diff options
| author | Matt Johnston <matt@ucc.asn.au> | 2004-07-20 12:05:00 +0000 |
|---|---|---|
| committer | Matt Johnston <matt@ucc.asn.au> | 2004-07-20 12:05:00 +0000 |
| commit | 62aab2227c2e1aca8e9b807bc203a1d6ecb14daf (patch) | |
| tree | d93c18c66b00d60d4dd5d8c1c895c987331c083c | |
| parent | 9c676d0ddd4f5cc5ff271653fc1d8acf92c0d69f (diff) | |
switching to global vars
--HG--
extra : convert_revision : 800073097767c2ac153ab834cbcf0121cb765118
| -rw-r--r-- | Makefile.in | 2 | ||||
| -rw-r--r-- | TODO | 2 | ||||
| -rw-r--r-- | common-session.c | 11 | ||||
| -rw-r--r-- | dbutil.h | 1 | ||||
| -rw-r--r-- | main.c | 27 | ||||
| -rw-r--r-- | runopts.h | 33 | ||||
| -rw-r--r-- | session.h | 8 | ||||
| -rw-r--r-- | svr-auth.c | 21 | ||||
| -rw-r--r-- | svr-chansession.c | 7 | ||||
| -rw-r--r-- | svr-kex.c | 7 | ||||
| -rw-r--r-- | svr-runopts.c | 115 | ||||
| -rw-r--r-- | svr-session.c | 12 | ||||
| -rw-r--r-- | tcpfwd-direct.c | 3 | ||||
| -rw-r--r-- | tcpfwd-remote.c | 3 |
14 files changed, 125 insertions, 127 deletions
diff --git a/Makefile.in b/Makefile.in index 67e5e5f..4d6d342 100644 --- a/Makefile.in +++ b/Makefile.in @@ -6,7 +6,7 @@ COMMONOBJS=dbutil.o common-session.o common-packet.o common-algo.o buffer.o \ signkey.o rsa.o random.o common-channel.o \ common-chansession.o queue.o termcodes.o \ loginrec.o atomicio.o svr-x11fwd.o tcpfwd-direct.o compat.o \ - tcpfwd-remote.o listener.o process-packet.o + tcpfwd-remote.o listener.o process-packet.o common-runopts.o SVROBJS=svr-kex.o svr-algo.o svr-auth.o sshpty.o \ svr-authpasswd.o svr-authpubkey.o svr-session.o svr-service.o \ @@ -24,4 +24,6 @@ Things which need doing: - CTR mode, SSH_MSG_IGNORE sending to improve CBC security - DH Group Exchange possibly +- Use m_burn for clearing sensitive items in LTM/LTC + - fix scp.c for IRIX diff --git a/common-session.c b/common-session.c index b7793f9..6e37e29 100644 --- a/common-session.c +++ b/common-session.c @@ -35,14 +35,14 @@ #include "channel.h" #include "atomicio.h" -struct sshsession ses; +struct sshsession ses; /* GLOBAL */ /* need to know if the session struct has been initialised, this way isn't the * cleanest, but works OK */ -int sessinitdone = 0; +int sessinitdone = 0; /* GLOBAL */ /* this is set when we get SIGINT or SIGTERM, the handler is in main.c */ -int exitflag = 0; +int exitflag = 0; /* GLOBAL */ static int ident_readln(int fd, char* buf, int count); @@ -51,7 +51,7 @@ void(*session_remoteclosed)() = NULL; /* called only at the start of a session, set up initial state */ -void common_session_init(int sock, runopts *opts) { +void common_session_init(int sock) { TRACE(("enter session_init")); @@ -61,8 +61,6 @@ void common_session_init(int sock, runopts *opts) { ses.sock = sock; ses.maxfd = sock; - ses.opts = opts; - ses.connecttimeout = 0; kexinitialise(); /* initialise the kex state */ @@ -128,7 +126,6 @@ void common_session_cleanup() { } m_free(ses.session_id); - freerunopts(ses.opts); m_burn(ses.keys, sizeof(struct