rcolebaugh / rpms / openssh

Forked from rpms/openssh 2 years ago
Clone
Source Code
GIT

Blame fb87_070_logging_reverse_port_forward.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   ed488dcfdc99e3a7e14b2fa1c580bed901b2437c
  2.   fb87_070_logging_reverse_port_forward.patch
Blob History Raw
d1c05f 
Index: b/channels.c
d1c05f 
===================================================================
d1c05f 
--- b.orig/channels.c
d1c05f 
+++ b/channels.c
d1c05f 
@@ -3774,6 +3774,7 @@ int
d1c05f 
 channel_setup_remote_fwd_listener(struct ssh *ssh, struct Forward *fwd,
d1c05f 
     int *allocated_listen_port, struct ForwardOptions *fwd_opts)
d1c05f 
 {
d1c05f 
+  int success = 0;
d1c05f 
 	if (!check_rfwd_permission(ssh, fwd)) {
d1c05f 
 		ssh_packet_send_debug(ssh, "port forwarding refused");
d1c05f 
 		if (fwd->listen_path != NULL)
d1c05f 
@@ -3795,14 +3796,23 @@ channel_setup_remote_fwd_listener(struct
d1c05f 
 			    ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
d1c05f 
 		return 0;
d1c05f 
 	}
d1c05f 
-	if (fwd->listen_path != NULL) {
d1c05f 
-		return channel_setup_fwd_listener_streamlocal(ssh,
d1c05f 
+  if (fwd->listen_path != NULL) {
d1c05f 
+		success = channel_setup_fwd_listener_streamlocal(ssh,
d1c05f 
 		    SSH_CHANNEL_RUNIX_LISTENER, fwd, fwd_opts);
d1c05f 
 	} else {
d1c05f 
-		return channel_setup_fwd_listener_tcpip(ssh,
d1c05f 
+		success = channel_setup_fwd_listener_tcpip(ssh,
d1c05f 
 		    SSH_CHANNEL_RPORT_LISTENER, fwd, allocated_listen_port,
d1c05f 
 		    fwd_opts);
d1c05f 
 	}
d1c05f 
+  logit("Remote forward request %s: listen=%s:%d connect=%s:%d"
d1c05f 
+         " uid=%d",
d1c05f 
+         success ? "succeeded" : "failed",
d1c05f 
+         fwd->listen_host,
d1c05f 
+         fwd->listen_port,
d1c05f 
+         ssh_remote_ipaddr(ssh),
d1c05f 
+         ssh_remote_port(ssh),
d1c05f 
+         getuid());
d1c05f 
+  return success;
d1c05f 
 }
d1c05f
d1c05f 
 /*
d1c05f 
@@ -4593,7 +4603,7 @@ x11_create_display_inet(struct ssh *ssh,
d1c05f 
 				if ((errno != EINVAL) && (errno != EAFNOSUPPORT)
d1c05f 
 #ifdef EPFNOSUPPORT
d1c05f 
 				    && (errno != EPFNOSUPPORT)
d1c05f 
-#endif
d1c05f 
+#endif
d1c05f 
 				    ) {
d1c05f 
 					error("socket: %.100s", strerror(errno));
d1c05f 
 					freeaddrinfo(aitop);

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation