From 523ad0b01c5c939849d9c566c104d3a9cb5d75fb Mon Sep 17 00:00:00 2001
From: Russell Jones <russell.valerius.jones@gmail.com>
Date: Fri, 23 Mar 2018 00:52:26 +0000
Subject: [PATCH] When unable to accept channel, write to logs, return error to
 user, and return.

---
 lib/srv/forward/sshserver.go | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/lib/srv/forward/sshserver.go b/lib/srv/forward/sshserver.go
index 6eabfadd39298..89ad120d6fb9c 100644
--- a/lib/srv/forward/sshserver.go
+++ b/lib/srv/forward/sshserver.go
@@ -495,7 +495,9 @@ func (s *Server) handleChannel(ctx *srv.ServerContext, sconn *ssh.ServerConn, nc
 	case "session":
 		ch, requests, err := nch.Accept()
 		if err != nil {
-			s.log.Infof("Unable to accept channel: %v", err)
+			s.log.Warnf("Unable to accept channel: %v", err)
+			nch.Reject(ssh.ConnectionFailed, fmt.Sprintf("unable to accept channel: %v", err))
+			return
 		}
 		go s.handleSessionRequests(ctx, sconn, ch, requests)
 	// port forwarding
@@ -504,10 +506,13 @@ func (s *Server) handleChannel(ctx *srv.ServerContext, sconn *ssh.ServerConn, nc
 		if err != nil {
 			s.log.Errorf("Failed to parse request data: %v, err: %v", string(nch.ExtraData()), err)
 			nch.Reject(ssh.UnknownChannelType, "failed to parse direct-tcpip request")
+			return
 		}
 		ch, _, err := nch.Accept()
 		if err != nil {
-			s.log.Infof("Unable to accept channel: %v", err)
+			s.log.Warnf("Unable to accept channel: %v", err)
+			nch.Reject(ssh.ConnectionFailed, fmt.Sprintf("unable to accept channel: %v", err))
+			return
 		}
 		go s.handleDirectTCPIPRequest(ctx, sconn, ch, req)
 	default: