[readconf.c readconf.h scp.c sftp.c ssh.1]
add ClearAllForwardings ssh option and set it in scp and sftp; ok
markus@
- markus@cvs.openbsd.org 2001/09/19 13:23:29
[key.c]
key_read() now returns -1 on type mismatch, too
- markus@cvs.openbsd.org 2001/09/19 13:23:29
[key.c]
key_read() now returns -1 on type mismatch, too
+ - stevesk@cvs.openbsd.org 2001/09/19 19:24:19
+ [readconf.c readconf.h scp.c sftp.c ssh.1]
+ add ClearAllForwardings ssh option and set it in scp and sftp; ok
+ markus@
20010918
- (djm) Configure support for smartcards. Based on Ben's work.
20010918
- (djm) Configure support for smartcards. Based on Ben's work.
-RCSID("$OpenBSD: readconf.c,v 1.89 2001/09/03 20:58:33 stevesk Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.90 2001/09/19 19:24:18 stevesk Exp $");
#include "ssh.h"
#include "xmalloc.h"
#include "ssh.h"
#include "xmalloc.h"
oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
- oHostKeyAlgorithms, oBindAddress, oSmartcardDevice
+ oHostKeyAlgorithms, oBindAddress, oSmartcardDevice,
+ oClearAllForwardings
} OpCodes;
/* Textual representations of the tokens. */
} OpCodes;
/* Textual representations of the tokens. */
{ "hostkeyalgorithms", oHostKeyAlgorithms },
{ "bindaddress", oBindAddress },
{ "smartcarddevice", oSmartcardDevice },
{ "hostkeyalgorithms", oHostKeyAlgorithms },
{ "bindaddress", oBindAddress },
{ "smartcarddevice", oSmartcardDevice },
+ { "clearallforwardings", oClearAllForwardings },
fwd->host_port = host_port;
}
fwd->host_port = host_port;
}
+static void
+clear_forwardings(Options *options)
+{
+ int i;
+
+ for (i = 0; i < options->num_local_forwards; i++)
+ xfree(options->local_forwards[i].host);
+ options->num_local_forwards = 0;
+ for (i = 0; i < options->num_remote_forwards; i++)
+ xfree(options->remote_forwards[i].host);
+ options->num_remote_forwards = 0;
+}
+
/*
* Returns the number of the token pointed to by cp or oBadOption.
*/
/*
* Returns the number of the token pointed to by cp or oBadOption.
*/
add_local_forward(options, fwd_port, "socks4", 0);
break;
add_local_forward(options, fwd_port, "socks4", 0);
break;
+ case oClearAllForwardings:
+ intptr = &options->clear_forwardings;
+ goto parse_flag;
+
case oHost:
*activep = 0;
while ((arg = strdelim(&s)) != NULL && *arg != '\0')
case oHost:
*activep = 0;
while ((arg = strdelim(&s)) != NULL && *arg != '\0')
options->user_hostfile2 = NULL;
options->num_local_forwards = 0;
options->num_remote_forwards = 0;
options->user_hostfile2 = NULL;
options->num_local_forwards = 0;
options->num_remote_forwards = 0;
+ options->clear_forwardings = -1;
options->log_level = (LogLevel) - 1;
options->preferred_authentications = NULL;
options->bind_address = NULL;
options->log_level = (LogLevel) - 1;
options->preferred_authentications = NULL;
options->bind_address = NULL;
options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
if (options->log_level == (LogLevel) - 1)
options->log_level = SYSLOG_LEVEL_INFO;
options->user_hostfile2 = _PATH_SSH_USER_HOSTFILE2;
if (options->log_level == (LogLevel) - 1)
options->log_level = SYSLOG_LEVEL_INFO;
+ if (options->clear_forwardings == 1)
+ clear_forwardings(options);
/* options->proxy_command should not be set by default */
/* options->user will be set in the main program if appropriate */
/* options->hostname will be set in the main program if appropriate */
/* options->proxy_command should not be set by default */
/* options->user will be set in the main program if appropriate */
/* options->hostname will be set in the main program if appropriate */
* called by a name other than "ssh" or "Secure Shell".
*/
* called by a name other than "ssh" or "Secure Shell".
