Mercurial > dropbear
diff svr-authpubkeyoptions.c @ 1818:587c76726b5f
Add "restrict" authorized_keys option
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Sat, 01 May 2021 20:47:15 +0800 |
parents | 2f5d797d9811 |
children | d39cfedaf015 |
line wrap: on
line diff
--- a/svr-authpubkeyoptions.c Wed Mar 31 23:31:26 2021 +0800 +++ b/svr-authpubkeyoptions.c Sat May 01 20:47:15 2021 +0800 @@ -166,6 +166,18 @@ ses.authstate.pubkey_options->no_pty_flag = 1; goto next_option; } + if (match_option(options_buf, "restrict") == DROPBEAR_SUCCESS) { + dropbear_log(LOG_WARNING, "Restrict option set"); + ses.authstate.pubkey_options->no_port_forwarding_flag = 1; +#if DROPBEAR_SVR_AGENTFWD + ses.authstate.pubkey_options->no_agent_forwarding_flag = 1; +#endif +#if DROPBEAR_X11FWD + ses.authstate.pubkey_options->no_x11_forwarding_flag = 1; +#endif + ses.authstate.pubkey_options->no_pty_flag = 1; + goto next_option; + } if (match_option(options_buf, "command=\"") == DROPBEAR_SUCCESS) { int escaped = 0; const unsigned char* command_start = buf_getptr(options_buf, 0);