diff --git a/ChangeLog b/ChangeLog
index abf02912a..2979b95f1 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -47,6 +47,10 @@
    - stevesk@cvs.openbsd.org 2001/12/19 17:16:13
      [authfile.c bufaux.c bufaux.h buffer.c buffer.h packet.c packet.h ssh.c]
      change the buffer/packet interface to use void* vs. char*; ok markus@
+   - markus@cvs.openbsd.org 2001/12/20 16:37:29
+     [channels.c channels.h session.c]
+     setup x11 listen socket for just one connect if the client requests so.
+     (v2 only, but the openssh client does not support this feature).
 
 20011219
  - (stevesk) OpenBSD CVS sync X11 localhost display
@@ -7075,4 +7079,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1703 2001/12/21 03:56:54 djm Exp $
+$Id: ChangeLog,v 1.1704 2001/12/21 03:58:35 djm Exp $
diff --git a/channels.c b/channels.c
index 63eb5bcff..340b10646 100644
--- a/channels.c
+++ b/channels.c
@@ -39,7 +39,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: channels.c,v 1.148 2001/12/19 07:18:56 deraadt Exp $");
+RCSID("$OpenBSD: channels.c,v 1.149 2001/12/20 16:37:29 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -263,6 +263,7 @@ channel_new(char *ctype, int type, int rfd, int wfd, int efd,
 	c->cb_arg = NULL;
 	c->cb_event = 0;
 	c->force_drain = 0;
+	c->single_connection = 0;
 	c->detach_user = NULL;
 	c->input_filter = NULL;
 	debug("channel %d: new [%s]", found, remote_name);
@@ -1003,6 +1004,11 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset)
 		debug("X11 connection requested.");
 		addrlen = sizeof(addr);
 		newsock = accept(c->sock, &addr, &addrlen);
+		if (c->single_connection) {
+			debug("single_connection: closing X11 listener.");
+			channel_close_fd(&c->sock);
+			chan_mark_dead(c);
+		}
 		if (newsock < 0) {
 			error("accept: %.100s", strerror(errno));
 			return;
@@ -1029,8 +1035,8 @@ channel_post_x11_listener(Channel *c, fd_set * readset, fd_set * writeset)
 			packet_start(SSH2_MSG_CHANNEL_OPEN);
 			packet_put_cstring("x11");
 			packet_put_int(nc->self);
-			packet_put_int(c->local_window_max);
-			packet_put_int(c->local_maxpacket);
+			packet_put_int(nc->local_window_max);
+			packet_put_int(nc->local_maxpacket);
 			/* originator ipaddr and port */
 			packet_put_cstring(remote_ipaddr);
 			if (datafellows & SSH_BUG_X11FWD) {
@@ -2405,8 +2411,10 @@ channel_connect_to(const char *host, u_short port)
  * an error occurs.
  */
 int
-x11_create_display_inet(int x11_display_offset, int gateway_ports)
+x11_create_display_inet(int x11_display_offset, int gateway_ports,
+    int single_connection)
 {
+	Channel *nc = NULL;
 	int display_number, sock;
 	u_short port;
 	struct addrinfo hints, *ai, *aitop;
@@ -2482,10 +2490,12 @@ x11_create_display_inet(int x11_display_offset, int gateway_ports)
 	/* Allocate a channel for each socket. */
 	for (n = 0; n < num_socks; n++) {
 		sock = socks[n];
-		(void) channel_new("x11 listener",
+		nc = channel_new("x11 listener",
 		    SSH_CHANNEL_X11_LISTENER, sock, sock, -1,
 		    CHAN_X11_WINDOW_DEFAULT, CHAN_X11_PACKET_DEFAULT,
 		    0, xstrdup("X11 inet listener"), 1);
+		if (nc != NULL)
+			nc->single_connection = single_connection;
 	}
 
 	/* Return the display number for the DISPLAY environment variable. */
diff --git a/channels.h b/channels.h
index 840268fcf..e994aaeb6 100644
--- a/channels.h
+++ b/channels.h
@@ -32,7 +32,7 @@
  * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
-/* RCSID("$OpenBSD: channels.h,v 1.53 2001/11/29 21:10:51 stevesk Exp $"); */
+/* RCSID("$OpenBSD: channels.h,v 1.54 2001/12/20 16:37:29 markus Exp $"); */
 
 #ifndef CHANNEL_H
 #define CHANNEL_H
@@ -96,6 +96,7 @@ struct Channel {
 	int	local_consumed;
 	int	local_maxpacket;
 	int     extended_usage;
+	int	single_connection;
 
 	char   *ctype;		/* type */
 
@@ -197,9 +198,8 @@ channel_request_forwarding(const char *, u_short, const char *, u_short, int,
 /* x11 forwarding */
 
 int	 x11_connect_display(void);
-int	 x11_create_display_inet(int, int);
+int	 x11_create_display_inet(int, int, int);
 void     x11_input_open(int, int, void *);
-void     x11_request_forwarding(void);
 void	 x11_request_forwarding_with_spoofing(int, const char *, const char *);
 void	 deny_input_open(int, int, void *);
 
diff --git a/session.c b/session.c
index e4594e383..63ca37132 100644
--- a/session.c
+++ b/session.c
@@ -33,7 +33,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: session.c,v 1.113 2001/12/19 15:43:11 stevesk Exp $");
+RCSID("$OpenBSD: session.c,v 1.114 2001/12/20 16:37:29 markus Exp $");
 
 #include "ssh.h"
 #include "ssh1.h"
@@ -2066,7 +2066,7 @@ session_setup_x11fwd(Session *s)
 		return 0;
 	}
 	s->display_number = x11_create_display_inet(options.x11_display_offset,
-	    options.gateway_ports);
+	    options.gateway_ports, s->single_connection);
 	if (s->display_number == -1) {
 		debug("x11_create_display_inet failed.");
 		return 0;