[openssh-commits] [openssh] 06/08: upstream: DisableForwarding=yes didn't override PermitTunnel=yes
git+noreply at mindrot.org
git+noreply at mindrot.org
Sun May 31 15:04:09 AEST 2026
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit 8dfe7ed6e2fd988de08df508355a196b956b2753
Author: djm at openbsd.org <djm at openbsd.org>
AuthorDate: Sun May 31 04:47:29 2026 +0000
upstream: DisableForwarding=yes didn't override PermitTunnel=yes
Reported independently by Huzaifa Sidhpurwala of Redhat and Marko
Jevtic; ok markus@
OpenBSD-Commit-ID: b5c13f0746cf079b21f8deba47407fad49ccbf4c
---
serverloop.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/serverloop.c b/serverloop.c
index 8e63480ec..8a6e3db80 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: serverloop.c,v 1.246 2026/03/03 09:57:25 dtucker Exp $ */
+/* $OpenBSD: serverloop.c,v 1.247 2026/05/31 04:47:29 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo at cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo at cs.hut.fi>, Espoo, Finland
@@ -523,7 +523,7 @@ server_request_tun(struct ssh *ssh)
ssh_packet_send_debug(ssh, "Unsupported tunnel device mode.");
return NULL;
}
- if ((options.permit_tun & mode) == 0) {
+ if ((options.permit_tun & mode) == 0 || options.disable_forwarding) {
ssh_packet_send_debug(ssh, "Server has rejected tunnel device "
"forwarding");
return NULL;
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list