+ cp = "permitopen=\"";
+ if (strncasecmp(opts, cp, strlen(cp)) == 0) {
+ char host[256], sport[6];
+ u_short port;
+ char *patterns = xmalloc(strlen(opts) + 1);
+
+ opts += strlen(cp);
+ i = 0;
+ while (*opts) {
+ if (*opts == '"')
+ break;
+ if (*opts == '\\' && opts[1] == '"') {
+ opts += 2;
+ patterns[i++] = '"';
+ continue;
+ }
+ patterns[i++] = *opts++;
+ }
+ if (!*opts) {
+ debug("%.100s, line %lu: missing end quote",
+ file, linenum);
+ auth_debug_add("%.100s, line %lu: missing end quote",
+ file, linenum);
+ xfree(patterns);
+ goto bad_option;
+ }
+ patterns[i] = 0;
+ opts++;
+ if (sscanf(patterns, "%255[^:]:%5[0-9]", host, sport) != 2 &&
+ sscanf(patterns, "%255[^/]/%5[0-9]", host, sport) != 2) {
+ debug("%.100s, line %lu: Bad permitopen specification "
+ "<%.100s>", file, linenum, patterns);
+ auth_debug_add("%.100s, line %lu: "
+ "Bad permitopen specification", file, linenum);
+ xfree(patterns);
+ goto bad_option;
+ }
+ if ((port = a2port(sport)) == 0) {
+ debug("%.100s, line %lu: Bad permitopen port <%.100s>",
+ file, linenum, sport);
+ auth_debug_add("%.100s, line %lu: "
+ "Bad permitopen port", file, linenum);
+ xfree(patterns);
+ goto bad_option;
+ }
+ if (options.allow_tcp_forwarding)
+ channel_add_permitted_opens(host, port);
+ xfree(patterns);
+ goto next_option;
+ }