version 1.355, 2016/09/30 20:24:46 |
version 1.356, 2016/10/18 17:32:54 |
|
|
} |
} |
|
|
/* |
/* |
* This is called after receiving CHANNEL_FORWARDING_REQUEST. This initates |
|
* listening for the port, and sends back a success reply (or disconnect |
|
* message if there was an error). |
|
*/ |
|
int |
|
channel_input_port_forward_request(int is_root, struct ForwardOptions *fwd_opts) |
|
{ |
|
int success = 0; |
|
struct Forward fwd; |
|
|
|
/* Get arguments from the packet. */ |
|
memset(&fwd, 0, sizeof(fwd)); |
|
fwd.listen_port = packet_get_int(); |
|
fwd.connect_host = packet_get_string(NULL); |
|
fwd.connect_port = packet_get_int(); |
|
|
|
/* |
|
* Check that an unprivileged user is not trying to forward a |
|
* privileged port. |
|
*/ |
|
if (fwd.listen_port < IPPORT_RESERVED && !is_root) |
|
packet_disconnect( |
|
"Requested forwarding of port %d but user is not root.", |
|
fwd.listen_port); |
|
if (fwd.connect_port == 0) |
|
packet_disconnect("Dynamic forwarding denied."); |
|
|
|
/* Initiate forwarding */ |
|
success = channel_setup_local_fwd_listener(&fwd, fwd_opts); |
|
|
|
/* Free the argument string. */ |
|
free(fwd.connect_host); |
|
|
|
return (success ? 0 : -1); |
|
} |
|
|
|
/* |
|
* Permits opening to any host/port if permitted_opens[] is empty. This is |
* Permits opening to any host/port if permitted_opens[] is empty. This is |
* usually called by the server, because the user could connect to any port |
* usually called by the server, because the user could connect to any port |
* anyway, and the server has no way to know but to trust the client anyway. |
* anyway, and the server has no way to know but to trust the client anyway. |