key_context)); m_free(ses.keys); @@ -32,7 +32,6 @@ #ifndef DISABLE_SYSLOG void startsyslog(); #endif -extern int usingsyslog; extern void (*_dropbear_exit)(int exitcode, const char* format, va_list param); extern void (*_dropbear_log)(int priority, const char* format, va_list param); @@ -29,7 +29,7 @@ #include "signkey.h" #include "runopts.h" -static int listensockets(int *sock, runopts * opts, int *maxfd); +static int listensockets(int *sock, int *maxfd); static void sigchld_handler(int dummy); static void sigsegv_handler(int); static void sigintterm_handler(int fish); @@ -53,7 +53,6 @@ int main(int argc, char ** argv) int remoteaddrlen; int listensocks[MAX_LISTEN_ADDR]; unsigned int listensockcount = 0; - runopts * opts; FILE * pidfile; int childsock; @@ -66,13 +65,13 @@ int main(int argc, char ** argv) _dropbear_log = svr_dropbear_log; /* get commandline options */ - opts = svr_getopts(argc, argv); + svr_getopts(argc, argv); /* fork */ - if (opts->forkbg) { + if (svr_opts.forkbg) { int closefds = 0; #ifndef DEBUG_TRACE - if (!usingsyslog) { + if (!svr_opts.usingsyslog) { closefds = 1; } #endif @@ -83,13 +82,13 @@ int main(int argc, char ** argv) } #ifndef DISABLE_SYSLOG - if (usingsyslog) { + if (svr_opts.usingsyslog) { startsyslog(); } #endif /* should be done after syslog is working */ - if (opts->forkbg) { + if (svr_opts.forkbg) { dropbear_log(LOG_INFO, "Running in background"); } else { dropbear_log(LOG_INFO, "Not forking"); @@ -128,7 +127,7 @@ int main(int argc, char ** argv) /* Set up the listening sockets */ /* XXX XXX ports */ - listensockcount = listensockets(listensocks, opts, &maxsock); + listensockcount = listensockets(listensocks, &maxsock); /* incoming connection select loop */ for(;;) { @@ -242,7 +241,7 @@ int main(int argc, char ** argv) dropbear_exit("Couldn't close socket"); } /* start the session */ - svr_session(childsock, opts, childpipe[1], &remoteaddr); + svr_session(childsock, childpipe[1], &remoteaddr); /* don't return */ assert(0); } @@ -288,7 +287,7 @@ static void sigintterm_handler(int fish) { } /* Set up listening sockets for all the requested ports */ -static int listensockets(int *sock, runopts * opts, int *maxfd) { +static int listensockets(int *sock, int *maxfd) { int listensock; /* listening fd */ struct sockaddr_in listen_addr; @@ -296,7 +295,7 @@ static int listensockets(int *sock, runopts * opts, int *maxfd) { unsigned int i; int val; - for (i = 0; i < opts->portcount; i++) { + for (i = 0; i < svr_opts.portcount; i++) { /* iterate through all the sockets to listen on */ listensock = socket(PF_INET, SOCK_STREAM, 0); @@ -319,13 +318,13 @@ static int listensockets(int *sock, runopts * opts, int *maxfd) { memset((void*)&listen_addr, 0x0, sizeof(listen_addr)); listen_addr.sin_family = AF_INET; - listen_addr.sin_port = htons(opts->ports[i]); + listen_addr.sin_port = htons(svr_opts.ports[i]); listen_addr.sin_addr.s_addr = htonl(INADDR_ANY); memset(&(listen_addr.sin_zero), '\0', 8); if (bind(listensock, (struct sockaddr *)&listen_addr, sizeof(listen_addr)) < 0) { - dropbear_exit("Bind failed port %d", opts->ports[i]); + dropbear_exit("Bind failed port %d", svr_opts.ports[i]); } /* listen */ @@ -342,5 +341,5 @@ static int listensockets(int *sock, runopts * opts, int *maxfd) { *maxfd = MAX(listensock, *maxfd); } - return opts->portcount; + return svr_opts.portcount; } @@ -29,12 +29,23 @@ #include "signkey.h" #include "buffer.h" -struct SvrRunOpts { +typedef struct runopts { + + int nolocaltcp; + int noremotetcp; + +} runopts; + +extern runopts opts; + +typedef struct svr_runopts { char * rsakeyfile; char * dsskeyfile; char * bannerfile; + int forkbg; + int usingsyslog; /* ports is an array of the portcount listening ports */ uint16_t *ports; @@ -56,17 +67,23 @@ struct SvrRunOpts { int noauthpass; int norootpass; - int nolocaltcp; - int noremotetcp; - sign_key *hostkey; buffer * banner; -}; +} svr_runopts; + +extern svr_runopts svr_opts; + +void svr_getopts(int argc, char ** argv); + +/* Uncompleted XXX matt */ +typedef struct cli_runopts { + + int todo; -typedef struct SvrRunOpts runopts; +} cli_runopts; -runopts * getrunopts(int argc, char ** argv); -void freerunopts(runopts* opts); +extern cli_runopts cli_opts; +void cli_getopts(int argc, char ** argv); #endif /* _RUNOPTS_H_ */ @@ -32,14 +32,13 @@ #include "auth.h" #include "channel.h" #include "queue.h" -#include "runopts.h" #include "listener.h" #include "packet.h" extern int sessinitdone; /* Is set to 0 somewhere */ extern int exitflag; -void common_session_init(int sock, runopts *opts); +void common_session_init(int sock); void common_session_cleanup(); void checktimeouts(); void session_identification(); @@ -47,8 +46,7 @@ void session_identification(); extern void(*session_remoteclosed)(); /* Server */ -void svr_session(int sock, runopts *opts, int childpipe, - struct sockaddr *remoteaddr); +void svr_session(int sock, int childpipe, struct sockaddr *remoteaddr); void svr_dropbear_exit(int exitcode, const char* format, va_list param); void svr_dropbear_log(int priority, const char* format, va_list param); @@ -82,8 +80,6 @@ struct sshsession { /* Is it a client or server? */ unsigned char isserver; - runopts * opts; /* runtime options, incl hostkey, banner etc */ - long connecttimeout; /* time to disconnect if we have a timeout (for userauth etc), or 0 for no timeout */ @@ -34,6 +34,7 @@ #include "auth.h" #include "authpasswd.h" #include "authpubkey.h" +#include "runopts.h" static void authclear(); static int checkusername(unsigned char *username, unsigned int userlen); @@ -61,7 +62,7 @@ static void authclear() { svr_ses.authstate.authtypes |= AUTH_TYPE_PUBKEY; #endif #ifdef DROPBEAR_PASSWORD_AUTH - if (!ses.opts->noauthpass) { + if (svr_opts.noauthpass) { svr_ses.authstate.authtypes |= AUTH_TYPE_PASSWORD; } #endif @@ -73,7 +74,7 @@ static void authclear() { static void send_msg_userauth_banner() { TRACE(("enter send_msg_userauth_banner")); - if (ses.opts->banner == NULL) { + if (svr_opts.banner == NULL) { TRACE(("leave send_msg_userauth_banner: banner is NULL")); return; } @@ -81,13 +82,13 @@ static void send_msg_userauth_banner() { CHECKCLEARTOWRITE(); buf_putbyte(ses.writepayload, SSH_MSG_USERAUTH_BANNER); - buf_putstring(ses.writepayload, buf_getptr(ses.opts->banner, - ses.opts->banner->len), ses.opts->banner->len); + buf_putstring(ses.writepayload, buf_getptr(svr_opts.banner, + svr_opts.banner->len), svr_opts.banner->len); buf_putstring(ses.writepayload, "en", 2); encrypt_packet(); - buf_free(ses.opts->banner); - ses.opts->banner = NULL; + buf_free(svr_opts.banner); + svr_opts.banner = NULL; TRACE(("leave send_msg_userauth_banner")); } @@ -107,7 +108,7 @@ void recv_msg_userauth_request() { } /* send the banner if it exists, it will only exist once */ - if (ses.opts->banner) { + if (svr_opts.banner) { send_msg_userauth_banner(); } @@ -145,8 +146,8 @@ void recv_msg_userauth_request() { } #ifdef DROPBEAR_PASSWORD_AUTH - if (!ses.opts->noauthpass && - !(ses.opts->norootpass && svr_ses.authstate.pw->pw_uid == 0) ) { + if (!svr_opts.noauthpass && + !(svr_opts.norootpass && svr_ses.authstate.pw->pw_uid == 0) ) { /* user wants to try password auth */ if (methodlen == AUTH_METHOD_PASSWORD_LEN && strncmp(methodname, AUTH_METHOD_PASSWORD, @@ -217,7 +218,7 @@ static int checkusername(unsigned char *username, unsigned int userlen) { svr_ses.authstate.printableuser = m_strdup(svr_ses.authstate.pw->pw_name); /* check for non-root if desired */ - if (ses.opts->norootlogin && svr_ses.authstate.pw->pw_uid == 0) { + if (svr_opts.norootlogin && svr_ses.authstate.pw->pw_uid == 0) { TRACE(("leave checkusername: root login disabled")); dropbear_log(LOG_WARNING, "root login rejected"); send_msg_userauth_failure(0, 1); diff --git a/svr-chansession.c b/svr-chansession.c index c6526dc..cbc7ebe 100644 --- a/svr-chansession.c +++ b/svr-chansession.c @@ -36,6 +36,7 @@ #include "utmp.h" #include "x11fwd.h" #include "agentfwd.h" +#include "runopts.h" /* Handles sessions (either shells or programs) requested by the client */ @@ -690,7 +691,7 @@ static int ptycommand(struct Channel *channel, struct ChanSess *chansess) { m_free(chansess->tty); #ifdef DO_MOTD - if (ses.opts->domotd) { + if (svr_opts.domotd) { /* don't show the motd if ~/.hushlogin exists */ /* 11 == strlen("/hushlogin\0") */ @@ -776,8 +777,8 @@ static void execchild(struct ChanSess *chansess) { unsigned int i; /* wipe the hostkey */ - sign_key_free(ses.opts->hostkey); - ses.opts->hostkey = NULL; + sign_key_free(svr_opts.hostkey); + svr_opts.hostkey = NULL; /* overwrite the prng state */ seedrandom(); @@ -32,6 +32,7 @@ #include "packet.h" #include "bignum.h" #include "random.h" +#include "runopts.h" static void send_msg_kexdh_reply(mp_int *dh_e); @@ -125,7 +126,7 @@ static void send_msg_kexdh_reply(mp_int *dh_e) { /* Create the remainder of the hash buffer, to generate the exchange hash */ /* K_S, the host key */ - buf_put_pub_key(ses.kexhashbuf, ses.opts->hostkey, + buf_put_pub_key(ses.kexhashbuf, svr_opts.hostkey, ses.newkeys->algo_hostkey); /* e, exchange