[Bug 2147] OpenSSH remote forwarding of dynamic ports doesn't work when you create more than one

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Tue Oct 17 05:09:50 AEDT 2017


https://bugzilla.mindrot.org/show_bug.cgi?id=2147

debacle at debian.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |debacle at debian.org

--- Comment #8 from debacle at debian.org ---
It looks like this change leads to a problem. See Debian bug
https://bugs.debian.org/846379 from 2016-11-30:

I have an OpenSSH client 1:5.5p1-6+squeeze3 on Debian 6 (Squeeze)
building a reverse tunnel with dynamic port to a Jessie server:

$ /usr/bin/ssh -t -t -R *:0:localhost:443 user at server somecommand

If the server runs OpenSSH up to version 6.4p1-2 ("forwardports" from
snaphot.d.o), everything is fine. With any OpenSSH server from 6.5p1-6
to 7.3p1-3, the tunnel gets established, but no data can be
transmitted over it. On any activity, the client side shows:
WARNING: Server requests forwarding for unknown listen_port 54321
debug1: failure forwarded-tcpip
When the client specifies the port (= no dynamic port):

$ /usr/bin/ssh -t -t -R *:54321:localhost:443 user at server somecommand

everything works fine, independent of the OpenSSH server version.

Reverting part of the change above solves the problem:

--- openssh-7.3p1.orig/channels.c
+++ openssh-7.3p1/channels.c
@@ -1458,7 +1458,7 @@ port_open_helper(Channel *c, char *rtype
                 } else {
                         /* listen address, port */
                         packet_put_cstring(c->path);
-                        packet_put_int(local_port);
+                        packet_put_int(c->listening_port);
                 }
                 if (strcmp(rtype,  
"forwarded-streamlocal at openssh.com") == 0) {
                         /* reserved for future owner/mode info */

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list