openssh unix dev - Dec 1999 - Ugly patch to openssh-1.2pre15

Hi,

I am behind a firewall which does not permit connections to port 22, so I
run my ssh server on port 23. :-)  Unfortunately, the stupid firewall
prints a few lines of junk when you make a connection to port 23 before
actually starting the connection.  This confuses ssh.

Attached is an (ugly) patch against openssh-1.2pre15 which makes it ignore
a configurable number of lines while looking for the SSH-%d-%d
identification string.  If you think it's worth including this hack in the
official version, feel free. :-)

Please reply to me as I'm not on this list.

Regards,

David F. Skoll
http://www.roaringpenguin.com

diff -b -c --recursive openssh-1.2pre15/sshconnect.c
openssh-1.2pre15-patched/sshconnect.c
*** openssh-1.2pre15/sshconnect.c	Wed Nov 24 19:54:59 1999
--- openssh-1.2pre15-patched/sshconnect.c	Mon Dec  6 10:35:51 1999
***************
*** 31,36 ****
--- 31,42 ----
  #include "readconf.h"
  #include "fingerprint.h"
  
+ /* I am behind a firewall which forces me to run my SSH server on port 23.
+    The stupid firewall emits several lines of chatter before making
+    the real connection, so we have to swallow some lines before getting
+    the SSH-%d.%d identification string */
+ #define FIREWALL_CHATTER_LINES 10
+ 
  /* Session id for the current session. */
  unsigned char session_id[16];
  
***************
*** 896,902 ****
--- 902,910 ----
  	int connection_in = packet_get_connection_in();
  	int connection_out = packet_get_connection_out();
  	extern Options options;
+         int chatter;
  
+         for (chatter = 0; chatter < FIREWALL_CHATTER_LINES; chatter++) {
              /* Read other side\'s version identification. */
              for (i = 0; i < sizeof(buf) - 1; i++) {
  		if (read(connection_in, &buf[i], 1) != 1)
***************
*** 917,927 ****
  	 * Check that the versions match.  In future this might accept
  	 * several versions and set appropriate flags to handle them.
  	 */
  	if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", &remote_major,
&remote_minor,
! 		   remote_version) != 3)
  		fatal("Bad remote protocol version identification:
'%.100s'", buf);
  	debug("Remote protocol version %d.%d, remote software version
%.100s",
  	      remote_major, remote_minor, remote_version);
  
  	/* Check if the remote protocol version is too old. */
  	if (remote_major == 1 && remote_minor < 3)
--- 925,943 ----
               * Check that the versions match.  In future this might accept
               * several versions and set appropriate flags to handle them.
               */
+             debug("chatter = %d, buf = %s", chatter, buf);
              if (sscanf(buf, "SSH-%d.%d-%[^\n]\n", &remote_major,
&remote_minor,
!                        remote_version) != 3) {
!                 if (chatter >= FIREWALL_CHATTER_LINES-1) {
                      fatal("Bad remote protocol version identification:
'%.100s'", buf);
+                 } else {
+                     continue;
+                 }
+             }
              debug("Remote protocol version %d.%d, remote software version
%.100s",
                    remote_major, remote_minor, remote_version);
+             break;
+         }
  
          /* Check if the remote protocol version is too old. */
          if (remote_major == 1 && remote_minor < 3)

On Mon, Dec 06, 1999 at 10:53:56AM -0500, David F. Skoll
wrote:
> I am behind a firewall which does not permit connections to port 22, so I
> run my ssh server on port 23. :-)  Unfortunately, the stupid firewall
> prints a few lines of junk when you make a connection to port 23 before
> actually starting the connection.  This confuses ssh.
> 
> Attached is an (ugly) patch against openssh-1.2pre15 which makes it ignore
> a configurable number of lines while looking for the SSH-%d-%d
> identification string.  If you think it's worth including this hack in
the
> official version, feel free. :-)
i think, the right way to fix this is by using a proxy-command that
eats the bogus greeting. you don't want to touch ssh for this.

a friend of mine lived behind a firewall that injected telnet commands like
	<IAC,WILL,ECHO>
	<IAC,WILL,SUPPRESS_GO_AHEAD>
for port 23. we used this perl-script and ProxyCommand

% cat .ssh/config
Host bla
	ProxyCommand /blabla/bin/tunnel.pl %h %p
% cat /blabla/bin/tunnel.pl
#!/usr/bin/perl -w
# Usage: ProxyCommand /path/bin/tunnel.pl %h %p

$debug=0;
$debug=1;

sub dial{
	require 'sys/socket.ph'; # perl4
	# don't touch!
	local($thathost, $port, $name, $aliases, $proto, $type, $len);
	local($thataddr, $sockaddr, $that);
	($thathost, $port)=split(/:/,"@_");
        print STDERR "tunnel: trying $thathost port $port... " if
$debug;
	$sockaddr = 'S n a4 x8';
	($name, $aliases, $proto) = getprotobyname('tcp');
	($name, $aliases, $type, $len, $thataddr) = gethostbyname($thathost);
	$that = pack($sockaddr, &AF_INET, $port, $thataddr);
	socket(SOCK, &PF_INET, &SOCK_STREAM, $proto) || die "socket:
$!";
	connect(SOCK, $that) || die "connect: $!";
        print STDERR "connected\n" if $debug;
}

if($#ARGV !=1){
    print STDERR "usage: $0 destination port\n";
    exit(1);
}
$host=shift;
$port=shift;

&dial("$host:$port");

select(SOCK); $| = 1;
select(STDOUT); $| = 1;

$read=0;
$magic="";
# wait for banner: SSH-
while(sysread(SOCK,$buf,1)){
	$read++;
	$magic .= $buf;
	if($buf eq "S"){
		sysread(SOCK,$buf,3);
		$read+=3;
		$magic .= $buf;
		if($buf eq "SH-"){
			print STDERR "tunnel: MAGIC $read bytes\n" if $debug;
			print STDERR "tunnel: pre-MAGIC: $magic\n" if $debug;
			while($magic =~ /(.)/g){
				printf STDERR "%x ",ord($1) if $debug;
			}
			print STDERR "\n" if $debug;
			print STDOUT ("SSH-");
			last;
		}
	}
}

if($child = fork){
	while(sysread(STDIN,$buf,4096)){
		print SOCK ($buf);
	}
	sleep 2;
	kill(15,$child) if $child;
}else{
	while(sysread(SOCK,$buf,4096)){
		print STDOUT ($buf);
	}
}
% ssh -v -p 23 bla