From 13840e0103946982cee2a05c40697be7e57dca41 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Sat, 14 Sep 2013 09:49:43 +1000
Subject:    - djm@cvs.openbsd.org 2013/09/13 06:54:34      [channels.c]     
 avoid unaligned access in code that reused a buffer to send a      struct
 in_addr in a reply; simpler just use use buffer_put_int();      from
 portable; spotted by and ok dtucker@

---
 channels.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'channels.c')

diff --git a/channels.c b/channels.c
index 281df3802..698fa6da2 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.324 2013/07/12 00:19:58 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.325 2013/09/13 06:54:34 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1239,11 +1239,10 @@ channel_decode_socks5(Channel *c, fd_set *readset, fd_set *writeset)
 	s5_rsp.command = SSH_SOCKS5_SUCCESS;
 	s5_rsp.reserved = 0;			/* ignored */
 	s5_rsp.atyp = SSH_SOCKS5_IPV4;
-	((struct in_addr *)&dest_addr)->s_addr = INADDR_ANY;
 	dest_port = 0;				/* ignored */
 
 	buffer_append(&c->output, &s5_rsp, sizeof(s5_rsp));
-	buffer_append(&c->output, &dest_addr, sizeof(struct in_addr));
+	buffer_put_int(&c->output, ntohl(INADDR_ANY)); /* bind address */
 	buffer_append(&c->output, &dest_port, sizeof(dest_port));
 	return 1;
 }
-- 
cgit v1.2.3


From 71152bc9911bc34a98810b2398dac20df3fe8de3 Mon Sep 17 00:00:00 2001
From: Darren Tucker <dtucker@zip.com.au>
Date: Thu, 10 Oct 2013 10:27:21 +1100
Subject:    - djm@cvs.openbsd.org 2013/09/19 01:24:46      [channels.c]     
 bz#1297 - tell the client (via packet_send_debug) when their preferred     
 listen address has been overridden by the server's GatewayPorts;      ok
 dtucker@

---
 ChangeLog  |  5 +++++
 channels.c | 16 ++++++++++++++--
 2 files changed, 19 insertions(+), 2 deletions(-)

(limited to 'channels.c')

diff --git a/ChangeLog b/ChangeLog
index 5b49df51e..2a56ccfc7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -12,6 +12,11 @@
    - djm@cvs.openbsd.org 2013/09/19 00:49:12
      [sftp-client.c]
      fix swapped pflag and printflag in sftp upload_dir; from Iain Morgan
+   - djm@cvs.openbsd.org 2013/09/19 01:24:46
+     [channels.c]
+     bz#1297 - tell the client (via packet_send_debug) when their preferred
+     listen address has been overridden by the server's GatewayPorts;
+     ok dtucker@
 
 20131009
  - (djm) [openbsd-compat/arc4random.c openbsd-compat/chacha_private.h] Pull
diff --git a/channels.c b/channels.c
index 698fa6da2..d227379d0 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.325 2013/09/13 06:54:34 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.326 2013/09/19 01:24:46 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2710,8 +2710,20 @@ channel_fwd_bind_addr(const char *listen_addr, int *wildcardp,
 		if (((datafellows & SSH_OLD_FORWARD_ADDR) &&
 		    strcmp(listen_addr, "0.0.0.0") == 0 && is_client == 0) ||
 		    *listen_addr == '\0' || strcmp(listen_addr, "*") == 0 ||
-		    (!is_client && gateway_ports == 1))
+		    (!is_client && gateway_ports == 1)) {
 			wildcard = 1;
+			/*
+			 * Notify client if they requested a specific listen
+			 * address and it was overridden.
+			 */
+			if (*listen_addr != '\0' &&
+			    strcmp(listen_addr, "0.0.0.0") != 0 &&
+			    strcmp(listen_addr, "*") != 0) {
+				packet_send_debug("Forwarding listen address "
+				    "\"%s\" overridden by server "
+				    "GatewayPorts", listen_addr);
+			}
+		}
 		else if (strcmp(listen_addr, "localhost") != 0)
 			addr = listen_addr;
 	}
-- 
cgit v1.2.3


From 6c81fee693038de7d4a5559043350391db2a2761 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Fri, 8 Nov 2013 12:19:55 +1100
Subject:    - djm@cvs.openbsd.org 2013/11/08 00:39:15      [auth-options.c
 auth2-chall.c authfd.c channels.c cipher-3des1.c]      [clientloop.c
 gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]      [sftp-client.c
 sftp-glob.c]      use calloc for all structure allocations; from markus@

---
 ChangeLog      |  5 +++++
 auth-options.c |  4 ++--
 auth2-chall.c  |  4 ++--
 authfd.c       |  4 ++--
 channels.c     |  4 ++--
 cipher-3des1.c |  4 ++--
 clientloop.c   |  8 ++++----
 gss-genr.c     |  4 ++--
 monitor_mm.c   |  7 ++++---
 packet.c       |  4 ++--
 schnorr.c      |  4 ++--
 sftp-client.c  | 12 ++++++------
 sftp-glob.c    |  4 ++--
 umac.c         |  4 ++--
 14 files changed, 39 insertions(+), 33 deletions(-)

(limited to 'channels.c')

diff --git a/ChangeLog b/ChangeLog
index a7098f6d5..efce7df1b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -8,6 +8,11 @@
      [cipher.c cipher.h kex.c kex.h mac.c mac.h servconf.c ssh.c]
      Output the effective values of Ciphers, MACs and KexAlgorithms when
      the default has not been overridden.  ok markus@
+   - djm@cvs.openbsd.org 2013/11/08 00:39:15
+     [auth-options.c auth2-chall.c authfd.c channels.c cipher-3des1.c]
+     [clientloop.c gss-genr.c monitor_mm.c packet.c schnorr.c umac.c]
+     [sftp-client.c sftp-glob.c]
+     use calloc for all structure allocations; from markus@
 
 20131107
  - (djm) [ssh-pkcs11.c] Bring back "non-constant initialiser" fix (rev 1.5)
diff --git a/auth-options.c b/auth-options.c
index b485f8d24..b370b5be6 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.60 2013/11/02 22:34:01 markus Exp $ */
+/* $OpenBSD: auth-options.c,v 1.61 2013/11/08 00:39:14 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -235,7 +235,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
 			auth_debug_add("Adding to environment: %.900s", s);
 			debug("Adding to environment: %.900s", s);
 			opts++;
-			new_envstring = xmalloc(sizeof(struct envstring));
+			new_envstring = xcalloc(1, sizeof(struct envstring));
 			new_envstring->s = s;
 			new_envstring->next = custom_environment;
 			custom_environment = new_envstring;
diff --git a/auth2-chall.c b/auth2-chall.c
index 98f3093ce..031c2828c 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-chall.c,v 1.38 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.39 2013/11/08 00:39:14 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2001 Per Allansson.  All rights reserved.
@@ -111,7 +111,7 @@ kbdint_alloc(const char *devs)
 		remove_kbdint_device("pam");
 #endif
 
-	kbdintctxt = xmalloc(sizeof(KbdintAuthctxt));
+	kbdintctxt = xcalloc(1, sizeof(KbdintAuthctxt));
 	if (strcmp(devs, "") == 0) {
 		buffer_init(&b);
 		for (i = 0; devices[i]; i++) {
diff --git a/authfd.c b/authfd.c
index 775786bee..5cce93b76 100644
--- a/authfd.c
+++ b/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.87 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: authfd.c,v 1.88 2013/11/08 00:39:14 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -206,7 +206,7 @@ ssh_get_authentication_connection(void)
 	if (sock < 0)
 		return NULL;
 
-	auth = xmalloc(sizeof(*auth));
+	auth = xcalloc(1, sizeof(*auth));
 	auth->fd = sock;
 	buffer_init(&auth->identities);
 	auth->howmany = 0;
diff --git a/channels.c b/channels.c
index d227379d0..c9df9bac5 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.326 2013/09/19 01:24:46 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.327 2013/11/08 00:39:15 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -704,7 +704,7 @@ channel_register_status_confirm(int id, channel_confirm_cb *cb,
 	if ((c = channel_lookup(id)) == NULL)
 		fatal("channel_register_expect: %d: bad id", id);
 
-	cc = xmalloc(sizeof(*cc));
+	cc = xcalloc(1, sizeof(*cc));
 	cc->cb = cb;
 	cc->abandon_cb = abandon_cb;
 	cc->ctx = ctx;
diff --git a/cipher-3des1.c b/cipher-3des1.c
index c8a70244b..56fc77786 100644
--- a/cipher-3des1.c
+++ b/cipher-3des1.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher-3des1.c,v 1.8 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: cipher-3des1.c,v 1.9 2013/11/08 00:39:15 djm Exp $ */
 /*
  * Copyright (c) 2003 Markus Friedl.  All rights reserved.
  *
@@ -67,7 +67,7 @@ ssh1_3des_init(EVP_CIPHER_CTX *ctx, const u_char *key, const u_char *iv,
 	u_char *k1, *k2, *k3;
 
