Mercurial > dropbear

annotate svr-tcpfwd.c @ 77:3000e5b4dd2d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
filelist.txt
author Matt Johnston <matt@ucc.asn.au>
date Sat, 14 Aug 2004 18:06:28 +0000
parents e3adf4cf5465
children 8c2b3506f112
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
74
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
1 /*
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
2 * Dropbear SSH
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
3 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
4 * Copyright (c) 2002,2003 Matt Johnston
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
5 * Copyright (c) 2004 by Mihnea Stoenescu
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
6 * All rights reserved.
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
7 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
9 * of this software and associated documentation files (the "Software"), to deal
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
10 * in the Software without restriction, including without limitation the rights
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
12 * copies of the Software, and to permit persons to whom the Software is
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
13 * furnished to do so, subject to the following conditions:
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
14 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
15 * The above copyright notice and this permission notice shall be included in
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
16 * all copies or substantial portions of the Software.
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
17 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
24 * SOFTWARE. */
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
25
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
26 #include "includes.h"
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27 #include "ssh.h"
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
28 #include "tcpfwd.h"
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 #include "dbutil.h"
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30 #include "session.h"
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
31 #include "buffer.h"
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
32 #include "packet.h"
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
33 #include "listener.h"
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
34 #include "runopts.h"
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
35
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
36 #ifndef DISABLE_SVR_REMOTETCPFWD
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
37
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
38 static void send_msg_request_success();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
39 static void send_msg_request_failure();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
40 static int svr_cancelremotetcp();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
41 static int svr_remotetcpreq();
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
42 static int newtcpdirect(struct Channel * channel);
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
43
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
44
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
45 const struct ChanType svr_chan_tcpdirect = {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
46 1, /* sepfds */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
47 "direct-tcpip",
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
48 newtcpdirect, /* init */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
49 NULL, /* checkclose */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
50 NULL, /* reqhandler */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
51 NULL /* closehandler */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
52 };
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
53
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
54 static const struct ChanType svr_chan_tcpremote = {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
55 1, /* sepfds */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
56 "forwarded-tcpip",
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
57 NULL,
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
58 NULL,
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
59 NULL,
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
60 NULL
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
61 };
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
63 /* At the moment this is completely used for tcp code (with the name reflecting
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
64 * that). If new request types are added, this should be replaced with code
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
65 * similar to the request-switching in chansession.c */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
66 void recv_msg_global_request_remotetcp() {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
67
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
68 unsigned char* reqname = NULL;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
69 unsigned int namelen;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
70 unsigned int wantreply = 0;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
71 int ret = DROPBEAR_FAILURE;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
72
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
73 TRACE(("enter recv_msg_global_request_remotetcp"));
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
74
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
75 if (opts.noremotetcp) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
76 TRACE(("leave recv_msg_global_request_remotetcp: remote tcp forwarding disabled"));
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
77 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
78 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
79
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
80 reqname = buf_getstring(ses.payload, &namelen);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
81 wantreply = buf_getbyte(ses.payload);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
82
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
83 if (namelen > MAXNAMLEN) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
84 TRACE(("name len is wrong: %d", namelen));
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
85 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
86 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
87
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
88 if (strcmp("tcpip-forward", reqname) == 0) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
89 ret = svr_remotetcpreq();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
90 } else if (strcmp("cancel-tcpip-forward", reqname) == 0) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
91 ret = svr_cancelremotetcp();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
92 } else {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
93 TRACE(("reqname isn't tcpip-forward: '%s'", reqname));
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
94 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
95
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
96 out:
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
97 if (wantreply) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
98 if (ret == DROPBEAR_SUCCESS) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
99 send_msg_request_success();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
100 } else {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
101 send_msg_request_failure();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
102 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
103 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
104
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
105 m_free(reqname);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
106
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
107 TRACE(("leave recv_msg_global_request"));
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
108 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
109
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
110
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
111 static void send_msg_request_success() {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
112
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
113 CHECKCLEARTOWRITE();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
114 buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_SUCCESS);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
115 encrypt_packet();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
116
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
117 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
118
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
119 static void send_msg_request_failure() {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
120
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
121 CHECKCLEARTOWRITE();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
122 buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_FAILURE);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
123 encrypt_packet();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
124
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
125 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
126
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
127 static int matchtcp(void* typedata1, void* typedata2) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
128
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
129 const struct TCPListener *info1 = (struct TCPListener*)typedata1;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
130 const struct TCPListener *info2 = (struct TCPListener*)typedata2;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
131
63
dcc43965928f - A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
132 return (info1->sendport == info2->sendport)
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
133 && (info1->chantype == info2->chantype)
63
dcc43965928f - A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
134 && (strcmp(info1->sendaddr, info2->sendaddr) == 0);
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
135 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
136
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
137 static int svr_cancelremotetcp() {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
138
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
139 int ret = DROPBEAR_FAILURE;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
140 unsigned char * bindaddr = NULL;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
141 unsigned int addrlen;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
142 unsigned int port;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
143 struct Listener * listener = NULL;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
144 struct TCPListener tcpinfo;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
145
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
146 TRACE(("enter cancelremotetcp"));
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
147
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
148 bindaddr = buf_getstring(ses.payload, &addrlen);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
149 if (addrlen > MAX_IP_LEN) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
