Bugzilla – Attachment 3356 Details for
Bug 3057
Fork-bomb when misconfiguring a host to ProxyJump onto itself
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Detect simple proxyjump loops
proxyjump-loop.patch (text/plain), 1.00 KB, created by
Darren Tucker
on 2020-02-18 19:53:37 AEDT
(
hide
)
Description:
Detect simple proxyjump loops
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2020-02-18 19:53:37 AEDT
Size:
1.00 KB
patch
obsolete
>Index: ssh.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/ssh.c,v >retrieving revision 1.519 >retrieving revision 1.520 >diff -u -p -r1.519 -r1.520 >--- ssh.c 7 Feb 2020 03:54:44 -0000 1.519 >+++ ssh.c 18 Feb 2020 08:49:49 -0000 1.520 >@@ -1,4 +1,4 @@ >-/* $OpenBSD: ssh.c,v 1.519 2020/02/07 03:54:44 dtucker Exp $ */ >+/* $OpenBSD: ssh.c,v 1.520 2020/02/18 08:49:49 dtucker Exp $ */ > /* > * Author: Tatu Ylonen <ylo@cs.hut.fi> > * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland >@@ -1187,6 +1187,14 @@ main(int ac, char **av) > if (options.jump_host != NULL) { > char port_s[8]; > const char *sshbin = argv0; >+ int port = options.port, jumpport = options.jump_port; >+ >+ if (port <= 0) >+ port = default_ssh_port(); >+ if (jumpport <= 0) >+ jumpport = default_ssh_port(); >+ if (strcmp(options.jump_host, host) == 0 && port == jumpport) >+ fatal("jumphost loop via %s", options.jump_host); > > /* > * Try to use SSH indicated by argv[0], but fall back to
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3356">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 3057
: 3356 |
3436