3 files changed, 39 insertions, 37 deletions

diff --git a/ChangeLog b/ChangeLog
index d678947e8..a90b6702d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -61,6 +61,11 @@
    - naddy@cvs.openbsd.org 2001/08/30 15:42:36
      [ssh.1]
      add -D to synopsis line; ok markus@
+   - stevesk@cvs.openbsd.org 2001/08/30 16:04:35
+     [readconf.c ssh.1]
+     validate ports for LocalForward/RemoteForward.
+     add host/port alternative syntax for IPv6 (like -L/-R).
+     ok markus@
 
 20010815
  - (bal) Fixed stray code in readconf.c that went in by mistake.
@@ -6384,4 +6389,4 @@
  - Wrote replacements for strlcpy and mkdtemp
  - Released 1.0pre1
 
-$Id: ChangeLog,v 1.1503 2001/09/12 17:59:59 mouring Exp $
+$Id: ChangeLog,v 1.1504 2001/09/12 18:01:59 mouring Exp $
diff --git a/readconf.c b/readconf.c
index d334ed437..04895be6d 100644
--- a/readconf.c
+++ b/readconf.c
@@ -12,7 +12,7 @@
  */
 
 #include "includes.h"
-RCSID("$OpenBSD: readconf.c,v 1.87 2001/08/28 09:51:26 markus Exp $");
+RCSID("$OpenBSD: readconf.c,v 1.88 2001/08/30 16:04:35 stevesk Exp $");
 
 #include "ssh.h"
 #include "xmalloc.h"
@@ -260,6 +260,7 @@ process_config_line(Options *options, const char *host,
 	char buf[256], *s, *string, **charptr, *endofnumber, *keyword, *arg;
 	int opcode, *intptr, value;
 	u_short fwd_port, fwd_host_port;
+	char sfwd_host_port[6];
 
 	s = line;
 	/* Get the keyword. (Each line is supposed to begin with a keyword). */
@@ -577,42 +578,34 @@ parse_int:
 			*intptr = (LogLevel) value;
 		break;
 
-	case oRemoteForward:
-		arg = strdelim(&s);
-		if (!arg || *arg == '\0')
-			fatal("%.200s line %d: Missing argument.", filename, linenum);
-		fwd_port = a2port(arg);
-		if (fwd_port == 0)
-			fatal("%.200s line %d: Badly formatted port number.",
-			      filename, linenum);
-		arg = strdelim(&s);
-		if (!arg || *arg == '\0')
-			fatal("%.200s line %d: Missing second argument.",
-			      filename, linenum);
-		if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
-			fatal("%.200s line %d: Badly formatted host:port.",
-			      filename, linenum);
-		if (*activep)
-			add_remote_forward(options, fwd_port, buf, fwd_host_port);
-		break;
-
 	case oLocalForward:
+	case oRemoteForward:
 		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
-			fatal("%.200s line %d: Missing argument.", filename, linenum);
-		fwd_port = a2port(arg);
-		if (fwd_port == 0)
-			fatal("%.200s line %d: Badly formatted port number.",
-			      filename, linenum);
+			fatal("%.200s line %d: Missing port argument.",
+			    filename, linenum);
+		if ((fwd_port = a2port(arg)) == 0)
+			fatal("%.200s line %d: Bad listen port.",
+			    filename, linenum);
 		arg = strdelim(&s);
 		if (!arg || *arg == '\0')
 			fatal("%.200s line %d: Missing second argument.",
-			      filename, linenum);
-		if (sscanf(arg, "%255[^:]:%hu", buf, &fwd_host_port) != 2)
-			fatal("%.200s line %d: Badly formatted host:port.",
-			      filename, linenum);
-		if (*activep)
-			add_local_forward(options, fwd_port, buf, fwd_host_port);
+			    filename, linenum);
+		if (sscanf(arg, "%255[^:]:%5[0-9]", buf, sfwd_host_port) != 2 &&
+		    sscanf(arg, "%255[^/]/%5[0-9]", buf, sfwd_host_port) != 2)
+			fatal("%.200s line %d: Bad forwarding specification.",
+			    filename, linenum);
+		if ((fwd_host_port = a2port(sfwd_host_port)) == 0)
+			fatal("%.200s line %d: Bad forwarding port.",
+			    filename, linenum);
+		if (*activep) {
+			if (opcode == oLocalForward)
+				add_local_forward(options, fwd_port, buf,
+				    fwd_host_port);
+			else if (opcode == oRemoteForward)
+				add_remote_forward(options, fwd_port, buf,
+				    fwd_host_port);
+		}
 		break;
 
 	case oDynamicForward:
diff --git a/ssh.1 b/ssh.1
index 90e32ebd6..d7529d7a9 100644
--- a/ssh.1
+++ b/ssh.1
@@ -34,7 +34,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.\" $OpenBSD: ssh.1,v 1.135 2001/08/30 15:42:36 naddy Exp $
+.\" $OpenBSD: ssh.1,v 1.136 2001/08/30 16:04:35 stevesk Exp $
 .Dd September 25, 1999
 .Dt SSH 1
 .Os
@@ -943,9 +943,11 @@ or
 .Dq no .
 .It Cm LocalForward
 Specifies that a TCP/IP port on the local machine be forwarded over
-the secure channel to given host:port from the remote machine.
+the secure channel to the specified host and port from the remote machine.
 The first argument must be a port number, and the second must be
-host:port.
+.Ar host:port .
+IPv6 addresses can be specified with an alternative syntax:
+.Ar host/port .
 Multiple forwardings may be specified, and additional
 forwardings can be given on the command line.
 Only the superuser can forward privileged ports.
@@ -1037,9 +1039,11 @@ The default is
 This option applies to protocol version 2 only.
 .It Cm RemoteForward
 Specifies that a TCP/IP port on the remote machine be forwarded over
-the secure channel to given host:port from the local machine.
+the secure channel to the specified host and port from the local machine.
 The first argument must be a port number, and the second must be
-host:port.
+.Ar host:port .
+IPv6 addresses can be specified with an alternative syntax:
+.Ar host/port .
 Multiple forwardings may be specified, and additional
 forwardings can be given on the command line.
 Only the superuser can forward privileged ports.