value sent by the client */ buf_putmpint(ses.kexhashbuf, dh_e); @@ -153,7 +154,7 @@ static void send_msg_kexdh_reply(mp_int *dh_e) { /* we can start creating the kexdh_reply packet */ CHECKCLEARTOWRITE(); buf_putbyte(ses.writepayload, SSH_MSG_KEXDH_REPLY); - buf_put_pub_key(ses.writepayload, ses.opts->hostkey, + buf_put_pub_key(ses.writepayload, svr_opts.hostkey, ses.newkeys->algo_hostkey); /* put f */ @@ -161,7 +162,7 @@ static void send_msg_kexdh_reply(mp_int *dh_e) { mp_clear(&dh_f); /* calc the signature */ - buf_put_sign(ses.writepayload, ses.opts->hostkey, + buf_put_sign(ses.writepayload, svr_opts.hostkey, ses.newkeys->algo_hostkey, ses.hash, SHA1_HASH_SIZE); /* the SSH_MSG_KEXDH_REPLY is done */ diff --git a/svr-runopts.c b/svr-runopts.c index f7a427f..1f5b0c6 100644 --- a/svr-runopts.c +++ b/svr-runopts.c @@ -29,6 +29,8 @@ #include "dbutil.h" #include "algo.h" +svr_runopts svr_opts; /* GLOBAL */ + static sign_key * loadhostkeys(const char * dsskeyfile, const char * rsakeyfile); static int readhostkey(const char * filename, sign_key * hostkey, int type); @@ -84,38 +86,34 @@ static void printhelp(const char * progname) { DROPBEAR_MAX_PORTS, DROPBEAR_PORT); } -/* returns NULL on failure, or a pointer to a freshly allocated - * runopts structure */ -runopts * svr_getopts(int argc, char ** argv) { +void svr_getopts(int argc, char ** argv) { unsigned int i; char ** next = 0; - runopts * opts; unsigned int portnum = 0; char *portstring[DROPBEAR_MAX_PORTS]; unsigned int longport; /* see printhelp() for options */ - opts = (runopts*)m_malloc(sizeof(runopts)); - opts->rsakeyfile = NULL; - opts->dsskeyfile = NULL; - opts->bannerfile = NULL; - opts->banner = NULL; - opts->forkbg = 1; - opts->norootlogin = 0; - opts->noauthpass = 0; - opts->norootpass = 0; - opts->nolocaltcp = 0; - opts->noremotetcp = 0; + svr_opts.rsakeyfile = NULL; + svr_opts.dsskeyfile = NULL; + svr_opts.bannerfile = NULL; + svr_opts.banner = NULL; + svr_opts.forkbg = 1; + svr_opts.norootlogin = 0; + svr_opts.noauthpass = 0; + svr_opts.norootpass = 0; + opts.nolocaltcp = 0; + opts.noremotetcp = 0; /* not yet - opts->ipv4 = 1; - opts->ipv6 = 1; + svr_opts.ipv4 = 1; + svr_opts.ipv6 = 1; */ #ifdef DO_MOTD - opts->domotd = 1; + svr_opts.domotd = 1; #endif #ifndef DISABLE_SYSLOG - usingsyslog = 1; + svr_opts.usingsyslog = 1; #endif for (i = 1; i < (unsigned int)argc; i++) { @@ -131,34 +129,34 @@ runopts * svr_getopts(int argc, char ** argv) { if (argv[i][0] == '-') { switch (argv[i][1]) { case 'b': - next = &opts->bannerfile; + next = &svr_opts.bannerfile; break; #ifdef DROPBEAR_DSS case 'd': - next = &opts->dsskeyfile; + next = &svr_opts.dsskeyfile; break; #endif #ifdef DROPBEAR_RSA case 'r': - next = &opts->rsakeyfile; + next = &svr_opts.rsakeyfile; break; #endif case 'F': - opts->forkbg = 0; + svr_opts.forkbg = 0; break; #ifndef DISABLE_SYSLOG case 'E': - usingsyslog = 0; + svr_opts.usingsyslog = 0; break; #endif #ifndef