- djm@cvs.openbsd.org 2006/12/12 03:58:42

     [channels.c compat.c compat.h]
     bz #1019: some ssh.com versions apparently can't cope with the
     remote port forwarding bind_address being a hostname, so send
     them an address for cases where they are not explicitly
     specified (wildcard or localhost bind).  reported by daveroth AT
     acm.org; ok dtucker@ deraadt@

diff --git a/ChangeLog b/ChangeLog
index aa86cc4522d818d80a9fba83f27fae3fa1febc04..c87324278cc22434149625507138a088a18baf4a 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -10,6 +10,13 @@
    - markus@cvs.openbsd.org 2006/12/11 21:25:46
      [ssh-keygen.1 ssh.1]
      add rfc 4716 (public key format); ok jmc
+   - djm@cvs.openbsd.org 2006/12/12 03:58:42
+     [channels.c compat.c compat.h]
+     bz #1019: some ssh.com versions apparently can't cope with the
+     remote port forwarding bind_address being a hostname, so send
+     them an address for cases where they are not explicitly
+     specified (wildcard or localhost bind).  reported by daveroth AT
+     acm.org; ok dtucker@ deraadt@
 
 20061205
  - (djm) [auth.c] Fix NULL pointer dereference in fakepw().  Crash would

diff --git a/channels.c b/channels.c
index 26b63a1aae9047fb91a97fd412b40f25e85a8cca..6be121970bf3a4174e915145fd8c8505c2c191ab 100644 (file)
--- a/channels.c
+++ b/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.266 2006/08/29 10:40:18 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.267 2006/12/12 03:58:42 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2525,11 +2525,18 @@ channel_request_remote_forwarding(const char *listen_host, u_short listen_port,
        /* Send the forward request to the remote side. */
        if (compat20) {
                const char *address_to_bind;
-               if (listen_host == NULL)
-                       address_to_bind = "localhost";
-               else if (*listen_host == '\0' || strcmp(listen_host, "*") == 0)
-                       address_to_bind = "";
-               else
+               if (listen_host == NULL) {
+                       if (datafellows & SSH_BUG_RFWD_ADDR)
+                               address_to_bind = "127.0.0.1";
+                       else
+                               address_to_bind = "localhost";
+               } else if (*listen_host == '\0' ||
+                          strcmp(listen_host, "*") == 0) {
+                       if (datafellows & SSH_BUG_RFWD_ADDR)
+                               address_to_bind = "0.0.0.0";
+                       else
+                               address_to_bind = "";
+               } else
                        address_to_bind = listen_host;
 
                packet_start(SSH2_MSG_GLOBAL_REQUEST);

diff --git a/compat.c b/compat.c
index da67f9410d1c56a65754ba498d5818f9fea3044b..bc113158144bef3a0dda64a8664e5c87956d79f1 100644 (file)
--- a/compat.c
+++ b/compat.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: compat.c,v 1.76 2006/08/03 03:34:42 deraadt Exp $ */
+/* $OpenBSD: compat.c,v 1.77 2006/12/12 03:58:42 djm Exp $ */
 /*
  * Copyright (c) 1999, 2000, 2001, 2002 Markus Friedl.  All rights reserved.
  *
@@ -133,7 +133,8 @@ compat_datafellows(const char *version)
                { "2.3.*",              SSH_BUG_DEBUG|SSH_BUG_RSASIGMD5|
                                        SSH_BUG_FIRSTKEX },
                { "2.4",                SSH_OLD_SESSIONID },    /* Van Dyke */
-               { "2.*",                SSH_BUG_DEBUG|SSH_BUG_FIRSTKEX },
+               { "2.*",                SSH_BUG_DEBUG|SSH_BUG_FIRSTKEX|
+                                       SSH_BUG_RFWD_ADDR },
                { "3.0.*",              SSH_BUG_DEBUG },
                { "3.0 SecureCRT*",     SSH_OLD_SESSIONID },
                { "1.7 SecureFX*",      SSH_OLD_SESSIONID },

diff --git a/compat.h b/compat.h
index 83d469d539a57d279615505f59224ed6b2fd7abb..4d8ebc908a425891fe3ed7a7c6c5c2797389afaf 100644 (file)
--- a/compat.h
+++ b/compat.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: compat.h,v 1.40 2006/03/25 22:22:43 djm Exp $ */
+/* $OpenBSD: compat.h,v 1.41 2006/12/12 03:58:42 djm Exp $ */
 
 /*
  * Copyright (c) 1999, 2000, 2001 Markus Friedl.  All rights reserved.
@@ -56,6 +56,7 @@
 #define SSH_BUG_PROBE          0x00400000
 #define SSH_BUG_FIRSTKEX       0x00800000
 #define SSH_OLD_FORWARD_ADDR   0x01000000
+#define SSH_BUG_RFWD_ADDR      0x02000000
 
 void     enable_compat13(void);
 void     enable_compat20(void);