From cdbe853595d1ba06be4127d86c60a9bc2e9e3545 Mon Sep 17 00:00:00 2001 From: Matt Johnston <matt@ucc.asn.au> Date: Tue, 21 Mar 2006 16:16:41 +0000 Subject: [PATCH] A hack to make dbclient to tcp forwarding netcat style. eg ./dbclient -i testkey -L 1234:remotehost:remoteport tunnelhost will ssh to tunnelhost (using testkey, there's no way to ask for a password) and then tcpfwd to remotehost:remoteport on stdin/stdout. There's no way to give a cmdline password, so -i for a keyfile will have to do. Yet another reason for agent forwarding. The 1234 is a dummy var, I think it has to be a valid portnumber though. --HG-- branch : dbclient-netcat-alike extra : convert_revision : d1f69334581dc4c35f9ca16aa5355074c9dd315d --- cli-chansession.c | 45 +++++++++++++++++++++++++++++++++++++++++++-- cli-session.c | 4 ++-- debug.h | 2 +- 3 files changed, 46 insertions(+), 5 deletions(-) diff --git a/cli-chansession.c b/cli-chansession.c index 6d358b7f..76dbb3c2 100644 --- a/cli-chansession.c +++ b/cli-chansession.c @@ -367,14 +367,55 @@ static int cli_initchansess(struct Channel *channel) { void cli_send_chansess_request() { + unsigned int port = 0; + unsigned char* addr = NULL; + unsigned char* ipstring = "127.0.0.1"; + unsigned char* portstring = "22"; + + /* hack hack */ + static const struct ChanType cli_chan_tcphack = { + 0, /* sepfds */ + "direct-tcpip", + NULL, + NULL, + NULL, + cli_closechansess + }; + TRACE(("enter cli_send_chansess_request")) - if (send_msg_channel_open_init(STDIN_FILENO, &clichansess) + if (send_msg_channel_open_init(STDIN_FILENO, &cli_chan_tcphack) == DROPBEAR_FAILURE) { dropbear_exit("Couldn't open initial channel"); } - /* No special channel request data */ + if (cli_opts.localfwds == NULL) { + dropbear_exit("You need to give a \"-L ignored:host:port\" option with this hacked up dbclient."); + } + + addr = cli_opts.localfwds->connectaddr; + port = cli_opts.localfwds->connectport; + + buf_putstring(ses.writepayload, addr, strlen(addr)); + buf_putint(ses.writepayload, port); + + /* originator ip */ + buf_putstring(ses.writepayload, ipstring, strlen(ipstring)); + /* originator port */ + buf_putint(ses.writepayload, atol(portstring)); + encrypt_packet(); TRACE(("leave cli_send_chansess_request")) } + +#if 0 + while (cli_opts.localfwds != NULL) { + ret = cli_localtcp(cli_opts.localfwds->listenport, + cli_opts.localfwds->connectaddr, + cli_opts.localfwds->connectport); + if (ret == DROPBEAR_FAILURE) { + dropbear_log(LOG_WARNING, "Failed local port forward %d:%s:%d", + cli_opts.localfwds->listenport, + cli_opts.localfwds->connectaddr, + cli_opts.localfwds->connectport); +#endif diff --git a/cli-session.c b/cli-session.c index 35510fa9..34eeabcd 100644 --- a/cli-session.c +++ b/cli-session.c @@ -213,10 +213,10 @@ static void cli_sessionloop() { case USERAUTH_SUCCESS_RCVD: #ifdef ENABLE_CLI_LOCALTCPFWD - setup_localtcp(); + //setup_localtcp(); #endif #ifdef ENABLE_CLI_REMOTETCPFWD - setup_remotetcp(); + //setup_remotetcp(); #endif cli_send_chansess_request(); TRACE(("leave cli_sessionloop: cli_send_chansess_request")) diff --git a/debug.h b/debug.h index 93cb8917..f87cdd38 100644 --- a/debug.h +++ b/debug.h @@ -39,7 +39,7 @@ * Caution: Don't use this in an unfriendly environment (ie unfirewalled), * since the printing may not sanitise strings etc. This will add a reasonable * amount to your executable size. */ -/*#define DEBUG_TRACE */ +#define DEBUG_TRACE /* All functions writing to the cleartext payload buffer call * CHECKCLEARTOWRITE() before writing. This is only really useful if you're -- GitLab