upstream: the tunnel-forwarding vs ExitOnForwardFailure fix that I

committed earlier had an off-by-one. Fix this and add some debugging that would have made it apparent sooner. OpenBSD-Commit-ID: 082f8f72b1423bd81bbdad750925b906e5ac6910
2020-04-03 04:03:51 +00:00 · 2020-04-03 04:03:51 +00:00 · 7b4d8999f2
parent eece243666
commit 7b4d8999f2
1 changed files with 14 additions and 3 deletions
--- a/ssh.c
+++ b/ssh.c
@ -1,4 +1,4 @@
-/* $OpenBSD: ssh.c,v 1.523 2020/04/03 02:40:32 djm Exp $ */
+/* $OpenBSD: ssh.c,v 1.524 2020/04/03 04:03:51 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@ -1676,10 +1676,15 @@ fork_postauth(void)
 static void
 forwarding_success(void)
 {
-	if (forward_confirms_pending > 0 && --forward_confirms_pending == 0) {
-		debug("All forwarding requests processed");
+	if (forward_confirms_pending == -1)
+		return;
+	if (--forward_confirms_pending == 0) {
+		debug("%s: all expected forwarding replies received");
 		if (fork_after_authentication_flag)
 			fork_postauth();
+	} else {
+		debug2("%s: %d expected forwarding replies remaining",
+		    __func__, forward_confirms_pending);
 	}
 }

@ -1800,6 +1805,8 @@ ssh_init_forwarding(struct ssh *ssh, char **ifname)
 	int success = 0;
 	int i;

+	if (options.exit_on_forward_failure)
+		forward_confirms_pending = 0; /* track pending requests */
 	/* Initiate local TCP/IP port forwardings. */
 	for (i = 0; i < options.num_local_forwards; i++) {
 		debug("Local connections to %.200s:%d forwarded to remote "
@ -1859,6 +1866,10 @@ ssh_init_forwarding(struct ssh *ssh, char **ifname)
 		else
 			error("Could not request tunnel forwarding.");
 	}
+	if (forward_confirms_pending > 0) {
+		debug("%s: expecting replies for %d forwards", __func__,
+		    forward_confirms_pending);
+	}
 }

 static void