f95d6459b1
We specifically install the ChannelDirectTcpip channel factory so that the daemon understands this protocol feature but our TcpIpForwardFilter automatically rejects all connection attempts made by a client. This will cause nice error messages to be reported back, letting the user know their port forwarding was denied, rather than generating an obtuse error message in the client. Even if we skipped the ChannelDirectTcpip session factory we must install the TcpIpForwardFilter. If we don't MINA SSHD would permit any client to listen for inbound connections on any of our local ports and redirect them to the client's own server of choice. We also now specifically configure the subsystem list to be empty. This is to disable any SFTP support inherited from MINA SSHD, we actually don't want to service SFTP for anything at this time. We might consider enabling SFTP off the same virtual filesystem we use for scp, but its not a very important feature. Bug: issue 336 Change-Id: I7a64601524ca84f308b76357290c456dc4613b67 Signed-off-by: Shawn O. Pearce <sop@google.com> |
||
---|---|---|
.. | ||
.settings | ||
src/main | ||
.gitignore | ||
pom.xml |