summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorBen Lindstrom <mouring@eviladmin.org>2001-09-12 18:01:59 +0000
committerBen Lindstrom <mouring@eviladmin.org>2001-09-12 18:01:59 +0000
commit62c25a43dbdd0dddb872b997a6f82b4f73c79180 (patch)
tree0a5d0795005280afe180e6e145c7614ead6aff19
parent6e69d532dc23ae8df9cb030427deb90851326333 (diff)
- stevesk@cvs.openbsd.org 2001/08/30 16:04:35
[readconf.c ssh.1] validate ports for LocalForward/RemoteForward. add host/port alternative syntax for IPv6 (like -L/-R). ok markus@
-rw-r--r--ChangeLog7
-rw-r--r--readconf.c55
-rw-r--r--ssh.114
3 files changed, 39 insertions, 37 deletions
diff --git a/ChangeLog b/ChangeLog
index d678947e..a90b6702 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -61,6 +61,11 @@
- naddy@cvs.openbsd.org 2001/08/30 15:42:36
[ssh.1]
add -D to synopsis line; ok markus@
+ - stevesk@cvs.openbsd.org 2001/08/30 16:04:35
+ [readconf.c ssh.1]
+ validate ports for LocalForward/RemoteForward.
+ add host/port alternative syntax for IPv6 (like -L/-R).
+ ok markus@
20010815
- (bal) Fixed stray code in readconf.c that went in by mistake.
@@ -6384,4 +6389,4 @@
- Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1
-$Id: ChangeLog,v 1.1503 2001/09/12 17:59:59 mouring Exp $
+$Id: ChangeLog,v 1.1504 2001/09/12 18:01:59 mouring Exp $
diff --git a/readconf.c b/readconf.c
index d334ed43..04895be6 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
*/
#include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.87 2001/08/28 09:51:26 markus Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.88 2001/08/30 16:04:35 stevesk Exp $");
#include "ssh.h"
#include "xmalloc.h"
@@ -260,6 +260,7 @@ process_config_line(Options *options, const char *host,
char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg;
int opcode, *intptr, value;
u_short fwd_port, fwd_host_port;
+ char sfwd_host_port[6];
s = line;
/* Get the keyword. (Each line is supposed to begin with a keyword). */
@@ -577,42 +578,34 @@ parse_int:
*intptr = (LogLevel) value;
break;
- case oRemoteForward:
- arg = strdelim(&s);
- if (!arg || *arg == '\0')
- fatal("%.200s line %d: Missing argument.", filename, linenum);
- fwd_port = a2port(arg);
- if (fwd_port == 0)
- fatal("%.200s line %d: Badly formatted port number.",
- filename, linenum);
- arg = strdelim(&s);
- if (!arg || *arg == '\0')
- fatal("%.200s line %d: Missing second argument.",
- filename, linenum);
- if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
- fatal("%.200s line %d: Badly formatted host:port.",
- filename, linenum);
- if (*activep)
- add_remote_forward(options, fwd_port, buf, fwd_host_port);
- break;
-
case oLocalForward:
+ case oRemoteForward:
arg = strdelim(&s);
if (!arg || *arg == '\0')
- fatal("%.200s line %d: Missing argument.", filename, linenum);
- fwd_port = a2port(arg);
- if (fwd_port == 0)
- fatal("%.200s line %d: Badly formatted port number.",
- filename, linenum);
+ fatal("%.200s line %d: Missing port argument.",
+ filename, linenum);
+ if ((fwd_port = a2port(arg)) == 0)
+ fatal("%.200s line %d: Bad listen port.",
+ filename, linenum);
arg = strdelim(&s);
if (!arg || *arg == '\0')
fatal("%.200s line %d: Missing second argument.",
- filename, linenum);
- if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
- fatal("%.200s line %d: Badly formatted host:port.",
- filename, linenum);
- if (*activep)
- add_local_forward(options, fwd_port, buf, fwd_host_port);
+ filename, linenum);
+ if (sscanf(arg, "%255[^:]:%5[0-9]", buf, sfwd_host_port) != 2 &&
+ sscanf(arg, "%255[^/]/%5[0-9]", buf, sfwd_host_port) != 2)
+ fatal("%.200s line %d: Bad forwarding specification.",
+ filename, linenum);
+ if ((fwd_host_port = a2port(sfwd_host_port)) == 0)
+ fatal("%.200s line %d: Bad forwarding port.",
+ filename, linenum);
+ if (*activep) {
+ if (opcode == oLocalForward)
+ add_local_forward(options, fwd_port, buf,
+ fwd_host_port);
+ else if (opcode == oRemoteForward)
+ add_remote_forward(options, fwd_port, buf,
+ fwd_host_port);
+ }
break;
case oDynamicForward:
diff --git a/ssh.1 b/ssh.1
index 90e32ebd..d7529d7a 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
-.\" $OpenBSD: ssh.1,v 1.135 2001/08/30 15:42:36 naddy Exp $
+.\" $OpenBSD: ssh.1,v 1.136 2001/08/30 16:04:35 stevesk Exp $
.Dd September 25, 1999
.Dt SSH 1
.Os
@@ -943,9 +943,11 @@ or
.Dq no .
.It Cm LocalForward
Specifies that a TCP/IP port on the local machine be forwarded over
-the secure channel to given host:port from the remote machine.
+the secure channel to the specified host and port from the remote machine.
The first argument must be a port number, and the second must be
-host:port.
+.Ar host:port .
+IPv6 addresses can be specified with an alternative syntax:
+.Ar host/port .
Multiple forwardings may be specified, and additional
forwardings can be given on the command line.
Only the superuser can forward privileged ports.
@@ -1037,9 +1039,11 @@ The default is
This option applies to protocol version 2 only.
.It Cm RemoteForward
Specifies that a TCP/IP port on the remote machine be forwarded over
-the secure channel to given host:port from the local machine.
+the secure channel to the specified host and port from the local machine.
The first argument must be a port number, and the second must be
-host:port.
+.Ar host:port .
+IPv6 addresses can be specified with an alternative syntax:
+.Ar host/port .
Multiple forwardings may be specified, and additional
forwardings can be given on the command line.
Only the superuser can forward privileged ports.