View | Details | Raw Unified | Return to bug 1003 | Differences between
and this patch

Collapse All | Expand All

(-)openssh-4.6p1/serverloop.c.port-0-forwarding (-3 / +8 lines)
Lines 1090-1095 Link Here
1090
	char *rtype;
1090
	char *rtype;
1091
	int want_reply;
1091
	int want_reply;
1092
	int success = 0;
1092
	int success = 0;
1093
	u_short listen_port, real_listen_port;
1094
	int tcpip_forward = 0;	/* boolean */
1093
1095
1094
	rtype = packet_get_string(NULL);
1096
	rtype = packet_get_string(NULL);
1095
	want_reply = packet_get_char();
1097
	want_reply = packet_get_char();
Lines 1099-1111 Link Here
1099
	if (strcmp(rtype, "tcpip-forward") == 0) {
1101
	if (strcmp(rtype, "tcpip-forward") == 0) {
1100
		struct passwd *pw;
1102
		struct passwd *pw;
1101
		char *listen_address;
1103
		char *listen_address;
1102
		u_short listen_port;
1103
1104
1105
		tcpip_forward = 1; /* boolean, used for reply */
1104
		pw = the_authctxt->pw;
1106
		pw = the_authctxt->pw;
1105
		if (pw == NULL || !the_authctxt->valid)
1107
		if (pw == NULL || !the_authctxt->valid)
1106
			fatal("server_input_global_request: no/invalid user");
1108
			fatal("server_input_global_request: no/invalid user");
1107
		listen_address = packet_get_string(NULL);
1109
		listen_address = packet_get_string(NULL);
1108
		listen_port = (u_short)packet_get_int();
1110
		listen_port = (u_short)packet_get_int();
1111
		real_listen_port = listen_port;
1109
		debug("server_input_global_request: tcpip-forward listen %s port %d",
1112
		debug("server_input_global_request: tcpip-forward listen %s port %d",
1110
		    listen_address, listen_port);
1113
		    listen_address, listen_port);
1111
1114
Lines 1113-1119 Link Here
1113
		if (!options.allow_tcp_forwarding ||
1116
		if (!options.allow_tcp_forwarding ||
1114
		    no_port_forwarding_flag
1117
		    no_port_forwarding_flag
1115
#ifndef NO_IPPORT_RESERVED_CONCEPT
1118
#ifndef NO_IPPORT_RESERVED_CONCEPT
1116
		    || (listen_port < IPPORT_RESERVED && pw->pw_uid != 0)
1119
		    || (listen_port < IPPORT_RESERVED && pw->pw_uid != 0 && listen_port != 0)
1117
#endif
1120
#endif
1118
		    ) {
1121
		    ) {
1119
			success = 0;
1122
			success = 0;
Lines 1121-1127 Link Here
1121
		} else {
1124
		} else {
1122
			/* Start listening on the port */
1125
			/* Start listening on the port */
1123
			success = channel_setup_remote_fwd_listener(
1126
			success = channel_setup_remote_fwd_listener(
1124
			    listen_address, listen_port, options.gateway_ports);
1127
			    listen_address, &real_listen_port, options.gateway_ports);
1125
		}
1128
		}
1126
		xfree(listen_address);
1129
		xfree(listen_address);
1127
	} else if (strcmp(rtype, "cancel-tcpip-forward") == 0) {
1130
	} else if (strcmp(rtype, "cancel-tcpip-forward") == 0) {
Lines 1140-1145 Link Here
1140
	if (want_reply) {
1143
	if (want_reply) {
1141
		packet_start(success ?
1144
		packet_start(success ?
