summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog13
-rw-r--r--channels.c41
-rw-r--r--channels.h6
-rw-r--r--serverloop.c5
-rw-r--r--ssh.c8
5 files changed, 49 insertions, 24 deletions
diff --git a/ChangeLog b/ChangeLog
index b237a21b1..8214917d9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -37,9 +37,20 @@
37 - stevesk@cvs.openbsd.org 2001/02/04 15:12:17 37 - stevesk@cvs.openbsd.org 2001/02/04 15:12:17
38 [sshd.c] 38 [sshd.c]
39 precedence; ok markus@ 39 precedence; ok markus@
40 - deraadt@cvs.openbsd.org 2001/02/04 08:14:15 40 - deraadt@cvs.openbsd.org 2001/02/04 08:14:15
41 [ssh.c sshd.c] 41 [ssh.c sshd.c]
42 make the alpha happy 42 make the alpha happy
43 - markus@cvs.openbsd.org 2001/01/31 13:37:24
44 [channels.c channels.h serverloop.c ssh.c]
45 do not disconnect if local port forwarding fails, e.g. if port is already in
46 use
47 - markus@cvs.openbsd.org 2001/02/01 14:58:09
48 [channels.c]
49 use ipaddr in channel messages, ietf-secsh wants this
50 - markus@cvs.openbsd.org 2001/01/31 12:26:20
51 [channels.c]
52 ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE messages;
53 bug report from edmundo@rano.org
43 54
4420010104 5520010104
45 - (bal) I think this is the last of the bsd-*.h that don't belong. 56 - (bal) I think this is the last of the bsd-*.h that don't belong.
diff --git a/channels.c b/channels.c
index d8c7e1243..354160e8f 100644
--- a/channels.c
+++ b/channels.c
@@ -40,7 +40,7 @@
40 */ 40 */
41 41
42#include "includes.h" 42#include "includes.h"
43RCSID("$OpenBSD: channels.c,v 1.88 2001/02/01 21:58:08 markus Exp $"); 43RCSID("$OpenBSD: channels.c,v 1.89 2001/02/04 15:32:23 stevesk Exp $");
44 44
45#include <openssl/rsa.h> 45#include <openssl/rsa.h>
46#include <openssl/dsa.h> 46#include <openssl/dsa.h>
@@ -1317,7 +1317,8 @@ channel_input_open_confirmation(int type, int plen, void *ctxt)
1317void 1317void
1318channel_input_open_failure(int type, int plen, void *ctxt) 1318channel_input_open_failure(int type, int plen, void *ctxt)
1319{ 1319{
1320 int id; 1320 int id, reason;
1321 char *msg = NULL, *lang = NULL;
1321 Channel *c; 1322 Channel *c;
1322 1323
1323 if (!compat20) 1324 if (!compat20)
@@ -1330,13 +1331,18 @@ channel_input_open_failure(int type, int plen, void *ctxt)
1330 packet_disconnect("Received open failure for " 1331 packet_disconnect("Received open failure for "
1331 "non-opening channel %d.", id); 1332 "non-opening channel %d.", id);
1332 if (compat20) { 1333 if (compat20) {
1333 int reason = packet_get_int(); 1334 reason = packet_get_int();
1334 char *msg = packet_get_string(NULL); 1335 if (packet_remaining() > 0) {
1335 char *lang = packet_get_string(NULL); 1336 msg = packet_get_string(NULL);
1336 log("channel_open_failure: %d: reason %d: %s", id, reason, msg); 1337 lang = packet_get_string(NULL);
1338 }
1337 packet_done(); 1339 packet_done();
1338 xfree(msg); 1340 log("channel_open_failure: %d: reason %d %s", id,
1339 xfree(lang); 1341 reason, msg ? msg : "<no additional info>");
1342 if (msg != NULL)
1343 xfree(msg);
1344 if (lang != NULL)
1345 xfree(lang);
1340 } 1346 }
1341 /* Free the channel. This will also close the socket. */ 1347 /* Free the channel. This will also close the socket. */
1342 channel_free(id); 1348 channel_free(id);
@@ -1525,11 +1531,11 @@ channel_open_message()
1525 * Initiate forwarding of connections to local port "port" through the secure 1531 * Initiate forwarding of connections to local port "port" through the secure
1526 * channel to host:port from remote side. 1532 * channel to host:port from remote side.
