Bug 171882

Summary: [crypto] incorrect port fowarding with server allocated port
Product: Base System Reporter: HIROSHI OOTA <nil>
Component: binAssignee: freebsd-bugs (Nobody) <bugs>
Status: Open ---    
Severity: Affects Only Me CC: allanjude, jhb
Priority: Normal Keywords: patch
Version: Unspecified   
Hardware: Any   
OS: Any   

Description HIROSHI OOTA 2012-09-23 03:40:08 UTC 
SSH standard supports server allocated port.
We can use the capability the ssh option -R 0:host:hostport.
But, I specify it multiple, all  port would be fowarded to the first port.

How-To-Repeat: 
term1$ ssh -v -R 0:localhost:23 -R 0:localhost:25 -R 0:127.0.0.1:80 -N
debug1: remote forward success for: listen 0, connect 127.0.0.1:21
Allocated port 41791 for remote forward to 127.0.0.1:21
debug1: remote forward success for: listen 0, connect 127.0.0.1:25
Allocated port 23513 for remote forward to 127.0.0.1:25
debug1: remote forward success for: listen 0, connect 127.0.0.1:80
Allocated port 59246 for remote forward to 127.0.0.1:80

term2$ telnet localhost 23513
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 xxx FTP server (Version xxx) ready.

term2$ telnet localhost 59246
Trying ::1...
Connected to localhost.
Escape character is '^]'.
220 xxx FTP server (Version xxx) ready.

these ports should be forwaded to 25(smtp) and 80(http), not 21(ftp).
Comment 1 HIROSHI OOTA 2012-09-23 13:39:12 UTC 
This problem was corrected in OpenSSH V6.1.
Comment 2 HIROSHI OOTA 2012-09-23 15:00:00 UTC 
I tested under newest source. but it does not run correctly.
The flags for datafellows is conflicted.

Index: /usr/src/crypto/openssh/compat.h
===================================================================
--- /usr/src/crypto/openssh/compat.h    (revision 240847)
+++ /usr/src/crypto/openssh/compat.h    (working copy)
@@ -60,7 +60,7 @@
  #define SSH_BUG_RFWD_ADDR      0x02000000
  #define SSH_NEW_OPENSSH                0x04000000
  #define SSH_BUG_DYNAMIC_RPORT  0x08000000
-#define SSH_BUG_LARGEWINDOW    0x08000000
+#define SSH_BUG_LARGEWINDOW    0x10000000

  void     enable_compat13(void);
  void     enable_compat20(void);
Comment 3 Eitan Adler freebsd_committer freebsd_triage 2018-05-20 23:52:57 UTC 
For bugs matching the following conditions:
- Status == In Progress
- Assignee == "bugs@FreeBSD.org"
- Last Modified Year <= 2017

Do
- Set Status to "Open"
Comment 4 John Baldwin freebsd_committer freebsd_triage 2021-05-26 21:14:58 UTC 
Is this bug still relevant?  I believe the HPN patches are no longer in base OpenSSL which was the source of the conflict?