dropbear: svr-tcpfwd.c annotate

annotate svr-tcpfwd.c @ 1788:1fc0012b9c38

Fix handling of replies to global requests (#112) The current code assumes that all global requests want / need a reply. This isn't always true and the request itself indicates if it wants a reply or not. It causes a specific problem with [email protected] messages. These are sent by OpenSSH after authentication to inform the client of potential other host keys for the host. This can be used to add a new type of host key or to rotate host keys. The initial information message from the server is sent as a global request, but with want_reply set to false. This means that the server doesn't expect an answer to this message. Instead the client needs to send a prove request as a reply if it wants to receive proof of ownership for the host keys. The bug doesn't cause any current problems with due to how OpenSSH treats receiving the failure message. It instead treats it as a keepalive message and further ignores it. Arguably this is a protocol violation though of Dropbear and it is only accidental that it doesn't cause a problem with OpenSSH. The bug was found when adding host keys support to libssh, which is more strict protocol wise and treats the unexpected failure message an error, also see https://gitlab.com/libssh/libssh-mirror/-/merge_requests/145 for more information. The fix here is to honor the want_reply flag in the global request and to only send a reply if the other side expects a reply.

author	Dirkjan Bussink <d.bussink@gmail.com>
date	Thu, 10 Dec 2020 16:13:13 +0100
parents	9026f976eee8
children	249681d9ecda

rev	line source
74 e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	1 /*
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	2 * Dropbear SSH
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	3 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	4 * Copyright (c) 2002,2003 Matt Johnston
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	5 * Copyright (c) 2004 by Mihnea Stoenescu
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	6 * All rights reserved.
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	7 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	8 * Permission is hereby granted, free of charge, to any person obtaining a copy
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	9 * of this software and associated documentation files (the "Software"), to deal
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	10 * in the Software without restriction, including without limitation the rights
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	12 * copies of the Software, and to permit persons to whom the Software is
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	13 * furnished to do so, subject to the following conditions:
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	14 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	15 * The above copyright notice and this permission notice shall be included in
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	16 * all copies or substantial portions of the Software.
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	17 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	24 * SOFTWARE. */
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files Matt Johnston <matt@ucc.asn.au> parents: 70 diff changeset	25
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	26 #include "includes.h"
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	27 #include "ssh.h"
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	28 #include "tcpfwd.h"
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	29 #include "dbutil.h"
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	30 #include "session.h"
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	31 #include "buffer.h"
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	32 #include "packet.h"
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	33 #include "listener.h"
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	34 #include "runopts.h"
475 52a644e7b8e1 * Patch from Frédéric Moulins adding options to authorized_keys. Matt Johnston <matt@ucc.asn.au> parents: 410 diff changeset	35 #include "auth.h"
1032 0da8ba489c23 Move generic network routines to netio.c Matt Johnston <matt@ucc.asn.au> parents: 1025 diff changeset	36 #include "netio.h"
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	37
1499 2d450c1056e3 options: Complete the transition to numeric toggles (`#if') Michael Witten <mfwitten@gmail.com> parents: 1466 diff changeset	38 #if !DROPBEAR_SVR_REMOTETCPFWD
673 c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	39
c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	40 /* This is better than SSH_MSG_UNIMPLEMENTED */
c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	41 void recv_msg_global_request_remotetcp() {
1788 1fc0012b9c38 Fix handling of replies to global requests (#112) Dirkjan Bussink <d.bussink@gmail.com> parents: 1785 diff changeset	42 unsigned int len = 0;
1fc0012b9c38 Fix handling of replies to global requests (#112) Dirkjan Bussink <d.bussink@gmail.com> parents: 1785 diff changeset	43 unsigned int wantreply = 0;
1fc0012b9c38 Fix handling of replies to global requests (#112) Dirkjan Bussink <d.bussink@gmail.com> parents: 1785 diff changeset	44
1fc0012b9c38 Fix handling of replies to global requests (#112) Dirkjan Bussink <d.bussink@gmail.com> parents: 1785 diff changeset	45 TRACE(("recv_msg_global_request_remotetcp: remote tcp forwarding not compiled in"))
1fc0012b9c38 Fix handling of replies to global requests (#112) Dirkjan Bussink <d.bussink@gmail.com> parents: 1785 diff changeset	46
1fc0012b9c38 Fix handling of replies to global requests (#112) Dirkjan Bussink <d.bussink@gmail.com> parents: 1785 diff changeset	47 len = buf_getint(ses.payload);
1fc0012b9c38 Fix handling of replies to global requests (#112) Dirkjan Bussink <d.bussink@gmail.com> parents: 1785 diff changeset	48 buf_incrpos(ses.payload, len);
1fc0012b9c38 Fix handling of replies to global requests (#112) Dirkjan Bussink <d.bussink@gmail.com> parents: 1785 diff changeset	49 wantreply = buf_getbool(ses.payload);
1fc0012b9c38 Fix handling of replies to global requests (#112) Dirkjan Bussink <d.bussink@gmail.com> parents: 1785 diff changeset	50 if (wantreply) {
