mirror of
https://github.com/PowerShell/openssh-portable.git
synced 2025-04-08 18:35:05 +02:00
Removed "TunnelOptions" option. Its function is now fulfilled by "PermitTunnel"(sshd) and "Tunnel" (ssh): you can append to the type of tunnel a ":" followed by options (e.g. Tunnel=ethernet:my_option)
This commit is contained in:
Giuseppe Guerrini
parent
05d0b01683
commit
ad8b4217d5
@ -1861,7 +1861,7 @@ client_request_tun_fwd(struct ssh *ssh, int tun_mode,
|
||||
debug("Requesting tun unit %d in mode %d", local_tun, tun_mode);
|
||||
|
||||
/* Open local tunnel device */
|
||||
if ((fd = tun_open(local_tun, tun_mode, options.tunnel_options, &ifname)) == -1) {
|
||||
if ((fd = tun_open(local_tun, tun_mode, options.tun_options, &ifname)) == -1) {
|
||||
error("Tunnel device open failed.");
|
||||
return NULL;
|
||||
}
|
||||
|
||||
4
misc.c
4
misc.c
@ -1492,10 +1492,10 @@ percent_dollar_expand(const char *string, ...)
|
||||
}
|
||||
|
||||
int
|
||||
tun_open(int tun, int mode, const char* tunnel_options, char **ifname)
|
||||
tun_open(int tun, int mode, const char* tun_options, char **ifname)
|
||||
{
|
||||
#if defined(CUSTOM_SYS_TUN_OPEN)
|
||||
return (sys_tun_open(tun, mode, tunnel_options, ifname));
|
||||
return (sys_tun_open(tun, mode, tun_options, ifname));
|
||||
#elif defined(SSH_TUN_OPENBSD)
|
||||
struct ifreq ifr;
|
||||
char name[100];
|
||||
|
||||
@ -687,12 +687,12 @@ FAIL:
|
||||
}
|
||||
|
||||
int
|
||||
sys_tun_open(int tun, int mode, const char *tunnel_options, char** ifname)
|
||||
sys_tun_open(int tun, int mode, const char *tun_options, char** ifname)
|
||||
{
|
||||
int tun_fd = -1;
|
||||
const char *prefix = NULL;
|
||||
|
||||
prefix = tunnel_options;
|
||||
prefix = tun_options;
|
||||
|
||||
if (ifname != NULL) {
|
||||
*ifname = NULL;
|
||||
|
||||
20
readconf.c
20
readconf.c
@ -180,7 +180,6 @@ typedef enum {
|
||||
oPubkeyAcceptedAlgorithms, oCASignatureAlgorithms, oProxyJump,
|
||||
oSecurityKeyProvider, oKnownHostsCommand, oRequiredRSASize,
|
||||
oEnableEscapeCommandline, oObscureKeystrokeTiming, oChannelTimeout,
|
||||
oTunnelOptions,
|
||||
oIgnore, oIgnoredUnknownOption, oDeprecated, oUnsupported
|
||||
} OpCodes;
|
||||
|
||||
@ -331,7 +330,6 @@ static struct {
|
||||
{ "enableescapecommandline", oEnableEscapeCommandline },
|
||||
{ "obscurekeystroketiming", oObscureKeystrokeTiming },
|
||||
{ "channeltimeout", oChannelTimeout },
|
||||
{ "tunneloptions", oTunnelOptions },
|
||||
|
||||
{ NULL, oBadOption }
|
||||
};
|
||||
@ -1185,6 +1183,7 @@ parse_time:
|
||||
multistate_ptr = multistate_flag;
|
||||
parse_multistate:
|
||||
arg = argv_next(&ac, &av);
|
||||
parse_multistate_arg:
|
||||
if ((value = parse_multistate_value(arg, filename, linenum,
|
||||
multistate_ptr)) == -1) {
|
||||
error("%s line %d: unsupported option \"%s\".",
|
||||
@ -1949,7 +1948,8 @@ parse_pubkey_algos:
|
||||
case oTunnel:
|
||||
intptr = &options->tun_open;
|
||||
multistate_ptr = multistate_tunnel;
|
||||
goto parse_multistate;
|
||||
arg = argv_next(&ac, &av);
|
||||
goto parse_multistate_arg;
|
||||
|
||||
case oTunnelDevice:
|
||||
arg = argv_next(&ac, &av);
|
||||
@ -2413,13 +2413,6 @@ parse_pubkey_algos:
|
||||
