Mercurial > dropbear
diff svr-authpubkeyoptions.c @ 1732:2f5d797d9811
Don't choke on disabled authorized_keys(5) options
As of 2020.79 X11 forwarding is disabled at build time, which could lock
out users with authorized_keys(5) files containing ‘no-X11-forwarding’
options.
| author | Guilhem Moulin <guilhem@debian.org> |
|---|---|
| date | Fri, 26 Jun 2020 20:56:03 +0800 |
| parents | 6a6a0bac52f4 |
| children | 587c76726b5f |
line wrap: on
line diff
--- a/svr-authpubkeyoptions.c Fri Jun 26 20:55:56 2020 +0800 +++ b/svr-authpubkeyoptions.c Fri Jun 26 20:56:03 2020 +0800 @@ -147,20 +147,20 @@ ses.authstate.pubkey_options->no_port_forwarding_flag = 1; goto next_option; } + if (match_option(options_buf, "no-agent-forwarding") == DROPBEAR_SUCCESS) { #if DROPBEAR_SVR_AGENTFWD - if (match_option(options_buf, "no-agent-forwarding") == DROPBEAR_SUCCESS) { dropbear_log(LOG_WARNING, "Agent forwarding disabled."); ses.authstate.pubkey_options->no_agent_forwarding_flag = 1; +#endif goto next_option; } -#endif + if (match_option(options_buf, "no-X11-forwarding") == DROPBEAR_SUCCESS) { #if DROPBEAR_X11FWD - if (match_option(options_buf, "no-X11-forwarding") == DROPBEAR_SUCCESS) { dropbear_log(LOG_WARNING, "X11 forwarding disabled."); ses.authstate.pubkey_options->no_x11_forwarding_flag = 1; +#endif goto next_option; } -#endif if (match_option(options_buf, "no-pty") == DROPBEAR_SUCCESS) { dropbear_log(LOG_WARNING, "Pty allocation disabled."); ses.authstate.pubkey_options->no_pty_flag = 1;