 	if ((c = EVP_CIPHER_CTX_get_app_data(ctx)) == NULL) {
-		c = xmalloc(sizeof(*c));
+		c = xcalloc(1, sizeof(*c));
 		EVP_CIPHER_CTX_set_app_data(ctx, c);
 	}
 	if (key == NULL)
diff --git a/clientloop.c b/clientloop.c
index 45a55e0ec..8ad5d06b0 100644
--- a/clientloop.c
+++ b/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.254 2013/09/12 01:41:12 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.255 2013/11/08 00:39:15 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -837,7 +837,7 @@ void
 client_expect_confirm(int id, const char *request,
     enum confirm_action action)
 {
-	struct channel_reply_ctx *cr = xmalloc(sizeof(*cr));
+	struct channel_reply_ctx *cr = xcalloc(1, sizeof(*cr));
 
 	cr->request_type = request;
 	cr->action = action;
@@ -860,7 +860,7 @@ client_register_global_confirm(global_confirm_cb *cb, void *ctx)
 		return;
 	}
 
-	gc = xmalloc(sizeof(*gc));
+	gc = xcalloc(1, sizeof(*gc));
 	gc->cb = cb;
 	gc->ctx = ctx;
 	gc->ref_count = 1;
@@ -1438,7 +1438,7 @@ client_new_escape_filter_ctx(int escape_char)
 {
 	struct escape_filter_ctx *ret;
 
-	ret = xmalloc(sizeof(*ret));
+	ret = xcalloc(1, sizeof(*ret));
 	ret->escape_pending = 0;
 	ret->escape_char = escape_char;
 	return (void *)ret;
diff --git a/gss-genr.c b/gss-genr.c
index bf164a77b..b39281bc1 100644
--- a/gss-genr.c
+++ b/gss-genr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: gss-genr.c,v 1.21 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: gss-genr.c,v 1.22 2013/11/08 00:39:15 djm Exp $ */
 
 /*
  * Copyright (c) 2001-2007 Simon Wilkinson. All rights reserved.
@@ -62,7 +62,7 @@ ssh_gssapi_set_oid_data(Gssctxt *ctx, void *data, size_t len)
 		free(ctx->oid->elements);
 		free(ctx->oid);
 	}
-	ctx->oid = xmalloc(sizeof(gss_OID_desc));
+	ctx->oid = xcalloc(1, sizeof(gss_OID_desc));
 	ctx->oid->length = len;
 	ctx->oid->elements = xmalloc(len);
 	memcpy(ctx->oid->elements, data, len);
diff --git a/monitor_mm.c b/monitor_mm.c
index ee7bad4b4..d3e6aeee5 100644
--- a/monitor_mm.c
+++ b/monitor_mm.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_mm.c,v 1.17 2013/05/17 00:13:13 djm Exp $ */
+/* $OpenBSD: monitor_mm.c,v 1.18 2013/11/08 00:39:15 djm Exp $ */
 /*
  * Copyright 2002 Niels Provos <provos@citi.umich.edu>
  * All rights reserved.
@@ -65,7 +65,7 @@ mm_make_entry(struct mm_master *mm, struct mmtree *head,
 	struct mm_share *tmp, *tmp2;
 
 	if (mm->mmalloc == NULL)
-		tmp = xmalloc(sizeof(struct mm_share));
+		tmp = xcalloc(1, sizeof(struct mm_share));
 	else
 		tmp = mm_xmalloc(mm->mmalloc, sizeof(struct mm_share));
 	tmp->address = address;
@@ -88,7 +88,7 @@ mm_create(struct mm_master *mmalloc, size_t size)
 	struct mm_master *mm;
 
 	if (mmalloc == NULL)
-		mm = xmalloc(sizeof(struct mm_master));
+		mm = xcalloc(1, sizeof(struct mm_master));
 	else
 		mm = mm_xmalloc(mmalloc, sizeof(struct mm_master));
 
