diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2010-01-12 19:40:27 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2010-01-12 19:40:27 +1100 |
| commit | 7ad8dd21da5e2a2687fdff14142b70f1587f96ce (patch) | |
| tree | 5d8e196d1a258b7dc837ae529e4d945d30014aaf /ssh.c | |
| parent | 43551527dc1cc9f18561c4816960440de2ce289b (diff) | |
- dtucker@cvs.openbsd.org 2010/01/11 01:39:46
[ssh_config channels.c ssh.1 channels.h ssh.c]
Add a 'netcat mode' (ssh -W). This connects stdio on the client to a
single port forward on the server. This allows, for example, using ssh as
a ProxyCommand to route connections via intermediate servers.
bz #1618, man page help from jmc@, ok markus@
Diffstat (limited to 'ssh.c')
| -rw-r--r-- | ssh.c | 57 |
1 files changed, 54 insertions, 3 deletions
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: ssh.c,v 1.330 2010/01/09 23:04:13 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh.c,v 1.331 2010/01/11 01:39:46 dtucker Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
| 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
| @@ -133,6 +133,10 @@ int stdin_null_flag = 0; | |||
| 133 | */ | 133 | */ |
| 134 | int fork_after_authentication_flag = 0; | 134 | int fork_after_authentication_flag = 0; |
| 135 | 135 | ||
| 136 | /* forward stdio to remote host and port */ | ||
| 137 | char *stdio_forward_host = NULL; | ||
| 138 | int stdio_forward_port = 0; | ||
| 139 | |||
| 136 | /* | 140 | /* |
| 137 | * General data structure for command line options and options configurable | 141 | * General data structure for command line options and options configurable |
| 138 | * in configuration files. See readconf.h. | 142 | * in configuration files. See readconf.h. |
| @@ -186,7 +190,8 @@ usage(void) | |||
| 186 | " [-i identity_file] [-L [bind_address:]port:host:hostport]\n" | 190 | " [-i identity_file] [-L [bind_address:]port:host:hostport]\n" |
| 187 | " [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n" | 191 | " [-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]\n" |
| 188 | " [-R [bind_address:]port:host:hostport] [-S ctl_path]\n" | 192 | " [-R [bind_address:]port:host:hostport] [-S ctl_path]\n" |
| 189 | " [-w local_tun[:remote_tun]] [user@]hostname [command]\n" | 193 | " [-W host:port] [-w local_tun[:remote_tun]]\n" |
| 194 | " [user@]hostname [command]\n" | ||
| 190 | ); | 195 | ); |
| 191 | exit(255); | 196 | exit(255); |
| 192 | } | 197 | } |
| @@ -276,7 +281,7 @@ main(int ac, char **av) | |||
| 276 | 281 | ||
| 277 | again: | 282 | again: |
| 278 | while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" | 283 | while ((opt = getopt(ac, av, "1246ab:c:e:fgi:kl:m:no:p:qstvx" |
| 279 | "ACD:F:I:KL:MNO:PR:S:TVw:XYy")) != -1) { | 284 | "ACD:F:I:KL:MNO:PR:S:TVw:W:XYy")) != -1) { |
| 280 | switch (opt) { | 285 | switch (opt) { |
| 281 | case '1': | 286 | case '1': |
| 282 | options.protocol = SSH_PROTO_1; | 287 | options.protocol = SSH_PROTO_1; |
| @@ -389,6 +394,22 @@ main(int ac, char **av) | |||
| 389 | exit(255); | 394 | exit(255); |
| 390 | } | 395 | } |
| 391 | break; | 396 | break; |
| 397 | case 'W': | ||
| 398 | if (parse_forward(&fwd, optarg, 1, 0)) { | ||
| 399 | stdio_forward_host = fwd.listen_host; | ||
| 400 | stdio_forward_port = fwd.listen_port; | ||
| 401 | xfree(fwd.connect_host); | ||
| 402 | } else { | ||
| 403 | fprintf(stderr, | ||
| 404 | "Bad stdio forwarding specification '%s'\n", | ||
| 405 | optarg); | ||
| 406 | exit(255); | ||
| 407 | } | ||
| 408 | no_tty_flag = 1; | ||
| 409 | no_shell_flag = 1; | ||
| 410 | options.clear_forwardings = 1; | ||
| 411 | options.exit_on_forward_failure = 1; | ||
| 412 | break; | ||
| 392 | case 'q': | 413 | case 'q': |
| 393 | options.log_level = SYSLOG_LEVEL_QUIET; | 414 | options.log_level = SYSLOG_LEVEL_QUIET; |
| 394 | break; | 415 | break; |
| @@ -871,11 +892,41 @@ ssh_confirm_remote_forward(int type, u_int32_t seq, void *ctxt) | |||
| 871 | } | 892 | } |
| 872 | 893 | ||
| 873 | static void | 894 | static void |
| 895 | client_cleanup_stdio_fwd(int id, void *arg) | ||
| 896 | { | ||
| 897 | debug("stdio forwarding: done"); | ||
| 898 | cleanup_exit(0); | ||
| 899 | } | ||
| 900 | |||
| 901 | static int | ||
| 902 | client_setup_stdio_fwd(const char *host_to_connect, u_short port_to_connect) | ||
| 903 | { | ||
| 904 | Channel *c; | ||
| 905 | |||
| 906 | debug3("client_setup_stdio_fwd %s:%d", host_to_connect, | ||
| 907 | port_to_connect); | ||
| 908 | if ((c = channel_connect_stdio_fwd(host_to_connect, port_to_connect)) | ||
| 909 | == NULL) | ||
| 910 | return 0; | ||
| 911 | channel_register_cleanup(c->self, client_cleanup_stdio_fwd, 0); | ||
| 912 | return 1; | ||
| 913 | } | ||
| 914 | |||
| 915 | static void | ||
| 874 | ssh_init_forwarding(void) | 916 | ssh_init_forwarding(void) |
| 875 | { | 917 | { |
| 876 | int success = 0; | 918 | int success = 0; |
| 877 | int i; | 919 | int i; |
| 878 | 920 | ||
| 921 | if (stdio_forward_host != NULL) { | ||
| 922 | if (!compat20) { | ||
| 923 | fatal("stdio forwarding require Protocol 2"); | ||
| 924 | } | ||
| 925 | if (!client_setup_stdio_fwd(stdio_forward_host, | ||
| 926 | stdio_forward_port)) | ||
| 927 | fatal("Failed to connect in stdio forward mode."); | ||
| 928 | } | ||
| 929 | |||
| 879 | /* Initiate local TCP/IP port forwardings. */ | 930 | /* Initiate local TCP/IP port forwardings. */ |
| 880 | for (i = 0; i < options.num_local_forwards; i++) { | 931 | for (i = 0; i < options.num_local_forwards; i++) { |
| 881 | debug("Local connections to %.200s:%d forwarded to remote " | 932 | debug("Local connections to %.200s:%d forwarded to remote " |