Add the remote counterpart for the `local port forwardings accept

connections from outside localhost' switch. Interestingly OpenSSH
3.0 appears to ignore this (though I know it works because ssh.com
3.0 gets it right, and the SSH packet dump agrees that I'm doing the
right thing).

[originally from svn r1496]

doc/config.but

@@ -1,4 +1,4 @@
-\versionid $Id: config.but,v 1.21 2001/12/14 14:57:50 simon Exp $
+\versionid $Id: config.but,v 1.22 2001/12/15 12:15:24 simon Exp $
 
 \C{config} Configuring PuTTY
 
@@ -1576,6 +1576,27 @@ in the list box.
 To remove a port forwarding, simply select its details in the list
 box, and click the \q{Remove} button.
 
+\S{config-ssh-portfwd-localhost} Controlling the visibility of
+forwarded ports
+
+\cfg{winhelp-topic}{ssh.tunnels.portfwd.localhost}
+
+The source port for a forwarded connection usually does not accept
+connections from any machine except the SSH client or server machine
+itself (for local and remote forwardings respectively). There are
+controls in the Tunnels panel to change this:
+
+\b The \q{Local ports accept connections from other hosts} option
+allows you to set up local-to-remote port forwardings in such a way
+that machines other than your client PC can connect to the forwarded
+port.
+
+\b The \q{Remote ports do the same} option does the same thing for
+remote-to-local port forwardings (so that machines other than the
+SSH server machine can connect to the forwarded port.) Note that
+this feature is only available in the SSH 2 protocol, and not all
+SSH 2 servers support it (OpenSSH 3.0 does not, for example).
+
 \H{config-file} Storing configuration in a file
 
 PuTTY does not currently support storing its configuration in a file

doc/using.but

@@ -1,4 +1,4 @@
-\versionid $Id: using.but,v 1.4 2001/12/13 17:38:59 simon Exp $
+\versionid $Id: using.but,v 1.5 2001/12/15 12:15:24 simon Exp $
 
 \C{using} Using PuTTY
 
@@ -291,6 +291,22 @@ To do this, just select the \q{Remote} radio button instead of the
 number on the \e{server} (note that most servers will not allow you
 to use port numbers under 1024 for this purpose).
 
+The source port for a forwarded connection usually does not accept
+connections from any machine except the SSH client or server machine
+itself (for local and remote forwardings respectively). There are
+controls in the Tunnels panel to change this:
+
+\b The \q{Local ports accept connections from other hosts} option
+allows you to set up local-to-remote port forwardings in such a way
+that machines other than your client PC can connect to the forwarded
+port.
+
+\b The \q{Remote ports do the same} option does the same thing for
+remote-to-local port forwardings (so that machines other than the
+SSH server machine can connect to the forwarded port.) Note that
+this feature is only available in the SSH 2 protocol, and not all
+SSH 2 servers support it (OpenSSH 3.0 does not, for example).
+
 \H{using-rawprot} Making raw TCP connections
 
 A lot of Internet protocols are composed of commands and responses

putty.h

@@ -347,7 +347,8 @@ typedef struct {
     int x11_forward;
     char x11_display[128];
     /* port forwarding */
-    int lport_acceptall; /* accepts connection from hosts other than localhost */
+    int lport_acceptall; /* accept conns from hosts other than localhost */
+    int rport_acceptall; /* same for remote forwarded ports (SSH2 only) */
     char portfwd[1024]; /* [LR]localport\thost:port\000[LR]localport\thost:port\000\000 */
 } Config;
 

settings.c

@@ -265,6 +265,7 @@ void save_settings(char *section, int do_host, Config * cfg)
     write_setting_i(sesskey, "X11Forward", cfg->x11_forward);
     write_setting_s(sesskey, "X11Display", cfg->x11_display);
     write_setting_i(sesskey, "LocalPortAcceptAll", cfg->lport_acceptall);
+    write_setting_i(sesskey, "RemotePortAcceptAll", cfg->rport_acceptall);
     {
 	char buf[2 * sizeof(cfg->portfwd)], *p, *q;
 	p = buf;
@@ -501,6 +502,7 @@ void load_settings(char *section, int do_host, Config * cfg)
 	 sizeof(cfg->x11_display));
 
     gppi(sesskey, "LocalPortAcceptAll", 0, &cfg->lport_acceptall);
+    gppi(sesskey, "RemotePortAcceptAll", 0, &cfg->rport_acceptall);
     {
 	char buf[2 * sizeof(cfg->portfwd)], *p, *q;
 	gpps(sesskey, "PortForwardings", "", buf, sizeof(buf));

ssh.c

@@ -4607,7 +4607,10 @@ static void do_ssh2_authconn(unsigned char *in, int inlen, int ispkt)
 			ssh2_pkt_init(SSH2_MSG_GLOBAL_REQUEST);
 			ssh2_pkt_addstring("tcpip-forward");
 			ssh2_pkt_addbool(1);/* want reply */
-			ssh2_pkt_addstring("127.0.0.1");
+			if (cfg.rport_acceptall)
+			    ssh2_pkt_addstring("0.0.0.0");
+			else
+			    ssh2_pkt_addstring("127.0.0.1");
 			ssh2_pkt_adduint32(sport);
 			ssh2_pkt_send();
 

