[src/trunk]: src/crypto/dist/ssh Make -D behave like -L (obey GatewayPorts). ...

[christos <christos%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/4aa3b9d71ee5
branches:  trunk
changeset: 584456:4aa3b9d71ee5
user:      christos <christos%NetBSD.org@localhost>
date:      Sun Sep 18 18:27:28 2005 +0000

description:
Make -D behave like -L (obey GatewayPorts). Before it defaulted to listen
to wildcard which is not secure.

diffstat:

 crypto/dist/ssh/ssh.1 |  7 ++++---
 crypto/dist/ssh/ssh.c |  6 +++---
 2 files changed, 7 insertions(+), 6 deletions(-)

diffs (48 lines):

diff -r fb47ab5baba4 -r 4aa3b9d71ee5 crypto/dist/ssh/ssh.1
--- a/crypto/dist/ssh/ssh.1     Sun Sep 18 16:22:35 2005 +0000
+++ b/crypto/dist/ssh/ssh.1     Sun Sep 18 18:27:28 2005 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: ssh.1,v 1.32 2005/09/18 16:22:35 christos Exp $
+.\"    $NetBSD: ssh.1,v 1.33 2005/09/18 18:27:28 christos Exp $
 .\"  -*- nroff -*-
 .\"
 .\" Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
@@ -516,8 +516,9 @@
 Dynamic port forwardings can also be specified in the configuration file.
 If 
 .Ar bind_address
-is not specified, then the socket will listen to all interfaces, which
-can have unexpected security implications.
+is not specified then the port is bound in accordance with the
+.Cm GatewayPorts
+setting.
 .It Fl e Ar ch | ^ch | none
 Sets the escape character for sessions with a pty (default:
 .Ql ~ ) .
diff -r fb47ab5baba4 -r 4aa3b9d71ee5 crypto/dist/ssh/ssh.c
--- a/crypto/dist/ssh/ssh.c     Sun Sep 18 16:22:35 2005 +0000
+++ b/crypto/dist/ssh/ssh.c     Sun Sep 18 18:27:28 2005 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: ssh.c,v 1.34 2005/09/09 12:24:37 christos Exp $        */
+/*     $NetBSD: ssh.c,v 1.35 2005/09/18 18:27:33 christos Exp $        */
 /*
  * Author: Tatu Ylonen <ylo%cs.hut.fi@localhost>
  * Copyright (c) 1995 Tatu Ylonen <ylo%cs.hut.fi@localhost>, Espoo, Finland
@@ -42,7 +42,7 @@
 
 #include "includes.h"
 RCSID("$OpenBSD: ssh.c,v 1.233 2005/03/01 17:22:06 jmc Exp $");
-__RCSID("$NetBSD: ssh.c,v 1.34 2005/09/09 12:24:37 christos Exp $");
+__RCSID("$NetBSD: ssh.c,v 1.35 2005/09/18 18:27:33 christos Exp $");
 
 #include <openssl/evp.h>
 #include <openssl/err.h>
@@ -433,7 +433,7 @@
                                fwd.listen_host = cleanhostname(fwd.listen_host);
                        } else {
                                fwd.listen_port = a2port(fwd.listen_host);
-                               fwd.listen_host = "";
+                               fwd.listen_host = NULL;
                        }
 
                        if (fwd.listen_port == 0) {