DISABLE_LOCALTCPFWD case 'j': - opts->nolocaltcp = 1; + opts.nolocaltcp = 1; break; #endif #ifndef DISABLE_REMOTETCPFWD case 'k': - opts->noremotetcp = 1; + opts.noremotetcp = 1; break; #endif case 'p': @@ -171,18 +169,18 @@ runopts * svr_getopts(int argc, char ** argv) { #ifdef DO_MOTD /* motd is displayed by default, -m turns it off */ case 'm': - opts->domotd = 0; + svr_opts.domotd = 0; break; #endif case 'w': - opts->norootlogin = 1; + svr_opts.norootlogin = 1; break; #ifdef DROPBEAR_PASSWORD_AUTH case 's': - opts->noauthpass = 1; + svr_opts.noauthpass = 1; break; case 'g': - opts->norootpass = 1; + svr_opts.norootpass = 1; break; #endif case 'h': @@ -191,10 +189,10 @@ runopts * svr_getopts(int argc, char ** argv) { break; /* case '4': - opts->ipv4 = 0; + svr_opts.ipv4 = 0; break; case '6': - opts->ipv6 = 0; + svr_opts.ipv6 = 0; break; */ default: @@ -206,19 +204,19 @@ runopts * svr_getopts(int argc, char ** argv) { } } - if (opts->dsskeyfile == NULL) { - opts->dsskeyfile = DSS_PRIV_FILENAME; + if (svr_opts.dsskeyfile == NULL) { + svr_opts.dsskeyfile = DSS_PRIV_FILENAME; } - if (opts->rsakeyfile == NULL) { - opts->rsakeyfile = RSA_PRIV_FILENAME; + if (svr_opts.rsakeyfile == NULL) { + svr_opts.rsakeyfile = RSA_PRIV_FILENAME; } - opts->hostkey = loadhostkeys(opts->dsskeyfile, opts->rsakeyfile); + svr_opts.hostkey = loadhostkeys(svr_opts.dsskeyfile, svr_opts.rsakeyfile); - if (opts->bannerfile) { + if (svr_opts.bannerfile) { struct stat buf; - if (stat(opts->bannerfile, &buf) != 0) { + if (stat(svr_opts.bannerfile, &buf) != 0) { dropbear_exit("Error opening banner file '%s'", - opts->bannerfile); + svr_opts.bannerfile); } if (buf.st_size > MAX_BANNER_SIZE) { @@ -226,16 +224,16 @@ runopts * svr_getopts(int argc, char ** argv) { MAX_BANNER_SIZE); } - opts->banner = buf_new(buf.st_size); - if (buf_readfile(opts->banner, opts->bannerfile)!=DROPBEAR_SUCCESS) { + svr_opts.banner = buf_new(buf.st_size); + if (buf_readfile(svr_opts.banner, svr_opts.bannerfile)!=DROPBEAR_SUCCESS) { dropbear_exit("Error reading banner file '%s'", - opts->bannerfile); + svr_opts.bannerfile); } - buf_setpos(opts->banner, 0); + buf_setpos(svr_opts.banner, 0); } /* not yet - if (!(opts->ipv4 || opts->ipv6)) { + if (!(svr_opts.ipv4 || svr_opts.ipv6)) { fprintf(stderr, "You can't disable ipv4 and ipv6.\n"); exit(1); } @@ -244,17 +242,17 @@ runopts * svr_getopts(int argc, char ** argv) { /* create the array of listening ports */ if (portnum == 0) { /* non specified */ - opts->portcount = 1; - opts->ports = m_malloc(sizeof(uint16_t)); - opts->ports[0] = DROPBEAR_PORT; + svr_opts.portcount = 1; + svr_opts.ports = m_malloc(sizeof(uint16_t)); + svr_opts.ports[0] = DROPBEAR_PORT; } else { - opts->portcount = portnum; - opts->ports = (uint16_t*)m_malloc(sizeof(uint16_t)*portnum); + svr_opts.portcount = portnum; + svr_opts.ports = (uint16_t*)m_malloc(sizeof(uint16_t)*portnum); for (i = 0; i < portnum; i++) { if (portstring[i]) { longport = atoi(portstring[i]); if (longport <= 65535 && longport > 0) { - opts->ports[i] = (uint16_t)longport; + svr_opts.ports[i] = (uint16_t)longport; continue; } } @@ -263,23 +261,8 @@ runopts * svr_getopts(int argc, char ** argv) { } } - return opts; } -void freerunopts(runopts* opts) { - - if (!opts) { - return; - } - - if (opts->hostkey) { - sign_key_free(opts->hostkey); - opts->hostkey = NULL; - } - - m_free(opts->ports); - m_free(opts); -} /* returns success or failure */ static int readhostkey(const char * filename, sign_key * hostkey, int type) { diff --git a/svr-session.c b/svr-session.c index d3094ea..927a1c1 100644 --- a/svr-session.c +++ b/svr-session.c @@ -39,10 +39,11 @@ #include "service.h" #include "auth.h" #include "tcpfwd-remote.h" +#include "runopts.h" static void svr_remoteclosed(); -struct serversession svr_ses; +struct serversession svr_ses; /* GLOBAL */ static const packettype svr_packettypes[] = { /* TYPE, AUTHREQUIRED, FUNCTION */ @@ -69,15 +70,14 @@ static const struct ChanType *svr_chantypes[] = { NULL /* Null termination is mandatory. */ }; -void svr_session(int sock, runopts *opts, int childpipe, - struct sockaddr* remoteaddr) { +void svr_session(int sock, int childpipe, struct sockaddr* remoteaddr) { fd_set readfd, writefd; struct timeval timeout; int val; crypto_init(); - common_session_init(sock, opts); + common_session_init(sock); ses.remoteaddr = remoteaddr; ses.remotehost = getaddrhostname(remoteaddr); @@ -227,7 +227,7 @@ void svr_dropbear_log(int priority, const char* format, va_list param) { vsnprintf(printbuf, sizeof(printbuf), format, param); #ifndef DISABLE_SYSLOG - if (usingsyslog) { + if (svr_opts.usingsyslog) { syslog(priority, "%s", printbuf); } #endif @@ -238,7 +238,7 @@ void svr_dropbear_log(int priority, const char* format, va_list param) { havetrace = 1; #endif - if (!usingsyslog || havetrace) + if (!svr_opts.usingsyslog || havetrace) { timesec = time(NULL); if (strftime(datestr, sizeof(datestr), "%b %d %H:%M:%S", diff --git a/tcpfwd-direct.c b/tcpfwd-direct.c index 1131602..b6a2178 100644 --- a/tcpfwd-direct.c +++ b/tcpfwd-direct.c @@ -3,6 +3,7 @@ #include "dbutil.h" #include "channel.h" #include "tcpfwd-direct.h" +#include "runopts.h" #ifndef DISABLE_TCPFWD_DIRECT static int newtcpdirect(struct Channel * channel); @@ -30,7 +31,7 @@ static int newtcpdirect(struct Channel * channel) { int len; int ret = DROPBEAR_FAILURE; - if (ses.opts->nolocaltcp) { + if (opts.nolocaltcp) { TRACE(("leave newtcpdirect: local tcp forwarding disabled")); goto out; } diff --git a/tcpfwd-remote.c b/tcpfwd-remote.c index 16b1105..d0a67a1 100644 --- a/tcpfwd-remote.c +++ b/tcpfwd-remote.c @@ -6,6 +6,7 @@ #include "buffer.h" #include "packet.h" #include "listener.h" +#include "runopts.h" #ifndef DISABLE_REMOTETCPFWD @@ -35,7 +36,7 @@ void recv_msg_global_request_remotetcp() { TRACE(("enter recv_msg_global_request_remotetcp")); - if (ses.opts->noremotetcp) { + if (opts.noremotetcp) { TRACE(("leave recv_msg_global_request_remotetcp: remote tcp forwarding disabled")); goto out; } |