argv_consume(&ac);
|
||||
break;
|
||||
|
||||
case oTunnelOptions:
|
||||
charptr = &options->tunnel_options;
|
||||
arg = argv_next(&ac, &av);
|
||||
if (*activep && *charptr == NULL)
|
||||
*charptr = xstrdup((arg == NULL) ? "" : arg);
|
||||
break;
|
||||
|
||||
default:
|
||||
error("%s line %d: Unimplemented opcode %d",
|
||||
filename, linenum, opcode);
|
||||
@ -2672,7 +2665,7 @@ initialize_options(Options * options)
|
||||
options->required_rsa_size = -1;
|
||||
options->enable_escape_commandline = -1;
|
||||
options->obscure_keystroke_timing_interval = -1;
|
||||
options->tunnel_options = NULL;
|
||||
options->tun_options = NULL;
|
||||
options->tag = NULL;
|
||||
options->channel_timeouts = NULL;
|
||||
options->num_channel_timeouts = 0;
|
||||
@ -2837,6 +2830,8 @@ fill_default_options(Options * options)
|
||||
options->hash_known_hosts = 0;
|
||||
if (options->tun_open == -1)
|
||||
options->tun_open = SSH_TUNMODE_NO;
|
||||
if (options->tun_options == NULL)
|
||||
options->tun_options = xstrdup("");
|
||||
if (options->tun_local == -1)
|
||||
options->tun_local = SSH_TUNID_ANY;
|
||||
if (options->tun_remote == -1)
|
||||
@ -2940,7 +2935,6 @@ fill_default_options(Options * options)
|
||||
CLEAR_ON_NONE(options->pkcs11_provider);
|
||||
CLEAR_ON_NONE(options->sk_provider);
|
||||
CLEAR_ON_NONE(options->known_hosts_command);
|
||||
CLEAR_ON_NONE(options->tunnel_options);
|
||||
CLEAR_ON_NONE_ARRAY(channel_timeouts, num_channel_timeouts, "none");
|
||||
#undef CLEAR_ON_NONE
|
||||
#undef CLEAR_ON_NONE_ARRAY
|
||||
@ -3693,8 +3687,6 @@ dump_client_config(Options *o, const char *host)
|
||||
printf(":%d", o->tun_remote);
|
||||
printf("\n");
|
||||
|
||||
dump_cfg_string(oTunnelOptions, o->tunnel_options);
|
||||
|
||||
|
||||
/* oCanonicalizePermittedCNAMEs */
|
||||
printf("canonicalizePermittedcnames");
|
||||
|
||||
@ -184,7 +184,7 @@ typedef struct {
|
||||
|
||||
char **channel_timeouts; /* inactivity timeout by channel type */
|
||||
u_int num_channel_timeouts;
|
||||
char *tunnel_options;
|
||||
char *tun_options;
|
||||
|
||||
char *ignored_unknown; /* Pattern list of unknown tokens to ignore */
|
||||
} Options;
|
||||
|
||||
29
servconf.c
29
servconf.c
@ -194,7 +194,7 @@ initialize_server_options(ServerOptions *options)
|
||||
options->num_accept_env = 0;
|
||||
options->num_setenv = 0;
|
||||
options->permit_tun = -1;
|
||||
options->tunnel_options = NULL;
|
||||
options->tun_options = NULL;
|
||||
options->permitted_opens = NULL;
|
||||
options->permitted_listens = NULL;
|
||||
options->adm_forced_command = NULL;
|
||||
@ -472,6 +472,8 @@ fill_default_server_options(ServerOptions *options)
|
||||
}
|
||||
if (options->permit_tun == -1)
|
||||
options->permit_tun = SSH_TUNMODE_NO;
|
||||
if (options->tun_options == NULL)
|
||||
options->tun_options = xstrdup("");
|
||||
if (options->ip_qos_interactive == -1)
|
||||
options->ip_qos_interactive = IPTOS_DSCP_AF21;
|
||||
if (options->ip_qos_bulk == -1)
|
||||
@ -531,7 +533,6 @@ fill_default_server_options(ServerOptions *options)
|
||||
CLEAR_ON_NONE(options->chroot_directory);
|
||||
CLEAR_ON_NONE(options->routing_domain);
|
||||
CLEAR_ON_NONE(options->host_key_agent);
