extern void *x11_invent_auth(char *, int, char *, int);
extern void x11_unthrottle(Socket s);
extern void x11_override_throttle(Socket s, int enable);
+extern int x11_get_screen_number(char *display);
extern char *pfd_newconnect(Socket * s, char *hostname, int port, void *c);
-extern char *pfd_addforward(char *desthost, int destport, int port,
- void *backhandle);
+extern char *pfd_addforward(char *desthost, int destport, char *srcaddr,
+ int port, void *backhandle);
extern void pfd_close(Socket s);
extern int pfd_send(Socket s, char *data, int len);
extern void pfd_confirm(Socket s);
int (*s_rdpkt) (Ssh ssh, unsigned char **data, int *datalen);
};
-#define logevent(s) do { \
- logevent(ssh->frontend, s); \
- if ((flags & FLAG_STDERR) && (flags & FLAG_VERBOSE)) { \
- fprintf(stderr, "%s\n", s); \
- fflush(stderr); \
- } \
-} while (0)
+#define logevent(s) logevent(ssh->frontend, s)
/* logevent, only printf-formatted. */
void logeventf(Ssh ssh, char *fmt, ...)
buf = dupvprintf(fmt, ap);
va_end(ap);
logevent(buf);
- if ((flags & FLAG_STDERR) && (flags & FLAG_VERBOSE)) {
- fprintf(stderr, "%s\n", buf);
- fflush(stderr);
- }
sfree(buf);
}
if (cfg.sshbug_derivekey2 == BUG_ON ||
(cfg.sshbug_derivekey2 == BUG_AUTO &&
- (wc_match("2.0.*", imp)))) {
+ (wc_match("2.0.0*", imp) || wc_match("2.0.1[01]*", imp) ))) {
/*
* These versions have the key-derivation bug (failing to
* include the literal shared secret in the hashes that
* Try to find host.
*/
logeventf(ssh, "Looking up host \"%s\"", host);
- addr = sk_namelookup(host, realhost);
+ addr = name_lookup(host, port, realhost);
if ((err = sk_addr_error(addr)))
return err;
if (ssh->v1_local_protoflags & SSH1_PROTOFLAG_SCREEN_NUMBER) {
send_packet(ssh, SSH1_CMSG_X11_REQUEST_FORWARDING,
PKT_STR, proto, PKT_STR, data,
- PKT_INT, 0, PKT_END);
+ PKT_INT, x11_get_screen_number(cfg.x11_display),
+ PKT_END);
} else {
send_packet(ssh, SSH1_CMSG_X11_REQUEST_FORWARDING,
PKT_STR, proto, PKT_STR, data, PKT_END);
char type;
int n;
int sport,dport,sserv,dserv;
- char sports[256], dports[256], host[256];
+ char sports[256], dports[256], saddr[256], host[256];
ssh->rportfwds = newtree234(ssh_rportcmp_ssh1);
/* Add port forwardings. */
ssh->portfwd_strptr = cfg.portfwd;
while (*ssh->portfwd_strptr) {
type = *ssh->portfwd_strptr++;
+ saddr[0] = '\0';
n = 0;
- while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != '\t')
- sports[n++] = *ssh->portfwd_strptr++;
+ while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != '\t') {
+ if (*ssh->portfwd_strptr == ':') {
+ /*
+ * We've seen a colon in the middle of the
+ * source port number. This means that
+ * everything we've seen until now is the
+ * source _address_, so we'll move it into
+ * saddr and start sports from the beginning
+ * again.
