thr3ads.net - openssh unix dev - [PATCH] Expose remote forwarding ports as environment variable [May 2013]

If this information is useful, please help other people find it:
Share via:

Nico Schottelius

2013-May-15 21:45 UTC

[PATCH] Expose remote forwarding ports as environment variable

Good evening gentlemen,

the attached patch against openssh 6.2p1 exposes remote
forwarding ports to the remote shell:

    targethost % ssh -R 1234:localhost:22 controlhost
    controlhost % echo $SSH_REMOTE_FORWARDING_PORTS
    1234
    
    targethost % ssh -R 0:localhost:22 controlhost
    controlhost % echo $SSH_REMOTE_FORWARDING_PORTS
    54294
    
    targethost % ssh -R 0:localhost:22 -R 1234:localhost:22 controlhost
    controlhost % echo $SSH_REMOTE_FORWARDING_PORTS
    59056 1234

Detailled motivation can be found at

   
http://www.nico.schottelius.org/blog/openssh-6.2-add-callback-functionality-using-dynamic-remote-port-forwarding/

The patch is attached.

Please let me know what you think about it and whether you'd
consider it for inclusion (with or without changes).

Cheers,

Nico

-- 
PGP key: 7ED9 F7D3 6B10 81D7 0EC5  5C09 D7DC C8E4 3187 7DF0
-------------- next part --------------
diff -ru openssh-6.2p1/channels.c openssh-6.2p1.patched/channels.c
--- openssh-6.2p1/channels.c	2012-12-02 23:50:55.000000000 +0100
+++ openssh-6.2p1.patched/channels.c	2013-05-15 23:26:17.119989982 +0200
@@ -2865,6 +2865,52 @@
 	return success;
 }
 
+/*
+ * Write list of remote forwarding ports into an existing buffer 
+ */
+void
+channel_list_rport_listener(char *buf, size_t size)
+{
+	u_int i, j, num_ports = 0;
+	int offset = 0;
+	int *ports;
+	int skip;
+
+	ports = xcalloc(channels_alloc, sizeof(int));
+
+	for (i = 0; i < channels_alloc; i++) {
+		skip = 0;
+		Channel *c = channels[i];
+		if (c == NULL || c->type != SSH_CHANNEL_RPORT_LISTENER)
+			continue;
+
+		/* Skip already added ports - IPv4 + IPv6 == same port twice */
+		for(j = 0; j < num_ports; j++) {
+			if (ports[j] == c->listening_port) {
+				skip = 1;
+				break;
+			}
+		}
+
+		if(skip) continue;
+
+		ports[num_ports] = c->listening_port;
+		num_ports++;
+
+		if(!offset) {
+			offset += snprintf(&buf[offset], size - offset, "%d",
c->listening_port);
+		} else
+			offset += snprintf(&buf[offset], size - offset, " %d",
c->listening_port);
+
+		if(offset >= size) {
+			error("Exceeded buffer space for remote forwarding ports
listing");
+			break;
+		}
+	}
+
+	xfree(ports);
+}
+
 int
 channel_cancel_rport_listener(const char *host, u_short port)
 {
Only in openssh-6.2p1.patched/: .channels.c.swp
diff -ru openssh-6.2p1/channels.h openssh-6.2p1.patched/channels.h
--- openssh-6.2p1/channels.h	2012-04-22 03:21:10.000000000 +0200
+++ openssh-6.2p1.patched/channels.h	2013-05-09 23:21:37.385423623 +0200
@@ -222,6 +222,7 @@
 void	 channel_cancel_cleanup(int);
 int	 channel_close_fd(int *);
 void	 channel_send_window_changes(void);
+void	 channel_list_rport_listener(char *buf, size_t size);
 
 /* protocol handler */
 
diff -ru openssh-6.2p1/session.c openssh-6.2p1.patched/session.c
--- openssh-6.2p1/session.c	2013-03-15 01:22:37.000000000 +0100
+++ openssh-6.2p1.patched/session.c	2013-05-15 23:27:12.459989713 +0200
@@ -1235,6 +1235,9 @@
 	xfree(laddr);
 	child_set_env(&env, &envsize, "SSH_CONNECTION", buf);
 
+	channel_list_rport_listener(buf, sizeof buf);
+	child_set_env(&env, &envsize, "SSH_REMOTE_FORWARDING_PORTS",
buf);
+
 	if (s->ttyfd != -1)
 		child_set_env(&env, &envsize, "SSH_TTY", s->tty);
 	if (s->term)
Only in openssh-6.2p1.patched/: .session.c.swp

Darren Tucker

2013-May-16 06:16 UTC

head link

[PATCH] Expose remote forwarding ports as environment variable

On Wed, May 15, 2013 at 11:45:23PM +0200, Nico Schottelius
wrote:> Good evening gentlemen,
> 
> the attached patch against openssh 6.2p1 exposes remote
> forwarding ports to the remote shell:
That's not going to be entirely accurate because the environment is
inherited at the time the shell is started, but port forwards can be
added and deleted at any time (either via escape sequences or the
control socket).

Taking the example from your web page, you can already do what you want
via the control socket:

$ ssh -Nf -MS/tmp/ctl localhost
$ p=`ssh -S/tmp/ctl -O forward -R 0:127.0.0.1:22 localhost`
Allocated port 24647 for remote forward to 127.0.0.1:22
$ ssh -S/tmp/ctl localhost "echo do something with port $p"
do something with port 24647
$ ssh -S/tmp/ctl -O exit localhost

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Apparently Analagous Threads

Search for more maybe matching threads

openssh unix dev - May 2013 - [PATCH] Expose remote forwarding ports as environment variable

[PATCH] Expose remote forwarding ports as environment variable

[PATCH] Expose remote forwarding ports as environment variable

Apparently Analagous Threads