1527 */ 1533 */
1528void 1534int
1529channel_request_local_forwarding(u_short listen_port, const char *host_to_connect, 1535channel_request_local_forwarding(u_short listen_port, const char *host_to_connect,
1530 u_short port_to_connect, int gateway_ports) 1536 u_short port_to_connect, int gateway_ports)
1531{ 1537{
1532 channel_request_forwarding( 1538 return channel_request_forwarding(
1533 NULL, listen_port, 1539 NULL, listen_port,
1534 host_to_connect, port_to_connect, 1540 host_to_connect, port_to_connect,
1535 gateway_ports, /*remote_fwd*/ 0); 1541 gateway_ports, /*remote_fwd*/ 0);
@@ -1539,7 +1545,7 @@ channel_request_local_forwarding(u_short listen_port, const char *host_to_connec
1539 * If 'remote_fwd' is true we have a '-R style' listener for protocol 2 1545 * If 'remote_fwd' is true we have a '-R style' listener for protocol 2
1540 * (SSH_CHANNEL_RPORT_LISTENER). 1546 * (SSH_CHANNEL_RPORT_LISTENER).
1541 */ 1547 */
1542void 1548int
1543channel_request_forwarding( 1549channel_request_forwarding(
1544 const char *listen_address, u_short listen_port, 1550 const char *listen_address, u_short listen_port,
1545 const char *host_to_connect, u_short port_to_connect, 1551 const char *host_to_connect, u_short port_to_connect,
@@ -1551,6 +1557,8 @@ channel_request_forwarding(
1551 const char *host; 1557 const char *host;
1552 struct linger linger; 1558 struct linger linger;
1553 1559
1560 success = 0;
1561
1554 if (remote_fwd) { 1562 if (remote_fwd) {
1555 host = listen_address; 1563 host = listen_address;
1556 ctype = SSH_CHANNEL_RPORT_LISTENER; 1564 ctype = SSH_CHANNEL_RPORT_LISTENER;
@@ -1559,8 +1567,10 @@ channel_request_forwarding(
1559 ctype =SSH_CHANNEL_PORT_LISTENER; 1567 ctype =SSH_CHANNEL_PORT_LISTENER;
1560 } 1568 }
1561 1569
1562 if (strlen(host) > sizeof(channels[0].path) - 1) 1570 if (strlen(host) > sizeof(channels[0].path) - 1) {
1563 packet_disconnect("Forward host name too long."); 1571 error("Forward host name too long.");
1572 return success;
1573 }
1564 1574
1565 /* XXX listen_address is currently ignored */ 1575 /* XXX listen_address is currently ignored */
1566 /* 1576 /*
@@ -1575,7 +1585,6 @@ channel_request_forwarding(
1575 if (getaddrinfo(NULL, strport, &hints, &aitop) != 0) 1585 if (getaddrinfo(NULL, strport, &hints, &aitop) != 0)
1576 packet_disconnect("getaddrinfo: fatal error"); 1586 packet_disconnect("getaddrinfo: fatal error");
1577 1587
1578 success = 0;
1579 for (ai = aitop; ai; ai = ai->ai_next) { 1588 for (ai = aitop; ai; ai = ai->ai_next) {
1580 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) 1589 if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
1581 continue; 1590 continue;
@@ -1628,8 +1637,10 @@ channel_request_forwarding(
1628 success = 1; 1637 success = 1;
1629 } 1638 }
1630 if (success == 0) 1639 if (success == 0)
1631 packet_disconnect("cannot listen port: %d", listen_port); /*XXX ?disconnect? */ 1640 error("channel_request_forwarding: cannot listen to port: %d",
1641 listen_port);
1632 freeaddrinfo(aitop); 1642 freeaddrinfo(aitop);
1643 return success;
1633} 1644}
1634 1645
1635/* 1646/*
diff --git a/channels.h b/channels.h
index 5e030a44b..abd719042 100644
--- a/channels.h
+++ b/channels.h
@@ -32,7 +32,7 @@
32 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 32 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
33 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 33 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34 */ 34 */
35/* RCSID("$OpenBSD: channels.h,v 1.25 2001/01/29 16:55:36 markus Exp $"); */ 35/* RCSID("$OpenBSD: channels.h,v 1.26 2001/01/31 20:37:23 markus Exp $"); */
36 36
37#ifndef CHANNELS_H 37#ifndef CHANNELS_H
38#define CHANNELS_H 38#define CHANNELS_H
@@ -206,10 +206,10 @@ char *channel_open_message(void);
206 * Initiate forwarding of connections to local port "port" through the secure 206 * Initiate forwarding of connections to local port "port" through the secure
207 * channel to host:port from remote side. 207 * channel to host:port from remote side.