673 c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	51 send_msg_request_failure();
1788 1fc0012b9c38 Fix handling of replies to global requests (#112) Dirkjan Bussink <d.bussink@gmail.com> parents: 1785 diff changeset	52 }
673 c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	53 }
c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	54
c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	55 /* */
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1276 diff changeset	56 #endif /* !DROPBEAR_SVR_REMOTETCPFWD */
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	57
1276 9169e4e7cbee fix empty C prototypes Francois Perrad <francois.perrad@gadz.org> parents: 1251 diff changeset	58 static int svr_cancelremotetcp(void);
1464 ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	59 static int svr_remotetcpreq(int *allocated_listen_port);
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	60 static int newtcpdirect(struct Channel * channel);
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	61
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1276 diff changeset	62 #if DROPBEAR_SVR_REMOTETCPFWD
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	63 static const struct ChanType svr_chan_tcpremote = {
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	64 1, /* sepfds */
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	65 "forwarded-tcpip",
941 5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 937 diff changeset	66 tcp_prio_inithandler,
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	67 NULL,
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	68 NULL,
1627 9b02c49bd396 add missing initializer (#71) François Perrad <francois.perrad@gadz.org> parents: 1625 diff changeset	69 NULL,
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	70 NULL
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	71 };
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	72
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	73 /* At the moment this is completely used for tcp code (with the name reflecting
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	74 * that). If new request types are added, this should be replaced with code
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	75 * similar to the request-switching in chansession.c */
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	76 void recv_msg_global_request_remotetcp() {
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	77
1114 db7963049308 Turn many local variables into char * Gaël PORTAY <gael.portay@gmail.com> parents: 1094 diff changeset	78 char* reqname = NULL;
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	79 unsigned int namelen;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	80 unsigned int wantreply = 0;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	81 int ret = DROPBEAR_FAILURE;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	82
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	83 TRACE(("enter recv_msg_global_request_remotetcp"))
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	84
475 52a644e7b8e1 * Patch from Frédéric Moulins adding options to authorized_keys. Matt Johnston <matt@ucc.asn.au> parents: 410 diff changeset	85 if (svr_opts.noremotetcp \|\| !svr_pubkey_allows_tcpfwd()) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	86 TRACE(("leave recv_msg_global_request_remotetcp: remote tcp forwarding disabled"))
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	87 goto out;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	88 }
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	89
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1114 diff changeset	90 reqname = buf_getstring(ses.payload, &namelen);
179 161557a9dde8 * fix longstanding bug with connections being closed on failure to Matt Johnston <matt@ucc.asn.au> parents: 165 diff changeset	91 wantreply = buf_getbool(ses.payload);
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	92
267 7ce577234a10 * svr-tcpfwd.c: should be MAX_NAME_LEN not MAXNAMLEN Matt Johnston <matt@ucc.asn.au> parents: 259 diff changeset	93 if (namelen > MAX_NAME_LEN) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	94 TRACE(("name len is wrong: %d", namelen))
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	95 goto out;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	96 }
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	97
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	98 if (strcmp("tcpip-forward", reqname) == 0) {
1547 2c902644036d avoid warning about port Matt Johnston <matt@ucc.asn.au> parents: 1541 diff changeset	99 int allocated_listen_port = 0;
1464 ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	100 ret = svr_remotetcpreq(&allocated_listen_port);
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	101 /* client expects-port-number-to-make-use-of-server-allocated-ports */
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	102 if (DROPBEAR_SUCCESS == ret) {
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	103 CHECKCLEARTOWRITE();
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	104 buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_SUCCESS);
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	105 buf_putint(ses.writepayload, allocated_listen_port);
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	106 encrypt_packet();
1541 bb55dffab5ba don't log server listen ports Matt Johnston <matt@ucc.asn.au> parents: 1502 diff changeset	107 wantreply = 0; /* avoid out: below sending another reply */
1502 73aa542e76fe fix indentation Francois Perrad <francois.perrad@gadz.org> parents: 1499 diff changeset	108 }
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	109 } else if (strcmp("cancel-tcpip-forward", reqname) == 0) {
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	110 ret = svr_cancelremotetcp();
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	111 } else {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	112 TRACE(("reqname isn't tcpip-forward: '%s'", reqname))
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	113 }
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	114
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	115 out:
