Mercurial > dropbear

comparison svr-tcpfwd.c @ 475:52a644e7b8e1 pubkey-options

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
* Patch from Frédéric Moulins adding options to authorized_keys. Needs review.
author Matt Johnston <matt@ucc.asn.au>
date Mon, 08 Sep 2008 15:14:02 +0000
parents b895f91c2ee6
children 69e98c45db7c
comparison
equal deleted inserted replaced
474:f33b0898aaa6 475:52a644e7b8e1
30 #include "session.h" 30 #include "session.h"
31 #include "buffer.h" 31 #include "buffer.h"
32 #include "packet.h" 32 #include "packet.h"
33 #include "listener.h" 33 #include "listener.h"
34 #include "runopts.h" 34 #include "runopts.h"
35 #include "auth.h"
35 36
36 #ifdef ENABLE_SVR_REMOTETCPFWD 37 #ifdef ENABLE_SVR_REMOTETCPFWD
37 38
38 static void send_msg_request_success(); 39 static void send_msg_request_success();
39 static void send_msg_request_failure(); 40 static void send_msg_request_failure();
70 unsigned int wantreply = 0; 71 unsigned int wantreply = 0;
71 int ret = DROPBEAR_FAILURE; 72 int ret = DROPBEAR_FAILURE;
72 73
73 TRACE(("enter recv_msg_global_request_remotetcp")) 74 TRACE(("enter recv_msg_global_request_remotetcp"))
74 75
75 if (svr_opts.noremotetcp) { 76 if (svr_opts.noremotetcp || !svr_pubkey_allows_tcpfwd()) {
76 TRACE(("leave recv_msg_global_request_remotetcp: remote tcp forwarding disabled")) 77 TRACE(("leave recv_msg_global_request_remotetcp: remote tcp forwarding disabled"))
77 goto out; 78 goto out;
78 } 79 }
79 80
80 reqname = buf_getstring(ses.payload, &namelen); 81 reqname = buf_getstring(ses.payload, &namelen);
234 char portstring[NI_MAXSERV]; 235 char portstring[NI_MAXSERV];
235 int sock; 236 int sock;
236 int len; 237 int len;
237 int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED; 238 int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED;
238 239
239 if (svr_opts.nolocaltcp) { 240 if (svr_opts.nolocaltcp || !svr_pubkey_allows_tcpfwd()) {
240 TRACE(("leave newtcpdirect: local tcp forwarding disabled")) 241 TRACE(("leave newtcpdirect: local tcp forwarding disabled"))
241 goto out; 242 goto out;
242 } 243 }
243 244
244 desthost = buf_getstring(ses.payload, &len); 245 desthost = buf_getstring(ses.payload, &len);