port_forwarding_flag) { + xfree(target); + xfree(originator); + return -1; + } sock = channel_connect_to(target, target_port); xfree(target); xfree(originator); -- cgit v1.2.3