diff options
author | Darren Tucker <dtucker@zip.com.au> | 2011-10-02 18:59:03 +1100 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2011-10-02 18:59:03 +1100 |
commit | 68afb8c5f242ec74f48fd86137122399435dd757 (patch) | |
tree | a41fb99a2df717111d5c1a05f51b3791580218d1 /mux.c | |
parent | 1338b9e067055259033a05e14db0bc2ad5536482 (diff) |
- markus@cvs.openbsd.org 2011/09/23 07:45:05
[mux.c readconf.h channels.h compat.h compat.c ssh.c readconf.c channels.c version.h]
unbreak remote portforwarding with dynamic allocated listen ports:
1) send the actual listen port in the open message (instead of 0).
this allows multiple forwardings with a dynamic listen port
2) update the matching permit-open entry, so we can identify where
to connect to
report: den at skbkontur.ru and P. Szczygielski
feedback and ok djm@
Diffstat (limited to 'mux.c')
-rw-r--r-- | mux.c | 19 |
1 files changed, 14 insertions, 5 deletions
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: mux.c,v 1.30 2011/09/09 22:46:44 djm Exp $ */ | 1 | /* $OpenBSD: mux.c,v 1.31 2011/09/23 07:45:05 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> | 3 | * Copyright (c) 2002-2008 Damien Miller <djm@openbsd.org> |
4 | * | 4 | * |
@@ -601,12 +601,16 @@ mux_confirm_remote_forward(int type, u_int32_t seq, void *ctxt) | |||
601 | buffer_put_int(&out, MUX_S_REMOTE_PORT); | 601 | buffer_put_int(&out, MUX_S_REMOTE_PORT); |
602 | buffer_put_int(&out, fctx->rid); | 602 | buffer_put_int(&out, fctx->rid); |
603 | buffer_put_int(&out, rfwd->allocated_port); | 603 | buffer_put_int(&out, rfwd->allocated_port); |
604 | channel_update_permitted_opens(rfwd->handle, | ||
605 | rfwd->allocated_port); | ||
604 | } else { | 606 | } else { |
605 | buffer_put_int(&out, MUX_S_OK); | 607 | buffer_put_int(&out, MUX_S_OK); |
606 | buffer_put_int(&out, fctx->rid); | 608 | buffer_put_int(&out, fctx->rid); |
607 | } | 609 | } |
608 | goto out; | 610 | goto out; |
609 | } else { | 611 | } else { |
612 | if (rfwd->listen_port == 0) | ||
613 | channel_update_permitted_opens(rfwd->handle, -1); | ||
610 | xasprintf(&failmsg, "remote port forwarding failed for " | 614 | xasprintf(&failmsg, "remote port forwarding failed for " |
611 | "listen port %d", rfwd->listen_port); | 615 | "listen port %d", rfwd->listen_port); |
612 | } | 616 | } |
@@ -745,8 +749,9 @@ process_mux_open_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) | |||
745 | } else { | 749 | } else { |
746 | struct mux_channel_confirm_ctx *fctx; | 750 | struct mux_channel_confirm_ctx *fctx; |
747 | 751 | ||
748 | if (channel_request_remote_forwarding(fwd.listen_host, | 752 | fwd.handle = channel_request_remote_forwarding(fwd.listen_host, |
749 | fwd.listen_port, fwd.connect_host, fwd.connect_port) < 0) | 753 | fwd.listen_port, fwd.connect_host, fwd.connect_port); |
754 | if (fwd.handle < 0) | ||
750 | goto fail; | 755 | goto fail; |
751 | add_remote_forward(&options, &fwd); | 756 | add_remote_forward(&options, &fwd); |
752 | fctx = xcalloc(1, sizeof(*fctx)); | 757 | fctx = xcalloc(1, sizeof(*fctx)); |
@@ -781,7 +786,7 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) | |||
781 | char *fwd_desc = NULL; | 786 | char *fwd_desc = NULL; |
782 | const char *error_reason = NULL; | 787 | const char *error_reason = NULL; |
783 | u_int ftype; | 788 | u_int ftype; |
784 | int i, ret = 0; | 789 | int i, listen_port, ret = 0; |
785 | 790 | ||
786 | fwd.listen_host = fwd.connect_host = NULL; | 791 | fwd.listen_host = fwd.connect_host = NULL; |
787 | if (buffer_get_int_ret(&ftype, m) != 0 || | 792 | if (buffer_get_int_ret(&ftype, m) != 0 || |
@@ -836,9 +841,13 @@ process_mux_close_fwd(u_int rid, Channel *c, Buffer *m, Buffer *r) | |||
836 | /* | 841 | /* |
837 | * This shouldn't fail unless we confused the host/port | 842 | * This shouldn't fail unless we confused the host/port |
838 | * between options.remote_forwards and permitted_opens. | 843 | * between options.remote_forwards and permitted_opens. |
844 | * However, for dynamic allocated listen ports we need | ||
845 | * to lookup the actual listen port. | ||
839 | */ | 846 | */ |
847 | listen_port = (fwd.listen_port == 0) ? | ||
848 | found_fwd->allocated_port : fwd.listen_port; | ||
840 | if (channel_request_rforward_cancel(fwd.listen_host, | 849 | if (channel_request_rforward_cancel(fwd.listen_host, |
841 | fwd.listen_port) == -1) | 850 | listen_port) == -1) |
842 | error_reason = "port not in permitted opens"; | 851 | error_reason = "port not in permitted opens"; |
843 | } else { /* local and dynamic forwards */ | 852 | } else { /* local and dynamic forwards */ |
844 | /* Ditto */ | 853 | /* Ditto */ |