support cancellation of local/dynamic forwardings from ~C commandline;

ok & feedback djm@

4 files changed, 52 insertions, 21 deletions

diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c
index 4ea8358163a..2c87d6c6f8b 100644
--- a/usr.bin/ssh/channels.c
+++ b/usr.bin/ssh/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.312 2011/09/09 22:46:44 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.313 2011/09/10 22:26:34 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -2816,7 +2816,7 @@ channel_cancel_rport_listener(const char *host, u_short port)
 
 int
 channel_cancel_lport_listener(const char *lhost, u_short lport,
-    u_short cport, int gateway_ports)
+    int cport, int gateway_ports)
 {
 	u_int i;
 	int found = 0;
@@ -2826,8 +2826,16 @@ channel_cancel_lport_listener(const char *lhost, u_short lport,
 		Channel *c = channels[i];
 		if (c == NULL || c->type != SSH_CHANNEL_PORT_LISTENER)
 			continue;
-		if (c->listening_port != lport || c->host_port != cport)
+		if (c->listening_port != lport)
 			continue;
+		if (cport == CHANNEL_CANCEL_PORT_STATIC) {
+			/* skip dynamic forwardings */
+			if (c->host_port == 0)
+				continue;
+		} else {
+			if (c->host_port != cport)
+				continue;
+		}
 		if ((c->listening_addr == NULL && addr != NULL) ||
 		    (c->listening_addr != NULL && addr == NULL))
 			continue;
diff --git a/usr.bin/ssh/channels.h b/usr.bin/ssh/channels.h
index 1560c5f9085..70fdd654022 100644
--- a/usr.bin/ssh/channels.h
+++ b/usr.bin/ssh/channels.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.h,v 1.106 2011/09/09 22:46:44 djm Exp $ */
+/* $OpenBSD: channels.h,v 1.107 2011/09/10 22:26:34 markus Exp $ */
 
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
@@ -57,6 +57,8 @@
 #define SSH_CHANNEL_MUX_CLIENT		16	/* Conn. to mux slave */
 #define SSH_CHANNEL_MAX_TYPE		17
 
+#define CHANNEL_CANCEL_PORT_STATIC	-1
+
 struct Channel;
 typedef struct Channel Channel;
 
@@ -264,7 +266,7 @@ int	 channel_setup_local_fwd_listener(const char *, u_short,
 int	 channel_request_rforward_cancel(const char *host, u_short port);
 int	 channel_setup_remote_fwd_listener(const char *, u_short, int *, int);
 int	 channel_cancel_rport_listener(const char *, u_short);
-int	 channel_cancel_lport_listener(const char *, u_short, u_short, int);
+int	 channel_cancel_lport_listener(const char *, u_short, int, int);
 
 /* x11 forwarding */
 
diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c
index 15c09921072..44ca743eb68 100644
--- a/usr.bin/ssh/clientloop.c
+++ b/usr.bin/ssh/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.236 2011/06/22 22:08:42 djm Exp $ */
+/* $OpenBSD: clientloop.c,v 1.237 2011/09/10 22:26:34 markus Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -830,9 +830,8 @@ process_cmdline(void)
 {
 	void (*handler)(int);
 	char *s, *cmd, *cancel_host;
-	int delete = 0;
-	int local = 0, remote = 0, dynamic = 0;
-	int cancel_port;
+	int delete = 0, local = 0, remote = 0, dynamic = 0;
+	int cancel_port, ok;
 	Forward fwd;
 
 	bzero(&fwd, sizeof(fwd));
@@ -858,8 +857,12 @@ process_cmdline(void)
 		    "Request remote forward");
 		logit("      -D[bind_address:]port                  "
 		    "Request dynamic forward");
+		logit("      -KL[bind_address:]port                 "
+		    "Cancel local forward");
 		logit("      -KR[bind_address:]port                 "
 		    "Cancel remote forward");
+		logit("      -KD[bind_address:]port                 "
+		    "Cancel dynamic forward");
 		if (!options.permit_local_command)
 			goto out;
 		logit("      !args                                  "
@@ -888,11 +891,7 @@ process_cmdline(void)
 		goto out;
 	}
 
-	if ((local || dynamic) && delete) {
-		logit("Not supported.");
-		goto out;
-	}
-	if (remote && delete && !compat20) {
+	if (delete && !compat20) {
 		logit("Not supported for SSH protocol version 1.");
 		goto out;
 	}
@@ -915,7 +914,21 @@ process_cmdline(void)
 			logit("Bad forwarding close port");
 			goto out;
 		}
-		channel_request_rforward_cancel(cancel_host, cancel_port);
+		if (remote)
+			ok = channel_request_rforward_cancel(cancel_host,
+			    cancel_port) == 0;
+		else if (dynamic)
+                	ok = channel_cancel_lport_listener(cancel_host,
+			    cancel_port, 0, options.gateway_ports) > 0;
+		else
+                	ok = channel_cancel_lport_listener(cancel_host,
+			    cancel_port, CHANNEL_CANCEL_PORT_STATIC,
+			    options.gateway_ports) > 0;
+		if (!ok) {
+			logit("Unkown port forwarding.");
+			goto out;
+		}
+		logit("Canceled forwarding.");
 	} else {
 		if (!parse_forward(&fwd, s, dynamic, remote)) {
 			logit("Bad forwarding specification.");
@@ -936,7 +949,6 @@ process_cmdline(void)
 				goto out;
 			}
 		}
-
 		logit("Forwarding port.");
 	}
 
diff --git a/usr.bin/ssh/ssh.1 b/usr.bin/ssh/ssh.1
index fbdddc7d101..67a42cb5d6c 100644
--- a/usr.bin/ssh/ssh.1
+++ b/usr.bin/ssh/ssh.1
@@ -33,8 +33,8 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.321 2011/08/26 01:45:15 djm Exp $
-.Dd $Mdocdate: August 26 2011 $
+.\" $OpenBSD: ssh.1,v 1.322 2011/09/10 22:26:34 markus Exp $
+.Dd $Mdocdate: September 10 2011 $
 .Dt SSH 1
 .Os
 .Sh NAME
@@ -899,11 +899,20 @@ Currently this allows the addition of port forwardings using the
 and
 .Fl D
 options (see above).
-It also allows the cancellation of existing remote port-forwardings
-using
+It also allows the cancellation of existing port-forwardings
+with
+.Sm off
+.Fl KL Oo Ar bind_address : Oc Ar port
+.Sm on
+for local,
+.Sm off
+.Fl KR Oo Ar bind_address : Oc Ar port
+.Sm on
+for remote and
 .Sm off
-.Fl KR Oo Ar bind_address : Oc Ar port .
+.Fl KD Oo Ar bind_address : Oc Ar port
 .Sm on
+for dynamic port-forwardings.
 .Ic !\& Ns Ar command
 allows the user to execute a local command if the
 .Ic PermitLocalCommand