Mercurial > dropbear

comparison svr-authpubkeyoptions.c @ 1732:2f5d797d9811

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Don't choke on disabled authorized_keys(5) options As of 2020.79 X11 forwarding is disabled at build time, which could lock out users with authorized_keys(5) files containing ‘no-X11-forwarding’ options.
author Guilhem Moulin <guilhem@debian.org>
date Fri, 26 Jun 2020 20:56:03 +0800
parents 6a6a0bac52f4
children 587c76726b5f
comparison
equal deleted inserted replaced
1731:cddc90de1b6f 1732:2f5d797d9811
145 if (match_option(options_buf, "no-port-forwarding") == DROPBEAR_SUCCESS) { 145 if (match_option(options_buf, "no-port-forwarding") == DROPBEAR_SUCCESS) {
146 dropbear_log(LOG_WARNING, "Port forwarding disabled."); 146 dropbear_log(LOG_WARNING, "Port forwarding disabled.");
147 ses.authstate.pubkey_options->no_port_forwarding_flag = 1; 147 ses.authstate.pubkey_options->no_port_forwarding_flag = 1;
148 goto next_option; 148 goto next_option;
149 } 149 }
150 if (match_option(options_buf, "no-agent-forwarding") == DROPBEAR_SUCCESS) {
150 #if DROPBEAR_SVR_AGENTFWD 151 #if DROPBEAR_SVR_AGENTFWD
151 if (match_option(options_buf, "no-agent-forwarding") == DROPBEAR_SUCCESS) {
152 dropbear_log(LOG_WARNING, "Agent forwarding disabled."); 152 dropbear_log(LOG_WARNING, "Agent forwarding disabled.");
153 ses.authstate.pubkey_options->no_agent_forwarding_flag = 1; 153 ses.authstate.pubkey_options->no_agent_forwarding_flag = 1;
154 goto next_option; 154 #endif
155 } 155 goto next_option;
156 #endif 156 }
157 if (match_option(options_buf, "no-X11-forwarding") == DROPBEAR_SUCCESS) {
157 #if DROPBEAR_X11FWD 158 #if DROPBEAR_X11FWD
158 if (match_option(options_buf, "no-X11-forwarding") == DROPBEAR_SUCCESS) {
159 dropbear_log(LOG_WARNING, "X11 forwarding disabled."); 159 dropbear_log(LOG_WARNING, "X11 forwarding disabled.");
160 ses.authstate.pubkey_options->no_x11_forwarding_flag = 1; 160 ses.authstate.pubkey_options->no_x11_forwarding_flag = 1;
161 goto next_option; 161 #endif
162 } 162 goto next_option;
163 #endif 163 }
164 if (match_option(options_buf, "no-pty") == DROPBEAR_SUCCESS) { 164 if (match_option(options_buf, "no-pty") == DROPBEAR_SUCCESS) {
165 dropbear_log(LOG_WARNING, "Pty allocation disabled."); 165 dropbear_log(LOG_WARNING, "Pty allocation disabled.");
166 ses.authstate.pubkey_options->no_pty_flag = 1; 166 ses.authstate.pubkey_options->no_pty_flag = 1;
167 goto next_option; 167 goto next_option;
168 } 168 }