- markus@cvs.openbsd.org 2006/12/11 21:25:46
[ssh-keygen.1 ssh.1]
add rfc 4716 (public key format); ok jmc
+ - djm@cvs.openbsd.org 2006/12/12 03:58:42
+ [channels.c compat.c compat.h]
+ bz #1019: some ssh.com versions apparently can't cope with the
+ remote port forwarding bind_address being a hostname, so send
+ them an address for cases where they are not explicitly
+ specified (wildcard or localhost bind). reported by daveroth AT
+ acm.org; ok dtucker@ deraadt@
20061205
- (djm) [auth.c] Fix NULL pointer dereference in fakepw(). Crash would
-/* $OpenBSD: channels.c,v 1.266 2006/08/29 10:40:18 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.267 2006/12/12 03:58:42 djm Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
/* Send the forward request to the remote side. */
if (compat20) {
const char *address_to_bind;
- if (listen_host == NULL)
- address_to_bind = "localhost";
- else if (*listen_host == '\0' || strcmp(listen_host, "*") == 0)
- address_to_bind = "";
- else
+ if (listen_host == NULL) {
+ if (datafellows & SSH_BUG_RFWD_ADDR)
+ address_to_bind = "127.0.0.1";
+ else
+ address_to_bind = "localhost";
+ } else if (*listen_host == '\0' ||
+ strcmp(listen_host, "*") == 0) {
+ if (datafellows & SSH_BUG_RFWD_ADDR)
+ address_to_bind = "0.0.0.0";
+ else
+ address_to_bind = "";
+ } else
address_to_bind = listen_host;
packet_start(SSH2_MSG_GLOBAL_REQUEST);
-/* $OpenBSD: compat.c,v 1.76 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: compat.c,v 1.77 2006/12/12 03:58:42 djm Exp $ */
/*
* Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl. All rights reserved.
*
{ "2.3.*", SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5|
SSH_BUG_FIRSTKEX },
{ "2.4", SSH_OLD_SESSIONID }, /* Van Dyke */
- { "2.*", SSH_BUG_DEBUG|SSH_BUG_FIRSTKEX },
+ { "2.*", SSH_BUG_DEBUG|SSH_BUG_FIRSTKEX|
+ SSH_BUG_RFWD_ADDR },
{ "3.0.*", SSH_BUG_DEBUG },
{ "3.0 SecureCRT*", SSH_OLD_SESSIONID },
{ "1.7 SecureFX*", SSH_OLD_SESSIONID },
-/* $OpenBSD: compat.h,v 1.40 2006/03/25 22:22:43 djm Exp $ */
+/* $OpenBSD: compat.h,v 1.41 2006/12/12 03:58:42 djm Exp $ */
/*
* Copyright (c) 1999, 2000, 2001 Markus Friedl. All rights reserved.
#define SSH_BUG_PROBE 0x00400000
#define SSH_BUG_FIRSTKEX 0x00800000
#define SSH_OLD_FORWARD_ADDR 0x01000000
+#define SSH_BUG_RFWD_ADDR 0x02000000
void enable_compat13(void);
void enable_compat20(void);