- markus@cvs.openbsd.org 2001/09/19 13:23:29
[key.c]
key_read() now returns -1 on type mismatch, too
+ - stevesk@cvs.openbsd.org 2001/09/19 19:24:19
+ [readconf.c readconf.h scp.c sftp.c ssh.1]
+ add ClearAllForwardings ssh option and set it in scp and sftp; ok
+ markus@
20010918
- (djm) Configure support for smartcards. Based on Ben's work.
*/
#include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.89 2001/09/03 20:58:33 stevesk Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.90 2001/09/19 19:24:18 stevesk Exp $");
#include "ssh.h"
#include "xmalloc.h"
oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
- oHostKeyAlgorithms, oBindAddress, oSmartcardDevice
+ oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
+ oClearAllForwardings
} OpCodes;
/* Textual representations of the tokens. */
{ "hostkeyalgorithms", oHostKeyAlgorithms },
{ "bindaddress", oBindAddress },
{ "smartcarddevice", oSmartcardDevice },
+ { "clearallforwardings", oClearAllForwardings },
{ NULL, 0 }
};
fwd->host_port = host_port;
}
+static void
+clear_forwardings(Options *options)
+{
+ int i;
+
+ for (i = 0; i < options->num_local_forwards; i++)
+ xfree(options->local_forwards[i].host);
+ options->num_local_forwards = 0;
+ for (i = 0; i < options->num_remote_forwards; i++)
+ xfree(options->remote_forwards[i].host);
+ options->num_remote_forwards = 0;
+}
+
/*
* Returns the number of the token pointed to by cp or oBadOption.
*/
add_local_forward(options, fwd_port, "socks4", 0);
break;
+ case oClearAllForwardings:
+ intptr = &options->clear_forwardings;
+ goto parse_flag;
+
case oHost:
*activep = 0;
while ((arg = strdelim(&s)) != NULL && *arg != '\0')
options->user_hostfile2 = NULL;
options->num_local_forwards = 0;
options->num_remote_forwards = 0;
+ options->clear_forwardings = -1;
options->log_level = (LogLevel) - 1;
options->preferred_authentications = NULL;
options->bind_address = NULL;
options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
if (options->log_level == (LogLevel) - 1)
options->log_level = SYSLOG_LEVEL_INFO;
+ if (options->clear_forwardings == 1)
+ clear_forwardings(options);
/* options->proxy_command should not be set by default */
/* options->user will be set in the main program if appropriate */
/* options->hostname will be set in the main program if appropriate */
* called by a name other than "ssh" or "Secure Shell".
*/
-/* RCSID("$OpenBSD: readconf.h,v 1.38 2001/09/03 20:58:33 stevesk Exp $"); */
+/* RCSID("$OpenBSD: readconf.h,v 1.39 2001/09/19 19:24:18 stevesk Exp $"); */
#ifndef READCONF_H
#define READCONF_H
/* Remote TCP/IP forward requests. */
int num_remote_forwards;
Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION];
+ int clear_forwardings;
} Options;
*/
#include "includes.h"
-RCSID("$OpenBSD: scp.c,v 1.83 2001/09/17 17:57:56 stevesk Exp $");
+RCSID("$OpenBSD: scp.c,v 1.84 2001/09/19 19:24:19 stevesk Exp $");
#include "xmalloc.h"
#include "atomicio.h"
addargs(&args, "-x");
addargs(&args, "-oForwardAgent no");
addargs(&args, "-oFallBackToRsh no");
+ addargs(&args, "-oClearAllForwardings yes");
fflag = tflag = 0;
while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q46S:o:F:")) != -1)
for (i = 0; i < argc - 1; i++) {
src = colon(argv[i]);
if (src) { /* remote to remote */
+ static char *ssh_options =
+ "-x -o'FallBackToRsh no' "
+ "-o'ClearAllForwardings yes'";
*src++ = 0;
if (*src == 0)
src = ".";
host = strchr(argv[i], '@');
len = strlen(ssh_program) + strlen(argv[i]) +
strlen(src) + (tuser ? strlen(tuser) : 0) +
- strlen(thost) + strlen(targ) + CMDNEEDS + 32;
+ strlen(thost) + strlen(targ) +
+ strlen(ssh_options) + CMDNEEDS + 20;
bp = xmalloc(len);
if (host) {
*host++ = 0;
else if (!okname(suser))
continue;
snprintf(bp, len,
- "%s%s -x -o'FallBackToRsh no' -n "
+ "%s%s %s -n "
"-l %s %s %s %s '%s%s%s:%s'",
ssh_program, verbose_mode ? " -v" : "",
- suser, host, cmd, src,
+ ssh_options, suser, host, cmd, src,
tuser ? tuser : "", tuser ? "@" : "",
thost, targ);
} else {
host = cleanhostname(argv[i]);
snprintf(bp, len,
- "exec %s%s -x -o'FallBackToRsh no' -n %s "
+ "exec %s%s %s -n %s "
"%s %s '%s%s%s:%s'",
ssh_program, verbose_mode ? " -v" : "",
- host, cmd, src,
+ ssh_options, host, cmd, src,
tuser ? tuser : "", tuser ? "@" : "",
thost, targ);
}
#include "includes.h"
-RCSID("$OpenBSD: sftp.c,v 1.20 2001/09/17 20:38:09 stevesk Exp $");
+RCSID("$OpenBSD: sftp.c,v 1.21 2001/09/19 19:24:19 stevesk Exp $");
/* XXX: commandline mode */
/* XXX: short-form remote directory listings (like 'ls -C') */
addargs(&args, "-oFallBackToRsh no");
addargs(&args, "-oForwardX11 no");
addargs(&args, "-oForwardAgent no");
+ addargs(&args, "-oClearAllForwardings yes");
ll = SYSLOG_LEVEL_INFO;
infile = stdin; /* Read from STDIN unless changed by -b */
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.137 2001/09/05 06:23:07 deraadt Exp $
+.\" $OpenBSD: ssh.1,v 1.138 2001/09/19 19:24:19 stevesk Exp $
.Dd September 25, 1999
.Dt SSH 1
.Os
``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc''
.Ed
+.It Cm ClearAllForwardings
+Specifies that all local, remote and dynamic port forwardings
+specified in the configuration files or on the command line be
+cleared. This option is primarily useful when used from the
+.Nm
+command line to clear port forwardings set in
+configuration files, and is automatically set by
+.Xr scp 1
+and
+.Xr sftp 1 .
+The argument must be
+.Dq yes
+or
+.Dq no .
+The default is
+.Dq no .
.It Cm Compression
Specifies whether to use compression.
The argument must be