[Bug 3499] New: Bad forwarding specification w. -R port

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Nov 8 12:20:34 AEDT 2022


https://bugzilla.mindrot.org/show_bug.cgi?id=3499

            Bug ID: 3499
           Summary: Bad forwarding specification w. -R port
           Product: Portable OpenSSH
           Version: 9.1p1
          Hardware: amd64
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: ssh
          Assignee: unassigned-bugs at mindrot.org
          Reporter: beryllium at shaddybaddah.name

General warning. As this seemed too obvious an issue to be (assumed)
long standing, I tried to search for bugs, including resolved/closed,
that match what I am about to report.

I couldn't find any... but I also lack confidence that the
search(/advanced search) isn't injecting keywords into filters, in an
effort to "help", and is diluting the search.

What I am reporting is pretty straight forward. I am trying to use the
*working* binding of a remote port, to a socks proxy through the ssh
client application.

But I am trying to do so using the ~C - Open command line, analogous to
command line invocation arguments, and in accordance with the ssh
manual page. Doing so, I am encountering the error: Bad forwarding
specification.

Below is my best effort at demonstrating the issue.

## Demonstrating that port 13579 isn't initially bound, and is
functional

<< $ nc -v localhost 13579
<< nc: connect to localhost (127.0.0.1) port 13579 (tcp) failed:
Connection refused

# bind it in another session, and connect it in the original
>> $ nc -v -l localhost 13579
>> Listening on localhost 13579

<< $ nc -v localhost 13579
<< Connection to localhost (127.0.0.1) 13579 port [tcp/*] succeeded!

>. $ nc -v -l localhost 13579
>. Listening on localhost 13579
>> Connection received on localhost 60858

## Now demonstrate working command line invocation -R port
>> $ ssh -F /dev/null -R 13579 localhost
>> Linux tordnim-debian 5.10.0-15-amd64 #1 SMP Debian 5.10.120-1 (2022-06-09) x86_64
>> ..
>> $ 

<. Connection to localhost (127.0.0.1) 13579 port [tcp/*] succeeded!
<. ^C
<< $ nc -v -X 5 -x localhost:13579 www.google.com 80
<< Connection to www.google.com 80 port [tcp/http] succeeded!
<< GET / HTTP/1.0
<< 
<< HTTP/1.0 200 OK
<< ...

## Now demonstrate the ~C - Open command line error
# first confirm port 13579 has been unbound
<< $ exit
<< logout
<< Connection to localhost closed.
<< $ 

>. ^C
>> $ nc -v -X 5 -x localhost:13579 www.google.com 80
>> nc: connect to localhost port 13579 (tcp) failed: Connection refused

# now remove -R from ssh invocation, and demonstrate
>> $ ssh -F /dev/null localhost
>> Linux tordnim-debian 5.10.0-15-amd64 #1 SMP Debian 5.10.120-1 (2022-06-09) x86_64
>> ..
>> $ 
>> ssh> -R 13579
>> Bad forwarding specification.

# unnecessary, but confirm port 13579 still unbound
>> $ nc -v -X 5 -x localhost:13579 www.google.com 80
>> nc: connect to localhost port 13579 (tcp) failed: Connection refused

According to the ssh manual page, this form of forwarding specification
is allowable.

~C section:

##      ~C      Open command line.  Currently this allows the addition
of port
##              forwardings using the -L, -R and -D options (see
above).  It also

-R section:
##      -R [bind_address:]port:host:hostport
##      -R [bind_address:]port:local_socket
##      -R remote_socket:host:hostport
##      -R remote_socket:local_socket
#*      -R [bind_address:]port
##              Specifies that connections to the given TCP port or
Unix socket
##              on the remote (server) host are to be forwarded to the
local
##              side.
## ...
#*              hostport, or local_socket, or, if no explicit
destination was
#*              specified, ssh will act as a SOCKS 4/5 proxy and
forward connec‐
#*              tions to the destinations requested by the remote SOCKS
client.

Accordingly, I feel that encountering a "Bad forwarding specification."
error is a defect.

Though as per my preamble.. I rather suspect this is a "considered"
omission, with some rationale.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list