150 TRACE(("addr len too long: %d", addrlen));
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
151 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
152 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
153
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
154 port = buf_getint(ses.payload);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
155
63
dcc43965928f - A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
156 tcpinfo.sendaddr = bindaddr;
dcc43965928f - A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
157 tcpinfo.sendport = port;
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
158 listener = get_listener(CHANNEL_ID_TCPFORWARDED, &tcpinfo, matchtcp);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
159 if (listener) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
160 remove_listener( listener );
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
161 ret = DROPBEAR_SUCCESS;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
162 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
163
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
164 out:
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
165 m_free(bindaddr);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
166 TRACE(("leave cancelremotetcp"));
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
167 return ret;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
168 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
169
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
170 static int svr_remotetcpreq() {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
171
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
172 int ret = DROPBEAR_FAILURE;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
173 unsigned char * bindaddr = NULL;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
174 unsigned int addrlen;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
175 struct TCPListener *tcpinfo = NULL;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
176 unsigned int port;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
177
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
178 TRACE(("enter remotetcpreq"));
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
179
63
dcc43965928f - A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
180 /* NOTE: at this stage, we ignore bindaddr. see below and listen_tcpfwd */
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
181 bindaddr = buf_getstring(ses.payload, &addrlen);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
182 if (addrlen > MAX_IP_LEN) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
183 TRACE(("addr len too long: %d", addrlen));
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
184 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
185 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
186
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
187 port = buf_getint(ses.payload);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
188
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
189 if (port == 0) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
190 dropbear_log(LOG_INFO, "Server chosen tcpfwd ports are unsupported");
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
191 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
192 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
193
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
194 if (port < 1 || port > 65535) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
195 TRACE(("invalid port: %d", port));
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
196 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
197 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
198
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
199 if (!ses.allowprivport && port < IPPORT_RESERVED) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
200 TRACE(("can't assign port < 1024 for non-root"));
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
201 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
202 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
203
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
204 tcpinfo = (struct TCPListener*)m_malloc(sizeof(struct TCPListener));
63
dcc43965928f - A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
205 tcpinfo->sendaddr = bindaddr;
dcc43965928f - A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
206 tcpinfo->sendport = port;
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
207 tcpinfo->listenport = port;
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
208 tcpinfo->chantype = &svr_chan_tcpremote;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
209
63
dcc43965928f - A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
210 /* Note: bindaddr is actually ignored by listen_tcpfwd, since
dcc43965928f - A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
211 * we only want to bind to localhost */
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
212 ret = listen_tcpfwd(tcpinfo);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
213
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
214 out:
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
215 if (ret == DROPBEAR_FAILURE) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
216 /* we only free it if a listener wasn't created, since the listener
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
217 * has to remember it if it's to be cancelled */
63
dcc43965928f - A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents: 62
diff changeset
218 m_free(tcpinfo->sendaddr);
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
219 m_free(tcpinfo);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
220 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
221 TRACE(("leave remotetcpreq"));
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
222 return ret;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
223 }
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
224
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
225 /* Called upon creating a new direct tcp channel (ie we connect out to an
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
226 * address */
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
227 static int newtcpdirect(struct Channel * channel) {
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
228
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
229 unsigned char* desthost = NULL;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
230 unsigned int destport;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
231 unsigned char* orighost = NULL;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
232 unsigned int origport;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
233 char portstring[NI_MAXSERV];
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
234 int sock;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
235 int len;
70
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents: 64
diff changeset
236 int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED;
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
237
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
238 if (opts.nolocaltcp) {
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
239 TRACE(("leave newtcpdirect: local tcp forwarding disabled"));
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
240 goto out;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
241 }
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
242
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
243 desthost = buf_getstring(ses.payload, &len);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
244 if (len > MAX_HOST_LEN) {
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
245 TRACE(("leave newtcpdirect: desthost too long"));
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
246 goto out;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
247 }
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
248
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
249 destport = buf_getint(ses.payload);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
250
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
251 orighost = buf_getstring(ses.payload, &len);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
252 if (len > MAX_HOST_LEN) {
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
253 TRACE(("leave newtcpdirect: orighost too long"));
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
254 goto out;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
255 }
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
256
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
257 origport = buf_getint(ses.payload);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
258
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
259 /* best be sure */
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
260 if (origport > 65535 || destport > 65535) {
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
261 TRACE(("leave newtcpdirect: port > 65535"));
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
262 goto out;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
263 }
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
264
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
265 snprintf(portstring, sizeof(portstring), "%d", destport);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
266 sock = connect_remote(desthost, portstring, 1, NULL);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
267 if (sock < 0) {
70
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents: 64
diff changeset
268 err = SSH_OPEN_CONNECT_FAILED;
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
269 TRACE(("leave newtcpdirect: sock failed"));
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
270 goto out;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
271 }
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
272
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
273 ses.maxfd = MAX(ses.maxfd, sock);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
274
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
275 /* Note that infd is actually the "outgoing" direction on the
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
276 * tcp connection, vice versa for outfd.
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
277 * We don't set outfd, that will get set after the connection's
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
278 * progress succeeds */
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
279 channel->infd = sock;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
280 channel->initconn = 1;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
281
70
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents: 64
diff changeset
282 err = SSH_OPEN_IN_PROGRESS;
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
283
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
284 out:
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
285 m_free(desthost);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
286 m_free(orighost);
70
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents: 64
diff changeset
287 TRACE(("leave newtcpdirect: err %d", err));
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents: 64
diff changeset
288 return err;
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
289 }
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
290
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
291 #endif