Mercurial > dropbear
annotate cli-tcpfwd.c @ 1843:03dfecca99bd
Use sudo for the real github action job
(Wasn't required by act's runner)
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Mon, 18 Oct 2021 23:25:20 +0800 |
parents | a7cc3332d8ab |
children | 1d86a58fb52d |
rev | line source |
---|---|
74
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
1 /* |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
2 * Dropbear SSH |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
3 * |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
4 * Copyright (c) 2002,2003 Matt Johnston |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
5 * All rights reserved. |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
6 * |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
7 * Permission is hereby granted, free of charge, to any person obtaining a copy |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
8 * of this software and associated documentation files (the "Software"), to deal |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
9 * in the Software without restriction, including without limitation the rights |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
11 * copies of the Software, and to permit persons to whom the Software is |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
12 * furnished to do so, subject to the following conditions: |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
13 * |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
14 * The above copyright notice and this permission notice shall be included in |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
15 * all copies or substantial portions of the Software. |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
16 * |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
23 * SOFTWARE. */ |
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
24 |
62 | 25 #include "includes.h" |
64 | 26 #include "dbutil.h" |
27 #include "tcpfwd.h" | |
62 | 28 #include "channel.h" |
64 | 29 #include "runopts.h" |
30 #include "session.h" | |
31 #include "ssh.h" | |
1032
0da8ba489c23
Move generic network routines to netio.c
Matt Johnston <matt@ucc.asn.au>
parents:
1025
diff
changeset
|
32 #include "netio.h" |
62 | 33 |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1275
diff
changeset
|
34 #if DROPBEAR_CLI_REMOTETCPFWD |
64 | 35 static int newtcpforwarded(struct Channel * channel); |
36 | |
37 const struct ChanType cli_chan_tcpremote = { | |
38 "forwarded-tcpip", | |
39 newtcpforwarded, | |
40 NULL, | |
41 NULL, | |
1625
79eef94ccea9
Split ChanType closehandler() and cleanup() so that dbclient doesn't
Matt Johnston <matt@ucc.asn.au>
parents:
1620
diff
changeset
|
42 NULL, |
64 | 43 NULL |
44 }; | |
156
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
45 #endif |
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
46 |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1275
diff
changeset
|
47 #if DROPBEAR_CLI_LOCALTCPFWD |
578
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
48 static int cli_localtcp(const char* listenaddr, |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
49 unsigned int listenport, |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
50 const char* remoteaddr, |
156
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
51 unsigned int remoteport); |
62 | 52 static const struct ChanType cli_chan_tcplocal = { |
53 "direct-tcpip", | |
941
5daedffd0769
Set tcp priority as follows:
Matt Johnston <matt@ucc.asn.au>
parents:
899
diff
changeset
|
54 tcp_prio_inithandler, |
62 | 55 NULL, |
64 | 56 NULL, |
1625
79eef94ccea9
Split ChanType closehandler() and cleanup() so that dbclient doesn't
Matt Johnston <matt@ucc.asn.au>
parents:
1620
diff
changeset
|
57 NULL, |
62 | 58 NULL |
59 }; | |
156
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
60 #endif |
62 | 61 |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1275
diff
changeset
|
62 #if DROPBEAR_CLI_ANYTCPFWD |
1206
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
63 static void fwd_failed(const char* format, ...) ATTRIB_PRINTF(1,2); |
1275
d49bda490798
add static in function definition
Francois Perrad <francois.perrad@gadz.org>
parents:
1251
diff
changeset
|
64 static void fwd_failed(const char* format, ...) |
1206
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
65 { |
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
66 va_list param; |
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
67 va_start(param, format); |
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
68 |
1215 | 69 if (cli_opts.exit_on_fwd_failure) { |
1206
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
70 _dropbear_exit(EXIT_FAILURE, format, param); |
1215 | 71 } else { |
1206
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
72 _dropbear_log(LOG_WARNING, format, param); |
1215 | 73 } |
1206
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
74 |
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
75 va_end(param); |
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
76 } |
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
77 #endif |
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
78 |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1275
diff
changeset
|
79 #if DROPBEAR_CLI_LOCALTCPFWD |
63
dcc43965928f
- A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
80 void setup_localtcp() { |
551
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
81 m_list_elem *iter; |
64 | 82 int ret; |
83 | |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
84 TRACE(("enter setup_localtcp")) |
66
38c3146aa23d
Some more sanity-checking of args, and just warn and ignore OpenSSH args
Matt Johnston <matt@ucc.asn.au>
parents:
64
diff
changeset
|
85 |
551
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
86 for (iter = cli_opts.localfwds->first; iter; iter = iter->next) { |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
87 struct TCPFwdEntry * fwd = (struct TCPFwdEntry*)iter->item; |
578
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
88 ret = cli_localtcp( |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
89 fwd->listenaddr, |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
90 fwd->listenport, |
551
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
91 fwd->connectaddr, |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
92 fwd->connectport); |
64 | 93 if (ret == DROPBEAR_FAILURE) { |
1206
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
94 fwd_failed("Failed local port forward %s:%d:%s:%d", |
578
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
95 fwd->listenaddr, |
551
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
96 fwd->listenport, |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
97 fwd->connectaddr, |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
98 fwd->connectport); |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
99 } |
64 | 100 } |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
101 TRACE(("leave setup_localtcp")) |
62 | 102 |
63
dcc43965928f
- A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
103 } |
62 | 104 |
578
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
105 static int cli_localtcp(const char* listenaddr, |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
106 unsigned int listenport, |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
107 const char* remoteaddr, |
63
dcc43965928f
- A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
108 unsigned int remoteport) { |
62 | 109 |
110 struct TCPListener* tcpinfo = NULL; | |
64 | 111 int ret; |
112 | |
113 TRACE(("enter cli_localtcp: %d %s %d", listenport, remoteaddr, | |
114 remoteport)); | |
62 | 115 |
184
ca55377e4f7e
- allocate correct buffer size for channel info, rather than sizeof(pointer).
