Bugzilla – Attachment 666 Details for
Bug 413
Port forwarding: [localhost:]localport:remotehost:remoteport
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Update to OpenBSD -current
forwardbind-bsd.diff (text/plain), 26.21 KB, created by
Damien Miller
on 2004-06-26 09:01:18 AEST
(
hide
)
Description:
Update to OpenBSD -current
Filename:
MIME Type:
Creator:
Damien Miller
Created:
2004-06-26 09:01:18 AEST
Size:
26.21 KB
patch
obsolete
>Index: auth-options.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/auth-options.c,v >retrieving revision 1.28 >diff -u -r1.28 auth-options.c >--- auth-options.c 2 Jun 2003 09:17:34 -0000 1.28 >+++ auth-options.c 25 Jun 2004 22:56:54 -0000 >@@ -217,7 +217,7 @@ > } > cp = "permitopen=\""; > if (strncasecmp(opts, cp, strlen(cp)) == 0) { >- char host[256], sport[6]; >+ char *host, *p; > u_short port; > char *patterns = xmalloc(strlen(opts) + 1); > >@@ -243,8 +243,9 @@ > } > patterns[i] = 0; > opts++; >- if (sscanf(patterns, "%255[^:]:%5[0-9]", host, sport) != 2 && >- sscanf(patterns, "%255[^/]/%5[0-9]", host, sport) != 2) { >+ p = patterns; >+ host = hpdelim(&p); >+ if (!host) { > debug("%.100s, line %lu: Bad permitopen specification " > "<%.100s>", file, linenum, patterns); > auth_debug_add("%.100s, line %lu: " >@@ -252,9 +253,11 @@ > xfree(patterns); > goto bad_option; > } >- if ((port = a2port(sport)) == 0) { >+ host = cleanhostname(host); >+ port = p ? a2port(p) : 0; >+ if (port == 0) { > debug("%.100s, line %lu: Bad permitopen port <%.100s>", >- file, linenum, sport); >+ file, linenum, p ? p : ""); > auth_debug_add("%.100s, line %lu: " > "Bad permitopen port", file, linenum); > xfree(patterns); >Index: channels.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/channels.c,v >retrieving revision 1.207 >diff -u -r1.207 channels.c >--- channels.c 21 Jun 2004 17:36:31 -0000 1.207 >+++ channels.c 25 Jun 2004 22:56:54 -0000 >@@ -2175,8 +2175,9 @@ > Channel *c; > int success, sock, on = 1; > struct addrinfo hints, *ai, *aitop; >- const char *host; >+ const char *host, *addr = NULL; > char ntop[NI_MAXHOST], strport[NI_MAXSERV]; >+ int wildcard = 0; > > success = 0; > host = (type == SSH_CHANNEL_RPORT_LISTENER) ? >@@ -2192,16 +2193,35 @@ > } > > /* >+ * Determine whether or not a port forward listens to loopback, >+ * specified address or wildcard. >+ */ >+ if (gateway_ports) { >+ if (listen_addr == NULL || listen_addr[0] == '\0' || >+ strcmp(listen_addr, "*") == 0) >+ wildcard = 1; >+ else >+ addr = listen_addr; >+ } else if (type == SSH_CHANNEL_PORT_LISTENER) { >+ /* A client may override GatewayPorts with a wildcard */ >+ if (listen_addr != NULL && strcmp(listen_addr, "*") == 0) >+ wildcard = 1; >+ else >+ addr = listen_addr; >+ } >+ >+ /* > * getaddrinfo returns a loopback address if the hostname is > * set to NULL and hints.ai_flags is not AI_PASSIVE > */ > memset(&hints, 0, sizeof(hints)); > hints.ai_family = IPv4or6; >- hints.ai_flags = gateway_ports ? AI_PASSIVE : 0; >+ hints.ai_flags = wildcard ? AI_PASSIVE : 0; > hints.ai_socktype = SOCK_STREAM; > snprintf(strport, sizeof strport, "%d", listen_port); >- if (getaddrinfo(NULL, strport, &hints, &aitop) != 0) >- packet_disconnect("getaddrinfo: fatal error"); >+ if (getaddrinfo(addr, strport, &hints, &aitop) != 0) >+ packet_disconnect("getaddrinfo: %.200s: fatal error", >+ addr ? addr : "(NULL)"); > > for (ai = aitop; ai; ai = ai->ai_next) { > if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6) >@@ -2279,11 +2299,12 @@ > > /* protocol local port fwd, used by ssh (and sshd in v1) */ > int >-channel_setup_local_fwd_listener(u_short listen_port, >+channel_setup_local_fwd_listener(const char *listen_host, u_short listen_port, > const char *host_to_connect, u_short port_to_connect, int gateway_ports) > { > return channel_setup_fwd_listener(SSH_CHANNEL_PORT_LISTENER, >- NULL, listen_port, host_to_connect, port_to_connect, gateway_ports); >+ listen_host, listen_port, host_to_connect, port_to_connect, >+ gateway_ports); > } > > /* protocol v2 remote port fwd, used by sshd */ >@@ -2301,7 +2322,7 @@ > */ > > void >-channel_request_remote_forwarding(u_short listen_port, >+channel_request_remote_forwarding(const char *listen_host, u_short listen_port, > const char *host_to_connect, u_short port_to_connect) > { > int type, success = 0; >@@ -2312,7 +2333,14 @@ > > /* Send the forward request to the remote side. */ > if (compat20) { >- const char *address_to_bind = "0.0.0.0"; >+ const char *address_to_bind; >+ if (listen_host == NULL) >+ address_to_bind = "127.0.0.1"; >+ else if (listen_host[0] == '\0' || strcmp(listen_host, "*")==0) >+ address_to_bind = "0.0.0.0"; >+ else >+ address_to_bind = listen_host; >+ > packet_start(SSH2_MSG_GLOBAL_REQUEST); > packet_put_cstring("tcpip-forward"); > packet_put_char(1); /* boolean: want reply */ >@@ -2359,10 +2387,9 @@ > */ > > void >-channel_request_rforward_cancel(u_short port) >+channel_request_rforward_cancel(const char *host, u_short port) > { > int i; >- const char *address_to_bind = "0.0.0.0"; > > if (!compat20) > return; >@@ -2379,7 +2406,7 @@ > packet_start(SSH2_MSG_GLOBAL_REQUEST); > packet_put_cstring("cancel-tcpip-forward"); > packet_put_char(0); >- packet_put_cstring(address_to_bind); >+ packet_put_cstring(host == NULL ? "0.0.0.0" : host); > packet_put_int(port); > packet_send(); > >@@ -2418,7 +2445,7 @@ > packet_disconnect("Dynamic forwarding denied."); > > /* Initiate forwarding */ >- channel_setup_local_fwd_listener(port, hostname, host_port, gateway_ports); >+ channel_setup_local_fwd_listener(NULL, port, hostname, host_port, gateway_ports); > > /* Free the argument string. */ > xfree(hostname); >Index: channels.h >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/channels.h,v >retrieving revision 1.73 >diff -u -r1.73 channels.h >--- channels.h 13 Jun 2004 15:03:02 -0000 1.73 >+++ channels.h 25 Jun 2004 22:56:54 -0000 >@@ -201,9 +201,11 @@ > void channel_input_port_forward_request(int, int); > int channel_connect_to(const char *, u_short); > int channel_connect_by_listen_address(u_short); >-void channel_request_remote_forwarding(u_short, const char *, u_short); >-void channel_request_rforward_cancel(u_short port); >-int channel_setup_local_fwd_listener(u_short, const char *, u_short, int); >+void channel_request_remote_forwarding(const char *, u_short, >+ const char *, u_short); >+int channel_setup_local_fwd_listener(const char *, u_short, >+ const char *, u_short, int); >+void channel_request_rforward_cancel(const char *host, u_short port); > int channel_setup_remote_fwd_listener(const char *, u_short, int); > int channel_cancel_rport_listener(const char *, u_short); > >Index: clientloop.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/clientloop.c,v >retrieving revision 1.128 >diff -u -r1.128 clientloop.c >--- clientloop.c 18 Jun 2004 11:11:54 -0000 1.128 >+++ clientloop.c 25 Jun 2004 22:56:54 -0000 >@@ -732,11 +732,11 @@ > process_cmdline(void) > { > void (*handler)(int); >- char *s, *cmd; >- u_short fwd_port, fwd_host_port; >- char buf[1024], sfwd_port[6], sfwd_host_port[6]; >+ char *s, *cmd, *cancel_host; > int delete = 0; > int local = 0; >+ u_short cancel_port; >+ Forward fwd; > > leave_raw_mode(); > handler = signal(SIGINT, SIG_IGN); >@@ -782,37 +782,38 @@ > s++; > > if (delete) { >- if (sscanf(s, "%5[0-9]", sfwd_host_port) != 1) { >- logit("Bad forwarding specification."); >- goto out; >+ cancel_port = 0; >+ cancel_host = hpdelim(&s); /* may be NULL */ >+ if (s != NULL) { >+ cancel_port = a2port(s); >+ cancel_host = cleanhostname(cancel_host); >+ } else { >+ cancel_port = a2port(cancel_host); >+ cancel_host = NULL; > } >- if ((fwd_host_port = a2port(sfwd_host_port)) == 0) { >- logit("Bad forwarding port(s)."); >+ if (cancel_port == 0) { >+ logit("Bad forwarding close port"); > goto out; > } >- channel_request_rforward_cancel(fwd_host_port); >+ channel_request_rforward_cancel(cancel_host, cancel_port); > } else { >- if (sscanf(s, "%5[0-9]:%255[^:]:%5[0-9]", >- sfwd_port, buf, sfwd_host_port) != 3 && >- sscanf(s, "%5[0-9]/%255[^/]/%5[0-9]", >- sfwd_port, buf, sfwd_host_port) != 3) { >+ if (!parse_forward(&fwd, s)) { > logit("Bad forwarding specification."); > goto out; > } >- if ((fwd_port = a2port(sfwd_port)) == 0 || >- (fwd_host_port = a2port(sfwd_host_port)) == 0) { >- logit("Bad forwarding port(s)."); >- goto out; >- } > if (local) { >- if (channel_setup_local_fwd_listener(fwd_port, buf, >- fwd_host_port, options.gateway_ports) < 0) { >+ if (channel_setup_local_fwd_listener(fwd.listen_host, >+ fwd.listen_port, fwd.connect_host, >+ fwd.connect_port, options.gateway_ports) < 0) { > logit("Port forwarding failed."); > goto out; > } >- } else >- channel_request_remote_forwarding(fwd_port, buf, >- fwd_host_port); >+ } else { >+ channel_request_remote_forwarding(fwd.listen_host, >+ fwd.listen_port, fwd.connect_host, >+ fwd.connect_port); >+ } >+ > logit("Forwarding port."); > } > >Index: misc.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/misc.c,v >retrieving revision 1.24 >diff -u -r1.24 misc.c >--- misc.c 14 Jun 2004 01:44:39 -0000 1.24 >+++ misc.c 25 Jun 2004 22:56:54 -0000 >@@ -269,6 +269,51 @@ > return total; > } > >+/* Search for next delimiter between hostnames/addresses and ports. >+ * Argument may be modified (for termination). >+ * Returns *cp if parsing succeeds. >+ * *cp is set to the start of the next delimiter, if one was found. >+ * If this is the last field, *cp is set to NULL. >+ */ >+char * >+hpdelim(char **cp) >+{ >+ char *s, *old; >+ >+ if (!