summaryrefslogtreecommitdiff
path: root/serverloop.c
diff options
context:
space:
mode:
authordjm@openbsd.org <djm@openbsd.org>2017-10-23 05:08:00 +0000
committerDamien Miller <djm@mindrot.org>2017-10-23 16:14:30 +1100
commitb7548b12a6b2b4abf4d057192c353147e0abba08 (patch)
treedc76477cd371b6197ba840c3a178bfbcf6d7baba /serverloop.c
parent887669ef032d63cf07f53cada216fa8a0c9a7d72 (diff)
upstream commit
Expose devices allocated for tun/tap forwarding. At the client, the device may be obtained from a new %T expansion for LocalCommand. At the server, the allocated devices will be listed in a SSH_TUNNEL variable exposed to the environment of any user sessions started after the tunnel forwarding was established. ok markus Upstream-ID: e61e53f8ae80566e9ddc0d67a5df5bdf2f3c9f9e
Diffstat (limited to 'serverloop.c')
-rw-r--r--serverloop.c22
1 files changed, 20 insertions, 2 deletions
diff --git a/serverloop.c b/serverloop.c
index 24bbae322..a3cb8e782 100644
--- a/serverloop.c
+++ b/serverloop.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: serverloop.c,v 1.198 2017/09/12 06:35:32 djm Exp $ */ 1/* $OpenBSD: serverloop.c,v 1.199 2017/10/23 05:08:00 djm Exp $ */
2/* 2/*
3 * Author: Tatu Ylonen <ylo@cs.hut.fi> 3 * Author: Tatu Ylonen <ylo@cs.hut.fi>
4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland 4 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -99,6 +99,9 @@ static volatile sig_atomic_t received_sigterm = 0;
99/* prototypes */ 99/* prototypes */
100static void server_init_dispatch(void); 100static void server_init_dispatch(void);
101 101
102/* requested tunnel forwarding interface(s), shared with session.c */
103char *tun_fwd_ifnames = NULL;
104
102/* 105/*
103 * we write to this pipe if a SIGCHLD is caught in order to avoid 106 * we write to this pipe if a SIGCHLD is caught in order to avoid
104 * the race between select() and child_terminated 107 * the race between select() and child_terminated
@@ -519,6 +522,7 @@ server_request_tun(struct ssh *ssh)
519 Channel *c = NULL; 522 Channel *c = NULL;
520 int mode, tun; 523 int mode, tun;
521 int sock; 524 int sock;
525 char *tmp, *ifname = NULL;
522 526
523 mode = packet_get_int(); 527 mode = packet_get_int();
524 switch (mode) { 528 switch (mode) {
@@ -541,9 +545,10 @@ server_request_tun(struct ssh *ssh)
541 goto done; 545 goto done;
542 tun = forced_tun_device; 546 tun = forced_tun_device;
543 } 547 }
544 sock = tun_open(tun, mode); 548 sock = tun_open(tun, mode, &ifname);
545 if (sock < 0) 549 if (sock < 0)
546 goto done; 550 goto done;
551 debug("Tunnel forwarding using interface %s", ifname);
547 c = channel_new(ssh, "tun", SSH_CHANNEL_OPEN, sock, sock, -1, 552 c = channel_new(ssh, "tun", SSH_CHANNEL_OPEN, sock, sock, -1,
548 CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); 553 CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1);
549 c->datagram = 1; 554 c->datagram = 1;
@@ -553,6 +558,19 @@ server_request_tun(struct ssh *ssh)
553 sys_tun_outfilter, NULL, NULL); 558 sys_tun_outfilter, NULL, NULL);
554#endif 559#endif
555 560
561 /*
562 * Update the list of names exposed to the session
563 * XXX remove these if the tunnels are closed (won't matter
564 * much if they are already in the environment though)
565 */
566 tmp = tun_fwd_ifnames;
567 xasprintf(&tun_fwd_ifnames, "%s%s%s",
568 tun_fwd_ifnames == NULL ? "" : tun_fwd_ifnames,
569 tun_fwd_ifnames == NULL ? "" : ",",
570 ifname);
571 free(tmp);
572 free(ifname);
573
556 done: 574 done:
557 if (c == NULL) 575 if (c == NULL)
558 packet_send_debug("Failed to open the tunnel device."); 576 packet_send_debug("Failed to open the tunnel device.");