|
||||
CLEAR_ON_NONE(options->tunnel_options);
|
||||
CLEAR_ON_NONE(options->per_source_penalty_exempt);
|
||||
|
||||
for (i = 0; i < options->num_host_key_files; i++)
|
||||
@ -570,7 +571,7 @@ typedef enum {
|
||||
sPerSourcePenalties, sPerSourcePenaltyExemptList,
|
||||
sClientAliveInterval, sClientAliveCountMax, sAuthorizedKeysFile,
|
||||
sGssAuthentication, sGssCleanupCreds, sGssStrictAcceptor,
|
||||
sAcceptEnv, sSetEnv, sPermitTunnel, sTunnelOptions,
|
||||
sAcceptEnv, sSetEnv, sPermitTunnel,
|
||||
sMatch, sPermitOpen, sPermitListen, sForceCommand, sChrootDirectory,
|
||||
sUsePrivilegeSeparation, sAllowAgentForwarding,
|
||||
sHostCertificate, sInclude,
|
||||
@ -718,7 +719,6 @@ static struct {
|
||||
{ "acceptenv", sAcceptEnv, SSHCFG_ALL },
|
||||
{ "setenv", sSetEnv, SSHCFG_ALL },
|
||||
{ "permittunnel", sPermitTunnel, SSHCFG_ALL },
|
||||
{ "tunneloptions", sTunnelOptions, SSHCFG_GLOBAL },
|
||||
{ "permittty", sPermitTTY, SSHCFG_ALL },
|
||||
{ "permituserrc", sPermitUserRC, SSHCFG_ALL },
|
||||
{ "match", sMatch, SSHCFG_ALL },
|
||||
@ -2292,9 +2292,17 @@ process_server_config_line_depth(ServerOptions *options, char *line,
|
||||
case sPermitTunnel:
|
||||
intptr = &options->permit_tun;
|
||||
arg = argv_next(&ac, &av);
|
||||
if (!arg || *arg == '\0')
|
||||
if (!arg || *arg == '\0') {
|
||||
fatal("%s line %d: %s missing argument.",
|
||||
filename, linenum, keyword);
|
||||
filename, linenum, keyword);
|
||||
}
|
||||
else {
|
||||
char* opt = strchr(arg, ':');
|
||||
if (opt != NULL) {
|
||||
options->tun_options = xstrdup(opt + 1);
|
||||
*opt = '\0';
|
||||
}
|
||||
}
|
||||
value = -1;
|
||||
for (i = 0; tunmode_desc[i].val != -1; i++)
|
||||
if (strcmp(tunmode_desc[i].text, arg) == 0) {
|
||||
@ -2308,14 +2316,6 @@ process_server_config_line_depth(ServerOptions *options, char *line,
|
||||
*intptr = value;
|
||||
break;
|
||||
|
||||
case sTunnelOptions:
|
||||
charptr = &options->tunnel_options;
|
||||
arg = argv_next(&ac, &av);
|
||||
if (*activep && *charptr == NULL)
|
||||
*charptr = xstrdup((arg == NULL) ? "" : arg);
|
||||
break;
|
||||
|
||||
|
||||
case sInclude:
|
||||
if (cmdline) {
|
||||
fatal("Include directive not supported as a "
|
||||
@ -3436,7 +3436,6 @@ dump_config(ServerOptions *o)
|
||||
}
|
||||
}
|
||||
dump_cfg_string(sPermitTunnel, s);
|
||||
dump_cfg_string(sTunnelOptions, o->tunnel_options);
|
||||
|
||||
printf("ipqos %s ", iptos2str(o->ip_qos_interactive));
|
||||
printf("%s\n", iptos2str(o->ip_qos_bulk));
|
||||
|
||||
@ -214,7 +214,7 @@ typedef struct {
|
||||
|
||||
int permit_tun;
|
||||
|
||||
char* tunnel_options;
|
||||
char* tun_options;
|
||||
|
||||
char **permitted_opens; /* May also be one of PERMITOPEN_* */
|
||||
u_int num_permitted_opens;
|
||||
|
||||
@ -516,7 +516,7 @@ server_request_tun(struct ssh *ssh)
|
||||
goto done;
|
||||
tun = auth_opts->force_tun_device;
|
||||
}
|
||||
sock = tun_open(tun, mode, options.tunnel_options, &ifname);
|
||||
sock = tun_open(tun, mode, options.tun_options, &ifname);
|
||||
if (sock < 0)
|
||||
goto done;
|
||||
debug("Tunnel forwarding using interface %s", ifname);
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user