1142
		    SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE);
1145
		    SSH2_MSG_REQUEST_SUCCESS : SSH2_MSG_REQUEST_FAILURE);
1146
		if (success && tcpip_forward && listen_port == 0)
1147
			packet_put_int(real_listen_port);
1143
		packet_send();
1148
		packet_send();
1144
		packet_write_wait();
1149
		packet_write_wait();
1145
	}
1150
	}
(-)openssh-4.6p1/channels.c.port-0-forwarding (-9 / +60 lines)
Lines 2340-2351 Link Here
2340
}
2340
}
2341
2341
2342
static int
2342
static int
2343
channel_setup_fwd_listener(int type, const char *listen_addr, u_short listen_port,
2343
channel_setup_fwd_listener(int type, const char *listen_addr, u_short *listen_port,
2344
    const char *host_to_connect, u_short port_to_connect, int gateway_ports)
2344
    const char *host_to_connect, u_short port_to_connect, int gateway_ports)
2345
{
2345
{
2346
	Channel *c;
2346
	Channel *c;
2347
	int sock, r, success = 0, wildcard = 0, is_client;
2347
	int sock, r, success = 0, wildcard = 0, is_client;
2348
	struct addrinfo hints, *ai, *aitop;
2348
	struct addrinfo hints, *ai, *aitop, *ai2;
2349
	const char *host, *addr;
2349
	const char *host, *addr;
2350
	char ntop[NI_MAXHOST], strport[NI_MAXSERV];
2350
	char ntop[NI_MAXHOST], strport[NI_MAXSERV];
2351
2351
Lines 2403-2409 Link Here
2403
	hints.ai_family = IPv4or6;
2403
	hints.ai_family = IPv4or6;
2404
	hints.ai_flags = wildcard ? AI_PASSIVE : 0;
2404
	hints.ai_flags = wildcard ? AI_PASSIVE : 0;
2405
	hints.ai_socktype = SOCK_STREAM;
2405
	hints.ai_socktype = SOCK_STREAM;
2406
	snprintf(strport, sizeof strport, "%d", listen_port);
2406
	snprintf(strport, sizeof strport, "%d", (int)*listen_port);
2407
	if ((r = getaddrinfo(addr, strport, &hints, &aitop)) != 0) {
2407
	if ((r = getaddrinfo(addr, strport, &hints, &aitop)) != 0) {
2408
		if (addr == NULL) {
2408
		if (addr == NULL) {
2409
			/* This really shouldn't happen */
2409
			/* This really shouldn't happen */
Lines 2447-2452 Link Here
2447
			close(sock);
2447
			close(sock);
2448
			continue;
2448
			continue;
2449
		}
2449
		}
2450
2451
		/* If the specified port was 0, get the actual port number */
2452
		if (*listen_port == 0) {
2453
			if (ai->ai_family == AF_INET) {
2454
				struct sockaddr_in realport;
2455
				socklen_t realportsz = (socklen_t)sizeof(realport);
2456
				if (getsockname(sock, (struct sockaddr *)&realport, &realportsz) < 0) {
2457
					error("getsockname: %.100s", strerror(errno));
2458
					close(sock);
2459
					continue;
2460
				}
2461
				*listen_port = (u_short)ntohs(realport.sin_port);
2462
			}
2463
			else {
2464
				struct sockaddr_in6 realport;
2465
				socklen_t realportsz = (socklen_t)sizeof(realport);
2466
				if (getsockname(sock, (struct sockaddr *)&realport, &realportsz) < 0) {
2467
					error("getsockname: %.100s", strerror(errno));
2468
					close(sock);
2469
					continue;
2470
				}
2471
				*listen_port = (u_short)ntohs(realport.sin6_port);
2472
			}
2473
2474
			/* use the same port for all other sockets */
2475
			for (ai2 = ai->ai_next; ai2; ai2 = ai2->ai_next) {
2476
				if (ai->ai_family == AF_INET) {
2477
					((struct sockaddr_in *)ai2->ai_addr)->sin_port =
2478
							htons(*listen_port);
2479
				}
2480
				else {
2481
					((struct sockaddr_in6 *)ai2->ai_addr)->sin6_port =
2482
							htons(*listen_port);
2483
				}
2484
			}
2485
		}
2486
2450
		/* Start listening for connections on the socket. */
2487
		/* Start listening for connections on the socket. */
2451
		if (listen(sock, SSH_LISTEN_BACKLOG) < 0) {
2488
		if (listen(sock, SSH_LISTEN_BACKLOG) < 0) {
2452
			error("listen: %.100s", strerror(errno));
2489
			error("listen: %.100s", strerror(errno));
Lines 2459-2470 Link Here