Matt Johnston <matt@ucc.asn.au>
parents:
165
diff
changeset
|
116 tcpinfo = (struct TCPListener*)m_malloc(sizeof(struct TCPListener)); |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
253
diff
changeset
|
117 |
108
10f4d3319780
- added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
118 tcpinfo->sendaddr = m_strdup(remoteaddr); |
63
dcc43965928f
- A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
119 tcpinfo->sendport = remoteport; |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
253
diff
changeset
|
120 |
578
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
121 if (listenaddr) |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
122 { |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
123 tcpinfo->listenaddr = m_strdup(listenaddr); |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
124 } |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
125 else |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
126 { |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
127 if (opts.listen_fwd_all) { |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
128 tcpinfo->listenaddr = m_strdup(""); |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
129 } else { |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
130 tcpinfo->listenaddr = m_strdup("localhost"); |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
131 } |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
253
diff
changeset
|
132 } |
63
dcc43965928f
- A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
133 tcpinfo->listenport = listenport; |
258
306499676384
* add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents:
253
diff
changeset
|
134 |
62 | 135 tcpinfo->chantype = &cli_chan_tcplocal; |
259
c049490e43fe
* fix -L forwarding on the client, broke last rev
Matt Johnston <matt@ucc.asn.au>
parents:
258
diff
changeset
|
136 tcpinfo->tcp_type = direct; |
62 | 137 |
1620
572a7aefa188
FIx remote forward listeners
Matt Johnston <matt@ucc.asn.au>
parents:
1515
diff
changeset
|
138 ret = listen_tcpfwd(tcpinfo, NULL); |
62 | 139 |
140 if (ret == DROPBEAR_FAILURE) { | |
141 m_free(tcpinfo); | |
142 } | |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
143 TRACE(("leave cli_localtcp: %d", ret)) |
62 | 144 return ret; |
145 } | |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1275
diff
changeset
|
146 #endif /* DROPBEAR_CLI_LOCALTCPFWD */ |
64 | 147 |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1275
diff
changeset
|
148 #if DROPBEAR_CLI_REMOTETCPFWD |
578
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
149 static void send_msg_global_request_remotetcp(const char *addr, int port) { |
64 | 150 |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
151 TRACE(("enter send_msg_global_request_remotetcp")) |
64 | 152 |
153 CHECKCLEARTOWRITE(); | |
154 buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST); | |
1123
d7b752525b91
buf_getstring and buf_putstring now use non-unsigned char*
Matt Johnston <matt@ucc.asn.au>
parents:
1094
diff
changeset
|
155 buf_putstring(ses.writepayload, "tcpip-forward", 13); |
505
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
156 buf_putbyte(ses.writepayload, 1); /* want_reply */ |
1123
d7b752525b91
buf_getstring and buf_putstring now use non-unsigned char*
Matt Johnston <matt@ucc.asn.au>
parents:
1094
diff
changeset
|
157 buf_putstring(ses.writepayload, addr, strlen(addr)); |
64 | 158 buf_putint(ses.writepayload, port); |
159 | |
160 encrypt_packet(); | |
161 | |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
162 TRACE(("leave send_msg_global_request_remotetcp")) |
64 | 163 } |
164 | |
505
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
165 /* The only global success/failure messages are for remotetcp. |
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
166 * Since there isn't any identifier in these messages, we have to rely on them |
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
167 * being in the same order as we sent the requests. This is the ordering |
631
af304deacb4c
Print the server allocated port when using dbclient -R 0:....
Matt Johnston <matt@ucc.asn.au>
parents:
591
diff
changeset
|
168 * of the cli_opts.remotefwds list. |
af304deacb4c
Print the server allocated port when using dbclient -R 0:....
