openbsd/src
1
0
Fork 0
mirror of https://github.com/openbsd/src.git synced 2026-06-18 07:13:36 +02:00
Code Activity

DisableForwarding=yes didn't override PermitTunnel=yes

Browse Source 
Reported independently by Huzaifa Sidhpurwala of Redhat and Marko
Jevtic; ok markus@
This commit is contained in:
djm
2026-05-31 04:47:29 +00:00
parent 9032e60e13
commit ec76a249f3
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
usr.bin/ssh/serverloop.c
+2 -2
View File
@@ -1,4 +1,4 @@
/* $OpenBSD: serverloop.c,v 1.246 2026/03/03 09:57:25 dtucker Exp $ */
/* $OpenBSD: serverloop.c,v 1.247 2026/05/31 04:47:29 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -516,7 +516,7 @@ server_request_tun(struct ssh *ssh)
ssh_packet_send_debug(ssh, "Unsupported tunnel device mode.");
return NULL;
}
if ((options.permit_tun & mode) == 0) {
if ((options.permit_tun & mode) == 0 || options.disable_forwarding) {
ssh_packet_send_debug(ssh, "Server has rejected tunnel device "
"forwarding");
return NULL;