diff options
author | Damien Miller <djm@mindrot.org> | 2005-12-31 16:33:36 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2005-12-31 16:33:36 +1100 |
commit | 598bbc2d8fd5025ad16f5d9ee71db4e0bf872cd2 (patch) | |
tree | 94f0eee336da355fec3c527328c601dc583f350f /openbsd-compat | |
parent | 88b25524b885885896e23e01e1aa873864ca7386 (diff) |
- (djm) [openbsd-compat/port-tun.c openbsd-compat/port-tun.h configure.ac]
[serverloop.c ssh.c openbsd-compat/Makefile.in]
[openbsd-compat/openbsd-compat.h] Implement tun(4) forwarding
compatability support for Linux, diff from reyk@
Diffstat (limited to 'openbsd-compat')
-rw-r--r-- | openbsd-compat/Makefile.in | 4 | ||||
-rw-r--r-- | openbsd-compat/openbsd-compat.h | 3 | ||||
-rw-r--r-- | openbsd-compat/port-tun.c | 155 | ||||
-rw-r--r-- | openbsd-compat/port-tun.h | 33 |
4 files changed, 192 insertions, 3 deletions
diff --git a/openbsd-compat/Makefile.in b/openbsd-compat/Makefile.in index 89ac6cdaf..3a8703bc1 100644 --- a/openbsd-compat/Makefile.in +++ b/openbsd-compat/Makefile.in | |||
@@ -1,4 +1,4 @@ | |||
1 | # $Id: Makefile.in,v 1.36 2005/11/24 08:58:21 djm Exp $ | 1 | # $Id: Makefile.in,v 1.37 2005/12/31 05:33:37 djm Exp $ |
2 | 2 | ||
3 | sysconfdir=@sysconfdir@ | 3 | sysconfdir=@sysconfdir@ |
4 | piddir=@piddir@ | 4 | piddir=@piddir@ |
@@ -20,7 +20,7 @@ OPENBSD=base64.o basename.o bindresvport.o daemon.o dirname.o getcwd.o getgroupl | |||
20 | 20 | ||
21 | COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o | 21 | COMPAT=bsd-arc4random.o bsd-asprintf.o bsd-closefrom.o bsd-cray.o bsd-cygwin_util.o bsd-getpeereid.o bsd-misc.o bsd-nextstep.o bsd-openpty.o bsd-snprintf.o bsd-waitpid.o fake-rfc2553.o openssl-compat.o xmmap.o xcrypt.o |
22 | 22 | ||
23 | PORTS=port-irix.o port-aix.o port-uw.o | 23 | PORTS=port-irix.o port-aix.o port-uw.o port-tun.o |
24 | 24 | ||
25 | .c.o: | 25 | .c.o: |
26 | $(CC) $(CFLAGS) $(CPPFLAGS) -c $< | 26 | $(CC) $(CFLAGS) $(CPPFLAGS) -c $< |
diff --git a/openbsd-compat/openbsd-compat.h b/openbsd-compat/openbsd-compat.h index fe0c36dcd..1a3027353 100644 --- a/openbsd-compat/openbsd-compat.h +++ b/openbsd-compat/openbsd-compat.h | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $Id: openbsd-compat.h,v 1.32 2005/11/24 08:58:21 djm Exp $ */ | 1 | /* $Id: openbsd-compat.h,v 1.33 2005/12/31 05:33:37 djm Exp $ */ |
2 | 2 | ||
3 | /* | 3 | /* |
4 | * Copyright (c) 1999-2003 Damien Miller. All rights reserved. | 4 | * Copyright (c) 1999-2003 Damien Miller. All rights reserved. |
@@ -186,5 +186,6 @@ char *shadow_pw(struct passwd *pw); | |||
186 | #include "port-irix.h" | 186 | #include "port-irix.h" |
187 | #include "port-aix.h" | 187 | #include "port-aix.h" |
188 | #include "port-uw.h" | 188 | #include "port-uw.h" |
189 | #include "port-tun.h" | ||
189 | 190 | ||
190 | #endif /* _OPENBSD_COMPAT_H */ | 191 | #endif /* _OPENBSD_COMPAT_H */ |
diff --git a/openbsd-compat/port-tun.c b/openbsd-compat/port-tun.c new file mode 100644 index 000000000..479b46b7a --- /dev/null +++ b/openbsd-compat/port-tun.c | |||
@@ -0,0 +1,155 @@ | |||
1 | /* | ||
2 | * Copyright (c) 2005 Reyk Floeter <reyk@openbsd.org> | ||
3 | * | ||
