summaryrefslogtreecommitdiff
path: root/session.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2000-10-16 12:14:42 +1100
committerDamien Miller <djm@mindrot.org>2000-10-16 12:14:42 +1100
commit50a41ed079629fdcd9a1d2a781b73170422fc73a (patch)
treedbac99a364edff124412c16f079975a2e89a0389 /session.c
parent5993935f76e66c957f02efaa8fc0c8ff8a3f92c9 (diff)
- (djm) Sync with OpenBSD:
- markus@cvs.openbsd.org 2000/10/14 04:01:15 [cipher.c] debug3 - markus@cvs.openbsd.org 2000/10/14 04:07:23 [scp.c] remove spaces from arguments; from djm@mindrot.org - markus@cvs.openbsd.org 2000/10/14 06:09:46 [ssh.1] Cipher is for SSH-1 only - markus@cvs.openbsd.org 2000/10/14 06:12:09 [servconf.c servconf.h serverloop.c session.c sshd.8] AllowTcpForwarding; from naddy@ - markus@cvs.openbsd.org 2000/10/14 06:16:56 [auth2.c compat.c compat.h sshconnect2.c version.h] OpenSSH_2.3; note that is is not complete, but the version number needs to be changed for interoperability reasons - markus@cvs.openbsd.org 2000/10/14 06:19:45 [auth-rsa.c] do not send RSA challenge if key is not allowed by key-options; from eivind@ThinkSec.com - markus@cvs.openbsd.org 2000/10/15 08:14:01 [rijndael.c session.c] typos; from stevesk@sweden.hp.com - markus@cvs.openbsd.org 2000/10/15 08:18:31 [rijndael.c] typo - Copy manpages back over from OpenBSD - too tedious to wade through diffs
Diffstat (limited to 'session.c')
-rw-r--r--session.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/session.c b/session.c
index 9a213923..4325ed3a 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.38 2000/10/11 20:27:23 markus Exp $");
+RCSID("$OpenBSD: session.c,v 1.40 2000/10/15 14:14:01 markus Exp $");
#include "xmalloc.h"
#include "ssh.h"
@@ -236,7 +236,7 @@ do_authenticated(struct passwd * pw)
* by the client telling us, so we can equally well trust the client
* not to request anything bogus.)
*/
- if (!no_port_forwarding_flag)
+ if (!no_port_forwarding_flag && options.allow_tcp_forwarding)
channel_permit_all_opens();
s = session_new();
@@ -388,6 +388,10 @@ do_authenticated(struct passwd * pw)
debug("Port forwarding not permitted for this authentication.");
break;
}
+ if (!options.allow_tcp_forwarding) {
+ debug("Port forwarding not permitted.");
+ break;
+ }
debug("Received TCP/IP port forwarding request.");
channel_input_port_forward_request(pw->pw_uid == 0, options.gateway_ports);
success = 1;