- markus@cvs.openbsd.org 2001/01/31 13:37:24

[channels.c channels.h serverloop.c ssh.c] do not disconnect if local port forwarding fails, e.g. if port is already in use - markus@cvs.openbsd.org 2001/02/01 14:58:09 [channels.c] use ipaddr in channel messages, ietf-secsh wants this - markus@cvs.openbsd.org 2001/01/31 12:26:20 [channels.c] ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE messages; bug report from edmundo@rano.org
author: Kevin Steves <stevesk@pobox.com> 2001-02-05 14:54:34 +0000
committer: Kevin Steves <stevesk@pobox.com> 2001-02-05 14:54:34 +0000
commit: 12057500cc6b2efedca40812cd5541a84e137270 (patch)
tree: 7a14942c60d8ac9d30dbb0c77741374be057411b
parent: adf74cdeca7e96e9cdcc63342c3290fbd0578ff3 (diff)
5 files changed, 49 insertions, 24 deletions
diff --git a/ChangeLog b/ChangeLog
index b237a21b1..8214917d9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -37,9 +37,20 @@
   - stevesk@cvs.openbsd.org 2001/02/04 15:12:17
     [sshd.c]
     precedence; ok markus@
-    - deraadt@cvs.openbsd.org 2001/02/04 08:14:15
+   - deraadt@cvs.openbsd.org 2001/02/04 08:14:15
     [ssh.c sshd.c]
     make the alpha happy
+   - markus@cvs.openbsd.org  2001/01/31 13:37:24
+     [channels.c channels.h serverloop.c ssh.c]
+     do not disconnect if local port forwarding fails, e.g. if port is already in
+     use
+   - markus@cvs.openbsd.org  2001/02/01 14:58:09
+     [channels.c]
+     use ipaddr in channel messages, ietf-secsh wants this
+   - markus@cvs.openbsd.org  2001/01/31 12:26:20
+     [channels.c]
+     ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE messages;
+     bug report from edmundo@rano.org
 20010104
 - (bal) I think this is the last of the bsd-*.h that don't belong.
diff --git a/channels.c b/channels.c
index d8c7e1243..354160e8f 100644
--- a/channels.c
+++ b/channels.c
@@ -40,7 +40,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.88 2001/02/01 21:58:08 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.89 2001/02/04 15:32:23 stevesk Exp $");
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
@@ -1317,7 +1317,8 @@ channel_input_open_confirmation(int type, int plen, void *ctxt)
 void
 channel_input_open_failure(int type, int plen, void *ctxt)
 {
-        int id;
+        int id, reason;
+        char *msg = NULL, *lang = NULL;
        Channel *c;
        if (!compat20)
@@ -1330,13 +1331,18 @@ channel_input_open_failure(int type, int plen, void *ctxt)
                packet_disconnect("Received open failure for "
                    "non-opening channel %d.", id);
        if (compat20) {
-                int reason = packet_get_int();
+                reason = packet_get_int();
-                char *msg  = packet_get_string(NULL);
+                if (packet_remaining() > 0) {
-                char *lang  = packet_get_string(NULL);
+                        msg  = packet_get_string(NULL);
-                log("channel_open_failure: %d: reason %d: %s", id, reason, msg);
+                        lang = packet_get_string(NULL);
+                }
                packet_done();
-                xfree(msg);
+                log("channel_open_failure: %d: reason %d %s", id,
-                xfree(lang);
+                    reason, msg ? msg : "<no additional info>");
+                if (msg != NULL)
+                        xfree(msg);
+                if (lang != NULL)
+                        xfree(lang);
        }
        /* Free the channel.  This will also close the socket. */
        channel_free(id);
@@ -1525,11 +1531,11 @@ channel_open_message()
 * Initiate forwarding of connections to local port "port" through the secure
 * channel to host:port from remote side.
 */
-void
+int
 channel_request_local_forwarding(u_short listen_port, const char *host_to_connect,
    u_short port_to_connect, int gateway_ports)
 {
-        channel_request_forwarding(
+        return channel_request_forwarding(
            NULL, listen_port,
            host_to_connect, port_to_connect,
            gateway_ports, /*remote_fwd*/ 0);
@@ -1539,7 +1545,7 @@ channel_request_local_forwarding(u_short listen_port, const char *host_to_connec
 * If 'remote_fwd' is true we have a '-R style' listener for protocol 2
 * (SSH_CHANNEL_RPORT_LISTENER).
