[BACK]Return to ssh.c CVS log [TXT][DIR] Up to [local] / src / usr.bin / ssh

Diff for /src/usr.bin/ssh/ssh.c between version 1.550 and 1.551

version 1.550, 2021/02/02 22:36:59 version 1.551, 2021/02/15 20:43:15
Line 1854 
Line 1854 
 }  }
   
 static void  static void
   ssh_init_forward_permissions(struct ssh *ssh, const char *what, char **opens,
       u_int num_opens)
   {
           u_int i;
           int port;
           char *addr, *arg, *oarg, ch;
           int where = FORWARD_LOCAL;
   
           channel_clear_permission(ssh, FORWARD_ADM, where);
           if (num_opens == 0)
                   return; /* permit any */
   
           /* handle keywords: "any" / "none" */
           if (num_opens == 1 && strcmp(opens[0], "any") == 0)
                   return;
           if (num_opens == 1 && strcmp(opens[0], "none") == 0) {
                   channel_disable_admin(ssh, where);
                   return;
           }
           /* Otherwise treat it as a list of permitted host:port */
           for (i = 0; i < num_opens; i++) {
                   oarg = arg = xstrdup(opens[i]);
                   ch = '\0';
                   addr = hpdelim2(&arg, &ch);
                   if (addr == NULL || ch == '/')
                           fatal_f("missing host in %s", what);
                   addr = cleanhostname(addr);
                   if (arg == NULL || ((port = permitopen_port(arg)) < 0))
                           fatal_f("bad port number in %s", what);
                   /* Send it to channels layer */
                   channel_add_permission(ssh, FORWARD_ADM,
                       where, addr, port);
                   free(oarg);
           }
   }
   
   static void
 ssh_init_forwarding(struct ssh *ssh, char **ifname)  ssh_init_forwarding(struct ssh *ssh, char **ifname)
 {  {
         int success = 0;          int success = 0;
         int i;          int i;
   
           ssh_init_forward_permissions(ssh, "permitremoteopen",
               options.permitted_remote_opens,
               options.num_permitted_remote_opens);
   
         if (options.exit_on_forward_failure)          if (options.exit_on_forward_failure)
                 forward_confirms_pending = 0; /* track pending requests */                  forward_confirms_pending = 0; /* track pending requests */
Legend:
Removed from v.1.550  
changed lines
  Added in v.1.551