208 */ 208 */
209void 209int
210channel_request_local_forwarding(u_short listen_port, 210channel_request_local_forwarding(u_short listen_port,
211 const char *host_to_connect, u_short port_to_connect, int gateway_ports); 211 const char *host_to_connect, u_short port_to_connect, int gateway_ports);
212void 212int
213channel_request_forwarding(const char *listen_address, u_short listen_port, 213channel_request_forwarding(const char *listen_address, u_short listen_port,
214 const char *host_to_connect, u_short port_to_connect, int gateway_ports, 214 const char *host_to_connect, u_short port_to_connect, int gateway_ports,
215 int remote_fwd); 215 int remote_fwd);
diff --git a/serverloop.c b/serverloop.c
index 5a567a252..024c54bc3 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -35,7 +35,7 @@
35 */ 35 */
36 36
37#include "includes.h" 37#include "includes.h"
38RCSID("$OpenBSD: serverloop.c,v 1.43 2001/01/29 16:55:37 markus Exp $"); 38RCSID("$OpenBSD: serverloop.c,v 1.45 2001/02/04 15:32:25 stevesk Exp $");
39 39
40#include "xmalloc.h" 40#include "xmalloc.h"
41#include "packet.h" 41#include "packet.h"
@@ -864,12 +864,11 @@ server_input_global_request(int type, int plen, void *ctxt)
864 packet_send_debug("Server has disabled port forwarding."); 864 packet_send_debug("Server has disabled port forwarding.");
865 } else { 865 } else {
866 /* Start listening on the port */ 866 /* Start listening on the port */
867 channel_request_forwarding( 867 success = channel_request_forwarding(
868 listen_address, listen_port, 868 listen_address, listen_port,
869 /*unspec host_to_connect*/ "<unspec host>", 869 /*unspec host_to_connect*/ "<unspec host>",
870 /*unspec port_to_connect*/ 0, 870 /*unspec port_to_connect*/ 0,
871 options.gateway_ports, /*remote*/ 1); 871 options.gateway_ports, /*remote*/ 1);
872 success = 1;
873 } 872 }
874 xfree(listen_address); 873 xfree(listen_address);
875 } 874 }
diff --git a/ssh.c b/ssh.c
index 454332349..730ff382c 100644
--- a/ssh.c
+++ b/ssh.c
@@ -39,7 +39,7 @@
39 */ 39 */
40 40
41#include "includes.h" 41#include "includes.h"
42RCSID("$OpenBSD: ssh.c,v 1.85 2001/01/29 12:36:10 djm Exp $"); 42RCSID("$OpenBSD: ssh.c,v 1.88 2001/02/04 15:32:26 stevesk Exp $");
43 43
44#include <openssl/evp.h> 44#include <openssl/evp.h>
45#include <openssl/err.h> 45#include <openssl/err.h>
@@ -757,19 +757,23 @@ x11_get_proto(char *proto, int proto_len, char *data, int data_len)
757void 757void
758ssh_init_forwarding(void) 758ssh_init_forwarding(void)
759{ 759{
760 int success = 0;
760 int i; 761 int i;
762
761 /* Initiate local TCP/IP port forwardings. */ 763 /* Initiate local TCP/IP port forwardings. */
762 for (i = 0; i < options.num_local_forwards; i++) { 764 for (i = 0; i < options.num_local_forwards; i++) {
763 debug("Connections to local port %d forwarded to remote address %.200s:%d", 765 debug("Connections to local port %d forwarded to remote address %.200s:%d",
764 options.local_forwards[i].port, 766 options.local_forwards[i].port,
765 options.local_forwards[i].host, 767 options.local_forwards[i].host,
766 options.local_forwards[i].host_port); 768 options.local_forwards[i].host_port);
767 channel_request_local_forwarding( 769 success += channel_request_local_forwarding(
768 options.local_forwards[i].port, 770 options.local_forwards[i].port,
769 options.local_forwards[i].host, 771 options.local_forwards[i].host,
770 options.local_forwards[i].host_port, 772 options.local_forwards[i].host_port,
771 options.gateway_ports); 773 options.gateway_ports);
772 } 774 }
775 if (i > 0 && success == 0)
776 error("Could not request local forwarding.");
773 777
774 /* Initiate remote TCP/IP port forwardings. */ 778 /* Initiate remote TCP/IP port forwardings. */
775 for (i = 0; i < options.num_remote_forwards; i++) { 779 for (i = 0; i < options.num_remote_forwards; i++) {