2459
		    0, "port listener", 1);
2496
		    0, "port listener", 1);
2460
		strlcpy(c->path, host, sizeof(c->path));
2497
		strlcpy(c->path, host, sizeof(c->path));
2461
		c->host_port = port_to_connect;
2498
		c->host_port = port_to_connect;
2462
		c->listening_port = listen_port;
2499
		c->listening_port = *listen_port;
2463
		success = 1;
2500
		success = 1;
2464
	}
2501
	}
2465
	if (success == 0)
2502
	if (success == 0)
2466
		error("channel_setup_fwd_listener: cannot listen to port: %d",
2503
		error("channel_setup_fwd_listener: cannot listen to port: %d",
2467
		    listen_port);
2504
		    (int)*listen_port);
2468
	freeaddrinfo(aitop);
2505
	freeaddrinfo(aitop);
2469
	return success;
2506
	return success;
2470
}
2507
}
Lines 2496-2509 Link Here
2496
    const char *host_to_connect, u_short port_to_connect, int gateway_ports)
2533
    const char *host_to_connect, u_short port_to_connect, int gateway_ports)
2497
{
2534
{
2498
	return channel_setup_fwd_listener(SSH_CHANNEL_PORT_LISTENER,
2535
	return channel_setup_fwd_listener(SSH_CHANNEL_PORT_LISTENER,
2499
	    listen_host, listen_port, host_to_connect, port_to_connect,
2536
	    listen_host, &listen_port, host_to_connect, port_to_connect,
2500
	    gateway_ports);
2537
	    gateway_ports);
2501
}
2538
}
2502
2539
2503
/* protocol v2 remote port fwd, used by sshd */
2540
/* protocol v2 remote port fwd, used by sshd */
2504
int
2541
int
2505
channel_setup_remote_fwd_listener(const char *listen_address,
2542
channel_setup_remote_fwd_listener(const char *listen_address,
2506
    u_short listen_port, int gateway_ports)
2543
    u_short *listen_port, int gateway_ports)
2507
{
2544
{
2508
	return channel_setup_fwd_listener(SSH_CHANNEL_RPORT_LISTENER,
2545
	return channel_setup_fwd_listener(SSH_CHANNEL_RPORT_LISTENER,
2509
	    listen_address, listen_port, NULL, 0, gateway_ports);
2546
	    listen_address, listen_port, NULL, 0, gateway_ports);
Lines 2548-2555 Link Here
2548
		packet_put_int(listen_port);
2585
		packet_put_int(listen_port);
2549
		packet_send();
2586
		packet_send();
2550
		packet_write_wait();
2587
		packet_write_wait();
2551
		/* Assume that server accepts the request */
2588
2552
		success = 1;
2589
		type = packet_read();
2590
		switch(type) {
2591
		case SSH2_MSG_REQUEST_SUCCESS:
2592
			success = 1;
2593
			if (listen_port == 0)
2594
				listen_port = (u_short)packet_get_int();
2595
			break;
2596
		case SSH2_MSG_REQUEST_FAILURE:
2597
			logit("Warning: Server denied remote port 0 forwarding.");
2598
			break;
2599
		default:
2600
			/* Unknown packet */
2601
			packet_disconnect("Protocol error for port 0 forward request:"
2602
					"received packet typr %d.", type);
2603
		}
2553
	} else {
2604
	} else {
2554
		packet_start(SSH_CMSG_PORT_FORWARD_REQUEST);
2605
		packet_start(SSH_CMSG_PORT_FORWARD_REQUEST);
2555
		packet_put_int(listen_port);
2606
		packet_put_int(listen_port);
(-)openssh-4.6p1/channels.h.port-0-forwarding (-1 / +1 lines)
Lines 216-222 Link Here
216
int	 channel_setup_local_fwd_listener(const char *, u_short,
216
int	 channel_setup_local_fwd_listener(const char *, u_short,
217
	     const char *, u_short, int);
217
	     const char *, u_short, int);
218
void	 channel_request_rforward_cancel(const char *host, u_short port);
218
void	 channel_request_rforward_cancel(const char *host, u_short port);
219
int	 channel_setup_remote_fwd_listener(const char *, u_short, int);
219
int	 channel_setup_remote_fwd_listener(const char *, u_short *, int);
220
int	 channel_cancel_rport_listener(const char *, u_short);
220
int	 channel_cancel_rport_listener(const char *, u_short);
221
221
222
/* x11 forwarding */
222
/* x11 forwarding */

Return to bug 1003