@@ -161,6 +161,7 @@ mm_xmalloc(struct mm_master *mm, size_t size)
 	address = mm_malloc(mm, size);
 	if (address == NULL)
 		fatal("%s: mm_malloc(%lu)", __func__, (u_long)size);
+	memset(address, 0, size);
 	return (address);
 }
 
diff --git a/packet.c b/packet.c
index 0d27e7592..90db33bdd 100644
--- a/packet.c
+++ b/packet.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: packet.c,v 1.188 2013/07/12 00:19:58 djm Exp $ */
+/* $OpenBSD: packet.c,v 1.189 2013/11/08 00:39:15 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -996,7 +996,7 @@ packet_send2(void)
 		    (type == SSH2_MSG_SERVICE_REQUEST) ||
 		    (type == SSH2_MSG_SERVICE_ACCEPT)) {
 			debug("enqueue packet: %u", type);
-			p = xmalloc(sizeof(*p));
+			p = xcalloc(1, sizeof(*p));
 			p->type = type;
 			memcpy(&p->payload, &active_state->outgoing_packet,
 			    sizeof(Buffer));
diff --git a/schnorr.c b/schnorr.c
index 9549dcf0e..93822fed4 100644
--- a/schnorr.c
+++ b/schnorr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: schnorr.c,v 1.7 2013/05/17 00:13:14 djm Exp $ */
+/* $OpenBSD: schnorr.c,v 1.8 2013/11/08 00:39:15 djm Exp $ */
 /*
  * Copyright (c) 2008 Damien Miller.  All rights reserved.
  *
@@ -549,7 +549,7 @@ modp_group_from_g_and_safe_p(const char *grp_g, const char *grp_p)
 {
 	struct modp_group *ret;
 
-	ret = xmalloc(sizeof(*ret));
+	ret = xcalloc(1, sizeof(*ret));
 	ret->p = ret->q = ret->g = NULL;
 	if (BN_hex2bn(&ret->p, grp_p) == 0 ||
 	    BN_hex2bn(&ret->g, grp_g) == 0)
diff --git a/sftp-client.c b/sftp-client.c
index 91955262c..542af8b18 100644
--- a/sftp-client.c
+++ b/sftp-client.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-client.c,v 1.107 2013/10/17 00:30:13 djm Exp $ */
+/* $OpenBSD: sftp-client.c,v 1.108 2013/11/08 00:39:15 djm Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -477,7 +477,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int print_flag,
 
 	if (dir) {
 		ents = 0;
-		*dir = xmalloc(sizeof(**dir));
+		*dir = xcalloc(1, sizeof(**dir));
 		(*dir)[0] = NULL;
 	}
 
@@ -551,7 +551,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int print_flag,
 
 			if (dir) {
 				*dir = xrealloc(*dir, ents + 2, sizeof(**dir));
-				(*dir)[ents] = xmalloc(sizeof(***dir));
+				(*dir)[ents] = xcalloc(1, sizeof(***dir));
 				(*dir)[ents]->filename = xstrdup(filename);
 				(*dir)[ents]->longname = xstrdup(longname);
 				memcpy(&(*dir)[ents]->a, a, sizeof(*a));
@@ -570,7 +570,7 @@ do_lsreaddir(struct sftp_conn *conn, char *path, int print_flag,
 	/* Don't return partial matches on interrupt */
 	if (interrupted && dir != NULL && *dir != NULL) {
 		free_sftp_dirents(*dir);
-		*dir = xmalloc(sizeof(**dir));
+		*dir = xcalloc(1, sizeof(**dir));
 		**dir = NULL;
 	}
 
@@ -1143,7 +1143,7 @@ do_download(struct sftp_conn *conn, char *remote_path, char *local_path,
 			    (unsigned long long)offset,
 			    (unsigned long long)offset + buflen - 1,
 			    num_req, max_req);
-			req = xmalloc(sizeof(*req));
+			req = xcalloc(1, sizeof(*req));
 			req->id = conn->msg_id++;
 			req->len = buflen;
 			req->offset = offset;
@@ -1512,7 +1512,7 @@ do_upload(struct sftp_conn *conn, char *local_path, char *remote_path,
 			    strerror(errno));
 
 		if (len != 0) {
-			ack = xmalloc(sizeof(*ack));
+			ack = xcalloc(1, sizeof(*ack));
 			ack->id = ++id;
 			ack->offset = offset;
 			ack->len = len;
diff --git a/sftp-glob.c b/sftp-glob.c
index 79b7bdb2f..e1f5a6109 100644
--- a/sftp-glob.c
+++ b/sftp-glob.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sftp-glob.c,v 1.24 2013/05/17 00:13:14 djm Exp $ */
+/* $OpenBSD: sftp-glob.c,v 1.25 2013/11/08 00:39:15 djm Exp $ */
 /*
  * Copyright (c) 2001-2004 Damien Miller <djm@openbsd.org>
  *
@@ -48,7 +48,7 @@ fudge_opendir(const char *path)
 {
 	struct SFTP_OPENDIR *r;
 
