Displaying 17 results from an estimated 17 matches for "channel_request_remote_forwarding".
2004 Aug 05
1
LocalForward and RemoteForward bind patch
...t listen_port, const char *bind_address, int gateway_ports)
{
return channel_setup_fwd_listener(SSH_CHANNEL_RPORT_LISTENER,
- listen_address, listen_port, NULL, 0, gateway_ports);
+ bind_address, listen_port, listen_address, 0, gateway_ports);
}
/*
@@ -2252,7 +2253,7 @@
*/
void
-channel_request_remote_forwarding(u_short listen_port,
+channel_request_remote_forwarding(const char *listen_host, u_short listen_port,
const char *host_to_connect, u_short port_to_connect)
{
int type, success = 0;
@@ -2263,7 +2264,8 @@
/* Send the forward request to the remote side. */
if (compat20) {
- const char *...
2000 Aug 15
0
Experimental -R support patch for openssh client
...s/channels.c Tue Aug 15 19:10:49 2000
@@ -1506,38 +1509,139 @@
u_short port_to_connect)
{
int payload_len;
+ int type;
+ int success = 0;
+
/* Record locally that connection to this host/port is permitted. */
if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
fatal("channel_request_remote_forwarding: too many forwards");
- permitted_opens[num_permitted_opens].host_to_connect = xstrdup(host_to_connect);
- permitted_opens[num_permitted_opens].port_to_connect = port_to_connect;
- permitted_opens[num_permitted_opens].listen_port = listen_port;
- num_permitted_opens++;
-
/* Send the forwar...
2004 May 18
0
use of -D at EscapeChar command line
...)) != 1) {
+ logit("Bad forwarding port.");
+ goto out;
+ }
+
+ fwd_port = a2port(sfwd_port);
+ if (channel_setup_local_fwd_listener(fwd_port, "socks",
+ 0, options.gateway_ports) < 0) {
logit("Port forwarding failed.");
goto out;
}
- } else
- channel_request_remote_forwarding(fwd_port, buf,
- fwd_host_port);
+
+ } else {
+ if (sscanf(s, "%5[0-9]:%255[^:]:%5[0-9]",
+ sfwd_port, buf, sfwd_host_port) != 3 &&
+ sscanf(s, "%5[0-9]/%255[^/]/%5[0-9]",
+ sfwd_port, buf, sfwd_host_port) != 3) {
+
+ logit("Bad forwarding specifi...
2007 Oct 22
15
[Bug 1380] New: incorrect check for strlen(fwd->connect_host) in parse_forward()
...performed against listen_host when in
remote fwd mode; otherwise hostname of any length is sent over
The check against connect_host is already in
channel_setup_fwd_listener(). I think that correct way is to remove the
check from parse_forward() completely and put a new check against
listen_host to channel_request_remote_forwarding().
patch attached.
--
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
2000 Aug 23
1
Protocol 2 remote forwarding patch
...xstrdup("port listener"));
@@ -1506,38 +1645,149 @@
u_short port_to_connect)
{
int payload_len;
+ int type;
+ int success = 0;
+
/* Record locally that connection to this host/port is permitted. */
if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
fatal("channel_request_remote_forwarding: too many forwards");
- permitted_opens[num_permitted_opens].host_to_connect = xstrdup(host_to_connect);
- permitted_opens[num_permitted_opens].port_to_connect = port_to_connect;
- permitted_opens[num_permitted_opens].listen_port = listen_port;
- num_permitted_opens++;
-
/* Send the forwar...
2001 Feb 10
3
Protocol 2 remote forwarding patch
...xstrdup("port listener"), 1);
@@ -1536,15 +1639,12 @@
u_short port_to_connect)
{
int payload_len;
+ int type;
+ int success = 0;
/* Record locally that connection to this host/port is permitted. */
if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
fatal("channel_request_remote_forwarding: too many forwards");
- permitted_opens[num_permitted_opens].host_to_connect = xstrdup(host_to_connect);
- permitted_opens[num_permitted_opens].port_to_connect = port_to_connect;
- permitted_opens[num_permitted_opens].listen_port = listen_port;
- num_permitted_opens++;
-
/* Send the forwar...
2009 Feb 17
2
Idea: reverse socks proxy
Hi,
Just a usecase that I'm sure has been covered before but just in case
its not an openssh solution would be very helpful.
I was trying to install software on a server that was firewalled so no
outbound http connections would work. I was also tunnelling via
another server. Outbound ssh connections also were a convenient option.
What would have been nice would be a remote version of
2005 Feb 22
0
TR: 3.8.1p1 option "permitopennet" added
...rmittednet_opens == 0)
all_opens_permitted = 1;
}
@@ -2368,6 +2385,35 @@
}
void
+channel_add_permittednet_opens(char *netblock, char *netmask, int porta, int portb)
+{
+ /* XXX this does not make any sens */
+ if (num_permittednet_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
+ fatal("channel_request_remote_forwarding: too many forwards");
+
+ if (portb) debug("allow port forwarding to netblock %s/%s port %d-%d", netblock,netmask, porta, portb);
+ else debug("allow port forwarding to netblock %s/%s port %d", netblock,netmask, porta);
+
+ /* Continue if conversion fails - checked while p...
2006 Sep 27
1
ExitOnForwardFailure and Protocol 2.0
..."streamlocal" unix domain socket forwarding patch into 4.4p1
(or rather 20060926 SNAP) and I gather that the ExitOnForwardFailure
capability only works for protocol 1.0.
Am I misreading things? I was really looking forward to that feature.
I noticed when I began fixing a merge reject in
channel_request_remote_forwarding().