(cp && *cp)) >+ return NULL; >+ >+ old = s = *cp; >+ if (*s == '[') { >+ s = strchr(s, ']'); >+ if (!s) >+ return NULL; >+ else >+ ++s; >+ } else { >+ s = strpbrk(s, ":/"); >+ if (!s) >+ s = *cp + strlen(*cp); /* trailing null */ >+ } >+ >+ switch (*s) { >+ case '\0': >+ *cp = NULL; /* no more fields*/ >+ break; >+ >+ case ':': >+ case '/': >+ *s = '\0'; /* terminate */ >+ *cp = s + 1; >+ break; >+ >+ default: >+ return NULL; >+ } >+ >+ return old; >+} >+ > char * > cleanhostname(char *host) > { >Index: misc.h >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/misc.h,v >retrieving revision 1.16 >diff -u -r1.16 misc.h >--- misc.h 17 Jun 2004 15:10:14 -0000 1.16 >+++ misc.h 25 Jun 2004 22:56:54 -0000 >@@ -20,6 +20,7 @@ > int unset_nonblock(int); > void set_nodelay(int); > int a2port(const char *); >+char *hpdelim(char **); > char *cleanhostname(char *); > char *colon(char *); > long convtime(const char *); >Index: readconf.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/readconf.c,v >retrieving revision 1.133 >diff -u -r1.133 readconf.c >--- readconf.c 17 Jun 2004 15:10:14 -0000 1.133 >+++ readconf.c 25 Jun 2004 22:56:54 -0000 >@@ -206,19 +206,23 @@ > */ > > void >-add_local_forward(Options *options, u_short port, const char *host, >- u_short host_port) >+add_local_forward(Options *options, const char *listen_host, >+ u_short listen_port, const char *connect_host, u_short connect_port) > { > Forward *fwd; > extern uid_t original_real_uid; >- if (port < IPPORT_RESERVED && original_real_uid != 0) >+ if (listen_port < IPPORT_RESERVED && original_real_uid != 0) > fatal("Privileged ports can only be forwarded by root."); > if (options->num_local_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) > fatal("Too many local forwards (max %d).", SSH_MAX_FORWARDS_PER_DIRECTION); > fwd = &options->local_forwards[options->num_local_forwards++]; >- fwd->port = port; >- fwd->host = xstrdup(host); >- fwd->host_port = host_port; >+ if (listen_host == NULL) >+ fwd->listen_host = NULL; >+ else >+ fwd->listen_host = xstrdup(listen_host); >+ fwd->listen_port = listen_port; >+ fwd->connect_host = xstrdup(connect_host); >+ fwd->connect_port = connect_port; > } > > /* >@@ -227,17 +231,21 @@ > */ > > void >-add_remote_forward(Options *options, u_short port, const char *host, >- u_short host_port) >+add_remote_forward(Options *options, const char *listen_host, >+ u_short listen_port, const char *connect_host, u_short connect_port) > { > Forward *fwd; > if (options->num_remote_forwards >= SSH_MAX_FORWARDS_PER_DIRECTION) > fatal("Too many remote forwards (max %d).", > SSH_MAX_FORWARDS_PER_DIRECTION); > fwd = &options->remote_forwards[options->num_remote_forwards++]; >- fwd->port = port; >- fwd->host = xstrdup(host); >- fwd->host_port = host_port; >+ if (listen_host == NULL) >+ fwd->listen_host = NULL; >+ else >+ fwd->listen_host = xstrdup(listen_host); >+ fwd->listen_port = listen_port; >+ fwd->connect_host = xstrdup(connect_host); >+ fwd->connect_port = connect_port; > } > > static void >@@ -245,11 +253,15 @@ > { > int i; > >- for (i = 0; i < options->num_local_forwards; i++) >- xfree(options->local_forwards[i].host); >+ for (i = 0; i < options->num_local_forwards; i++) { >+ xfree(options->local_forwards[i].listen_host); >+ xfree(options->local_forwards[i].connect_host); >+ } > options->num_local_forwards = 0; >- for (i = 0; i < options->num_remote_forwards; i++) >- xfree(options->remote_forwards[i].host); >+ for (i = 0; i < options->num_remote_forwards; i++) { >+ xfree(options->remote_forwards[i].listen_host); >+ xfree(options->remote_forwards[i].connect_host); >+ } > options->num_remote_forwards = 0; > } > >@@ -282,11 +294,10 @@ > char *line, const char *filename, int linenum, > int *activep) > { >- char buf[256], *s, **charptr, *endofnumber, *keyword, *arg; >+ char *s, **charptr, *endofnumber, *keyword, *arg, *arg2, fwdarg[256]; > int opcode, *intptr, value; > size_t len; >- u_short fwd_port, fwd_host_port; >- char sfwd_host_port[6]; >+ Forward fwd; > > /* Strip trailing whitespace */ > for(len = strlen(line) - 1; len > 0; len--) { >@@ -646,27 +657,33 @@ > if (!arg || *arg == '\0') > fatal("%.200s line %d: Missing port argument.", > filename, linenum); >- if ((fwd_port = a2port(arg)) == 0) >- fatal("%.200s line %d: Bad listen port.", >- filename, linenum); >- arg = strdelim(&s); >- if (!arg || *arg == '\0') >+ arg2 = strdelim(&s); >+ if (!arg2 || *arg2 == '\0') > fatal("%.200s line %d: Missing second argument.", > filename, linenum); >- if (sscanf(arg, "%255[^:]:%5[0-9]", buf, sfwd_host_port) != 2 && >- sscanf(arg, "%255[^/]/%5[0-9]", buf, sfwd_host_port) != 2) >+ >+ /* construct a string for parse_forward */ >+ snprintf(fwdarg, sizeof(fwdarg), "%s:%s", arg, arg2); >+ >+ if (parse_forward(&fwd, fwdarg) == 0) > fatal("%.200s line %d: Bad forwarding specification.", > filename, linenum); >- if ((fwd_host_port = a2port(sfwd_host_port)) == 0) >+ if (fwd.listen_port == 0) >+ fatal("%.200s line %d: Bad listen port.", >+ filename, linenum); >+ if (fwd.connect_port == 0) > fatal("%.200s line %d: Bad forwarding port.", > filename, linenum); >+ > if (*activep) { > if (opcode == oLocalForward) >- add_local_forward(options, fwd_port, buf, >- fwd_host_port); >+ add_local_forward(options, >+ fwd.listen_host, fwd.listen_port, >+ fwd.connect_host, fwd.connect_port); > else if (opcode == oRemoteForward) >- add_remote_forward(options, fwd_port, buf, >- fwd_host_port); >+ add_remote_forward(options, >+ fwd.listen_host, fwd.listen_port, >+ fwd.connect_host, fwd.connect_port); > } > break; > >@@ -675,12 +692,24 @@ > if (!arg || *arg == '\0') > fatal("%.200s line %d: Missing port argument.", > filename, linenum); >- fwd_port = a2port(arg); >- if (fwd_port == 0) >+ fwd.listen_port = 0; >+ fwd.listen_host = hpdelim(&arg); >+ if (!fwd.listen_host) >+ fatal("%.200s line %d: Bad forwarding specification.", >+ filename, linenum); >+ if (arg) { >+ fwd.listen_port = a2port(arg); >+ fwd.listen_host = cleanhostname(fwd.listen_host); >+ } else { >+ fwd.listen_port = a2port(fwd.listen_host); >+ fwd.listen_host = ""; >+ } >+ if (fwd.listen_port == 0) > fatal("%.200s line %d: Badly formatted port number.", > filename, linenum); > if (*activep) >- add_local_forward(options, fwd_port, "socks", 0); >+ add_local_forward(options, fwd.listen_host, >+ fwd.listen_port, "socks4", 0); > break; > > case oClearAllForwardings: >@@ -1042,4 +1071,51 @@ > /* options->hostname will be set in the main program if appropriate */ > /* options->host_key_alias should not be set by default */ > /* options->preferred_authentications will be set in ssh */ >+} >+ >+/* >+ * parse_forward >+ * parses a string containing a port forwarding specification of the form: >+ * [listenhost:]listenport:connecthost:connectport >+ * returns number of arguments parsed or zero on error >+ */ >+int >+parse_forward(Forward *fwd, const char *fwdspec) >+{ >+ int i; >+ char *p, *cp, *fwdarg[4]; >+ >+ cp = p = xstrdup(fwdspec); >+ >+ /* skip leading spaces */ >+ while (*cp && isspace(*cp)) >+ cp++; >+ >+ for (i = 0; i < 4; ++i) >+ if ( !