diff options
| author |   djm <djm@openbsd.org> | 2018-02-23 02:34:33 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2018-02-23 02:34:33 +0000 |
| commit | 264788ca1a40ff999f42253a7372b4d1857ce1fa (patch) | |
| tree | 0e6316c75a148acf2df52a24eebc5277e1d7894a /usr.bin/ssh/readconf.c | |
| parent | try to fix the nvgre words a bit (diff) | |
| download | wireguard-openbsd-264788ca1a40ff999f42253a7372b4d1857ce1fa.tar.xz wireguard-openbsd-264788ca1a40ff999f42253a7372b4d1857ce1fa.zip | |
Add BindInterface ssh_config directive and -B command-line argument
to ssh(1) that directs it to bind its outgoing connection to the
address of the specified network interface.
BindInterface prefers to use addresses that aren't loopback or link-
local, but will fall back to those if no other addresses of the
required family are available on that interface.
Based on patch by Mike Manning in bz#2820, ok dtucker@
Diffstat (limited to 'usr.bin/ssh/readconf.c')
| -rw-r--r-- | usr.bin/ssh/readconf.c | 11 |
1 files changed, 9 insertions, 2 deletions
diff --git a/usr.bin/ssh/readconf.c b/usr.bin/ssh/readconf.c index 59f0032c523..db4632dba9e 100644 --- a/usr.bin/ssh/readconf.c +++ b/usr.bin/ssh/readconf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: readconf.c,v 1.281 2017/12/05 23:59:47 dtucker Exp $ */ +/* $OpenBSD: readconf.c,v 1.282 2018/02/23 02:34:33 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -141,7 +141,7 @@ typedef enum { oPubkeyAuthentication, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, - oHostKeyAlgorithms, oBindAddress, oPKCS11Provider, + oHostKeyAlgorithms, oBindAddress, oBindInterface, oPKCS11Provider, oClearAllForwardings, oNoHostAuthenticationForLocalhost, oEnableSSHKeysign, oRekeyLimit, oVerifyHostKeyDNS, oConnectTimeout, oAddressFamily, oGssAuthentication, oGssDelegateCreds, @@ -251,6 +251,7 @@ static struct { { "preferredauthentications", oPreferredAuthentications }, { "hostkeyalgorithms", oHostKeyAlgorithms }, { "bindaddress", oBindAddress }, + { "bindinterface", oBindInterface }, { "clearallforwardings", oClearAllForwardings }, { "enablesshkeysign", oEnableSSHKeysign }, { "verifyhostkeydns", oVerifyHostKeyDNS }, @@ -1084,6 +1085,10 @@ parse_char_array: charptr = &options->bind_address; goto parse_string; + case oBindInterface: + charptr = &options->bind_interface; + goto parse_string; + case oPKCS11Provider: charptr = &options->pkcs11_provider; goto parse_string; @@ -1785,6 +1790,7 @@ initialize_options(Options * options) options->log_level = SYSLOG_LEVEL_NOT_SET; options->preferred_authentications = NULL; options->bind_address = NULL; + options->bind_interface = NULL; options->pkcs11_provider = NULL; options->enable_ssh_keysign = - 1; options->no_host_authentication_for_localhost = - 1; @@ -2492,6 +2498,7 @@ dump_client_config(Options *o, const char *host) /* String options */ dump_cfg_string(oBindAddress, o->bind_address); + dump_cfg_string(oBindInterface, o->bind_interface); dump_cfg_string(oCiphers, o->ciphers ? o->ciphers : KEX_CLIENT_ENCRYPT); dump_cfg_string(oControlPath, o->control_path); dump_cfg_string(oHostKeyAlgorithms, o->hostkeyalgorithms); |