- Bill
2005 May 11
5
[Bug 1037] Man page for -L and -R should mention -g
http://bugzilla.mindrot.org/show_bug.cgi?id=1037
Summary: Man page for -L and -R should mention -g
Product: Portable OpenSSH
Version: 4.0p1
Platform: All
OS/Version: All
Status: NEW
Severity: trivial
Priority: P5
Component: Documentation
AssignedTo: bitbucket at mindrot.org
ReportedBy:
2001 Sep 20
1
Patch to allow local port forwarding from an existing connection
...3)
+ {
+ msg = "Invalid port forward";
+ goto out;
+ }
+ if (local) {
+ n = channel_request_local_forwarding(fwd_port, buf,
+ fwd_host_port,
+ options.gateway_ports);
+ if (n <= 0) {
+ msg = "Port forwarding failed";
+ goto out;
+ }
+ }
+ else
+ channel_request_remote_forwarding(fwd_port, buf, fwd_host_port);
+
+ msg = "Forwarding port";
+ out:
+ signal(SIGINT, handler);
+ enter_raw_mode();
+ if (msg) {
+ snprintf(string, sizeof string, "%s\r\n", msg);
+ buffer_append(berr, string, strlen(string));
+ }
+}
+
/* process the characters one by one */
in...
2002 Aug 13
1
[PATCH] global port forwarding restriction
...t;%255[^:]:%5[0-9]", host, sport) != 2 &&
+ sscanf(hostport, "%255[^/]/%5[0-9]", host, sport) != 2)
+ return -1;
+ if ((port = a2port(sport)) == 0)
+ return -1;
+
+ if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION ||
+ fix_permitted_opens)
fatal("channel_request_remote_forwarding: too many forwards");
debug("allow port forwarding to host %s port %d", host, port);
@@ -2224,6 +2249,7 @@
num_permitted_opens++;
all_opens_permitted = 0;
+ return 0;
}
void
@@ -2231,6 +2257,8 @@
{
int i;
+ if (fix_permitted_opens)
+ return;
for (i = 0; i < n...
2000 Aug 13
1
Patches for openssh port forwarding
...f the channels. This is
* updated in channel_allocate.
@@ -1506,15 +1509,12 @@
u_short port_to_connect)
{
int payload_len;
+ int type;
+
/* Record locally that connection to this host/port is permitted. */
if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION)
fatal("channel_request_remote_forwarding: too many forwards");
- permitted_opens[num_permitted_opens].host_to_connect = xstrdup(host_to_connect);
- permitted_opens[num_permitted_opens].port_to_connect = port_to_connect;
- permitted_opens[num_permitted_opens].listen_port = listen_port;
- num_permitted_opens++;
-
/* Send the forwar...
2002 Jan 05
2
new feature w/ patch
...1/channels.h openssh-3.0.2p1-NewFeature/channels.h
--- openssh-3.0.2p1/channels.h Sun Nov 11 18:04:55 2001
+++ openssh-3.0.2p1-NewFeature/channels.h Sat Jan 5 14:34:05 2002
@@ -189,7 +189,7 @@
int channel_connect_to(const char *, u_short);
int channel_connect_by_listen_address(u_short);
void channel_request_remote_forwarding(u_short, const char *, u_short);
-int channel_request_local_forwarding(u_short, const char *, u_short, int);
+int channel_request_local_forwarding(const char *, u_short, const char *, u_short, int);
int
channel_request_forwarding(const char *, u_short, const char *, u_short, int,
int);
dif...
2003 Jan 29
0
[PATCH] features for restricted shell environments
...t;%255[^:]:%5[0-9]", host, sport) != 2 &&
+ sscanf(hostport, "%255[^/]/%5[0-9]", host, sport) != 2)
+ return -1;
+ if ((port = a2port(sport)) == 0)
+ return -1;
+
+ if (num_permitted_opens >= SSH_MAX_FORWARDS_PER_DIRECTION ||
+ fix_permitted_opens)
fatal("channel_request_remote_forwarding: too many forwards");
debug("allow port forwarding to host %s port %d", host, port);
@@ -2239,6 +2282,7 @@
num_permitted_opens++;
all_opens_permitted = 0;
+ return 0;
}
void
@@ -2246,6 +2290,8 @@
{
int i;
+ if (fix_permitted_opens)
+ return;
for (i = 0; i < n...
2004 Jan 19
3
Security suggestion concering SSH and port forwarding.
Hi,
sorry if it is the wrong approuch to suggest improvments to OpenSSH,
but here comes my suggestion:
I recently stumbled upon the scponly shell which in it's chroot:ed form is
an ideal solution when you want to share some files with people you trust
more or less.
The problem is, if you use the scponlyc as shell, port forwarding is still
allowed. This can of course be dissallowed in
2010 Jan 14
1
ssh(1) multiplexing rewrite
...S_FAILURE);
+ buffer_put_cstring(r, "Port forwarding failed");
+ goto out;
+ }
+ add_local_forward(&options, &fwd);
+ freefwd = 0;
+ } else {
+ /* XXX wait for remote to confirm */
+ if (options.num_remote_forwards + 1 >=
+ SSH_MAX_FORWARDS_PER_DIRECTION ||
+ channel_request_remote_forwarding(fwd.listen_host,
+ fwd.listen_port, fwd.connect_host, fwd.connect_port) < 0)
+ goto fail;
+ add_remote_forward(&options, &fwd);
+ freefwd = 0;
+ }
+ buffer_put_int(r, MUX_S_OK);
+ out:
+ if (fwd_desc != NULL)
+ xfree(fwd_desc);
+ if (freefwd) {
+ if (fwd.listen_host != NULL)
+...