From 50fbe7d8d0522167bb8c2a2b8623eadf51443d68 Mon Sep 17 00:00:00 2001 From: Kevin Steves Date: Mon, 24 Jul 2006 13:58:23 +0000 Subject: disable tunnel forwarding when no strict host key checking and key changed; ok djm@ markus@ dtucker@ --- usr.bin/ssh/sshconnect.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) (limited to 'usr.bin') diff --git a/usr.bin/ssh/sshconnect.c b/usr.bin/ssh/sshconnect.c index ef0ae6b4bc0..6bcf513c050 100644 --- a/usr.bin/ssh/sshconnect.c +++ b/usr.bin/ssh/sshconnect.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect.c,v 1.193 2006/07/22 20:48:23 stevesk Exp $ */ +/* $OpenBSD: sshconnect.c,v 1.194 2006/07/24 13:58:22 stevesk Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -772,7 +772,7 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, Key *host_key, /* * If strict host key checking has not been requested, allow * the connection but without MITM-able authentication or - * agent forwarding. + * forwarding. */ if (options.password_authentication) { error("Password authentication is disabled to avoid " @@ -807,6 +807,11 @@ check_host_key(char *hostname, struct sockaddr *hostaddr, Key *host_key, options.num_local_forwards = options.num_remote_forwards = 0; } + if (options.tun_open != SSH_TUNMODE_NO) { + error("Tunnel forwarding is disabled to avoid " + "man-in-the-middle attacks."); + options.tun_open = SSH_TUNMODE_NO; + } /* * XXX Should permit the user to change to use the new id. * This could be done by converting the host key to an -- cgit v1.2.3