-	r = xmalloc(sizeof(*r));
+	r = xcalloc(1, sizeof(*r));
 
 	if (do_readdir(cur.conn, (char *)path, &r->dir)) {
 		free(r);
diff --git a/umac.c b/umac.c
index 99416a510..0c62145fa 100644
--- a/umac.c
+++ b/umac.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: umac.c,v 1.7 2013/07/22 05:00:17 djm Exp $ */
+/* $OpenBSD: umac.c,v 1.8 2013/11/08 00:39:15 djm Exp $ */
 /* -----------------------------------------------------------------------
  * 
  * umac.c -- C Implementation UMAC Message Authentication
@@ -1227,7 +1227,7 @@ struct umac_ctx *umac_new(const u_char key[])
     size_t bytes_to_add;
     aes_int_key prf_key;
     
-    octx = ctx = xmalloc(sizeof(*ctx) + ALLOC_BOUNDARY);
+    octx = ctx = xcalloc(1, sizeof(*ctx) + ALLOC_BOUNDARY);
     if (ctx) {
         if (ALLOC_BOUNDARY) {
             bytes_to_add = ALLOC_BOUNDARY -
-- 
cgit v1.2.3


From 4def184e9b6c36be6d965a9705632fc4c0c2a8af Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Sun, 29 Dec 2013 17:45:26 +1100
Subject:    - djm@cvs.openbsd.org 2013/12/19 01:04:36      [channels.c]     
 bz#2147: fix multiple remote forwardings with dynamically assigned     
 listen ports. In the s->c message to open the channel we were sending     
 zero (the magic number to request a dynamic port) instead of the actual     
 listen port. The client therefore had no way of discriminating between     
 them.

     Diagnosis and fix by ronf AT timeheart.net
---
 ChangeLog  |  9 +++++++++
 channels.c | 11 +++++++----
 2 files changed, 16 insertions(+), 4 deletions(-)

(limited to 'channels.c')

diff --git a/ChangeLog b/ChangeLog
index a3689a4af..c22c8b4de 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -14,6 +14,15 @@
    - djm@cvs.openbsd.org 2013/12/19 00:27:57
      [auth-options.c]
      simplify freeing of source-address certificate restriction
+   - djm@cvs.openbsd.org 2013/12/19 01:04:36
+     [channels.c]
+     bz#2147: fix multiple remote forwardings with dynamically assigned
+     listen ports. In the s->c message to open the channel we were sending
+     zero (the magic number to request a dynamic port) instead of the actual
+     listen port. The client therefore had no way of discriminating between
+     them.
+     
+     Diagnosis and fix by ronf AT timeheart.net
 
 20131221
  - (dtucker) [regress/keytype.sh] Actually test ecdsa key types.
diff --git a/channels.c b/channels.c
index c9df9bac5..e741f29b9 100644
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.327 2013/11/08 00:39:15 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.328 2013/12/19 01:04:36 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1385,6 +1385,8 @@ port_open_helper(Channel *c, char *rtype)
 {
 	int direct;
 	char buf[1024];
+	char *local_ipaddr = get_local_ipaddr(c->sock);
+	int local_port = get_sock_port(c->sock, 1);
 	char *remote_ipaddr = get_peer_ipaddr(c->sock);
 	int remote_port = get_peer_port(c->sock);
 
@@ -1399,9 +1401,9 @@ port_open_helper(Channel *c, char *rtype)
 
 	snprintf(buf, sizeof buf,
 	    "%s: listening port %d for %.100s port %d, "
-	    "connect from %.200s port %d",
+	    "connect from %.200s port %d to %.100s port %d",
 	    rtype, c->listening_port, c->path, c->host_port,
-	    remote_ipaddr, remote_port);
+	    remote_ipaddr, remote_port, local_ipaddr, local_port);
 
 	free(c->remote_name);
 	c->remote_name = xstrdup(buf);
@@ -1419,7 +1421,7 @@ port_open_helper(Channel *c, char *rtype)
 		} else {
 			/* listen address, port */
 			packet_put_cstring(c->path);
-			packet_put_int(c->listening_port);
+			packet_put_int(local_port);
 		}
 		/* originator host and port */
 		packet_put_cstring(remote_ipaddr);
@@ -1436,6 +1438,7 @@ port_open_helper(Channel *c, char *rtype)
 		packet_send();
 	}
 	free(remote_ipaddr);
+	free(local_ipaddr);
 }
 
 static void
-- 
cgit v1.2.3