+ */
+ ssh->portfwd_strptr++;
+ sports[n] = '\0';
+ strcpy(saddr, sports);
+ n = 0;
+ }
+ if (n < 255) sports[n++] = *ssh->portfwd_strptr++;
+ }
sports[n] = 0;
if (*ssh->portfwd_strptr == '\t')
ssh->portfwd_strptr++;
n = 0;
- while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != ':')
- host[n++] = *ssh->portfwd_strptr++;
+ while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != ':') {
+ if (n < 255) host[n++] = *ssh->portfwd_strptr++;
+ }
host[n] = 0;
if (*ssh->portfwd_strptr == ':')
ssh->portfwd_strptr++;
n = 0;
- while (*ssh->portfwd_strptr)
- dports[n++] = *ssh->portfwd_strptr++;
+ while (*ssh->portfwd_strptr) {
+ if (n < 255) dports[n++] = *ssh->portfwd_strptr++;
+ }
dports[n] = 0;
ssh->portfwd_strptr++;
dport = atoi(dports);
}
if (sport && dport) {
if (type == 'L') {
- pfd_addforward(host, dport, sport, ssh);
- logeventf(ssh, "Local port %.*s%.*s%d%.*s forwarding to"
- " %s:%.*s%.*s%d%.*s",
+ pfd_addforward(host, dport, *saddr ? saddr : NULL,
+ sport, ssh);
+ logeventf(ssh, "Local port %.*s%.*s%.*s%.*s%d%.*s"
+ " forwarding to %s:%.*s%.*s%d%.*s",
+ (int)(*saddr?strlen(saddr):0), *saddr?saddr:NULL,
+ (int)(*saddr?1:0), ":",
(int)(sserv ? strlen(sports) : 0), sports,
sserv, "(", sport, sserv, ")",
host,
pf = smalloc(sizeof(*pf));
strcpy(pf->dhost, host);
pf->dport = dport;
+ if (saddr) {
+ logeventf(ssh,
+ "SSH1 cannot handle source address spec \"%s:%d\"; ignoring",
+ saddr, sport);
+ }
if (add234(ssh->rportfwds, pf) != pf) {
logeventf(ssh,
"Duplicate remote port forwarding to %s:%d",
ssh2_pkt_addbool(ssh, 0); /* many connections */
ssh2_pkt_addstring(ssh, proto);
ssh2_pkt_addstring(ssh, data);
- ssh2_pkt_adduint32(ssh, 0); /* screen number */
+ ssh2_pkt_adduint32(ssh, x11_get_screen_number(cfg.x11_display));
ssh2_pkt_send(ssh);
do {
char type;
int n;
int sport,dport,sserv,dserv;
- char sports[256], dports[256], host[256];
+ char sports[256], dports[256], saddr[256], host[256];
ssh->rportfwds = newtree234(ssh_rportcmp_ssh2);
/* Add port forwardings. */
ssh->portfwd_strptr = cfg.portfwd;
while (*ssh->portfwd_strptr) {
type = *ssh->portfwd_strptr++;
+ saddr[0] = '\0';
n = 0;
- while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != '\t')
- sports[n++] = *ssh->portfwd_strptr++;
+ while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != '\t') {
+ if (*ssh->portfwd_strptr == ':') {
+ /*
+ * We've seen a colon in the middle of the
+ * source port number. This means that
+ * everything we've seen until now is the
+ * source _address_, so we'll move it into
+ * saddr and start sports from the beginning
+ * again.
+ */
+ ssh->portfwd_strptr++;
+ sports[n] = '\0';
+ strcpy(saddr, sports);
+ n = 0;
+ }
+ if (n < 255) sports[n++] = *ssh->portfwd_strptr++;
+ }
sports[n] = 0;
if (*ssh->portfwd_strptr == '\t')
ssh->portfwd_strptr++;
n = 0;
- while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != ':')
- host[n++] = *ssh->portfwd_strptr++;
+ while (*ssh->portfwd_strptr && *ssh->portfwd_strptr != ':') {
+ if (n < 255) host[n++] = *ssh->portfwd_strptr++;
+ }
host[n] = 0;
if (*ssh->portfwd_strptr == ':')
ssh->portfwd_strptr++;
n = 0;
- while (*ssh->portfwd_strptr)
- dports[n++] = *ssh->portfwd_strptr++;
+ while (*ssh->portfwd_strptr) {
+ if (n < 255) dports[n++] = *ssh->portfwd_strptr++;
+ }
dports[n] = 0;
ssh->portfwd_strptr++;
dport = atoi(dports);
}
if (sport && dport) {
if (type == 'L') {
- pfd_addforward(host, dport, sport, ssh);
- logeventf(ssh, "Local port %.*s%.*s%d%.*s forwarding to"
- " %s:%.*s%.*s%d%.*s",
+ pfd_addforward(host, dport, *saddr ? saddr : NULL,
+ sport, ssh);
+ logeventf(ssh, "Local port %.*s%.*s%.*s%.*s%d%.*s"
+ " forwarding to %s:%.*s%.*s%d%.*s",
+ (int)(*saddr?strlen(saddr):0), *saddr?saddr:NULL,
+ (int)(*saddr?1:0), ":",
(int)(sserv ? strlen(sports) : 0), sports,
sserv, "(", sport, sserv, ")",
host,
" to %s:%d", host, dport);
sfree(pf);
} else {
- logeventf(ssh, "Requesting remote port %.*s%.*s%d%.*s"
+ logeventf(ssh, "Requesting remote port "
+ "%.*s%.*s%.*s%.*s%d%.*s"
" forward to %s:%.*s%.*s%d%.*s",
+ (int)(*saddr?strlen(saddr):0),
+ *saddr?saddr:NULL,
+ (int)(*saddr?1:0), ":",
(int)(sserv ? strlen(sports) : 0), sports,
sserv, "(", sport, sserv, ")",
host,
ssh2_pkt_init(ssh, SSH2_MSG_GLOBAL_REQUEST);
ssh2_pkt_addstring(ssh, "tcpip-forward");
ssh2_pkt_addbool(ssh, 1);/* want reply */
+ if (*saddr)
+ ssh2_pkt_addstring(ssh, saddr);
if (cfg.rport_acceptall)
ssh2_pkt_addstring(ssh, "0.0.0.0");
else