- markus@cvs.openbsd.org 2001/01/31 13:37:24

[channels.c channels.h serverloop.c ssh.c] do not disconnect if local port forwarding fails, e.g. if port is already in use - markus@cvs.openbsd.org 2001/02/01 14:58:09 [channels.c] use ipaddr in channel messages, ietf-secsh wants this - markus@cvs.openbsd.org 2001/01/31 12:26:20 [channels.c] ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE messages; bug report from edmundo@rano.org
2001-02-05 14:54:34 +00:00 · 2001-02-05 14:54:34 +00:00 · 12057500cc
--- a/13
+++ b/13
@ -37,9 +37,20 @@
   - stevesk@cvs.openbsd.org 2001/02/04 15:12:17
     [sshd.c]
     precedence; ok markus@
-    - deraadt@cvs.openbsd.org 2001/02/04 08:14:15
+   - deraadt@cvs.openbsd.org 2001/02/04 08:14:15
     [ssh.c sshd.c]
     make the alpha happy
+   - markus@cvs.openbsd.org  2001/01/31 13:37:24
+     [channels.c channels.h serverloop.c ssh.c]
+     do not disconnect if local port forwarding fails, e.g. if port is already in
+     use
+   - markus@cvs.openbsd.org  2001/02/01 14:58:09
+     [channels.c]
+     use ipaddr in channel messages, ietf-secsh wants this
+   - markus@cvs.openbsd.org  2001/01/31 12:26:20
+     [channels.c]
+     ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE messages;
+     bug report from edmundo@rano.org

 20010104
 - (bal) I think this is the last of the bsd-*.h that don't belong.
--- a/channels.c
+++ b/channels.c
@ -40,7 +40,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.88 2001/02/01 21:58:08 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.89 2001/02/04 15:32:23 stevesk Exp $");

 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
@ -1317,7 +1317,8 @@ channel_input_open_confirmation(int type, int plen, void *ctxt)
 void
 channel_input_open_failure(int type, int plen, void *ctxt)
 {
-	int id;
+	int id, reason;
+	char *msg = NULL, *lang = NULL;
 	Channel *c;

 	if (!compat20)
@ -1330,13 +1331,18 @@ channel_input_open_failure(int type, int plen, void *ctxt)
 		packet_disconnect("Received open failure for "
 		    "non-opening channel %d.", id);
 	if (compat20) {
-		int reason = packet_get_int();
-		char *msg  = packet_get_string(NULL);
-		char *lang  = packet_get_string(NULL);
-		log("channel_open_failure: %d: reason %d: %s", id, reason, msg);
+		reason = packet_get_int();
+		if (packet_remaining() > 0) {
+			msg  = packet_get_string(NULL);
+			lang = packet_get_string(NULL);
+		}
 		packet_done();
-		xfree(msg);
-		xfree(lang);
+		log("channel_open_failure: %d: reason %d %s", id,
+		    reason, msg ? msg : "<no additional info>");
+		if (msg != NULL)
+			xfree(msg);
+		if (lang != NULL)
+			xfree(lang);
 	}
 	/* Free the channel.  This will also close the socket. */
 	channel_free(id);
@ -1525,11 +1531,11 @@ channel_open_message()
 * Initiate forwarding of connections to local port "port" through the secure
 * channel to host:port from remote side.
 */
-void
+int
 channel_request_local_forwarding(u_short listen_port, const char *host_to_connect,
    u_short port_to_connect, int gateway_ports)
 {
-	channel_request_forwarding(
+	return channel_request_forwarding(
 	    NULL, listen_port,
 	    host_to_connect, port_to_connect,
 	    gateway_ports, /*remote_fwd*/ 0);
@ -1539,7 +1545,7 @@ channel_request_local_forwarding(u_short listen_port, const char *host_to_connec
 * If 'remote_fwd' is true we have a '-R style' listener for protocol 2
 * (SSH_CHANNEL_RPORT_LISTENER).
 */
-void
+int
 channel_request_forwarding(
    const char *listen_address, u_short listen_port,
    const char *host_to_connect, u_short port_to_connect,
@ -1551,6 +1557,8 @@ channel_request_forwarding(
 	const char *host;
 	struct linger linger;

+	success = 0;
+
 	if (remote_fwd) {
 		host = listen_address;
 		ctype = SSH_CHANNEL_RPORT_LISTENER;
@ -1559,8 +1567,10 @@ channel_request_forwarding(
 		ctype  =SSH_CHANNEL_PORT_LISTENER;
 	}

