Mercurial > dropbear
comparison cli-tcpfwd.c @ 899:115f8a3c2d5a
- Fix dbclient with port 0 for server-allocated
- Fix port forwards with a bind address of 127.0.0.1 vs "localhost" etc
author | Matt Johnston <matt@ucc.asn.au> |
---|---|
date | Tue, 18 Feb 2014 21:33:56 +0800 |
parents | c19acba28590 |
children | 5daedffd0769 |
comparison
equal
deleted
inserted
replaced
898:4f1988cb79ce | 899:115f8a3c2d5a |
---|---|
159 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { | 159 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { |
160 struct TCPFwdEntry *fwd = (struct TCPFwdEntry*)iter->item; | 160 struct TCPFwdEntry *fwd = (struct TCPFwdEntry*)iter->item; |
161 if (!fwd->have_reply) { | 161 if (!fwd->have_reply) { |
162 fwd->have_reply = 1; | 162 fwd->have_reply = 1; |
163 if (fwd->listenport == 0) { | 163 if (fwd->listenport == 0) { |
164 /* The server should let us know which port was allocated if we requestd port 0 */ | 164 /* The server should let us know which port was allocated if we requested port 0 */ |
165 int allocport = buf_getint(ses.payload); | 165 int allocport = buf_getint(ses.payload); |
166 if (allocport > 0) { | 166 if (allocport > 0) { |
167 fwd->listenport = allocport; | |
167 dropbear_log(LOG_INFO, "Allocated port %d for remote forward to %s:%d", | 168 dropbear_log(LOG_INFO, "Allocated port %d for remote forward to %s:%d", |
168 allocport, fwd->connectaddr, fwd->connectport); | 169 allocport, fwd->connectaddr, fwd->connectport); |
169 } | 170 } |
170 } | 171 } |
171 return; | 172 return; |
218 int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED; | 219 int err = SSH_OPEN_ADMINISTRATIVELY_PROHIBITED; |
219 | 220 |
220 origaddr = buf_getstring(ses.payload, NULL); | 221 origaddr = buf_getstring(ses.payload, NULL); |
221 origport = buf_getint(ses.payload); | 222 origport = buf_getint(ses.payload); |
222 | 223 |
223 /* Find which port corresponds */ | 224 /* Find which port corresponds. First try and match address as well as port, |
225 in case they want to forward different ports separately ... */ | |
224 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { | 226 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { |
225 fwd = (struct TCPFwdEntry*)iter->item; | 227 fwd = (struct TCPFwdEntry*)iter->item; |
226 if (origport == fwd->listenport | 228 if (origport == fwd->listenport |
227 && (strcmp(origaddr, fwd->listenaddr) == 0)) { | 229 && strcmp(origaddr, fwd->listenaddr) == 0) { |
228 break; | 230 break; |
229 } | 231 } |
230 } | 232 } |
233 | |
234 if (!iter) | |
235 { | |
236 /* ... otherwise try to generically match the only forwarded port | |
237 without address (also handles ::1 vs 127.0.0.1 vs localhost case). | |
238 rfc4254 is vague about the definition of "address that was connected" */ | |
239 for (iter = cli_opts.remotefwds->first; iter; iter = iter->next) { | |
240 fwd = (struct TCPFwdEntry*)iter->item; | |
241 if (origport == fwd->listenport) { | |
242 break; | |
243 } | |
244 } | |
245 } | |
246 | |
231 | 247 |
232 if (iter == NULL) { | 248 if (iter == NULL) { |
233 /* We didn't request forwarding on that port */ | 249 /* We didn't request forwarding on that port */ |
234 cleantext(origaddr); | 250 cleantext(origaddr); |
235 dropbear_log(LOG_INFO, "Server sent unrequested forward from \"%s:%d\"", | 251 dropbear_log(LOG_INFO, "Server sent unrequested forward from \"%s:%d\"", |
236 origaddr, origport); | 252 origaddr, origport); |
237 goto out; | 253 goto out; |
238 } | 254 } |
239 | 255 |