Bug 495 - local port forwards start before authentication is complete (password auth)
Summary: local port forwards start before authentication is complete (password auth)
Status: CLOSED WORKSFORME
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: -current
Hardware: ix86 Linux
: P2 security
Assignee: OpenSSH Bugzilla mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-02-18 08:00 AEDT by Robert Haig
Modified: 2004-04-14 12:24 AEST (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Haig 2003-02-18 08:00:44 AEDT 
when doing a local port forward (ssh www.foo.com -L8080:localhost:80) the
forward becomes active before the authentication is complete.

repeat by running the above command to your server that is running ssh and a web
server, before entering the password (but after the password prompt appears),
open the local end of the port forward, and observe it's operability (if it's a
web server, "GET /").  This is without any keys in place or the password being
entered.
Comment 1 Damien Miller 2003-02-18 10:37:16 AEDT 
I can't replicate this with 3.5p1. Please attach a debug trace from the server
(run as "sshd -d -d -d") accepting a forward connection prior to password
authentication.
Comment 2 Robert Haig 2003-02-19 03:59:27 AEDT 
now I can't reproduce.

I guess I also discovered cold fusion.  :)

If I can reproduce at a later time, I'll be sure to take the debug trace requested.

wow.  I feel like a user.  ick.
Comment 3 Damien Miller 2004-04-14 12:24:18 AEST 
Mass change of RESOLVED bugs to CLOSED