windlg.c

@@ -545,6 +545,7 @@ enum { IDCX_ABOUT =
     IDC_X11_DISPSTATIC,
     IDC_X11_DISPLAY,
     IDC_LPORT_ALL,
+    IDC_RPORT_ALL,
     IDC_PFWDSTATIC,
     IDC_PFWDSTATIC2,
     IDC_PFWDREMOVE,
@@ -896,7 +897,6 @@ char *help_context_cmd(int id)
       case IDC_X11_DISPSTATIC:
       case IDC_X11_DISPLAY:
         return "JI(`',`ssh.tunnels.x11')";
-      case IDC_LPORT_ALL:
       case IDC_PFWDSTATIC:
       case IDC_PFWDSTATIC2:
       case IDC_PFWDREMOVE:
@@ -909,6 +909,9 @@ char *help_context_cmd(int id)
       case IDC_PFWDLOCAL:
       case IDC_PFWDREMOTE:
         return "JI(`',`ssh.tunnels.portfwd')";
+      case IDC_LPORT_ALL:
+      case IDC_RPORT_ALL:
+        return "JI(`',`ssh.tunnels.portfwd.localhost')";
 
       default:
         return NULL;
@@ -1171,6 +1174,7 @@ static void init_dlg_ctrls(HWND hwnd, int keepsess)
     SetDlgItemText(hwnd, IDC_X11_DISPLAY, cfg.x11_display);
 
     CheckDlgButton(hwnd, IDC_LPORT_ALL, cfg.lport_acceptall);
+    CheckDlgButton(hwnd, IDC_RPORT_ALL, cfg.rport_acceptall);
     CheckRadioButton(hwnd, IDC_PFWDLOCAL, IDC_PFWDREMOTE, IDC_PFWDLOCAL);
 }
 
@@ -1694,7 +1698,7 @@ static void create_controls(HWND hwnd, int dlgtype, int panel)
     }
 
     if (panel == tunnelspanelstart) {
-	/* The Tunnels panel. Accelerators used: [acgo] deilmrstx */
+	/* The Tunnels panel. Accelerators used: [acgo] deilmrsthx */
 	struct ctlpos cp;
 	ctlposinit(&cp, hwnd, 80, 3, 13);
 	if (dlgtype == 0) {
@@ -1706,7 +1710,10 @@ static void create_controls(HWND hwnd, int dlgtype, int panel)
 		      IDC_X11_DISPLAY, 50, NULL);
 	    endbox(&cp);
     	    beginbox(&cp, "Port forwarding", IDC_BOX_TUNNELS2);
-	    checkbox(&cp, "Local ports accept connections from o&ther hosts", IDC_LPORT_ALL);
+	    checkbox(&cp, "Local ports accept connections from o&ther hosts",
+		     IDC_LPORT_ALL);
+	    checkbox(&cp, "Remote ports do t&he same (SSH v2 only)",
+		     IDC_RPORT_ALL);
 	    staticbtn(&cp, "Forwarded ports:", IDC_PFWDSTATIC,
 		      "&Remove", IDC_PFWDREMOVE);
 	    fwdsetter(&cp, IDC_PFWDLIST,
@@ -1715,7 +1722,8 @@ static void create_controls(HWND hwnd, int dlgtype, int panel)
 		      "Dest&ination", IDC_DPORTSTATIC, IDC_DPORTEDIT,
 		      "A&dd", IDC_PFWDADD);
 	    bareradioline(&cp, 2,
-			  "&Local", IDC_PFWDLOCAL, "Re&mote", IDC_PFWDREMOTE, NULL);
+			  "&Local", IDC_PFWDLOCAL,
+			  "Re&mote", IDC_PFWDREMOTE, NULL);
 	    endbox(&cp);
 
 	}
@@ -3007,14 +3015,20 @@ static int GenericMainDlgProc(HWND hwnd, UINT msg,
 	      case IDC_X11_FORWARD:
 		if (HIWORD(wParam) == BN_CLICKED ||
 		    HIWORD(wParam) == BN_DOUBLECLICKED)
-			cfg.x11_forward =
+		    cfg.x11_forward =
-			IsDlgButtonChecked(hwnd, IDC_X11_FORWARD);
+		    IsDlgButtonChecked(hwnd, IDC_X11_FORWARD);
 		break;
 	      case IDC_LPORT_ALL:
 		if (HIWORD(wParam) == BN_CLICKED ||
 		    HIWORD(wParam) == BN_DOUBLECLICKED)
-			cfg.lport_acceptall =
+		    cfg.lport_acceptall =
-			IsDlgButtonChecked(hwnd, IDC_LPORT_ALL);
+		    IsDlgButtonChecked(hwnd, IDC_LPORT_ALL);
+		break;
+	      case IDC_RPORT_ALL:
+		if (HIWORD(wParam) == BN_CLICKED ||
+		    HIWORD(wParam) == BN_DOUBLECLICKED)
+		    cfg.rport_acceptall =
+		    IsDlgButtonChecked(hwnd, IDC_RPORT_ALL);
 		break;
 	      case IDC_X11_DISPLAY:
 		if (HIWORD(wParam) == EN_CHANGE)