Matt Johnston <matt@ucc.asn.au>
parents:
591
diff
changeset
|
169 * If the requested remote port is 0 the listen port will be |
af304deacb4c
Print the server allocated port when using dbclient -R 0:....
Matt Johnston <matt@ucc.asn.au>
parents:
591
diff
changeset
|
170 * dynamically allocated by the server and the port number will be returned |
af304deacb4c
Print the server allocated port when using dbclient -R 0:....
Matt Johnston <matt@ucc.asn.au>
parents:
591
diff
changeset
|
171 * to client and the port number reported to the user. */ |
505
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
172 void cli_recv_msg_request_success() { |
631
af304deacb4c
Print the server allocated port when using dbclient -R 0:....
Matt Johnston <matt@ucc.asn.au>
parents:
591
diff
changeset
|
173 /* We just mark off that we have received the reply, |
505
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
174 * so that we can report failure for later ones. */ |
551
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
175 m_list_elem * iter = NULL; |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
176 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
177 struct TCPFwdEntry *fwd = (struct TCPFwdEntry*)iter->item; |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
178 if (!fwd->have_reply) { |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
179 fwd->have_reply = 1; |
631
af304deacb4c
Print the server allocated port when using dbclient -R 0:....
Matt Johnston <matt@ucc.asn.au>
parents:
591
diff
changeset
|
180 if (fwd->listenport == 0) { |
899
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
181 /* The server should let us know which port was allocated if we requested port 0 */ |
631
af304deacb4c
Print the server allocated port when using dbclient -R 0:....
Matt Johnston <matt@ucc.asn.au>
parents:
591
diff
changeset
|
182 int allocport = buf_getint(ses.payload); |
af304deacb4c
Print the server allocated port when using dbclient -R 0:....
Matt Johnston <matt@ucc.asn.au>
parents:
591
diff
changeset
|
183 if (allocport > 0) { |
899
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
184 fwd->listenport = allocport; |
631
af304deacb4c
Print the server allocated port when using dbclient -R 0:....
Matt Johnston <matt@ucc.asn.au>
parents:
591
diff
changeset
|
185 dropbear_log(LOG_INFO, "Allocated port %d for remote forward to %s:%d", |
af304deacb4c
Print the server allocated port when using dbclient -R 0:....
Matt Johnston <matt@ucc.asn.au>
parents:
591
diff
changeset
|
186 allocport, fwd->connectaddr, fwd->connectport); |
af304deacb4c
Print the server allocated port when using dbclient -R 0:....
Matt Johnston <matt@ucc.asn.au>
parents:
591
diff
changeset
|
187 } |
af304deacb4c
Print the server allocated port when using dbclient -R 0:....
Matt Johnston <matt@ucc.asn.au>
parents:
591
diff
changeset
|
188 } |
505
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
189 return; |
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
190 } |
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
191 } |
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
192 } |
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
193 |
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
194 void cli_recv_msg_request_failure() { |
551
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
195 m_list_elem *iter; |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
196 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
197 struct TCPFwdEntry *fwd = (struct TCPFwdEntry*)iter->item; |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
198 if (!fwd->have_reply) { |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
199 fwd->have_reply = 1; |
1206
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
200 fwd_failed("Remote TCP forward request failed (port %d -> %s:%d)", |
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
201 fwd->listenport, |
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
202 fwd->connectaddr, |
2907c658fa76
Implemented ExitOnForwardFailure option for local and remote forwarding.