*/
-/* RCSID("$OpenBSD: readconf.h,v 1.38 2001/09/03 20:58:33 stevesk Exp $"); */
+/* RCSID("$OpenBSD: readconf.h,v 1.39 2001/09/19 19:24:18 stevesk Exp $"); */
#ifndef READCONF_H
#define READCONF_H
#ifndef READCONF_H
#define READCONF_H
/* Remote TCP/IP forward requests. */
int num_remote_forwards;
Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION];
/* Remote TCP/IP forward requests. */
int num_remote_forwards;
Forward remote_forwards[SSH_MAX_FORWARDS_PER_DIRECTION];
-RCSID("$OpenBSD: scp.c,v 1.83 2001/09/17 17:57:56 stevesk Exp $");
+RCSID("$OpenBSD: scp.c,v 1.84 2001/09/19 19:24:19 stevesk Exp $");
#include "xmalloc.h"
#include "atomicio.h"
#include "xmalloc.h"
#include "atomicio.h"
addargs(&args, "-x");
addargs(&args, "-oForwardAgent no");
addargs(&args, "-oFallBackToRsh no");
addargs(&args, "-x");
addargs(&args, "-oForwardAgent no");
addargs(&args, "-oFallBackToRsh no");
+ addargs(&args, "-oClearAllForwardings yes");
fflag = tflag = 0;
while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q46S:o:F:")) != -1)
fflag = tflag = 0;
while ((ch = getopt(argc, argv, "dfprtvBCc:i:P:q46S:o:F:")) != -1)
for (i = 0; i < argc - 1; i++) {
src = colon(argv[i]);
if (src) { /* remote to remote */
for (i = 0; i < argc - 1; i++) {
src = colon(argv[i]);
if (src) { /* remote to remote */
+ static char *ssh_options =
+ "-x -o'FallBackToRsh no' "
+ "-o'ClearAllForwardings yes'";
*src++ = 0;
if (*src == 0)
src = ".";
host = strchr(argv[i], '@');
len = strlen(ssh_program) + strlen(argv[i]) +
strlen(src) + (tuser ? strlen(tuser) : 0) +
*src++ = 0;
if (*src == 0)
src = ".";
host = strchr(argv[i], '@');
len = strlen(ssh_program) + strlen(argv[i]) +
strlen(src) + (tuser ? strlen(tuser) : 0) +
- strlen(thost) + strlen(targ) + CMDNEEDS + 32;
+ strlen(thost) + strlen(targ) +
+ strlen(ssh_options) + CMDNEEDS + 20;
bp = xmalloc(len);
if (host) {
*host++ = 0;
bp = xmalloc(len);
if (host) {
*host++ = 0;
else if (!okname(suser))
continue;
snprintf(bp, len,
else if (!okname(suser))
continue;
snprintf(bp, len,
- "%s%s -x -o'FallBackToRsh no' -n "
"-l %s %s %s %s '%s%s%s:%s'",
ssh_program, verbose_mode ? " -v" : "",
"-l %s %s %s %s '%s%s%s:%s'",
ssh_program, verbose_mode ? " -v" : "",
+ ssh_options, suser, host, cmd, src,
tuser ? tuser : "", tuser ? "@" : "",
thost, targ);
} else {
host = cleanhostname(argv[i]);
snprintf(bp, len,
tuser ? tuser : "", tuser ? "@" : "",
thost, targ);
} else {
host = cleanhostname(argv[i]);
snprintf(bp, len,
- "exec %s%s -x -o'FallBackToRsh no' -n %s "
"%s %s '%s%s%s:%s'",
ssh_program, verbose_mode ? " -v" : "",
"%s %s '%s%s%s:%s'",
ssh_program, verbose_mode ? " -v" : "",
+ ssh_options, host, cmd, src,
tuser ? tuser : "", tuser ? "@" : "",
thost, targ);
}
tuser ? tuser : "", tuser ? "@" : "",
thost, targ);
}
-RCSID("$OpenBSD: sftp.c,v 1.20 2001/09/17 20:38:09 stevesk Exp $");
+RCSID("$OpenBSD: sftp.c,v 1.21 2001/09/19 19:24:19 stevesk Exp $");
/* XXX: commandline mode */
/* XXX: short-form remote directory listings (like 'ls -C') */
/* XXX: commandline mode */
/* XXX: short-form remote directory listings (like 'ls -C') */
addargs(&args, "-oFallBackToRsh no");
addargs(&args, "-oForwardX11 no");
addargs(&args, "-oForwardAgent no");
addargs(&args, "-oFallBackToRsh no");
addargs(&args, "-oForwardX11 no");
addargs(&args, "-oForwardAgent no");
+ addargs(&args, "-oClearAllForwardings yes");
ll = SYSLOG_LEVEL_INFO;
infile = stdin; /* Read from STDIN unless changed by -b */
ll = SYSLOG_LEVEL_INFO;
infile = stdin; /* Read from STDIN unless changed by -b */
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.137 2001/09/05 06:23:07 deraadt Exp $
+.\" $OpenBSD: ssh.1,v 1.138 2001/09/19 19:24:19 stevesk Exp $
.Dd September 25, 1999
.Dt SSH 1
.Os
.Dd September 25, 1999
.Dt SSH 1
.Os
``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc''
.Ed
``aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,
aes192-cbc,aes256-cbc''
.Ed
+.It Cm ClearAllForwardings
+Specifies that all local, remote and dynamic port forwardings
+specified in the configuration files or on the command line be
+cleared. This option is primarily useful when used from the
+.Nm
+command line to clear port forwardings set in
+configuration files, and is automatically set by
+.Xr scp 1
+and
+.Xr sftp 1 .
+The argument must be
+.Dq yes
+or
+.Dq no .
+The default is
+.Dq no .
.It Cm Compression
Specifies whether to use compression.
The argument must be
.It Cm Compression
Specifies whether to use compression.
The argument must be