4 | * Permission to use, copy, modify, and distribute this software for any | ||
5 | * purpose with or without fee is hereby granted, provided that the above | ||
6 | * copyright notice and this permission notice appear in all copies. | ||
7 | * | ||
8 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
9 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
10 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
11 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
12 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
13 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
15 | */ | ||
16 | |||
17 | #include "includes.h" | ||
18 | |||
19 | #include "log.h" | ||
20 | #include "misc.h" | ||
21 | #include "bufaux.h" | ||
22 | |||
23 | /* | ||
24 | * This is the portable version of the SSH tunnel forwarding, it | ||
25 | * uses some preprocessor definitions for various platform-specific | ||
26 | * settings. | ||
27 | * | ||
28 | * SSH_TUN_LINUX Use the (newer) Linux tun/tap device | ||
29 | * SSH_TUN_COMPAT_AF Translate the OpenBSD address family | ||
30 | * SSH_TUN_PREPEND_AF Prepend/remove the address family | ||
31 | */ | ||
32 | |||
33 | /* | ||
34 | * System-specific tunnel open function | ||
35 | */ | ||
36 | |||
37 | #if defined(SSH_TUN_LINUX) | ||
38 | #include <linux/if_tun.h> | ||
39 | |||
40 | int | ||
41 | sys_tun_open(int tun, int mode) | ||
42 | { | ||
43 | struct ifreq ifr; | ||
44 | int fd = -1; | ||
45 | const char *name = NULL; | ||
46 | |||
47 | if ((fd = open("/dev/net/tun", O_RDWR)) == -1) { | ||
48 | debug("%s: failed to open tunnel control interface: %s", | ||
49 | __func__, strerror(errno)); | ||
50 | return (-1); | ||
51 | } | ||
52 | |||
53 | bzero(&ifr, sizeof(ifr)); | ||
54 | |||
55 | if (mode == SSH_TUNMODE_ETHERNET) { | ||
56 | ifr.ifr_flags = IFF_TAP; | ||
57 | name = "tap%d"; | ||
58 | } else { | ||
59 | ifr.ifr_flags = IFF_TUN; | ||
60 | name = "tun%d"; | ||
61 | } | ||
62 | ifr.ifr_flags |= IFF_NO_PI; | ||
63 | |||
64 | if (tun != SSH_TUNID_ANY) { | ||
65 | if (tun > SSH_TUNID_MAX) { | ||
66 | debug("%s: invalid tunnel id %x: %s", __func__, | ||
67 | tun, strerror(errno)); | ||
68 | goto failed; | ||
69 | } | ||
70 | snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), name, tun); | ||
71 | } | ||
72 | |||
73 | if (ioctl(fd, TUNSETIFF, &ifr) == -1) { | ||
74 | debug("%s: failed to configure tunnel (mode %d): %s", __func__, | ||
75 | mode, strerror(errno)); | ||
76 | goto failed; | ||
77 | } | ||
78 | |||
79 | if (tun == SSH_TUNID_ANY) | ||
80 | debug("%s: tunnel mode %d fd %d", __func__, mode, fd); | ||
81 | else | ||
82 | debug("%s: %s mode %d fd %d", __func__, ifr.ifr_name, mode, fd); | ||
83 | |||
84 | return (fd); | ||
85 | |||
86 | failed: | ||
87 | close(fd); | ||
88 | return (-1); | ||
89 | } | ||
90 | #endif /* SSH_TUN_LINUX */ | ||
91 | |||
92 | /* | ||
93 | * System-specific channel filters | ||
94 | */ | ||
95 | |||
96 | #if defined(SSH_TUN_FILTER) | ||
97 | #define OPENBSD_AF_INET 2 | ||
98 | #define OPENBSD_AF_INET6 24 | ||
99 | |||
100 | int | ||
101 | sys_tun_infilter(struct Channel *c, char *buf, int len) | ||
102 | { | ||