 */
-void
+int
 channel_request_forwarding(
    const char *listen_address, u_short listen_port,
    const char *host_to_connect, u_short port_to_connect,
@@ -1551,6 +1557,8 @@ channel_request_forwarding(
        const char *host;
        struct linger linger;
+        success = 0;
        if (remote_fwd) {
                host = listen_address;
                ctype = SSH_CHANNEL_RPORT_LISTENER;
@@ -1559,8 +1567,10 @@ channel_request_forwarding(
                ctype  =SSH_CHANNEL_PORT_LISTENER;
        }
-        if (strlen(host) > sizeof(channels[0].path) - 1)
+        if (strlen(host) > sizeof(channels[0].path) - 1) {
-                packet_disconnect("Forward host name too long.");
+                error("Forward host name too long.");
+                return success;
+        }
        /* XXX listen_address is currently ignored */
        /*
@@ -1575,7 +1585,6 @@ channel_request_forwarding(
        if (getaddrinfo(NULL, strport, &hints, &aitop) != 0)
                packet_disconnect("getaddrinfo: fatal error");
-        success = 0;
        for (ai = aitop; ai; ai = ai->ai_next) {
                if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
                        continue;
@@ -1628,8 +1637,10 @@ channel_request_forwarding(
                success = 1;
        }
        if (success == 0)
-                packet_disconnect("cannot listen port: %d", listen_port);       /*XXX ?disconnect? */
+                error("channel_request_forwarding: cannot listen to port: %d",
+                    listen_port);
        freeaddrinfo(aitop);
+        return success;
 }
 /*
diff --git a/channels.h b/channels.h
index 5e030a44b..abd719042 100644
--- a/channels.h
+++ b/channels.h
@@ -32,7 +32,7 @@
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
-/* RCSID("$OpenBSD: channels.h,v 1.25 2001/01/29 16:55:36 markus Exp $"); */
+/* RCSID("$OpenBSD: channels.h,v 1.26 2001/01/31 20:37:23 markus Exp $"); */
 #ifndef CHANNELS_H
 #define CHANNELS_H
@@ -206,10 +206,10 @@ char   *channel_open_message(void);
 * Initiate forwarding of connections to local port "port" through the secure
 * channel to host:port from remote side.
 */
-void
+int
 channel_request_local_forwarding(u_short listen_port,
    const char *host_to_connect, u_short port_to_connect, int gateway_ports);
-void
+int
 channel_request_forwarding(const char *listen_address, u_short listen_port,
    const char *host_to_connect, u_short port_to_connect, int gateway_ports,
    int remote_fwd);
diff --git a/serverloop.c b/serverloop.c
index 5a567a252..024c54bc3 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -35,7 +35,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: serverloop.c,v 1.43 2001/01/29 16:55:37 markus Exp $");
+RCSID("$OpenBSD: serverloop.c,v 1.45 2001/02/04 15:32:25 stevesk Exp $");
 #include "xmalloc.h"
 #include "packet.h"
@@ -864,12 +864,11 @@ server_input_global_request(int type, int plen, void *ctxt)
                        packet_send_debug("Server has disabled port forwarding.");
                } else {
                        /* Start listening on the port */
-                        channel_request_forwarding(
+                        success = channel_request_forwarding(
                            listen_address, listen_port,
                            /*unspec host_to_connect*/ "<unspec host>",
                            /*unspec port_to_connect*/ 0,
                            options.gateway_ports, /*remote*/ 1);
-                        success = 1;
                }
                xfree(listen_address);
        }
diff --git a/ssh.c b/ssh.c
index 454332349..730ff382c 100644
--- a/ssh.c
+++ b/ssh.c
@@ -39,7 +39,7 @@
 */
 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.85 2001/01/29 12:36:10 djm Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.88 2001/02/04 15:32:26 stevesk Exp $");
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -757,19 +757,23 @@ x11_get_proto(char *proto, int proto_len, char *data, int data_len)
 void
 ssh_init_forwarding(void)
 {
+        int success = 0;
        int i;
        /* Initiate local TCP/IP port forwardings. */
        for (i = 0; i < options.num_local_forwards; i++) {
                debug("Connections to local port %d forwarded to remote address %.200s:%d",
                    options.local_forwards[i].port,
                    options.local_forwards[i].host,
                    options.local_forwards[i].host_port);
-                channel_request_local_forwarding(
+                success += channel_request_local_forwarding(
                    options.local_forwards[i].port,
                    options.local_forwards[i].host,
                    options.local_forwards[i].host_port,
                    options.gateway_ports);
        }
+        if (i > 0 && success == 0)
+                error("Could not request local forwarding.");
        /* Initiate remote TCP/IP port forwardings. */
        for (i = 0; i < options.num_remote_forwards; i++) {
author	Kevin Steves <stevesk@pobox.com>	2001-02-05 14:54:34 +0000
committer	Kevin Steves <stevesk@pobox.com>	2001-02-05 14:54:34 +0000
commit	12057500cc6b2efedca40812cd5541a84e137270 (patch)
tree	7a14942c60d8ac9d30dbb0c77741374be057411b
parent	adf74cdeca7e96e9cdcc63342c3290fbd0578ff3 (diff)