Mercurial > dropbear

annotate svr-tcpfwd.c @ 619:35d27c1d0ee7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Fix leak found by Klocwork
author Matt Johnston <matt@ucc.asn.au>
date Thu, 07 Apr 2011 13:38:27 +0000
parents 69e98c45db7c
children 79d48028457c
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
74
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
1 /*
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
2 * Dropbear SSH
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
3 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
4 * Copyright (c) 2002,2003 Matt Johnston
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
5 * Copyright (c) 2004 by Mihnea Stoenescu
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
6 * All rights reserved.
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
7 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
8 * Permission is hereby granted, free of charge, to any person obtaining a copy
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
9 * of this software and associated documentation files (the "Software"), to deal
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
10 * in the Software without restriction, including without limitation the rights
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
11 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
12 * copies of the Software, and to permit persons to whom the Software is
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
13 * furnished to do so, subject to the following conditions:
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
14 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
15 * The above copyright notice and this permission notice shall be included in
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
16 * all copies or substantial portions of the Software.
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
17 *
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
18 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
19 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
20 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
21 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
22 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
23 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
24 * SOFTWARE. */
e3adf4cf5465 License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents: 70
diff changeset
25
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
26 #include "includes.h"
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
27 #include "ssh.h"
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
28 #include "tcpfwd.h"
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
29 #include "dbutil.h"
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
30 #include "session.h"
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
31 #include "buffer.h"
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
32 #include "packet.h"
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
33 #include "listener.h"
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
34 #include "runopts.h"
475
52a644e7b8e1 * Patch from Frédéric Moulins adding options to authorized_keys.
Matt Johnston <matt@ucc.asn.au>
parents: 410
diff changeset
35 #include "auth.h"
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
36
156
8c2b3506f112 Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents: 74
diff changeset
37 #ifdef ENABLE_SVR_REMOTETCPFWD
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
38
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
39 static void send_msg_request_success();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
40 static void send_msg_request_failure();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
41 static int svr_cancelremotetcp();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
42 static int svr_remotetcpreq();
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
43 static int newtcpdirect(struct Channel * channel);
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
44
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
45
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
46 const struct ChanType svr_chan_tcpdirect = {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
47 1, /* sepfds */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
48 "direct-tcpip",
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
49 newtcpdirect, /* init */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
50 NULL, /* checkclose */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
51 NULL, /* reqhandler */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
52 NULL /* closehandler */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
53 };
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
54
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
55 static const struct ChanType svr_chan_tcpremote = {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
56 1, /* sepfds */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
57 "forwarded-tcpip",
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
58 NULL,
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
59 NULL,
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
60 NULL,
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
61 NULL
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
62 };
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
63
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
64 /* At the moment this is completely used for tcp code (with the name reflecting
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
65 * that). If new request types are added, this should be replaced with code
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
66 * similar to the request-switching in chansession.c */
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
67 void recv_msg_global_request_remotetcp() {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
68
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
69 unsigned char* reqname = NULL;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
70 unsigned int namelen;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
71 unsigned int wantreply = 0;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
72 int ret = DROPBEAR_FAILURE;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
73
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
74 TRACE(("enter recv_msg_global_request_remotetcp"))
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
75
475
52a644e7b8e1 * Patch from Frédéric Moulins adding options to authorized_keys.
Matt Johnston <matt@ucc.asn.au>
parents: 410
diff changeset
76 if (svr_opts.noremotetcp || !svr_pubkey_allows_tcpfwd()) {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
77 TRACE(("leave recv_msg_global_request_remotetcp: remote tcp forwarding disabled"))
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
78 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
79 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
80
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
81 reqname = buf_getstring(ses.payload, &namelen);
179
161557a9dde8 * fix longstanding bug with connections being closed on failure to
Matt Johnston <matt@ucc.asn.au>
parents: 165
diff changeset
82 wantreply = buf_getbool(ses.payload);
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
83
267
7ce577234a10 * svr-tcpfwd.c: should be MAX_NAME_LEN not MAXNAMLEN
Matt Johnston <matt@ucc.asn.au>
parents: 259
diff changeset
84 if (namelen > MAX_NAME_LEN) {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
85 TRACE(("name len is wrong: %d", namelen))
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
86 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
87 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
88
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
89 if (strcmp("tcpip-forward", reqname) == 0) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
90 ret = svr_remotetcpreq();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
91 } else if (strcmp("cancel-tcpip-forward", reqname) == 0) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
92 ret = svr_cancelremotetcp();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
93 } else {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
94 TRACE(("reqname isn't tcpip-forward: '%s'", reqname))
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
95 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
96
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
97 out:
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