(fwdarg[i] = hpdelim(&cp)) ) >+ break; >+ switch(i) { >+ case 3: >+ fwd->listen_host = NULL; >+ fwd->listen_port = a2port(fwdarg[0]); >+ fwd->connect_host = xstrdup(cleanhostname(fwdarg[1])); >+ fwd->connect_port = a2port(fwdarg[2]); >+ break; >+ >+ case 4: >+ fwd->listen_host = xstrdup(cleanhostname(fwdarg[0])); >+ fwd->listen_port = a2port(fwdarg[1]); >+ fwd->connect_host = xstrdup(cleanhostname(fwdarg[2])); >+ fwd->connect_port = a2port(fwdarg[3]); >+ break; >+ default: >+ i = 0; /* failure */ >+ } >+ >+ xfree(p); >+ >+ if (fwd->listen_port == 0 && fwd->connect_port == 0) >+ i = 0; /* failure */ >+ >+ return(i); > } >Index: readconf.h >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/readconf.h,v >retrieving revision 1.63 >diff -u -r1.63 readconf.h >--- readconf.h 13 Jun 2004 15:03:02 -0000 1.63 >+++ readconf.h 25 Jun 2004 22:56:54 -0000 >@@ -21,9 +21,10 @@ > /* Data structure for representing a forwarding request. */ > > typedef struct { >- u_short port; /* Port to forward. */ >- char *host; /* Host to connect. */ >- u_short host_port; /* Port to connect on host. */ >+ char *listen_host; /* Host (address) to listen on. */ >+ u_short listen_port; /* Port to forward. */ >+ char *connect_host; /* Host to connect. */ >+ u_short connect_port; /* Port to connect on connect_host. */ > } Forward; > /* Data structure for representing option data. */ > >@@ -117,11 +118,14 @@ > void initialize_options(Options *); > void fill_default_options(Options *); > int read_config_file(const char *, const char *, Options *, int); >+int parse_forward(Forward *, const char *); > > int > process_config_line(Options *, const char *, char *, const char *, int, int *); > >-void add_local_forward(Options *, u_short, const char *, u_short); >-void add_remote_forward(Options *, u_short, const char *, u_short); >+void >+add_local_forward(Options *, const char *, u_short, const char *, u_short); >+void >+add_remote_forward(Options *, const char *, u_short, const char *, u_short); > > #endif /* READCONF_H */ >Index: servconf.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/servconf.c,v >retrieving revision 1.134 >diff -u -r1.134 servconf.c >--- servconf.c 24 Jun 2004 19:30:54 -0000 1.134 >+++ servconf.c 25 Jun 2004 22:56:54 -0000 >@@ -402,6 +402,7 @@ > char *cp, **charptr, *arg, *p; > int *intptr, value, i, n; > ServerOpCodes opcode; >+ ushort port; > > cp = line; > arg = strdelim(&cp); >@@ -468,39 +469,27 @@ > > case sListenAddress: > arg = strdelim(&cp); >- if (!arg || *arg == '\0' || strncmp(arg, "[]", 2) == 0) >+ if (!arg || *arg == '\0') > fatal("%s line %d: missing inet addr.", > filename, linenum); >- if (*arg == '[') { >- if ((p = strchr(arg, ']')) == NULL) >- fatal("%s line %d: bad ipv6 inet addr usage.", >+ p = hpdelim(&arg); >+ if (!p) >+ fatal("%s line %d: bad inet addr:port usage.", >+ filename, linenum); >+ p = cleanhostname(p); >+ if (arg) { >+ port = a2port(arg); >+ if (port == 0) { >+ fatal("%s line %d: bad port number.", > filename, linenum); >- arg++; >- memmove(p, p+1, strlen(p+1)+1); >- } else if (((p = strchr(arg, ':')) == NULL) || >- (strchr(p+1, ':') != NULL)) { >- add_listen_addr(options, arg, 0); >- break; >+ /* NOTREACHED */ >+ } >+ } else { >+ port = 0; > } >- if (*p == ':') { >- u_short port; > >- p++; >- if (*p == '\0') >- fatal("%s line %d: bad inet addr:port usage.", >- filename, linenum); >- else { >- *(p-1) = '\0'; >- if ((port = a2port(p)) == 0) >- fatal("%s line %d: bad port number.", >- filename, linenum); >- add_listen_addr(options, arg, port); >- } >- } else if (*p == '\0') >- add_listen_addr(options, arg, 0); >- else >- fatal("%s line %d: bad inet addr usage.", >- filename, linenum); >+ add_listen_addr(options, p, port); >+ > break; > > case sHostKeyFile: >Index: ssh.c >=================================================================== >RCS file: /cvs/src/usr.bin/ssh/ssh.c,v >retrieving revision 1.222 >diff -u -r1.222 ssh.c >--- ssh.c 23 Jun 2004 14:31:01 -0000 1.222 >+++ ssh.c 25 Jun 2004 22:56:55 -0000 >@@ -148,15 +148,18 @@ > u_int control_server_pid = 0; > > /* Prints a help message to the user. This function never returns. */ >+static void usage(void) __dead; > > static void > usage(void) > { > fprintf(stderr, > "usage: ssh [-1246AaCfghkMNnqsTtVvXxY] [-b bind_address] [-c cipher_spec]\n" >-" [-D port] [-e escape_char] [-F configfile] [-i identity_file]\n" >-" [-L port:host:hostport] [-l login_name] [-m mac_spec] [-o option]\n" >-" [-p port] [-R port:host:hostport] [-S ctl] [user@]hostname [command]\n" >+" [-D [listen-host:]port] [-e escape_char] [-F configfile]\n" >+" [-i identity_file] [-L [listen-host:]port:host:hostport]\n" >+" [-l login_name][-m mac_spec] [-o option] [-p port]\n" >+" [-R [listen-host:]port:host:hostport] [-S ctl]\n" >+" [user@]hostname [command]\n" > ); > exit(1); > } >@@ -173,14 +176,15 @@ > main(int ac, char **av) > { > int i, opt, exit_status; >- u_short fwd_port, fwd_host_port; >- char sfwd_port[6], sfwd_host_port[6]; >+ u_short fwd_lport; >+ char *fwd_lhost; > char *p, *cp, *line, buf[256]; > struct stat st; > struct passwd *pw; > int dummy; > extern int optind, optreset; > extern char *optarg; >+ Forward fwd; > > /* > * Save the original real uid. It will be needed later (uid-swapping >@@ -382,39 +386,52 @@ > break; > > case 'L': >- case 'R': >- if (sscanf(optarg, "%5[0-9]:%255[^:]:%5[0-9]", >- sfwd_port, buf, sfwd_host_port) != 3 && >- sscanf(optarg, "%5[0-9]/%255[^/]/%5[0-9]", >- sfwd_port, buf, sfwd_host_port) != 3) { >+ if (parse_forward(&fwd, optarg)) { >+ add_local_forward(&options, >+ fwd.listen_host, fwd.listen_port, >+ fwd.connect_host, fwd.connect_port); >+ } else { > fprintf(stderr, > "Bad forwarding specification '%s'\n", > optarg); > usage(); >- /* NOTREACHED */ > } >- if ((fwd_port = a2port(sfwd_port)) == 0 || >- (fwd_host_port = a2port(sfwd_host_port)) == 0) { >+ break; >+ >+ case 'R': >+ if (parse_forward(&fwd, optarg)) { >+ add_remote_forward(&options, >+ fwd.listen_host, fwd.listen_port, >+ fwd.connect_host, fwd.connect_port); >+ } else { > fprintf(stderr, >- "Bad forwarding port(s) '%s'\n", optarg); >- exit(1); >+ "Bad forwarding specification '%s'\n", >+ optarg); >+ usage(); > } >- if (opt == 'L') >- add_local_forward(&options, fwd_port, buf, >- fwd_host_port); >- else if (opt == 'R') >- add_remote_forward(&options, fwd_port, buf, >- fwd_host_port); > break; > > case 'D': >- fwd_port = a2port(optarg); >- if (fwd_port == 0) { >+ cp = p = xstrdup(optarg); >+ fwd_lport = 0; >+ fwd_lhost = hpdelim(&cp); /* may be NULL */ >+ if (cp != NULL) { >+ fwd_lport = a2port(cp); >+ fwd_lhost = cleanhostname(fwd_lhost); >+ } else { >+ fwd_lport = a2port(fwd_lhost); >+ fwd_lhost = ""; >+ } >+ >+ if (fwd_lport == 0) { > fprintf(stderr, "Bad dynamic port '%s'\n", > optarg); >- exit(1); >+ xfree(p); >+ usage(); > } >- add_local_forward(&options, fwd_port, "socks", 0); >+ add_local_forward(&options, >+ fwd_lhost, fwd_lport, "socks4", 0); >+ xfree(p); > break; > > case 'C': >@@ -812,17 +829,23 @@ > { > int success = 0; > int i; >+ char *listen_host; > > /* Initiate local TCP/IP port forwardings. */ > for (i = 0; i < options.num_local_forwards; i++) { >- debug("Connections to local port %d forwarded to remote address %.200s:%d", >- options.local_forwards[i].port, >- options.local_forwards[i].host, >- options.local_forwards[i].host_port); >+ listen_host = options.local_forwards[i].listen_host; >+ if (listen_host && listen_host[0] == '\0' && !options.gateway_ports) >+ listen_host = NULL; >+ debug("Local connections to %.200s:%d forwarded to remote address %.200s:%d", >+ listen_host, >+ options.local_forwards[i].listen_port, >+ options.local_forwards[i].connect_host, >+ options.local_forwards[i].connect_port); > success += channel_setup_local_fwd_listener( >- options.local_forwards[i].port, >- options.local_forwards[i].host, >- options.local_forwards[i].host_port, >+ listen_host, >+ options.local_forwards[i].listen_port, >+ options.local_forwards[i].connect_host, >+ options.local_forwards[i].connect_port, > options.gateway_ports); > } > if (i > 0 && success == 0) >@@ -830,14 +853,19 @@ > > /* Initiate remote TCP/IP port forwardings. */ > for (i = 0; i < options.num_remote_forwards; i++) { >- debug("Connections to remote port %d forwarded to local address %.200s:%d", >- options.remote_forwards[i].port, >- options.remote_forwards[i].host, >- options.remote_forwards[i].host_port); >+ listen_host = options.remote_forwards[i].listen_host; >+ if (listen_host && listen_host[0] == '\0' && !options.gateway_ports) >+ listen_host = NULL; >+ debug("Remote connections from %.200s:%d forwarded to local address %.200s:%d", >+ listen_host, >+ options.remote_forwards[i].listen_port, >+ options.remote_forwards[i].connect_host, >+ options.remote_forwards[i].connect_port); > channel_request_remote_forwarding( >- options.remote_forwards[i].port, >- options.remote_forwards[i].host, >- options.remote_forwards[i].host_port); >+ listen_host, >+ options.remote_forwards[i].listen_port, >+ options.remote_forwards[i].connect_host, >+ options.remote_forwards[i].connect_port); > } > } > >@@ -1013,12 +1041,12 @@ > return; > debug("remote forward %s for: listen %d, connect %s:%d", > type == SSH2_MSG_REQUEST_SUCCESS ? "success" : "failure", >- options.remote_forwards[i].port, >- options.remote_forwards[i].host, >- options.remote_forwards[i].host_port); >+ options.remote_forwards[i].listen_port, >+ options.remote_forwards[i].connect_host, >+ options.remote_forwards[i].connect_port); > if (type == SSH2_MSG_REQUEST_FAILURE) > logit("Warning: remote port forwarding failed for listen port %d", >- options.remote_forwards[i].port); >+ options.remote_forwards[i].listen_port); > } > > static void
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=666">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 413
:
179
|
180
|
182
|
217
|
219
|
229
|
321
|
666
|
782
|
783
|
784
|
791
|
792
|
806
|
834