- markus@cvs.openbsd.org 2001/01/31 13:37:24
[channels.c channels.h serverloop.c ssh.c]
do not disconnect if local port forwarding fails, e.g. if port is already in
use
- markus@cvs.openbsd.org 2001/02/01 14:58:09
[channels.c]
use ipaddr in channel messages, ietf-secsh wants this
- markus@cvs.openbsd.org 2001/01/31 12:26:20
[channels.c]
ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE messages;
bug report from edmundo@rano.org
diff --git a/ChangeLog b/ChangeLog
index b237a21..8214917 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -37,9 +37,20 @@
- stevesk@cvs.openbsd.org 2001/02/04 15:12:17
[sshd.c]
precedence; ok markus@
- - deraadt@cvs.openbsd.org 2001/02/04 08:14:15
+ - deraadt@cvs.openbsd.org 2001/02/04 08:14:15
[ssh.c sshd.c]
make the alpha happy
+ - markus@cvs.openbsd.org 2001/01/31 13:37:24
+ [channels.c channels.h serverloop.c ssh.c]
+ do not disconnect if local port forwarding fails, e.g. if port is already in
+ use
+ - markus@cvs.openbsd.org 2001/02/01 14:58:09
+ [channels.c]
+ use ipaddr in channel messages, ietf-secsh wants this
+ - markus@cvs.openbsd.org 2001/01/31 12:26:20
+ [channels.c]
+ ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE messages;
+ bug report from edmundo@rano.org
20010104
- (bal) I think this is the last of the bsd-*.h that don't belong.
diff --git a/channels.c b/channels.c
index d8c7e12..354160e 100644
--- a/channels.c
+++ b/channels.c
@@ -40,7 +40,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.88 2001/02/01 21:58:08 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.89 2001/02/04 15:32:23 stevesk Exp $");
#include <openssl/rsa.h>
#include <openssl/dsa.h>
@@ -1317,7 +1317,8 @@
void
channel_input_open_failure(int type, int plen, void *ctxt)
{
- int id;
+ int id, reason;
+ char *msg = NULL, *lang = NULL;
Channel *c;
if (!compat20)
@@ -1330,13 +1331,18 @@
packet_disconnect("Received open failure for "
"non-opening channel %d.", id);
if (compat20) {
- int reason = packet_get_int();
- char *msg = packet_get_string(NULL);
- char *lang = packet_get_string(NULL);
- log("channel_open_failure: %d: reason %d: %s", id, reason, msg);
+ reason = packet_get_int();
+ if (packet_remaining() > 0) {
+ msg = packet_get_string(NULL);
+ lang = packet_get_string(NULL);
+ }
packet_done();
- xfree(msg);
- xfree(lang);
+ log("channel_open_failure: %d: reason %d %s", id,
+ reason, msg ? msg : "<no additional info>");
+ if (msg != NULL)
+ xfree(msg);
+ if (lang != NULL)
+ xfree(lang);
}
/* Free the channel. This will also close the socket. */
channel_free(id);
@@ -1525,11 +1531,11 @@
* Initiate forwarding of connections to local port "port" through the secure
* channel to host:port from remote side.
*/
-void
+int
channel_request_local_forwarding(u_short listen_port, const char *host_to_connect,
u_short port_to_connect, int gateway_ports)
{
- channel_request_forwarding(
+ return channel_request_forwarding(
NULL, listen_port,
host_to_connect, port_to_connect,
gateway_ports, /*remote_fwd*/ 0);
@@ -1539,7 +1545,7 @@
* If 'remote_fwd' is true we have a '-R style' listener for protocol 2
* (SSH_CHANNEL_RPORT_LISTENER).
