===================================================================
RCS file: /cvsrepo/anoncvs/cvs/src/usr.bin/ssh/servconf.c,v
retrieving revision 1.158
retrieving revision 1.159
diff -u -r1.158 -r1.159
--- src/usr.bin/ssh/servconf.c	2006/07/19 13:07:10	1.158
+++ src/usr.bin/ssh/servconf.c	2006/07/21 12:43:36	1.159
@@ -1,4 +1,4 @@
-/* $OpenBSD: servconf.c,v 1.158 2006/07/19 13:07:10 dtucker Exp $ */
+/* $OpenBSD: servconf.c,v 1.159 2006/07/21 12:43:36 dtucker Exp $ */
 /*
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
  *                    All rights reserved
@@ -106,6 +106,7 @@
 	options->authorized_keys_file2 = NULL;
 	options->num_accept_env = 0;
 	options->permit_tun = -1;
+	options->num_permitted_opens = -1;
 	options->adm_forced_command = NULL;
 }
 
@@ -1118,20 +1119,27 @@
 			fatal("%s line %d: missing PermitOpen specification",
 			    filename, linenum);
 		if (strcmp(arg, "any") == 0) {
-			if (*activep)
+			if (*activep) {
 				channel_clear_adm_permitted_opens();
+				options->num_permitted_opens = 0;
+			}
 			break;
 		}
-		p = hpdelim(&arg);
-		if (p == NULL)
-			fatal("%s line %d: missing host in PermitOpen",
-			    filename, linenum);
-		p = cleanhostname(p);
-		if (arg == NULL || (port = a2port(arg)) == 0)
-			fatal("%s line %d: bad port number in PermitOpen",
-			    filename, linenum);
-		if (*activep)
-			channel_add_adm_permitted_opens(p, port);
+		for (; arg != NULL && *arg != '\0'; arg = strdelim(&cp)) {
+			p = hpdelim(&arg);
+			if (p == NULL)
+				fatal("%s line %d: missing host in PermitOpen",
+				    filename, linenum);
+			p = cleanhostname(p);
+			if (arg == NULL || (port = a2port(arg)) == 0)
+				fatal("%s line %d: bad port number in "
+				    "PermitOpen", filename, linenum);
+			if (*activep && options->num_permitted_opens == -1) {
+				channel_clear_adm_permitted_opens();
+				options->num_permitted_opens =
+				    channel_add_adm_permitted_opens(p, port);
+			}
+		}
 		break;
 
 	case sForceCommand: