sshctrl: when enable or disable AllowTcpForwarding, change PermitOpen accordingly

Fixes: #12546
Signed-off-by: Peter Müller <peter.mueller@ipfire.org>
Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

diff --git a/src/misc-progs/sshctrl.c b/src/misc-progs/sshctrl.c
index f855c5a4a78818462cfbf627aabf69c76d9f88f3..6e8652c842d05bfc2cebc714ca0ce7f17659bae0 100644 (file)
--- a/src/misc-progs/sshctrl.c
+++ b/src/misc-progs/sshctrl.c
@@ -67,10 +67,10 @@ int main(int argc, char *argv[])
                                                strlcat(command, "s/^PasswordAuthentication .*$/PasswordAuthentication yes/;", STRING_SIZE - 1 );
 
                                if(findkey(kv, "ENABLE_SSH_PORTFW", buffer) && !strcmp(buffer,"on"))
-                                               strlcat(command, "s/^AllowTcpForwarding .*$/AllowTcpForwarding yes/;", STRING_SIZE - 1 );
+                                               strlcat(command, "s/^AllowTcpForwarding .*$/AllowTcpForwarding yes/;"   "s/^PermitOpen .*$/PermitOpen any/;", STRING_SIZE - 1 );
                                else
-                                               strlcat(command, "s/^AllowTcpForwarding .*$/AllowTcpForwarding no/;", STRING_SIZE - 1 );
-                                               
+                                               strlcat(command, "s/^AllowTcpForwarding .*$/AllowTcpForwarding no/;"    "s/^PermitOpen .*$/PermitOpen none/;", STRING_SIZE - 1 );
+
                                if(findkey(kv, "SSH_PORT", buffer) && !strcmp(buffer,"on"))
                                                strlcat(command, "s/^Port .*$/Port 22/;", STRING_SIZE - 1 );
                                else