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	116 if (wantreply) {
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	117 if (ret == DROPBEAR_SUCCESS) {
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	118 send_msg_request_success();
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	119 } else {
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	120 send_msg_request_failure();
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	121 }
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	122 }
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	123
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	124 m_free(reqname);
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	125
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	126 TRACE(("leave recv_msg_global_request"))
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	127 }
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	128
1460 58a74cb829b8 Pointer parameter could be declared as pointing to const (callback) Francois Perrad <francois.perrad@gadz.org> parents: 1342 diff changeset	129 static int matchtcp(const void* typedata1, const void* typedata2) {
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	130
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	131 const struct TCPListener info1 = (struct TCPListener)typedata1;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	132 const struct TCPListener info2 = (struct TCPListener)typedata2;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	133
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 253 diff changeset	134 return (info1->listenport == info2->listenport)
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	135 && (info1->chantype == info2->chantype)
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 253 diff changeset	136 && (strcmp(info1->listenaddr, info2->listenaddr) == 0);
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	137 }
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	138
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	139 static int svr_cancelremotetcp() {
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	140
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	141 int ret = DROPBEAR_FAILURE;
1114 db7963049308 Turn many local variables into char * Gaël PORTAY <gael.portay@gmail.com> parents: 1094 diff changeset	142 char * bindaddr = NULL;
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	143 unsigned int addrlen;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	144 unsigned int port;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	145 struct Listener * listener = NULL;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	146 struct TCPListener tcpinfo;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	147
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	148 TRACE(("enter cancelremotetcp"))
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	149
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1114 diff changeset	150 bindaddr = buf_getstring(ses.payload, &addrlen);
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	151 if (addrlen > MAX_IP_LEN) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	152 TRACE(("addr len too long: %d", addrlen))
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	153 goto out;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	154 }
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	155
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	156 port = buf_getint(ses.payload);
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	157
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 253 diff changeset	158 tcpinfo.sendaddr = NULL;
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 253 diff changeset	159 tcpinfo.sendport = 0;
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 253 diff changeset	160 tcpinfo.listenaddr = bindaddr;
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 253 diff changeset	161 tcpinfo.listenport = port;
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	162 listener = get_listener(CHANNEL_ID_TCPFORWARDED, &tcpinfo, matchtcp);
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	163 if (listener) {
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	164 remove_listener( listener );
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	165 ret = DROPBEAR_SUCCESS;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	166 }
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	167
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	168 out:
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	169 m_free(bindaddr);
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	170 TRACE(("leave cancelremotetcp"))
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	171 return ret;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	172 }
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	173
1464 ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	174 static int svr_remotetcpreq(int *allocated_listen_port) {
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	175
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	176 int ret = DROPBEAR_FAILURE;
1114 db7963049308 Turn many local variables into char * Gaël PORTAY <gael.portay@gmail.com> parents: 1094 diff changeset	177 char * request_addr = NULL;
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	178 unsigned int addrlen;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	179 struct TCPListener *tcpinfo = NULL;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	180 unsigned int port;
1620 572a7aefa188 FIx remote forward listeners Matt Johnston <matt@ucc.asn.au> parents: 1547 diff changeset	181 struct Listener *listener = NULL;
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	182
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	183 TRACE(("enter remotetcpreq"))
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	184
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1114 diff changeset	185 request_addr = buf_getstring(ses.payload, &addrlen);
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	186 if (addrlen > MAX_IP_LEN) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	187 TRACE(("addr len too long: %d", addrlen))
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	188 goto out;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	189 }