*/
-void
+int
channel_request_forwarding(
const char *listen_address, u_short listen_port,
const char *host_to_connect, u_short port_to_connect,
@@ -1551,6 +1557,8 @@
const char *host;
struct linger linger;
+ success = 0;
+
if (remote_fwd) {
host = listen_address;
ctype = SSH_CHANNEL_RPORT_LISTENER;
@@ -1559,8 +1567,10 @@
ctype =SSH_CHANNEL_PORT_LISTENER;
}
- if (strlen(host) > sizeof(channels[0].path) - 1)
- packet_disconnect("Forward host name too long.");
+ if (strlen(host) > sizeof(channels[0].path) - 1) {
+ error("Forward host name too long.");
+ return success;
+ }
/* XXX listen_address is currently ignored */
/*
@@ -1575,7 +1585,6 @@
if (getaddrinfo(NULL, strport, &hints, &aitop) != 0)
packet_disconnect("getaddrinfo: fatal error");
- success = 0;
for (ai = aitop; ai; ai = ai->ai_next) {
if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
continue;
@@ -1628,8 +1637,10 @@
success = 1;
}
if (success == 0)
- packet_disconnect("cannot listen port: %d", listen_port); /*XXX ?disconnect? */
+ error("channel_request_forwarding: cannot listen to port: %d",
+ listen_port);
freeaddrinfo(aitop);
+ return success;
}
/*
diff --git a/channels.h b/channels.h
index 5e030a4..abd7190 100644
--- a/channels.h
+++ b/channels.h
@@ -32,7 +32,7 @@
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/* RCSID("$OpenBSD: channels.h,v 1.25 2001/01/29 16:55:36 markus Exp $"); */
+/* RCSID("$OpenBSD: channels.h,v 1.26 2001/01/31 20:37:23 markus Exp $"); */
#ifndef CHANNELS_H
#define CHANNELS_H
@@ -206,10 +206,10 @@
* Initiate forwarding of connections to local port "port" through the secure
* channel to host:port from remote side.
*/
-void
+int
channel_request_local_forwarding(u_short listen_port,
const char *host_to_connect, u_short port_to_connect, int gateway_ports);
-void
+int
channel_request_forwarding(const char *listen_address, u_short listen_port,
const char *host_to_connect, u_short port_to_connect, int gateway_ports,
int remote_fwd);
diff --git a/serverloop.c b/serverloop.c
index 5a567a2..024c54b 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -35,7 +35,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: serverloop.c,v 1.43 2001/01/29 16:55:37 markus Exp $");
+RCSID("$OpenBSD: serverloop.c,v 1.45 2001/02/04 15:32:25 stevesk Exp $");
#include "xmalloc.h"
#include "packet.h"
@@ -864,12 +864,11 @@
packet_send_debug("Server has disabled port forwarding.");
} else {
/* Start listening on the port */
- channel_request_forwarding(
+ success = channel_request_forwarding(
listen_address, listen_port,
/*unspec host_to_connect*/ "<unspec host>",
/*unspec port_to_connect*/ 0,
options.gateway_ports, /*remote*/ 1);
- success = 1;
}
xfree(listen_address);
}
diff --git a/ssh.c b/ssh.c
index 4543323..730ff38 100644
--- a/ssh.c
+++ b/ssh.c
@@ -39,7 +39,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.85 2001/01/29 12:36:10 djm Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.88 2001/02/04 15:32:26 stevesk Exp $");
#include <openssl/evp.h>
#include <openssl/err.h>
@@ -757,19 +757,23 @@
void
ssh_init_forwarding(void)
{
+ int success = 0;
int i;
+
/* Initiate local TCP/IP port forwardings. */
for (i = 0; i < options.num_local_forwards; i++) {
debug("Connections to local port %d forwarded to remote address %.200s:%d",
options.local_forwards[i].port,
options.local_forwards[i].host,
options.local_forwards[i].host_port);
- channel_request_local_forwarding(
+ success += channel_request_local_forwarding(
options.local_forwards[i].port,
options.local_forwards[i].host,
options.local_forwards[i].host_port,
options.gateway_ports);
}
+ if (i > 0 && success == 0)
+ error("Could not request local forwarding.");
/* Initiate remote TCP/IP port forwardings. */
for (i = 0; i < options.num_remote_forwards; i++) {