103 | #if defined(SSH_TUN_PREPEND_AF) | ||
104 | char rbuf[CHAN_RBUF]; | ||
105 | #endif | ||
106 | u_int32_t *af; | ||
107 | char *ptr = buf; | ||
108 | |||
109 | #if defined(SSH_TUN_PREPEND_AF) | ||
110 | if (len > (int)(sizeof(rbuf) - sizeof(*af))) | ||
111 | return (-1); | ||
112 | ptr = (char *)&rbuf[0]; | ||
113 | bcopy(buf, ptr + sizeof(u_int32_t), len); | ||
114 | len += sizeof(u_int32_t); | ||
115 | #endif | ||
116 | |||
117 | #if defined(SSH_TUN_COMPAT_AF) | ||
118 | if (len < (int)sizeof(u_int32_t)) | ||
119 | return (-1); | ||
120 | |||
121 | af = (u_int32_t *)ptr; | ||
122 | if (*af == htonl(AF_INET6)) | ||
123 | *af = htonl(OPENBSD_AF_INET6); | ||
124 | else | ||
125 | *af = htonl(OPENBSD_AF_INET); | ||
126 | #endif | ||
127 | buffer_put_string(&c->input, ptr, len); | ||
128 | return (0); | ||
129 | } | ||
130 | |||
131 | u_char * | ||
132 | sys_tun_outfilter(struct Channel *c, u_char **data, u_int *dlen) | ||
133 | { | ||
134 | u_char *buf; | ||
135 | u_int32_t *af; | ||
136 | |||
137 | *data = buffer_get_string(&c->output, dlen); | ||
138 | if (*dlen < sizeof(*af)) | ||
139 | return (NULL); | ||
140 | buf = *data; | ||
141 | |||
142 | #if defined(SSH_TUN_PREPEND_AF) | ||
143 | *dlen -= sizeof(u_int32_t); | ||
144 | buf = *data + sizeof(u_int32_t); | ||
145 | #elif defined(SSH_TUN_COMPAT_AF) | ||
146 | af = ntohl(*(u_int32_t *)buf); | ||
147 | if (*af == OPENBSD_AF_INET6) | ||
148 | *af = htonl(AF_INET6); | ||
149 | else | ||
150 | *af = htonl(AF_INET); | ||
151 | #endif | ||
152 | |||
153 | return (buf); | ||
154 | } | ||
155 | #endif /* SSH_TUN_FILTER */ | ||
diff --git a/openbsd-compat/port-tun.h b/openbsd-compat/port-tun.h new file mode 100644 index 000000000..942610c6d --- /dev/null +++ b/openbsd-compat/port-tun.h | |||
@@ -0,0 +1,33 @@ | |||
1 | /* | ||
2 | * Copyright (c) 2005 Reyk Floeter <reyk@openbsd.org> | ||
3 | * | ||
4 | * Permission to use, copy, modify, and distribute this software for any | ||
5 | * purpose with or without fee is hereby granted, provided that the above | ||
6 | * copyright notice and this permission notice appear in all copies. | ||
7 | * | ||
8 | * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES | ||
9 | * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF | ||
10 | * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR | ||
11 | * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES | ||
12 | * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN | ||
13 | * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF | ||
14 | * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. | ||
15 | */ | ||
16 | |||
17 | #ifndef _PORT_TUN_H | ||
18 | #define _PORT_TUN_H | ||
19 | |||
20 | #include "channels.h" | ||
21 | |||
22 | #if defined(SSH_TUN_LINUX) | ||
23 | # define CUSTOM_SYS_TUN_OPEN | ||
24 | int sys_tun_open(int, int); | ||
25 | #endif | ||
26 | |||
27 | #if defined(SSH_TUN_COMPAT_AF) || defined(SSH_TUN_PREPEND_AF) | ||
28 | # define SSH_TUN_FILTER | ||
29 | int sys_tun_infilter(struct Channel *, char *, int); | ||
30 | u_char *sys_tun_outfilter(struct Channel *, u_char **, u_int *); | ||
31 | #endif | ||
32 | |||
33 | #endif | ||