ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-07 13:21:15 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Server shouldn't return "localhost" in response to -R forward connections

Browse Source 
if that wasn't what the client requested.
This commit is contained in:
Matt Johnston 2012-05-09 21:09:34 +08:00
parent f4c4ca64a8
commit 1984aabc95
3 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
svr-tcpfwd.c
View File

@ -172,14 +172,14 @@ out:
static int svr_remotetcpreq() { static int svr_remotetcpreq() {
int ret = DROPBEAR_FAILURE; int ret = DROPBEAR_FAILURE;
unsigned char * bindaddr = NULL; unsigned char * request_addr = NULL;
unsigned int addrlen; unsigned int addrlen;
struct TCPListener *tcpinfo = NULL; struct TCPListener *tcpinfo = NULL;
unsigned int port; unsigned int port;
TRACE(("enter remotetcpreq")) TRACE(("enter remotetcpreq"))
bindaddr = buf_getstring(ses.payload, &addrlen); request_addr = buf_getstring(ses.payload, &addrlen);
if (addrlen > MAX_IP_LEN) { if (addrlen > MAX_IP_LEN) {
TRACE(("addr len too long: %d", addrlen)) TRACE(("addr len too long: %d", addrlen))
goto out; goto out;
@ -209,12 +209,15 @@ static int svr_remotetcpreq() {
tcpinfo->chantype = &svr_chan_tcpremote; tcpinfo->chantype = &svr_chan_tcpremote;
tcpinfo->tcp_type = forwarded; tcpinfo->tcp_type = forwarded;
if (!opts.listen_fwd_all || (strcmp(bindaddr, "localhost") == 0) ) { tcpinfo->request_listenaddr = request_addr;
if (!opts.listen_fwd_all || (strcmp(request_addr, "localhost") == 0) ) {
// NULL means "localhost only" // NULL means "localhost only"
m_free(bindaddr); tcpinfo->listenaddr = NULL;
bindaddr = NULL; }
else
{
tcpinfo->listenaddr = request_addr;
} }
tcpinfo->listenaddr = bindaddr;
ret = listen_tcpfwd(tcpinfo); ret = listen_tcpfwd(tcpinfo);
@ -222,7 +225,7 @@ out:
if (ret == DROPBEAR_FAILURE) { if (ret == DROPBEAR_FAILURE) {
/* we only free it if a listener wasn't created, since the listener /* we only free it if a listener wasn't created, since the listener
* has to remember it if it's to be cancelled */ * has to remember it if it's to be cancelled */
m_free(bindaddr); m_free(request_addr);
m_free(tcpinfo); m_free(tcpinfo);
} }
TRACE(("leave remotetcpreq")) TRACE(("leave remotetcpreq"))

3
tcp-accept.c
View File

@ -40,6 +40,7 @@ static void cleanup_tcp(struct Listener *listener) {
m_free(tcpinfo->sendaddr); m_free(tcpinfo->sendaddr);
m_free(tcpinfo->listenaddr); m_free(tcpinfo->listenaddr);
m_free(tcpinfo->request_listenaddr);
m_free(tcpinfo); m_free(tcpinfo);
} }
@ -78,7 +79,7 @@ static void tcp_acceptor(struct Listener *listener, int sock) {
dropbear_assert(tcpinfo->tcp_type == forwarded); dropbear_assert(tcpinfo->tcp_type == forwarded);
/* "forwarded-tcpip" */ /* "forwarded-tcpip" */
/* address that was connected, port that was connected */ /* address that was connected, port that was connected */
addr = tcpinfo->listenaddr; addr = tcpinfo->request_listenaddr;
port = tcpinfo->listenport; port = tcpinfo->listenport;
} }

2
tcpfwd.h
View File

@ -39,6 +39,8 @@ struct TCPListener {
* localhost, or a normal interface name. */ * localhost, or a normal interface name. */
unsigned char *listenaddr; unsigned char *listenaddr;
unsigned int listenport; unsigned int listenport;
/* The address that the remote host asked to listen on */
unsigned char *request_listenaddr;;
const struct ChanType *chantype; const struct ChanType *chantype;
enum {direct, forwarded} tcp_type; enum {direct, forwarded} tcp_type;