Patch to allow gatewaying of remote forwarded ports
Lincoln Stein
lstein at cshl.org
Mon Dec 10 03:51:21 EST 2001
Enclosed is a revised patch which respects the server policy with respect to
GatewayPorts.
Lincoln
On Sunday 09 December 2001 08:42, Markus Friedl wrote:
> On Sat, Dec 08, 2001 at 12:03:45AM -0500, Lincoln Stein wrote:
> > Enclosed is a patch against the "portable" OpenSSH version 3.02p1. It
> > enables the -g switch when applied to -R (remote) forwardings. This
> > allows remote hosts to connect to forwarded ports on the sshd host.
>
> + gateway_ports = (strncmp(listen_address,"0.0.0.0",7) == 0) ||
> options.gateway_ports;
>
> this would violate the policy of the server.
>
> if the sshd_config says: gatewayports==no, then the
> socket should be bound to 127.0.0.1 only, regardless
> of what the client wants.
>
> gateway_ports = options.gateway_ports &&
> (strncmp(listen_address,"0.0.0.0",7) == 0);
>
> would be correct.
--
========================================================================
Lincoln D. Stein Cold Spring Harbor Laboratory
lstein at cshl.org Cold Spring Harbor, NY
NOW HIRING BIOINFORMATICS POSTDOCTORAL FELLOWS AND PROGRAMMERS.
PLEASE WRITE FOR DETAILS.
========================================================================
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openssh-3.0.2p1-gateway.patch
Type: text/x-c
Size: 2920 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20011209/bc997da5/attachment.bin
More information about the openssh-unix-dev
mailing list