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	190
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	191 port = buf_getint(ses.payload);
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	192
1464 ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	193 if (port != 0) {
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	194 if (port < 1 \|\| port > 65535) {
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	195 TRACE(("invalid port: %d", port))
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	196 goto out;
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	197 }
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	198
1464 ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	199 if (!ses.allowprivport && port < IPPORT_RESERVED) {
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	200 TRACE(("can't assign port < 1024 for non-root"))
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	201 goto out;
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	202 }
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	203 }
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	204
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	205 tcpinfo = (struct TCPListener*)m_malloc(sizeof(struct TCPListener));
258 306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 253 diff changeset	206 tcpinfo->sendaddr = NULL;
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local Matt Johnston <matt@ucc.asn.au> parents: 253 diff changeset	207 tcpinfo->sendport = 0;
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	208 tcpinfo->listenport = port;
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	209 tcpinfo->chantype = &svr_chan_tcpremote;
259 c049490e43fe * fix -L forwarding on the client, broke last rev Matt Johnston <matt@ucc.asn.au> parents: 258 diff changeset	210 tcpinfo->tcp_type = forwarded;
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	211
675 dfdb9d9189ff Server shouldn't return "localhost" in response to -R forward connections Matt Johnston <matt@ucc.asn.au> parents: 673 diff changeset	212 tcpinfo->request_listenaddr = request_addr;
dfdb9d9189ff Server shouldn't return "localhost" in response to -R forward connections Matt Johnston <matt@ucc.asn.au> parents: 673 diff changeset	213 if (!opts.listen_fwd_all \|\| (strcmp(request_addr, "localhost") == 0) ) {
1250 2bb4c662d1c2 more hard tab Francois Perrad <francois.perrad@gadz.org> parents: 1122 diff changeset	214 /* NULL means "localhost only" */
675 dfdb9d9189ff Server shouldn't return "localhost" in response to -R forward connections Matt Johnston <matt@ucc.asn.au> parents: 673 diff changeset	215 tcpinfo->listenaddr = NULL;
577 69e98c45db7c - Progress for allowing specifying a listenaddr for tcp forwards Matt Johnston <matt@ucc.asn.au> parents: 475 diff changeset	216 }
675 dfdb9d9189ff Server shouldn't return "localhost" in response to -R forward connections Matt Johnston <matt@ucc.asn.au> parents: 673 diff changeset	217 else
dfdb9d9189ff Server shouldn't return "localhost" in response to -R forward connections Matt Johnston <matt@ucc.asn.au> parents: 673 diff changeset	218 {
1334 c8114a48837c listenaddr must be malloced Matt Johnston <matt@ucc.asn.au> parents: 1276 diff changeset	219 tcpinfo->listenaddr = m_strdup(request_addr);
675 dfdb9d9189ff Server shouldn't return "localhost" in response to -R forward connections Matt Johnston <matt@ucc.asn.au> parents: 673 diff changeset	220 }
577 69e98c45db7c - Progress for allowing specifying a listenaddr for tcp forwards Matt Johnston <matt@ucc.asn.au> parents: 475 diff changeset	221
1620 572a7aefa188 FIx remote forward listeners Matt Johnston <matt@ucc.asn.au> parents: 1547 diff changeset	222 ret = listen_tcpfwd(tcpinfo, &listener);
1464 ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	223 if (DROPBEAR_SUCCESS == ret) {
1620 572a7aefa188 FIx remote forward listeners Matt Johnston <matt@ucc.asn.au> parents: 1547 diff changeset	224 tcpinfo->listenport = get_sock_port(listener->socks[0]);
1464 ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	225 *allocated_listen_port = tcpinfo->listenport;
ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	226 }
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	227
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	228 out:
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	229 if (ret == DROPBEAR_FAILURE) {
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	230 /* we only free it if a listener wasn't created, since the listener
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	231 * has to remember it if it's to be cancelled */
675 dfdb9d9189ff Server shouldn't return "localhost" in response to -R forward connections Matt Johnston <matt@ucc.asn.au> parents: 673 diff changeset	232 m_free(request_addr);
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	233 m_free(tcpinfo);
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	234 }
1464 ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	235
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	236 TRACE(("leave remotetcpreq"))
1464 ad637c9e0f6f Server chosen tcpfwd ports (#43) houseofkodai <karthik@houseofkodai.in> parents: 1460 diff changeset	237
62 20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	238 return ret;
20563735e8b5 just checkpointing Matt Johnston <matt@ucc.asn.au> parents: diff changeset	239 }
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	240
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1276 diff changeset	241 #endif /* DROPBEAR_SVR_REMOTETCPFWD */
673 c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	242
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1276 diff changeset	243 #if DROPBEAR_SVR_LOCALTCPFWD
673 c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	244
c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	245 const struct ChanType svr_chan_tcpdirect = {
c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	246 1, /* sepfds */
c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	247 "direct-tcpip",
c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	248 newtcpdirect, /* init */
c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	249 NULL, /* checkclose */
c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	250 NULL, /* reqhandler */
