Attachment #1094 for bug #1172

Lines 28-33 int no_port_forwarding_flag = 0; Link Here

(-)auth-options.c.orig (+9 lines)
28	int no_agent_forwarding_flag = 0;	28	int no_agent_forwarding_flag = 0;
29	int no_x11_forwarding_flag = 0;	29	int no_x11_forwarding_flag = 0;
30	int no_pty_flag = 0;	30	int no_pty_flag = 0;
		31	int scp_only_flag = 0;
31		32
32	/* "command=" option. */	33	/* "command=" option. */
33	char *forced_command = NULL;	34	char *forced_command = NULL;
Lines 47-52 auth_clear_options(void) Link Here
47	no_port_forwarding_flag = 0;	48	no_port_forwarding_flag = 0;
48	no_pty_flag = 0;	49	no_pty_flag = 0;
49	no_x11_forwarding_flag = 0;	50	no_x11_forwarding_flag = 0;
		51	scp_only_flag = 0;
50	while (custom_environment) {	52	while (custom_environment) {
51	struct envstring *ce = custom_environment;	53	struct envstring *ce = custom_environment;
52	custom_environment = ce->next;	54	custom_environment = ce->next;
Lines 79-84 auth_parse_options(struct passwd *pw, ch Link Here
79	return 1;	81	return 1;
80		82
81	while (opts && opts != ' ' && *opts != '\t') {	83	while (opts && opts != ' ' && *opts != '\t') {
		84	cp = "scp-only";
		85	if (strncasecmp(opts, cp, strlen(cp)) == 0) {
		86	auth_debug_add("scp-only is enabled.");
		87	scp_only_flag = 1;
		88	opts += strlen(cp);
		89	goto next_option;
		90	}
82	cp = "no-port-forwarding";	91	cp = "no-port-forwarding";
83	if (strncasecmp(opts, cp, strlen(cp)) == 0) {	92	if (strncasecmp(opts, cp, strlen(cp)) == 0) {
84	auth_debug_add("Port forwarding disabled.");	93	auth_debug_add("Port forwarding disabled.");

Lines 26-31 extern int no_port_forwarding_flag; Link Here

(-)auth-options.h.orig (+1 lines)
26	extern int no_agent_forwarding_flag;	26	extern int no_agent_forwarding_flag;
27	extern int no_x11_forwarding_flag;	27	extern int no_x11_forwarding_flag;
28	extern int no_pty_flag;	28	extern int no_pty_flag;
		29	extern int scp_only_flag;
29	extern char *forced_command;	30	extern char *forced_command;
30	extern struct envstring *custom_environment;	31	extern struct envstring *custom_environment;
31	extern int forced_tun_device;	32	extern int forced_tun_device;




		command = forced_command;
		debug("Forced command '%.900s'", command);
	}
	/*  Restrict to scp only access?  */
	if (scp_only_flag) {
		if (!command) {
			fatal("scp-only but attempting shell access");
		} else if (strncmp(command,"scp ",4) == 0) {
			/* check for funny business  */
			const char *p;
			for (p = command; *p && *p != ';'; p++) ;
			if (*p == ';') {
				fatal("scp-only command contains ';': %.900s",command);
			}
		} else {
			fatal("scp-only but attempting command: %.900s",command);
		}
	}

#ifdef SSH_AUDIT_EVENTS
	if (command != NULL)

Return to bug 1172

Lines 656-661 do_exec(Session s, const char command) Link Here

(-)session.c.orig (+15 lines)
656	command = forced_command;	656	command = forced_command;
657	debug("Forced command '%.900s'", command);	657	debug("Forced command '%.900s'", command);
658	}	658	}
		659	/* Restrict to scp only access? */
		660	if (scp_only_flag) {
		661	if (!command) {
		662	fatal("scp-only but attempting shell access");
		663	} else if (strncmp(command,"scp ",4) == 0) {
		664	/* check for funny business */
		665	const char *p;
		666	for (p = command; p && p != ';'; p++) ;
		667	if (*p == ';') {
		668	fatal("scp-only command contains ';': %.900s",command);
		669	}
		670	} else {
		671	fatal("scp-only but attempting command: %.900s",command);
		672	}
		673	}
659		674
660	#ifdef SSH_AUDIT_EVENTS	675	#ifdef SSH_AUDIT_EVENTS
661	if (command != NULL)	676	if (command != NULL)