98 if (wantreply) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
99 if (ret == DROPBEAR_SUCCESS) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
100 send_msg_request_success();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
101 } else {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
102 send_msg_request_failure();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
103 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
104 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
105
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
106 m_free(reqname);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
107
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
108 TRACE(("leave recv_msg_global_request"))
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
109 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
110
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
111
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
112 static void send_msg_request_success() {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
113
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
114 CHECKCLEARTOWRITE();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
115 buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_SUCCESS);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
116 encrypt_packet();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
117
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
118 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
119
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
120 static void send_msg_request_failure() {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
121
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
122 CHECKCLEARTOWRITE();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
123 buf_putbyte(ses.writepayload, SSH_MSG_REQUEST_FAILURE);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
124 encrypt_packet();
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
125
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
126 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
127
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
128 static int matchtcp(void* typedata1, void* typedata2) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
129
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
130 const struct TCPListener *info1 = (struct TCPListener*)typedata1;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
131 const struct TCPListener *info2 = (struct TCPListener*)typedata2;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
132
258
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents: 253
diff changeset
133 return (info1->listenport == info2->listenport)
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
134 && (info1->chantype == info2->chantype)
258
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents: 253
diff changeset
135 && (strcmp(info1->listenaddr, info2->listenaddr) == 0);
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
136 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
137
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
138 static int svr_cancelremotetcp() {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
139
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
140 int ret = DROPBEAR_FAILURE;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
141 unsigned char * bindaddr = NULL;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
142 unsigned int addrlen;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
143 unsigned int port;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
144 struct Listener * listener = NULL;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
145 struct TCPListener tcpinfo;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
146
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
147 TRACE(("enter cancelremotetcp"))
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
148
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
149 bindaddr = buf_getstring(ses.payload, &addrlen);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
150 if (addrlen > MAX_IP_LEN) {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
151 TRACE(("addr len too long: %d", addrlen))
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
152 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
153 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
154
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
155 port = buf_getint(ses.payload);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
156
258
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents: 253
diff changeset
157 tcpinfo.sendaddr = NULL;
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents: 253
diff changeset
158 tcpinfo.sendport = 0;
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents: 253
diff changeset
159 tcpinfo.listenaddr = bindaddr;
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents: 253
diff changeset
160 tcpinfo.listenport = port;
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
161 listener = get_listener(CHANNEL_ID_TCPFORWARDED, &tcpinfo, matchtcp);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
162 if (listener) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
163 remove_listener( listener );
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
164 ret = DROPBEAR_SUCCESS;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
165 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
166
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
167 out:
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
168 m_free(bindaddr);
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
169 TRACE(("leave cancelremotetcp"))
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
170 return ret;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
171 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
172
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
173 static int svr_remotetcpreq() {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
174
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
175 int ret = DROPBEAR_FAILURE;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
176 unsigned char * bindaddr = NULL;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
177 unsigned int addrlen;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
178 struct TCPListener *tcpinfo = NULL;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
179 unsigned int port;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
180
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
181 TRACE(("enter remotetcpreq"))
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
182
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
183 bindaddr = buf_getstring(ses.payload, &addrlen);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
184 if (addrlen > MAX_IP_LEN) {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
185 TRACE(("addr len too long: %d", addrlen))
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
186 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
187 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
188
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
189 port = buf_getint(ses.payload);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
190
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
191 if (port == 0) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
192 dropbear_log(LOG_INFO, "Server chosen tcpfwd ports are unsupported");
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
193 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
194 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
195
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
196 if (port < 1 || port > 65535) {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
197 TRACE(("invalid port: %d", port))
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
198 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
199 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
200
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
201 if (!ses.allowprivport && port < IPPORT_RESERVED) {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
202 TRACE(("can't assign port < 1024 for non-root"))
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
203 goto out;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
204 }
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
205
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
206 tcpinfo = (struct TCPListener*)m_malloc(sizeof(struct TCPListener));
258
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents: 253
