comparison cli-tcpfwd.c @ 899:115f8a3c2d5a

- Fix dbclient with port 0 for server-allocated - Fix port forwards with a bind address of 127.0.0.1 vs "localhost" etc
author Matt Johnston <matt@ucc.asn.au>
date Tue, 18 Feb 2014 21:33:56 +0800
parents c19acba28590
children 5daedffd0769
comparison
equal deleted inserted replaced
898:4f1988cb79ce 899:115f8a3c2d5a
159 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { 159 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) {
160 struct TCPFwdEntry *fwd = (struct TCPFwdEntry*)iter->item; 160 struct TCPFwdEntry *fwd = (struct TCPFwdEntry*)iter->item;
161 if (!fwd->have_reply) { 161 if (!fwd->have_reply) {
162 fwd->have_reply = 1; 162 fwd->have_reply = 1;
163 if (fwd->listenport == 0) { 163 if (fwd->listenport == 0) {
164 /* The server should let us know which port was allocated if we requestd port 0 */ 164 /* The server should let us know which port was allocated if we requested port 0 */
165 int allocport = buf_getint(ses.payload); 165 int allocport = buf_getint(ses.payload);
166 if (allocport > 0) { 166 if (allocport > 0) {
167 fwd->listenport = allocport;
167 dropbear_log(LOG_INFO, "Allocated port %d for remote forward to %s:%d", 168 dropbear_log(LOG_INFO, "Allocated port %d for remote forward to %s:%d",
168 allocport, fwd->connectaddr, fwd->connectport); 169 allocport, fwd->connectaddr, fwd->connectport);
169 } 170 }
170 } 171 }
171 return; 172 return;
218 int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED; 219 int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED;
219 220
220 origaddr = buf_getstring(ses.payload, NULL); 221 origaddr = buf_getstring(ses.payload, NULL);
221 origport = buf_getint(ses.payload); 222 origport = buf_getint(ses.payload);
222 223
223 /* Find which port corresponds */ 224 /* Find which port corresponds. First try and match address as well as port,
225 in case they want to forward different ports separately ... */
224 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { 226 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) {
225 fwd = (struct TCPFwdEntry*)iter->item; 227 fwd = (struct TCPFwdEntry*)iter->item;
226 if (origport == fwd->listenport 228 if (origport == fwd->listenport
227 && (strcmp(origaddr, fwd->listenaddr) == 0)) { 229 && strcmp(origaddr, fwd->listenaddr) == 0) {
228 break; 230 break;
229 } 231 }
230 } 232 }
233
234 if (!iter)
235 {
236 /* ... otherwise try to generically match the only forwarded port
237 without address (also handles ::1 vs 127.0.0.1 vs localhost case).
238 rfc4254 is vague about the definition of "address that was connected" */
239 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) {
240 fwd = (struct TCPFwdEntry*)iter->item;
241 if (origport == fwd->listenport) {
242 break;
243 }
244 }
245 }
246
231 247
232 if (iter == NULL) { 248 if (iter == NULL) {
233 /* We didn't request forwarding on that port */ 249 /* We didn't request forwarding on that port */
234 cleantext(origaddr); 250 cleantext(origaddr);
235 dropbear_log(LOG_INFO, "Server sent unrequested forward from \"%s:%d\"", 251 dropbear_log(LOG_INFO, "Server sent unrequested forward from \"%s:%d\"",
236 origaddr, origport); 252 origaddr, origport);
237 goto out; 253 goto out;
238 } 254 }
239 255