Bug 2219 - Can't use -Ocancel on forward of dynamically allocated remote port
Summary: Can't use -Ocancel on forward of dynamically allocated remote port
Status: NEW
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: ssh (show other bugs)
Version: 6.5p1
Hardware: Other Linux
: P5 enhancement
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-04-01 14:18 AEDT by Sean Patrick Santos
Modified: 2021-04-24 06:30 AEST (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sean Patrick Santos 2014-04-01 14:18:20 AEDT 
If you are using a multiplexed connection, you can request a dynamically allocated remote port forward, but then there is no way to cancel it afterward.

Example:

> ssh -Oforward -R 0:127.0.0.1:56789 user@remote
Allocated port 12345 for remote forward to 127.0.0.1:56789
12345
> ssh -Ocancel -R 0:127.0.0.1:56789 user@remote
mux_client_forward: forwarding request failed: port not in permitted opens
muxclient: master cancel forward request failed
> ssh -Ocancel -R 12345:127.0.0.1:56789 user@remote
mux_client_forward: forwarding request failed: port not forwarded
muxclient: master cancel forward request failed

At least the second one should work, but OpenSSH doesn't check the cancel request against the allocated port in this case.
Comment 1 Norman Rasmussen 2021-04-24 06:30:00 AEST 
Works for me with 8.4p1, so I'm guessing it has been fixed since.

$ ssh -O forward -R 0:localhost:1234 remote
35077
$ ssh -O cancel -R 0:localhost:1234 remote
$

There was a fix "markus@cvs.openbsd.org 2011/09/23 07:45:05" that looks potentially relevant, except that it was committed way before 6.5p1.