diff changeset
207 tcpinfo->sendaddr = NULL;
306499676384 * add -g (dbclient) and -a (dropbear) options for allowing non-local
Matt Johnston <matt@ucc.asn.au>
parents: 253
diff changeset
208 tcpinfo->sendport = 0;
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
209 tcpinfo->listenport = port;
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
210 tcpinfo->chantype = &svr_chan_tcpremote;
259
c049490e43fe * fix -L forwarding on the client, broke last rev
Matt Johnston <matt@ucc.asn.au>
parents: 258
diff changeset
211 tcpinfo->tcp_type = forwarded;
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
212
577
69e98c45db7c - Progress for allowing specifying a listenaddr for tcp forwards
Matt Johnston <matt@ucc.asn.au>
parents: 475
diff changeset
213 if (!opts.listen_fwd_all
69e98c45db7c - Progress for allowing specifying a listenaddr for tcp forwards
Matt Johnston <matt@ucc.asn.au>
parents: 475
diff changeset
214 || (strcmp(tcpinfo->listenaddr, "localhost") == 0) ) {
69e98c45db7c - Progress for allowing specifying a listenaddr for tcp forwards
Matt Johnston <matt@ucc.asn.au>
parents: 475
diff changeset
215 // NULL means "localhost only"
619
35d27c1d0ee7 Fix leak found by Klocwork
Matt Johnston <matt@ucc.asn.au>
parents: 577
diff changeset
216 m_free(bindaddr);
35d27c1d0ee7 Fix leak found by Klocwork
Matt Johnston <matt@ucc.asn.au>
parents: 577
diff changeset
217 bindaddr = NULL;
577
69e98c45db7c - Progress for allowing specifying a listenaddr for tcp forwards
Matt Johnston <matt@ucc.asn.au>
parents: 475
diff changeset
218 }
619
35d27c1d0ee7 Fix leak found by Klocwork
Matt Johnston <matt@ucc.asn.au>
parents: 577
diff changeset
219 tcpinfo->listenaddr = bindaddr;
577
69e98c45db7c - Progress for allowing specifying a listenaddr for tcp forwards
Matt Johnston <matt@ucc.asn.au>
parents: 475
diff changeset
220
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
221 ret = listen_tcpfwd(tcpinfo);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
222
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
223 out:
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
224 if (ret == DROPBEAR_FAILURE) {
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
225 /* we only free it if a listener wasn't created, since the listener
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
226 * has to remember it if it's to be cancelled */
340
454a34b2dfd1 Fixes from Erik Hovland:
Matt Johnston <matt@ucc.asn.au>
parents: 267
diff changeset
227 m_free(bindaddr);
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
228 m_free(tcpinfo);
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
229 }
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
230 TRACE(("leave remotetcpreq"))
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
231 return ret;
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
232 }
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
233
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
234 /* Called upon creating a new direct tcp channel (ie we connect out to an
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
235 * address */
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
236 static int newtcpdirect(struct Channel * channel) {
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
237
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
238 unsigned char* desthost = NULL;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
239 unsigned int destport;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
240 unsigned char* orighost = NULL;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
241 unsigned int origport;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
242 char portstring[NI_MAXSERV];
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
243 int sock;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
244 int len;
70
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents: 64
diff changeset
245 int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED;
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
246
475
52a644e7b8e1 * Patch from Frédéric Moulins adding options to authorized_keys.
Matt Johnston <matt@ucc.asn.au>
parents: 410
diff changeset
247 if (svr_opts.nolocaltcp || !svr_pubkey_allows_tcpfwd()) {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
248 TRACE(("leave newtcpdirect: local tcp forwarding disabled"))
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
249 goto out;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
250 }
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
251
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
252 desthost = buf_getstring(ses.payload, &len);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
253 if (len > MAX_HOST_LEN) {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
254 TRACE(("leave newtcpdirect: desthost too long"))
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
255 goto out;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
256 }
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
257
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
258 destport = buf_getint(ses.payload);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
259
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
260 orighost = buf_getstring(ses.payload, &len);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
261 if (len > MAX_HOST_LEN) {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
262 TRACE(("leave newtcpdirect: orighost too long"))
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
263 goto out;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
264 }
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
265
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
266 origport = buf_getint(ses.payload);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
267
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
268 /* best be sure */
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
269 if (origport > 65535 || destport > 65535) {
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
270 TRACE(("leave newtcpdirect: port > 65535"))
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
271 goto out;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
272 }
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
273
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
274 snprintf(portstring, sizeof(portstring), "%d", destport);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
275 sock = connect_remote(desthost, portstring, 1, NULL);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
276 if (sock < 0) {
70
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents: 64
diff changeset
277 err = SSH_OPEN_CONNECT_FAILED;
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
278 TRACE(("leave newtcpdirect: sock failed"))
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
279 goto out;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
280 }
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
281
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
282 ses.maxfd = MAX(ses.maxfd, sock);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
283
253
84925eceeb13 * rename infd/outfd to writefd/readfd, to avoid confusion
Matt Johnston <matt@ucc.asn.au>
parents: 179
diff changeset
284 /* We don't set readfd, that will get set after the connection's
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
285 * progress succeeds */
253
84925eceeb13 * rename infd/outfd to writefd/readfd, to avoid confusion
Matt Johnston <matt@ucc.asn.au>
parents: 179
diff changeset
286 channel->writefd = sock;
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
287 channel->initconn = 1;
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
288
70
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents: 64
diff changeset
289 err = SSH_OPEN_IN_PROGRESS;
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
290
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
291 out:
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
292 m_free(desthost);
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
293 m_free(orighost);
165
0cfba3034be5 Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents: 156
diff changeset
294 TRACE(("leave newtcpdirect: err %d", err))
70
b0316ce64e4b Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents: 64
diff changeset
295 return err;
64
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
296 }
efb5e0b335cf TCP forwarding works.
Matt Johnston <matt@ucc.asn.au>
parents: 63
diff changeset
297
62
20563735e8b5 just checkpointing
Matt Johnston <matt@ucc.asn.au>
parents:
diff changeset
298 #endif