1625 79eef94ccea9 Split ChanType closehandler() and cleanup() so that dbclient doesn't Matt Johnston <matt@ucc.asn.au> parents: 1620 diff changeset	251 NULL, /* closehandler */
79eef94ccea9 Split ChanType closehandler() and cleanup() so that dbclient doesn't Matt Johnston <matt@ucc.asn.au> parents: 1620 diff changeset	252 NULL /* cleanup */
673 c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	253 };
c519b78b6d1a - Don't sent SSH_MSG_UNIMPLEMENTED if we don't have ENABLE_SVR_REMOTETCPFWD Matt Johnston <matt@ucc.asn.au> parents: 620 diff changeset	254
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	255 /* Called upon creating a new direct tcp channel (ie we connect out to an
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	256 * address */
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	257 static int newtcpdirect(struct Channel * channel) {
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	258
1114 db7963049308 Turn many local variables into char * Gaël PORTAY <gael.portay@gmail.com> parents: 1094 diff changeset	259 char* desthost = NULL;
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	260 unsigned int destport;
1114 db7963049308 Turn many local variables into char * Gaël PORTAY <gael.portay@gmail.com> parents: 1094 diff changeset	261 char* orighost = NULL;
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	262 unsigned int origport;
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	263 char portstring[NI_MAXSERV];
1094 c45d65392c1a Fix pointer differ in signess warnings [-Werror=pointer-sign] Gaël PORTAY <gael.portay@gmail.com> parents: 1032 diff changeset	264 unsigned int len;
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 64 diff changeset	265 int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED;
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	266
941 5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 937 diff changeset	267 TRACE(("newtcpdirect channel %d", channel->index))
5daedffd0769 Set tcp priority as follows: Matt Johnston <matt@ucc.asn.au> parents: 937 diff changeset	268
475 52a644e7b8e1 * Patch from Frédéric Moulins adding options to authorized_keys. Matt Johnston <matt@ucc.asn.au> parents: 410 diff changeset	269 if (svr_opts.nolocaltcp \|\| !svr_pubkey_allows_tcpfwd()) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	270 TRACE(("leave newtcpdirect: local tcp forwarding disabled"))
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	271 goto out;
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	272 }
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	273
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1114 diff changeset	274 desthost = buf_getstring(ses.payload, &len);
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	275 if (len > MAX_HOST_LEN) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	276 TRACE(("leave newtcpdirect: desthost too long"))
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	277 goto out;
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	278 }
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	279
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	280 destport = buf_getint(ses.payload);
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	281
1122 aaf576b27a10 Merge pull request #13 from gazoo74/fix-warnings Matt Johnston <matt@ucc.asn.au> parents: 1114 diff changeset	282 orighost = buf_getstring(ses.payload, &len);
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	283 if (len > MAX_HOST_LEN) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	284 TRACE(("leave newtcpdirect: orighost too long"))
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	285 goto out;
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	286 }
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	287
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	288 origport = buf_getint(ses.payload);
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	289
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	290 /* best be sure */
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	291 if (origport > 65535 \|\| destport > 65535) {
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	292 TRACE(("leave newtcpdirect: port > 65535"))
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	293 goto out;
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	294 }
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	295
1785 9026f976eee8 fuzz: work around fuzz_connect_remote() limitations Matt Johnston <matt@ucc.asn.au> parents: 1627 diff changeset	296 channel->prio = DROPBEAR_CHANNEL_PRIO_UNKNOWABLE;
9026f976eee8 fuzz: work around fuzz_connect_remote() limitations Matt Johnston <matt@ucc.asn.au> parents: 1627 diff changeset	297
1237 888e3d17e962 Fix print format specifier Chocobo1 <Chocobo1@users.noreply.github.com> parents: 1122 diff changeset	298 snprintf(portstring, sizeof(portstring), "%u", destport);
1466 f787f60f8e45 bind to port as well with -b Matt Johnston <matt@ucc.asn.au> parents: 1465 diff changeset	299 channel->conn_pending = connect_remote(desthost, portstring, channel_connect_done, channel, NULL, NULL);
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	300
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 64 diff changeset	301 err = SSH_OPEN_IN_PROGRESS;
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	302
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	303 out:
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	304 m_free(desthost);
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	305 m_free(orighost);
165 0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place Matt Johnston <matt@ucc.asn.au> parents: 156 diff changeset	306 TRACE(("leave newtcpdirect: err %d", err))
70 b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree Matt Johnston <matt@ucc.asn.au> parents: 64 diff changeset	307 return err;
64 efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	308 }
efb5e0b335cf TCP forwarding works. Matt Johnston <matt@ucc.asn.au> parents: 63 diff changeset	309
1295 750ec4ec4cbe Convert #ifdef to #if, other build changes Matt Johnston <matt@ucc.asn.au> parents: 1276 diff changeset	310 #endif /* DROPBEAR_SVR_LOCALTCPFWD */

Mercurial > dropbear

annotate svr-tcpfwd.c @ 1788:1fc0012b9c38