Mercurial > dropbear
annotate cli-tcpfwd.c @ 182:aeca43462eee
merge of 954df0829153a81396cf111410fae269457c3ad6
and d7e8c6af971415504a2b626bf6dc1a4d50cdc5d7
| author | Matt Johnston <matt@ucc.asn.au> |
|---|---|
| date | Sun, 13 Mar 2005 16:23:19 +0000 |
| parents | 0cfba3034be5 |
| children | ca55377e4f7e |
| rev | line source |
|---|---|
|
74
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
1 /* |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
2 * Dropbear SSH |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
3 * |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
4 * Copyright (c) 2002,2003 Matt Johnston |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
5 * All rights reserved. |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
6 * |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
7 * Permission is hereby granted, free of charge, to any person obtaining a copy |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
8 * of this software and associated documentation files (the "Software"), to deal |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
9 * in the Software without restriction, including without limitation the rights |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
11 * copies of the Software, and to permit persons to whom the Software is |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
12 * furnished to do so, subject to the following conditions: |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
13 * |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
14 * The above copyright notice and this permission notice shall be included in |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
15 * all copies or substantial portions of the Software. |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
16 * |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
20 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
23 * SOFTWARE. */ |
|
e3adf4cf5465
License boilerplate etc, add Mihnea as an author to some of the files
Matt Johnston <matt@ucc.asn.au>
parents:
70
diff
changeset
|
24 |
| 62 | 25 #include "includes.h" |
| 26 #include "options.h" | |
| 64 | 27 #include "dbutil.h" |
| 28 #include "tcpfwd.h" | |
| 62 | 29 #include "channel.h" |
| 64 | 30 #include "runopts.h" |
| 31 #include "session.h" | |
| 32 #include "ssh.h" | |
| 62 | 33 |
|
156
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
34 #ifdef ENABLE_CLI_REMOTETCPFWD |
| 64 | 35 static int newtcpforwarded(struct Channel * channel); |
| 36 | |
| 37 const struct ChanType cli_chan_tcpremote = { | |
| 38 1, /* sepfds */ | |
| 39 "forwarded-tcpip", | |
| 40 newtcpforwarded, | |
| 41 NULL, | |
| 42 NULL, | |
| 43 NULL | |
| 44 }; | |
|
156
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
45 #endif |
|
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
46 |
|
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
47 #ifdef ENABLE_CLI_LOCALTCPFWD |
|
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
48 static int cli_localtcp(unsigned int listenport, const char* remoteaddr, |
|
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
49 unsigned int remoteport); |
| 62 | 50 static const struct ChanType cli_chan_tcplocal = { |
| 51 1, /* sepfds */ | |
| 52 "direct-tcpip", | |
| 53 NULL, | |
| 54 NULL, | |
| 64 | 55 NULL, |
| 62 | 56 NULL |
| 57 }; | |
|
156
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
58 #endif |
| 62 | 59 |
|
156
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
60 #ifdef ENABLE_CLI_LOCALTCPFWD |
|
63
dcc43965928f
- A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
61 void setup_localtcp() { |
| 62 | 62 |
| 64 | 63 int ret; |
| 64 | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
65 TRACE(("enter setup_localtcp")) |
|
66
38c3146aa23d
Some more sanity-checking of args, and just warn and ignore OpenSSH args
Matt Johnston <matt@ucc.asn.au>
parents:
64
diff
changeset
|
66 |
| 64 | 67 if (cli_opts.localfwds == NULL) { |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
68 TRACE(("cli_opts.localfwds == NULL")) |
| 64 | 69 } |
| 70 | |
| 71 while (cli_opts.localfwds != NULL) { | |
| 72 ret = cli_localtcp(cli_opts.localfwds->listenport, | |
| 73 cli_opts.localfwds->connectaddr, | |
| 74 cli_opts.localfwds->connectport); | |
| 75 if (ret == DROPBEAR_FAILURE) { | |
| 76 dropbear_log(LOG_WARNING, "Failed local port forward %d:%s:%d", | |
| 77 cli_opts.localfwds->listenport, | |
| 78 cli_opts.localfwds->connectaddr, | |
| 79 cli_opts.localfwds->connectport); | |
| 80 } | |
| 81 | |
| 82 cli_opts.localfwds = cli_opts.localfwds->next; | |
| 83 } | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
84 TRACE(("leave setup_localtcp")) |
| 62 | 85 |
|
63
dcc43965928f
- A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
86 } |
| 62 | 87 |
|
63
dcc43965928f
- A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
88 static int cli_localtcp(unsigned int listenport, const char* remoteaddr, |
|
dcc43965928f
- A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
89 unsigned int remoteport) { |
| 62 | 90 |
| 91 struct TCPListener* tcpinfo = NULL; | |
| 64 | 92 int ret; |
| 93 | |
| 94 TRACE(("enter cli_localtcp: %d %s %d", listenport, remoteaddr, | |
| 95 remoteport)); | |
| 62 | 96 |
| 97 tcpinfo = (struct TCPListener*)m_malloc(sizeof(struct TCPListener*)); | |
|
108
10f4d3319780
- added circular buffering for channels
Matt Johnston <matt@ucc.asn.au>
parents:
74
diff
changeset
|
98 tcpinfo->sendaddr = m_strdup(remoteaddr); |
|
63
dcc43965928f
- A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
99 tcpinfo->sendport = remoteport; |
|
dcc43965928f
- A nice cleaner structure for tcp (acceptor) forwarding.
