40 lines
1.3 KiB
Diff
40 lines
1.3 KiB
Diff
From a14795025b80225ca3741073c48783604189b663 Mon Sep 17 00:00:00 2001
|
|
From: root <root@localhost.localdomain>
|
|
Date: Mon, 14 Apr 2025 12:48:57 +0800
|
|
Subject: [PATCH] Fix logic error in DisableForwarding option. This option
|
|
|
|
was documented as disabling X11 and agent forwarding but it failed to do so.
|
|
Spotted by Tim Rice.
|
|
|
|
OpenBSD-Commit-ID: fffc89195968f7eedd2fc57f0b1f1ef3193f5ed1
|
|
---
|
|
session.c | 5 +++--
|
|
1 file changed, 3 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/session.c b/session.c
|
|
index 1b67393..e968c22 100644
|
|
--- a/session.c
|
|
+++ b/session.c
|
|
@@ -2345,7 +2345,8 @@ session_auth_agent_req(struct ssh *ssh, Session *s)
|
|
if ((r = sshpkt_get_end(ssh)) != 0)
|
|
sshpkt_fatal(ssh, r, "%s: parse packet", __func__);
|
|
if (!auth_opts->permit_agent_forwarding_flag ||
|
|
- !options.allow_agent_forwarding) {
|
|
+ !options.allow_agent_forwarding ||
|
|
+ options.disable_forwarding) {
|
|
debug_f("agent forwarding disabled");
|
|
return 0;
|
|
}
|
|
@@ -2761,7 +2762,7 @@ session_setup_x11fwd(struct ssh *ssh, Session *s)
|
|
ssh_packet_send_debug(ssh, "X11 forwarding disabled by key options.");
|
|
return 0;
|
|
}
|
|
- if (!options.x11_forwarding) {
|
|
+ if (!options.x11_forwarding || options.disable_forwarding) {
|
|
debug("X11 forwarding disabled in server configuration file.");
|
|
return 0;
|
|
}
|
|
--
|
|
2.33.0
|
|
|