ClearML/dropbear
1
0
Fork 0
mirror of https://github.com/clearml/dropbear synced 2025-02-12 07:25:30 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

A hack to make dbclient to tcp forwarding netcat style.

Browse Source 
eg

./dbclient -i testkey -L 1234:remotehost:remoteport  tunnelhost

will ssh to tunnelhost (using testkey, there's no way to ask for a password)
and then tcpfwd to remotehost:remoteport on stdin/stdout.

There's no way to give a cmdline password, so -i for a keyfile will have to do.
Yet another reason for agent forwarding.

The 1234 is a dummy var, I think it has to be a valid portnumber though.

--HG--
branch : dbclient-netcat-alike
extra : convert_revision : d1f69334581dc4c35f9ca16aa5355074c9dd315d
This commit is contained in:
Matt Johnston 2006-03-21 16:16:41 +00:00
parent 3f49fc5f2c
commit cdbe853595
3 changed files with 46 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
cli-chansession.c
View File

@ -367,14 +367,55 @@ static int cli_initchansess(struct Channel *channel) {
void cli_send_chansess_request() { void cli_send_chansess_request() {
unsigned int port = 0;
unsigned char* addr = NULL;
unsigned char* ipstring = "127.0.0.1";
unsigned char* portstring = "22";
/* hack hack */
static const struct ChanType cli_chan_tcphack = {
0, /* sepfds */
"direct-tcpip",
NULL,
NULL,
NULL,
cli_closechansess
};
TRACE(("enter cli_send_chansess_request")) TRACE(("enter cli_send_chansess_request"))
if (send_msg_channel_open_init(STDIN_FILENO, &clichansess) if (send_msg_channel_open_init(STDIN_FILENO, &cli_chan_tcphack)
== DROPBEAR_FAILURE) { == DROPBEAR_FAILURE) {
dropbear_exit("Couldn't open initial channel"); dropbear_exit("Couldn't open initial channel");
} }
/* No special channel request data */ if (cli_opts.localfwds == NULL) {
dropbear_exit("You need to give a \"-L ignored:host:port\" option with this hacked up dbclient.");
}
addr = cli_opts.localfwds->connectaddr;
port = cli_opts.localfwds->connectport;
buf_putstring(ses.writepayload, addr, strlen(addr));
buf_putint(ses.writepayload, port);
/* originator ip */
buf_putstring(ses.writepayload, ipstring, strlen(ipstring));
/* originator port */
buf_putint(ses.writepayload, atol(portstring));
encrypt_packet(); encrypt_packet();
TRACE(("leave cli_send_chansess_request")) TRACE(("leave cli_send_chansess_request"))
} }
#if 0
while (cli_opts.localfwds != NULL) {
ret = cli_localtcp(cli_opts.localfwds->listenport,
cli_opts.localfwds->connectaddr,
cli_opts.localfwds->connectport);
if (ret == DROPBEAR_FAILURE) {
dropbear_log(LOG_WARNING, "Failed local port forward %d:%s:%d",
cli_opts.localfwds->listenport,
cli_opts.localfwds->connectaddr,
cli_opts.localfwds->connectport);
#endif

4
cli-session.c
View File

@ -213,10 +213,10 @@ static void cli_sessionloop() {
case USERAUTH_SUCCESS_RCVD: case USERAUTH_SUCCESS_RCVD:
#ifdef ENABLE_CLI_LOCALTCPFWD #ifdef ENABLE_CLI_LOCALTCPFWD
setup_localtcp(); //setup_localtcp();
#endif #endif
#ifdef ENABLE_CLI_REMOTETCPFWD #ifdef ENABLE_CLI_REMOTETCPFWD
setup_remotetcp(); //setup_remotetcp();
#endif #endif
cli_send_chansess_request(); cli_send_chansess_request();
TRACE(("leave cli_sessionloop: cli_send_chansess_request")) TRACE(("leave cli_sessionloop: cli_send_chansess_request"))

2
debug.h
View File

@ -39,7 +39,7 @@
* Caution: Don't use this in an unfriendly environment (ie unfirewalled), * Caution: Don't use this in an unfriendly environment (ie unfirewalled),
* since the printing may not sanitise strings etc. This will add a reasonable * since the printing may not sanitise strings etc. This will add a reasonable
* amount to your executable size. */ * amount to your executable size. */
/*#define DEBUG_TRACE */ #define DEBUG_TRACE
/* All functions writing to the cleartext payload buffer call /* All functions writing to the cleartext payload buffer call
* CHECKCLEARTOWRITE() before writing. This is only really useful if you're * CHECKCLEARTOWRITE() before writing. This is only really useful if you're