Konstantin Tokarev <ktokarev@smartlabs.tv>
parents:
1123
diff
changeset
|
203 fwd->connectport); |
505
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
204 return; |
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
205 } |
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
206 } |
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
207 } |
805e557fdff7
Report errors if a remote request fails
Matt Johnston <matt@ucc.asn.au>
parents:
259
diff
changeset
|
208 |
64 | 209 void setup_remotetcp() { |
551
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
210 m_list_elem *iter; |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
211 TRACE(("enter setup_remotetcp")) |
66
38c3146aa23d
Some more sanity-checking of args, and just warn and ignore OpenSSH args
Matt Johnston <matt@ucc.asn.au>
parents:
64
diff
changeset
|
212 |
551
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
213 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
214 struct TCPFwdEntry *fwd = (struct TCPFwdEntry*)iter->item; |
578
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
215 if (!fwd->listenaddr) |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
216 { |
857 | 217 /* we store the addresses so that we can compare them |
218 when the server sends them back */ | |
578
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
219 if (opts.listen_fwd_all) { |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
220 fwd->listenaddr = m_strdup(""); |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
221 } else { |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
222 fwd->listenaddr = m_strdup("localhost"); |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
223 } |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
224 } |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
225 send_msg_global_request_remotetcp(fwd->listenaddr, fwd->listenport); |
64 | 226 } |
227 | |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
228 TRACE(("leave setup_remotetcp")) |
64 | 229 } |
230 | |
231 static int newtcpforwarded(struct Channel * channel) { | |
232 | |
1250 | 233 char *origaddr = NULL; |
64 | 234 unsigned int origport; |
551
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
235 m_list_elem * iter = NULL; |
1327
e47e4b8a005d
initialize variable and protect against NULL dereferencement
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
236 struct TCPFwdEntry *fwd = NULL; |
64 | 237 char portstring[NI_MAXSERV]; |
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
66
diff
changeset
|
238 int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED; |
64 | 239 |
1123
d7b752525b91
buf_getstring and buf_putstring now use non-unsigned char*
Matt Johnston <matt@ucc.asn.au>
parents:
1094
diff
changeset
|
240 origaddr = buf_getstring(ses.payload, NULL); |
64 | 241 origport = buf_getint(ses.payload); |
242 | |
899
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
243 /* Find which port corresponds. First try and match address as well as port, |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
244 in case they want to forward different ports separately ... */ |
551
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
245 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { |
c3f2ec71e3d4
New standard linked list to use, rather than adhoc SignKeyList or TCPFwdList
Matt Johnston <matt@ucc.asn.au>
parents:
505
diff
changeset
|
246 fwd = (struct TCPFwdEntry*)iter->item; |
578
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
247 if (origport == fwd->listenport |
899
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
248 && strcmp(origaddr, fwd->listenaddr) == 0) { |
64 | 249 break; |
250 } | |
251 } | |
252 | |
899
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
253 if (!iter) |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
254 { |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
255 /* ... otherwise try to generically match the only forwarded port |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
256 without address (also handles ::1 vs 127.0.0.1 vs localhost case). |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
257 rfc4254 is vague about the definition of "address that was connected" */ |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
258 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
259 fwd = (struct TCPFwdEntry*)iter->item; |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
260 if (origport == fwd->listenport) { |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
261 break; |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
262 } |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
263 } |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
264 } |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
265 |
115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
Matt Johnston <matt@ucc.asn.au>
parents:
857
diff
changeset
|
266 |
1327
e47e4b8a005d
initialize variable and protect against NULL dereferencement
Francois Perrad <francois.perrad@gadz.org>
parents:
1295
diff
changeset
|
267 if (iter == NULL || fwd == NULL) { |
64 | 268 /* We didn't request forwarding on that port */ |
1250 | 269 cleantext(origaddr); |
578
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
270 dropbear_log(LOG_INFO, "Server sent unrequested forward from \"%s:%d\"", |
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
271 origaddr, origport); |
64 | 272 goto out; |
273 } | |
1785
9026f976eee8
fuzz: work around fuzz_connect_remote() limitations
Matt Johnston <matt@ucc.asn.au>
parents:
1625
diff
changeset
|
274 |
9026f976eee8
fuzz: work around fuzz_connect_remote() limitations
Matt Johnston <matt@ucc.asn.au>
parents:
1625
diff
changeset
|
275 channel->prio = DROPBEAR_CHANNEL_PRIO_UNKNOWABLE; |
1829
a7cc3332d8ab
Replace ChanType.sepfds with Channel.bidir_fd
Matt Johnston <matt@ucc.asn.au>
parents:
1785
diff
changeset
|
276 |
1237
888e3d17e962
Fix print format specifier
Chocobo1 <Chocobo1@users.noreply.github.com>
parents:
1215
diff
changeset
|
277 snprintf(portstring, sizeof(portstring), "%u", fwd->connectport); |
1466
f787f60f8e45
bind to port as well with -b
Matt Johnston <matt@ucc.asn.au>
parents:
1465
diff
changeset
|
278 channel->conn_pending = connect_remote(fwd->connectaddr, portstring, channel_connect_done, channel, NULL, NULL); |
1829
a7cc3332d8ab
Replace ChanType.sepfds with Channel.bidir_fd
Matt Johnston <matt@ucc.asn.au>
parents:
1785
diff
changeset
|
279 |
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
66
diff
changeset
|
280 err = SSH_OPEN_IN_PROGRESS; |
64 | 281 |
282 out: | |
578
44f486b72427
- tcpfwd bindaddr support against trunk. needs merging.
Matt Johnston <matt@ucc.asn.au>
parents:
551
diff
changeset
|
283 m_free(origaddr); |
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
284 TRACE(("leave newtcpdirect: err %d", err)) |
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
66
diff
changeset
|
285 return err; |
64 | 286 } |
1295
750ec4ec4cbe
Convert #ifdef to #if, other build changes
Matt Johnston <matt@ucc.asn.au>
parents:
1275
diff
changeset
|
287 #endif /* DROPBEAR_CLI_REMOTETCPFWD */ |