Matt Johnston <matt@ucc.asn.au>
parents:
62
diff
changeset
|
100 tcpinfo->listenport = listenport; |
| 62 | 101 tcpinfo->chantype = &cli_chan_tcplocal; |
| 102 | |
| 103 ret = listen_tcpfwd(tcpinfo); | |
| 104 | |
| 105 if (ret == DROPBEAR_FAILURE) { | |
| 106 m_free(tcpinfo); | |
| 107 } | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
108 TRACE(("leave cli_localtcp: %d", ret)) |
| 62 | 109 return ret; |
| 110 } | |
|
156
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
111 #endif /* ENABLE_CLI_LOCALTCPFWD */ |
| 64 | 112 |
|
156
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
113 #ifdef ENABLE_CLI_REMOTETCPFWD |
| 64 | 114 static void send_msg_global_request_remotetcp(int port) { |
| 115 | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
116 TRACE(("enter send_msg_global_request_remotetcp")) |
| 64 | 117 |
| 118 CHECKCLEARTOWRITE(); | |
| 119 buf_putbyte(ses.writepayload, SSH_MSG_GLOBAL_REQUEST); | |
| 120 buf_putstring(ses.writepayload, "tcpip-forward", 13); | |
| 121 buf_putbyte(ses.writepayload, 0); | |
| 122 buf_putstring(ses.writepayload, "0.0.0.0", 7); /* TODO: IPv6? */ | |
| 123 buf_putint(ses.writepayload, port); | |
| 124 | |
| 125 encrypt_packet(); | |
| 126 | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
127 TRACE(("leave send_msg_global_request_remotetcp")) |
| 64 | 128 } |
| 129 | |
| 130 void setup_remotetcp() { | |
| 131 | |
| 132 struct TCPFwdList * iter = NULL; | |
| 133 | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
134 TRACE(("enter setup_remotetcp")) |
|
66
38c3146aa23d
Some more sanity-checking of args, and just warn and ignore OpenSSH args
Matt Johnston <matt@ucc.asn.au>
parents:
64
diff
changeset
|
135 |
| 64 | 136 if (cli_opts.remotefwds == NULL) { |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
137 TRACE(("cli_opts.remotefwds == NULL")) |
| 64 | 138 } |
| 139 | |
| 140 iter = cli_opts.remotefwds; | |
| 141 | |
| 142 while (iter != NULL) { | |
| 143 send_msg_global_request_remotetcp(iter->listenport); | |
| 144 iter = iter->next; | |
| 145 } | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
146 TRACE(("leave setup_remotetcp")) |
| 64 | 147 } |
| 148 | |
| 149 static int newtcpforwarded(struct Channel * channel) { | |
| 150 | |
| 151 unsigned int origport; | |
| 152 struct TCPFwdList * iter = NULL; | |
| 153 char portstring[NI_MAXSERV]; | |
| 154 int sock; | |
|
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
66
diff
changeset
|
155 int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED; |
| 64 | 156 |
| 157 /* We don't care what address they connected to */ | |
| 158 buf_eatstring(ses.payload); | |
| 159 | |
| 160 origport = buf_getint(ses.payload); | |
| 161 | |
| 162 /* Find which port corresponds */ | |
| 163 iter = cli_opts.remotefwds; | |
| 164 | |
| 165 while (iter != NULL) { | |
| 166 if (origport == iter->listenport) { | |
| 167 break; | |
| 168 } | |
| 169 iter = iter->next; | |
| 170 } | |
| 171 | |
| 172 if (iter == NULL) { | |
| 173 /* We didn't request forwarding on that port */ | |
| 174 dropbear_log(LOG_INFO, "Server send unrequested port, from port %d", | |
| 175 origport); | |
| 176 goto out; | |
| 177 } | |
| 178 | |
| 179 snprintf(portstring, sizeof(portstring), "%d", iter->connectport); | |
| 180 sock = connect_remote(iter->connectaddr, portstring, 1, NULL); | |
| 181 if (sock < 0) { | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
182 TRACE(("leave newtcpdirect: sock failed")) |
|
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
66
diff
changeset
|
183 err = SSH_OPEN_CONNECT_FAILED; |
| 64 | 184 goto out; |
| 185 } | |
| 186 | |
| 187 ses.maxfd = MAX(ses.maxfd, sock); | |
| 188 | |
| 189 /* Note that infd is actually the "outgoing" direction on the | |
| 190 * tcp connection, vice versa for outfd. | |
| 191 * We don't set outfd, that will get set after the connection's | |
| 192 * progress succeeds */ | |
| 193 channel->infd = sock; | |
| 194 channel->initconn = 1; | |
| 195 | |
|
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
66
diff
changeset
|
196 err = SSH_OPEN_IN_PROGRESS; |
| 64 | 197 |
| 198 out: | |
|
165
0cfba3034be5
Fixed DEBUG_TRACE macro so that we don't get semicolons left about the place
Matt Johnston <matt@ucc.asn.au>
parents:
156
diff
changeset
|
199 TRACE(("leave newtcpdirect: err %d", err)) |
|
70
b0316ce64e4b
Merging in the changes from 0.41-0.43 main Dropbear tree
Matt Johnston <matt@ucc.asn.au>
parents:
66
diff
changeset
|
200 return err; |
| 64 | 201 } |
|
156
8c2b3506f112
Rearrange preprocessor parts so that compilation with various options
Matt Johnston <matt@ucc.asn.au>
parents:
108
diff
changeset
|
202 #endif /* ENABLE_CLI_REMOTETCPFWD */ |