mirror of
https://github.com/clearml/dropbear
synced 2025-01-31 10:57:01 +00:00
Server shouldn't return "localhost" in response to -R forward connections
if that wasn't what the client requested.
This commit is contained in:
Matt Johnston
parent
f4c4ca64a8
commit
1984aabc95
17
svr-tcpfwd.c
17
svr-tcpfwd.c
@ -172,14 +172,14 @@ out:
|
||||
static int svr_remotetcpreq() {
|
||||
|
||||
int ret = DROPBEAR_FAILURE;
|
||||
unsigned char * bindaddr = NULL;
|
||||
unsigned char * request_addr = NULL;
|
||||
unsigned int addrlen;
|
||||
struct TCPListener *tcpinfo = NULL;
|
||||
unsigned int port;
|
||||
|
||||
TRACE(("enter remotetcpreq"))
|
||||
|
||||
bindaddr = buf_getstring(ses.payload, &addrlen);
|
||||
request_addr = buf_getstring(ses.payload, &addrlen);
|
||||
if (addrlen > MAX_IP_LEN) {
|
||||
TRACE(("addr len too long: %d", addrlen))
|
||||
goto out;
|
||||
@ -209,12 +209,15 @@ static int svr_remotetcpreq() {
|
||||
tcpinfo->chantype = &svr_chan_tcpremote;
|
||||
tcpinfo->tcp_type = forwarded;
|
||||
|
||||
if (!opts.listen_fwd_all || (strcmp(bindaddr, "localhost") == 0) ) {
|
||||
tcpinfo->request_listenaddr = request_addr;
|
||||
if (!opts.listen_fwd_all || (strcmp(request_addr, "localhost") == 0) ) {
|
||||
// NULL means "localhost only"
|
||||
m_free(bindaddr);
|
||||
bindaddr = NULL;
|
||||
tcpinfo->listenaddr = NULL;
|
||||
}
|
||||
else
|
||||
{
|
||||
tcpinfo->listenaddr = request_addr;
|
||||
}
|
||||
tcpinfo->listenaddr = bindaddr;
|
||||
|
||||
ret = listen_tcpfwd(tcpinfo);
|
||||
|
||||
@ -222,7 +225,7 @@ out:
|
||||
if (ret == DROPBEAR_FAILURE) {
|
||||
/* we only free it if a listener wasn't created, since the listener
|
||||
* has to remember it if it's to be cancelled */
|
||||
m_free(bindaddr);
|
||||
m_free(request_addr);
|
||||
m_free(tcpinfo);
|
||||
}
|
||||
TRACE(("leave remotetcpreq"))
|
||||
|
||||
@ -40,6 +40,7 @@ static void cleanup_tcp(struct Listener *listener) {
|
||||
|
||||
m_free(tcpinfo->sendaddr);
|
||||
m_free(tcpinfo->listenaddr);
|
||||
m_free(tcpinfo->request_listenaddr);
|
||||
m_free(tcpinfo);
|
||||
}
|
||||
|
||||
@ -78,7 +79,7 @@ static void tcp_acceptor(struct Listener *listener, int sock) {
|
||||
dropbear_assert(tcpinfo->tcp_type == forwarded);
|
||||
/* "forwarded-tcpip" */
|
||||
/* address that was connected, port that was connected */
|
||||
addr = tcpinfo->listenaddr;
|
||||
addr = tcpinfo->request_listenaddr;
|
||||
port = tcpinfo->listenport;
|
||||
}
|
||||
|
||||
|
||||
2
tcpfwd.h
2
tcpfwd.h
@ -39,6 +39,8 @@ struct TCPListener {
|
||||
* localhost, or a normal interface name. */
|
||||
unsigned char *listenaddr;
|
||||
unsigned int listenport;
|
||||
/* The address that the remote host asked to listen on */
|
||||
unsigned char *request_listenaddr;;
|
||||
|
||||
const struct ChanType *chantype;
|
||||
enum {direct, forwarded} tcp_type;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user