diff --git a/ChangeLog b/ChangeLog index d3077fbda..1d718224c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,10 @@ +20060805 + - (djm) OpenBSD CVS Sync + - stevesk@cvs.openbsd.org 2006/07/24 13:58:22 + [sshconnect.c] + disable tunnel forwarding when no strict host key checking + and key changed; ok djm@ markus@ dtucker@ + 20060804 - (dtucker) [configure.ac] The "crippled AES" test does not work on recent versions of Solaris, so use AC_LINK_IFELSE to actually link the test program @@ -5067,4 +5074,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.4441 2006/08/04 09:44:23 dtucker Exp $ +$Id: ChangeLog,v 1.4442 2006/08/04 23:11:13 djm Exp $ diff --git a/sshconnect.c b/sshconnect.c index 21c5203c6..06844eb71 100644 --- a/sshconnect.c +++ b/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.193 2006/07/22 20:48:23 stevesk Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.194 2006/07/24 13:58:22 stevesk Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -782,7 +782,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, Key *host_key, /* * If strict host key checking has not been requested, allow * the connection but without MITM-able authentication or - * agent forwarding. + * forwarding. */ if (options.password_authentication) { error("Password authentication is disabled to avoid " @@ -817,6 +817,11 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, Key *host_key, options.num_local_forwards = options.num_remote_forwards = 0; } + if (options.tun_open != SSH_TUNMODE_NO) { + error("Tunnel forwarding is disabled to avoid " + "man-in-the-middle attacks."); + options.tun_open = SSH_TUNMODE_NO; + } /* * XXX Should permit the user to change to use the new id. * This could be done by converting the host key to an