diff options
| author |   stevesk <stevesk@openbsd.org> | 2001-09-19 19:24:18 +0000 |
|---|---|---|
| committer | stevesk <stevesk@openbsd.org> | 2001-09-19 19:24:18 +0000 |
| commit | 6bf4afae88e619324d30d598a300b5e2df782aad (patch) | |
| tree | e4989bfb4af5e1a731027778a69859d3797c5a50 | |
| parent | Add $OpenBSD$. (diff) | |
| download | wireguard-openbsd-6bf4afae88e619324d30d598a300b5e2df782aad.tar.xz wireguard-openbsd-6bf4afae88e619324d30d598a300b5e2df782aad.zip | |
add ClearAllForwardings ssh option and set it in scp and sftp; ok markus@
| -rw-r--r-- | usr.bin/ssh/readconf.c | 26 | ||||
| -rw-r--r-- | usr.bin/ssh/readconf.h | 3 | ||||
| -rw-r--r-- | usr.bin/ssh/scp.c | 17 | ||||
| -rw-r--r-- | usr.bin/ssh/sftp.c | 3 | ||||
| -rw-r--r-- | usr.bin/ssh/ssh.1 | 18 |
5 files changed, 56 insertions, 11 deletions
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index a7816d677d7..e72d8dbec7e 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -12,7 +12,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: readconf.c,v 1.89 2001/09/03 20:58:33 stevesk Exp $"); +RCSID("$OpenBSD: readconf.c,v 1.90 2001/09/19 19:24:18 stevesk Exp $"); #include "ssh.h" #include "xmalloc.h" @@ -114,7 +114,8 @@ typedef enum { oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, - oHostKeyAlgorithms, oBindAddress, oSmartcardDevice + oHostKeyAlgorithms, oBindAddress, oSmartcardDevice, + oClearAllForwardings } OpCodes; /* Textual representations of the tokens. */ @@ -184,6 +185,7 @@ static struct { { "hostkeyalgorithms", oHostKeyAlgorithms }, { "bindaddress", oBindAddress }, { "smartcarddevice", oSmartcardDevice }, + { "clearallforwardings", oClearAllForwardings }, { NULL, 0 } }; @@ -227,6 +229,19 @@ add_remote_forward(Options *options, u_short port, const char *host, fwd->host_port = host_port; } +static void +clear_forwardings(Options *options) +{ + int i; + + for (i = 0; i < options->num_local_forwards; i++) + xfree(options->local_forwards[i].host); + options->num_local_forwards = 0; + for (i = 0; i < options->num_remote_forwards; i++) + xfree(options->remote_forwards[i].host); + options->num_remote_forwards = 0; +} + /* * Returns the number of the token pointed to by cp or oBadOption. */ @@ -619,6 +634,10 @@ parse_int: add_local_forward(options, fwd_port, "socks4", 0); break; + case oClearAllForwardings: + intptr = &options->clear_forwardings; + goto parse_flag; + case oHost: *activep = 0; while ((arg = strdelim(&s)) != NULL && *arg != '\0') @@ -767,6 +786,7 @@ initialize_options(Options * options) options->user_hostfile2 = NULL; options->num_local_forwards = 0; options->num_remote_forwards = 0; + options->clear_forwardings = -1; options->log_level = (LogLevel) - 1; options->preferred_authentications = NULL; options->bind_address = NULL; @@ -887,6 +907,8 @@ fill_default_options(Options * options) options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2; if (options->log_level == (LogLevel) - 1) options->log_level = SYSLOG_LEVEL_INFO; + if (options->clear_forwardings == 1) + clear_forwardings(options); /* options->proxy_command should not be set by default */ /* options->user will be set in the main program if appropriate */ /* options->hostname will be set in the main program if appropriate */ diff --git a/usr.bin/ssh/readconf.h b/usr.bin/ssh/readconf.h index faeef1dbfba..bde9eaa1cfb 100644 --- a/usr.bin/ssh/readconf.h +++ b/usr.bin/ssh/readconf.h @@ -11,7 +11,7 @@ * called by a name other than "ssh" or "Secure Shell". */ -/* RCSID("$OpenBSD: readconf.h,v 1.38 2001/09/03 20:58:33 stevesk Exp $"); */ +/* RCSID("$OpenBSD: readconf.h,v 1.39 2001/09/19 19:24:18 stevesk Exp $"); */ #ifndef READCONF_H #define READCONF_H @@ -100,6 +100,7 @@ typedef struct { /* Remote TCP/IP forward requests. */ int num_remote_forwards; Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION]; + int clear_forwardings; } Options; diff --git a/usr.bin/ssh/scp.c b/usr.bin/ssh/scp.c index 2b5e5732c41..ec76c4de3c4 100644 --- a/usr.bin/ssh/scp.c +++ b/usr.bin/ssh/scp.c @@ -75,7 +75,7 @@ */ #include "includes.h" -RCSID("$OpenBSD: scp.c,v 1.83 2001/09/17 17:57:56 stevesk Exp $"); +RCSID("$OpenBSD: scp.c,v 1.84 2001/09/19 19:24:19 stevesk Exp $"); #include "xmalloc.h" #include "atomicio.h" @@ -223,6 +223,7 @@ main(argc, argv) addargs(&args, "-x"); addargs(&args, "-oForwardAgent no"); addargs(&args, "-oFallBackToRsh no"); + addargs(&args, "-oClearAllForwardings yes"); fflag = tflag = 0; while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q46S:o:F:")) != -1) @@ -352,13 +353,17 @@ toremote(targ, argc, argv) for (i = 0; i < argc - 1; i++) { src = colon(argv[i]); if (src) { /* remote to remote */ + static char *ssh_options = + "-x -o'FallBackToRsh no' " + "-o'ClearAllForwardings yes'"; *src++ = 0; if (*src == 0) src = "."; host = strchr(argv[i], '@'); len = strlen(ssh_program) + strlen(argv[i]) + strlen(src) + (tuser ? strlen(tuser) : 0) + - strlen(thost) + strlen(targ) + CMDNEEDS + 32; + strlen(thost) + strlen(targ) + + strlen(ssh_options) + CMDNEEDS + 20; bp = xmalloc(len); if (host) { *host++ = 0; @@ -369,19 +374,19 @@ toremote(targ, argc, argv) else if (!okname(suser)) continue; snprintf(bp, len, - "%s%s -x -o'FallBackToRsh no' -n " + "%s%s %s -n " "-l %s %s %s %s '%s%s%s:%s'", ssh_program, verbose_mode ? " -v" : "", - suser, host, cmd, src, + ssh_options, suser, host, cmd, src, tuser ? tuser : "", tuser ? "@" : "", thost, targ); } else { host = cleanhostname(argv[i]); snprintf(bp, len, - "exec %s%s -x -o'FallBackToRsh no' -n %s " + "exec %s%s %s -n %s " "%s %s '%s%s%s:%s'", ssh_program, verbose_mode ? " -v" : "", - host, cmd, src, + ssh_options, host, cmd, src, tuser ? tuser : "", tuser ? "@" : "", thost, targ); } diff --git a/usr.bin/ssh/sftp.c b/usr.bin/ssh/sftp.c index c60d9134445..3724380e1cd 100644 --- a/usr.bin/ssh/sftp.c +++ b/usr.bin/ssh/sftp.c @@ -24,7 +24,7 @@ #include "includes.h" -RCSID("$OpenBSD: sftp.c,v 1.20 2001/09/17 20:38:09 stevesk Exp $"); +RCSID("$OpenBSD: sftp.c,v 1.21 2001/09/19 19:24:19 stevesk Exp $"); /* XXX: commandline mode */ /* XXX: short-form remote directory listings (like 'ls -C') */ @@ -111,6 +111,7 @@ main(int argc, char **argv) addargs(&args, "-oFallBackToRsh no"); addargs(&args, "-oForwardX11 no"); addargs(&args, "-oForwardAgent no"); + addargs(&args, "-oClearAllForwardings yes"); ll = SYSLOG_LEVEL_INFO; infile = stdin; /* Read from STDIN unless changed by -b */ diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1 index c7a19e3b43e..e3dc75069d7 100644 --- a/usr.bin/ssh/ssh.1 +++ b/usr.bin/ssh/ssh.1 @@ -34,7 +34,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh.1,v 1.137 2001/09/05 06:23:07 deraadt Exp $ +.\" $OpenBSD: ssh.1,v 1.138 2001/09/19 19:24:19 stevesk Exp $ .Dd September 25, 1999 .Dt SSH 1 .Os @@ -767,6 +767,22 @@ The default is ``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour, aes192-cbc,aes256-cbc'' .Ed +.It Cm ClearAllForwardings +Specifies that all local, remote and dynamic port forwardings +specified in the configuration files or on the command line be +cleared. This option is primarily useful when used from the +.Nm +command line to clear port forwardings set in +configuration files, and is automatically set by +.Xr scp 1 +and +.Xr sftp 1 . +The argument must be +.Dq yes +or +.Dq no . +The default is +.Dq no . .It Cm Compression Specifies whether to use compression. The argument must be |