From 2e5b14c03fe4f9da42953ff99a602e6c90a2384f Mon Sep 17 00:00:00 2001
From: simon <simon@cda61777-01e9-0310-a592-d414129be87e>
Date: Wed, 9 Apr 2003 11:19:39 +0000
Subject: [PATCH] Remote-to-local port forwarding in SSH2 was apparently
 completely broken! We were expecting the peer address/port in the incoming
 packet _before_ the connected address/port, which is just wrong. I wonder how
 I managed to mess that up.

git-svn-id: svn://svn.tartarus.org/sgt/putty@3083 cda61777-01e9-0310-a592-d414129be87e
---
 ssh.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/ssh.c b/ssh.c
index 74726251..c37762ed 100644
--- a/ssh.c
+++ b/ssh.c
@@ -5834,7 +5834,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt)
 		int typelen;
 		char *peeraddr;
 		int peeraddrlen;
-		int port;
+		int peerport;
 		char *error = NULL;
 		struct ssh_channel *c;
 		unsigned remid, winsize, pktsize;
@@ -5845,18 +5845,18 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt)
 		remid = ssh2_pkt_getuint32(ssh);
 		winsize = ssh2_pkt_getuint32(ssh);
 		pktsize = ssh2_pkt_getuint32(ssh);
-		ssh2_pkt_getstring(ssh, &peeraddr, &peeraddrlen);
-		port = ssh2_pkt_getuint32(ssh);
 
 		if (typelen == 3 && !memcmp(type, "x11", 3)) {
 		    char *addrstr = snewn(peeraddrlen+1, char);
 		    memcpy(addrstr, peeraddr, peeraddrlen);
 		    peeraddr[peeraddrlen] = '\0';
+                    ssh2_pkt_getstring(ssh, &peeraddr, &peeraddrlen);
+                    peerport = ssh2_pkt_getuint32(ssh);
 
 		    if (!ssh->X11_fwd_enabled)
 			error = "X11 forwarding is not enabled";
 		    else if (x11_init(&c->u.x11.s, ssh->cfg.x11_display, c,
-				      ssh->x11auth, addrstr, port,
+				      ssh->x11auth, addrstr, peerport,
 				      &ssh->cfg) != NULL) {
 			error = "Unable to open an X11 connection";
 		    } else {
@@ -5871,6 +5871,8 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt)
 		    int dummylen;
 		    ssh2_pkt_getstring(ssh, &dummy, &dummylen);/* skip address */
 		    pf.sport = ssh2_pkt_getuint32(ssh);
+                    ssh2_pkt_getstring(ssh, &peeraddr, &peeraddrlen);
+                    peerport = ssh2_pkt_getuint32(ssh);
 		    realpf = find234(ssh->rportfwds, &pf, NULL);
 		    if (realpf == NULL) {
 			error = "Remote port is not recognised";
-- 
2.11.0