This is a multi-part message in MIME format.
--------------020801000200010103090406
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I'm having a problem with OpenSSH_4.0p1 when trying to do remote port
forwards to a server running SSH Secure Shell 2.4.0. The problem appears
to be that 2.4.0 chokes on bind addresses that aren't numeric addresses,
such as "localhost" and "".

The following commands are failing for me from the 4.0p1 client to the
2.4.0 server:

~ ssh -R 50000:localhost:50000 server
~ ssh -R localhost:50000:localhost:50000 server
~ ssh -R :50000:localhost:50000 server
~ ssh -R \*:50000:localhost:50000 server

although these commands work just fine:

~ ssh -R 127.0.0.1:50000:localhost:50000 server
~ ssh -R 0.0.0.0:50000:localhost:50000 server
~ ssh -R 192.168.1.1:50000:localhost:50000 server

The attached patch solves the problem for me. It sends "0.0.0.0" as the
address_to_bind for these cases

~ ssh -R 50000:localhost:50000 server
~ ssh -R :50000:localhost:50000 server
~ ssh -R \*:50000:localhost:50000 server

but still passes through the specified address for

~ ssh -R 192.168.1.1:50000:localhost:50000 server

David

- --
David Rothenberger spammer? -> spam@daveroth.dyndns.org
GPG/PGP: 0x7F67E734, C233 365A 25EF 2C5F C8E1 43DF B44F BA26 7F67 E734

The major sin is the sin of being born.
-- Samuel Beckett
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Cygwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCUeqUtE+6Jn9n5zQRAro2AKDs4gO8mjPSPKa2ilg8yk C+6zDJHwCeM/eY
J4esAWbP11+0X+2hQCv7HEk=
=/5+I
-----END PGP SIGNATURE-----

--------------020801000200010103090406
Content-Type: text/plain;
name="openssh-4.0p1.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="openssh-4.0p1.patch"

diff -Naur openssh-4.0p1-1/channels.c openssh-4.0p1-2/channels.c
--- openssh-4.0p1-1/channels.c 2005-03-01 02:24:33.000000000 -0800
+++ openssh-4.0p1-2/channels.c 2005-04-04 17:27:44.230250000 -0700
@@ -2370,9 +2370,15 @@
if (compat20) {
const char *address_to_bind;
if (listen_host == NULL)
- address_to_bind = "localhost";
+ if (datafellows & SSH_BUG_NUMERICRFWDADDR)
+ address_to_bind = "0.0.0.0";
+ else
+ address_to_bind = "localhost";
else if (*listen_host == '\0' || strcmp(listen_host, "*") == 0)
- address_to_bind = "";
+ if (datafellows & SSH_BUG_NUMERICRFWDADDR)
+ address_to_bind = "0.0.0.0";
+ else
+ address_to_bind = "";
else
address_to_bind = listen_host;

diff -Naur openssh-4.0p1-1/compat.c openssh-4.0p1-2/compat.c
--- openssh-4.0p1-1/compat.c 2005-03-01 02:24:33.000000000 -0800
+++ openssh-4.0p1-2/compat.c 2005-04-04 17:27:49.636500000 -0700
@@ -127,7 +127,7 @@
{ "2.3.*", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5|
SSH_BUG_FIRSTKEX },
{ "2.4", SSH_OLD_SESSIONID }, /* Van Dyke */
- { "2.*", SSH_BUG_DEBUG|SSH_BUG_FIRSTKEX },
+ { "2.*", SSH_BUG_DEBUG|SSH_BUG_FIRSTKEX|SSH_BUG_NUMERICRFWD ADDR },
{ "3.0.*", SSH_BUG_DEBUG },
{ "3.0 SecureCRT*", SSH_OLD_SESSIONID },
{ "1.7 SecureFX*", SSH_OLD_SESSIONID },
diff -Naur openssh-4.0p1-1/compat.h openssh-4.0p1-2/compat.h
--- openssh-4.0p1-1/compat.h 2005-03-01 02:24:33.000000000 -0800
+++ openssh-4.0p1-2/compat.h 2005-04-04 17:27:37.792750000 -0700
@@ -56,6 +56,7 @@
#define SSH_BUG_PROBE 0x00400000
#define SSH_BUG_FIRSTKEX 0x00800000
#define SSH_OLD_FORWARD_ADDR 0x01000000
+#define SSH_BUG_NUMERICRFWDADDR 0x02000000

void enable_compat13(void);
void enable_compat20(void);

--------------020801000200010103090406
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://www.mindrot.org/mailman/listi...enssh-unix-dev

--------------020801000200010103090406--