Bug 1267

Summary: PermitOpen - Multiple forwards don't works
Product: Portable OpenSSH Reporter: Javier <galan_j>
Component: sshdAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: security    
Priority: P2    
Version: 4.5p1   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 1274    
Attachments:
Description Flags
Fix PermitOpen for multiple entries none

Description Javier 2006-12-05 12:16:15 AEDT 
I use the 'PermitOpen' keyword in 'sshd_config' configuration file in sshd 4.5p1 Cygwin implementation for specify what TCP port forward are permitted. This keyword work fine when I define only one port forward but when I specify multiple ports forward only the first one is considered. I write the keyword originally as:

PermitOpen 192.168.0.1:8091 192.168.0.2:2560 192.168.0.3:25 192.168.0.3:110

I change it with commas, with multiple permitopen keyword, with â, etc. and in all occasion only the first forward is authorized.
Comment 1 Darren Tucker 2006-12-12 16:39:58 AEDT 
Created attachment 1220 [details]
Fix PermitOpen for multiple entries

Does this patch resolve your problem?
Comment 2 Javier 2006-12-14 03:31:35 AEDT 
(In reply to comment #1)
> Created an attachment (id=1220) [details]
> Fix PermitOpen for multiple entries
> Does this patch resolve your problem?

Yes work fine. The statement must be in the format PermitOpen 192.168.0.1:8091 192.168.0.2:2560 192.168.0.3:25 192.168.0.3:110 Other format (with commas between the IPs, using = before the first IP or enclosed the Ips) donât work or generate and error in the service start.
Comment 3 Damien Miller 2008-04-04 09:57:40 AEDT 
Close resolved bugs after release.