- markus@cvs.openbsd.org 2001/01/31 13:37:24

     [channels.c channels.h serverloop.c ssh.c]
     do not disconnect if local port forwarding fails, e.g. if port is already in
     use
   - markus@cvs.openbsd.org  2001/02/01 14:58:09
     [channels.c]
     use ipaddr in channel messages, ietf-secsh wants this
   - markus@cvs.openbsd.org  2001/01/31 12:26:20
     [channels.c]
     ssh.com-2.0.1x does not send additional info in CHANNEL_OPEN_FAILURE messages;
     bug report from edmundo@rano.org

1 files changed, 26 insertions, 15 deletions

diff --git a/channels.c b/channels.c
index d8c7e124..354160e8 100644
--- a/channels.c
+++ b/channels.c
@@ -40,7 +40,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.88 2001/02/01 21:58:08 markus Exp $");
+RCSID("$OpenBSD: channels.c,v 1.89 2001/02/04 15:32:23 stevesk Exp $");
 
 #include <openssl/rsa.h>
 #include <openssl/dsa.h>
@@ -1317,7 +1317,8 @@ channel_input_open_confirmation(int type, int plen, void *ctxt)
 void
 channel_input_open_failure(int type, int plen, void *ctxt)
 {
-	int id;
+	int id, reason;
+	char *msg = NULL, *lang = NULL;
 	Channel *c;
 
 	if (!compat20)
@@ -1330,13 +1331,18 @@ channel_input_open_failure(int type, int plen, void *ctxt)
 		packet_disconnect("Received open failure for "
 		    "non-opening channel %d.", id);
 	if (compat20) {
-		int reason = packet_get_int();
-		char *msg  = packet_get_string(NULL);
-		char *lang  = packet_get_string(NULL);
-		log("channel_open_failure: %d: reason %d: %s", id, reason, msg);
+		reason = packet_get_int();
+		if (packet_remaining() > 0) {
+			msg  = packet_get_string(NULL);
+			lang = packet_get_string(NULL);
+		}
 		packet_done();
-		xfree(msg);
-		xfree(lang);
+		log("channel_open_failure: %d: reason %d %s", id,
+		    reason, msg ? msg : "<no additional info>");
+		if (msg != NULL)
+			xfree(msg);
+		if (lang != NULL)
+			xfree(lang);
 	}
 	/* Free the channel.  This will also close the socket. */
 	channel_free(id);
@@ -1525,11 +1531,11 @@ channel_open_message()
  * Initiate forwarding of connections to local port "port" through the secure
  * channel to host:port from remote side.
  */
-void
+int
 channel_request_local_forwarding(u_short listen_port, const char *host_to_connect,
     u_short port_to_connect, int gateway_ports)
 {
-	channel_request_forwarding(
+	return channel_request_forwarding(
 	    NULL, listen_port,
 	    host_to_connect, port_to_connect,
 	    gateway_ports, /*remote_fwd*/ 0);
@@ -1539,7 +1545,7 @@ channel_request_local_forwarding(u_short listen_port, const char *host_to_connec
  * If 'remote_fwd' is true we have a '-R style' listener for protocol 2
  * (SSH_CHANNEL_RPORT_LISTENER).
  */
-void
+int
 channel_request_forwarding(
     const char *listen_address, u_short listen_port,
     const char *host_to_connect, u_short port_to_connect,
@@ -1551,6 +1557,8 @@ channel_request_forwarding(
 	const char *host;
 	struct linger linger;
 
+	success = 0;
+
 	if (remote_fwd) {
 		host = listen_address;
 		ctype = SSH_CHANNEL_RPORT_LISTENER;
@@ -1559,8 +1567,10 @@ channel_request_forwarding(
 		ctype  =SSH_CHANNEL_PORT_LISTENER;
 	}
 
-	if (strlen(host) > sizeof(channels[0].path) - 1)
-		packet_disconnect("Forward host name too long.");
+	if (strlen(host) > sizeof(channels[0].path) - 1) {
+		error("Forward host name too long.");
+		return success;
+	}
 
 	/* XXX listen_address is currently ignored */
 	/*
@@ -1575,7 +1585,6 @@ channel_request_forwarding(
 	if (getaddrinfo(NULL, strport, &hints, &aitop) != 0)
 		packet_disconnect("getaddrinfo: fatal error");
 
-	success = 0;
 	for (ai = aitop; ai; ai = ai->ai_next) {
 		if (ai->ai_family != AF_INET && ai->ai_family != AF_INET6)
 			continue;
@@ -1628,8 +1637,10 @@ channel_request_forwarding(
 		success = 1;
 	}
 	if (success == 0)
-		packet_disconnect("cannot listen port: %d", listen_port);	/*XXX ?disconnect? */
+		error("channel_request_forwarding: cannot listen to port: %d",
+		    listen_port);
 	freeaddrinfo(aitop);
+	return success;
 }
 
 /*