-	if (strlen(host) > sizeof(channels[0].path) - 1)
-		packet_disconnect("Forward host name too long.");
+	if (strlen(host) > sizeof(channels[0].path) - 1) {
+		error("Forward host name too long.");
+		return success;
+	}

 	/* XXX listen_address is currently ignored */
 	/*
@ -1575,7 +1585,6 @@ channel_request_forwarding(
 	if (getaddrinfo(NULL, strport, &hints, &aitop) != 0)
 		packet_disconnect("getaddrinfo: fatal error");

-	success = 0;
 	for (ai = aitop; ai; ai = ai->ai_next) {
 		if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
 			continue;
@ -1628,8 +1637,10 @@ channel_request_forwarding(
 		success = 1;
 	}
 	if (success == 0)
-		packet_disconnect("cannot listen port: %d", listen_port);	/*XXX ?disconnect? */
+		error("channel_request_forwarding: cannot listen to port: %d",
+		    listen_port);
 	freeaddrinfo(aitop);
+	return success;
 }

 /*
--- a/channels.h
+++ b/channels.h
@ -32,7 +32,7 @@
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */
-/* RCSID("$OpenBSD: channels.h,v 1.25 2001/01/29 16:55:36 markus Exp $"); */
+/* RCSID("$OpenBSD: channels.h,v 1.26 2001/01/31 20:37:23 markus Exp $"); */

 #ifndef CHANNELS_H
 #define CHANNELS_H
@ -206,10 +206,10 @@ char   *channel_open_message(void);
 * Initiate forwarding of connections to local port "port" through the secure
 * channel to host:port from remote side.
 */
-void
+int
 channel_request_local_forwarding(u_short listen_port,
    const char *host_to_connect, u_short port_to_connect, int gateway_ports);
-void
+int
 channel_request_forwarding(const char *listen_address, u_short listen_port,
    const char *host_to_connect, u_short port_to_connect, int gateway_ports,
    int remote_fwd);
--- a/serverloop.c
+++ b/serverloop.c
@ -35,7 +35,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: serverloop.c,v 1.43 2001/01/29 16:55:37 markus Exp $");
+RCSID("$OpenBSD: serverloop.c,v 1.45 2001/02/04 15:32:25 stevesk Exp $");

 #include "xmalloc.h"
 #include "packet.h"
@ -864,12 +864,11 @@ server_input_global_request(int type, int plen, void *ctxt)
 			packet_send_debug("Server has disabled port forwarding.");
 		} else {
 			/* Start listening on the port */
-			channel_request_forwarding(
+			success = channel_request_forwarding(
 			    listen_address, listen_port,
 			    /*unspec host_to_connect*/ "<unspec host>",
 			    /*unspec port_to_connect*/ 0,
 			    options.gateway_ports, /*remote*/ 1);
-			success = 1;
 		}
 		xfree(listen_address);
 	}
--- a/ssh.c
+++ b/ssh.c
@ -39,7 +39,7 @@
 */

 #include "includes.h"
-RCSID("$OpenBSD: ssh.c,v 1.85 2001/01/29 12:36:10 djm Exp $");
+RCSID("$OpenBSD: ssh.c,v 1.88 2001/02/04 15:32:26 stevesk Exp $");

 #include <openssl/evp.h>
 #include <openssl/err.h>
@ -757,19 +757,23 @@ x11_get_proto(char *proto, int proto_len, char *data, int data_len)
 void
 ssh_init_forwarding(void)
 {
+	int success = 0;
 	int i;
+
 	/* Initiate local TCP/IP port forwardings. */
 	for (i = 0; i < options.num_local_forwards; i++) {
 		debug("Connections to local port %d forwarded to remote address %.200s:%d",
 		    options.local_forwards[i].port,
 		    options.local_forwards[i].host,
 		    options.local_forwards[i].host_port);
-		channel_request_local_forwarding(
+		success += channel_request_local_forwarding(
 		    options.local_forwards[i].port,
 		    options.local_forwards[i].host,
 		    options.local_forwards[i].host_port,
 		    options.gateway_ports);
 	}
+	if (i > 0 && success == 0)
+		error("Could not request local forwarding.");

 	/* Initiate remote TCP/IP port forwardings. */
 	for (i = 0; i < options.num_remote_forwards; i++) {