It has been known for a long time that this is actually a really terrible idea:
http://sites.inka.de/~W1011/devel/tcp-tcp.html It might appear to work just fine on completely uncongested links with zero packet loss, but theory says that as soon as there is any congestion at all, it will break horribly. >This patch adds protocol support for PPP over SSH. The protocol name is >'pppossh' with the following options. > > - server, required, SSH server name. > - port, SSH server port. > - sshuser, required, SSH login username. > - identity, list of client private key files. ~/.ssh/id_{rsa,dsa} will > be used if no identity file was specified. At least one of them must > be valid key file for the public key authentication to proceed. > - ipaddr, local ip address to be assigned. > - peeraddr, peer ip address to be assigned. > - ssh_options, extra ssh client options. > >Because the protocol script file ppp.sh will be called with $HOME set to >'/', we need to explicitly set it to the right value so that dropbear >client can read '~/known_hosts' correctly. > >Signed-off-by: Yousong Zhou <yszhou4tech at gmail.com> >--- >v1 -> v2 > > - Use common option names as suggested by jow and nbd. > - Default to using ~/.ssh/id_{rsa,dsa} as the identity file. > - Set $HOME to correct value for the current user instead of unset it. > >v2 -> v3 > > - Change type of acceptunknown to boolean. > - Squeeze multiple calls to proto_config_add_string to one. > >v3 -> v4 > > - Use default identity files only when no explicit key files were > specified. > - Added a new option `ssh_options' which will be added as part of ssh > client options. > - Change the type of `port' option to int. > - Change the type of `identity` option to array type. > >v4 -> v5 > > - Remove `acceptunknown' option. For dropbear client `-y' option can be > used, and for OpenSSH client it's '-o StrictHostKeyChecking xx'. Both of > them can be specified through the `ssh_options'. > - Make variable `pty' local. > > package/network/services/ppp/Makefile | 2 +- > package/network/services/ppp/files/ppp.sh | 55 +++++++++++++++++++++++++++++ > 2 files changed, 56 insertions(+), 1 deletions(-) > >diff --git a/package/network/services/ppp/Makefile >b/package/network/services/ppp/Makefile >index 9bf9616..a707985 100644 >--- a/package/network/services/ppp/Makefile >+++ b/package/network/services/ppp/Makefile >@@ -10,7 +10,7 @@ include $(INCLUDE_DIR)/kernel.mk > > PKG_NAME:=ppp > PKG_VERSION:=2.4.5 >-PKG_RELEASE:=10 >+PKG_RELEASE:=11 > > PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz > PKG_SOURCE_URL:=ftp://ftp.samba.org/pub/ppp/ >diff --git a/package/network/services/ppp/files/ppp.sh >b/package/network/services/ppp/files/ppp.sh >index 8824409..19825b1 100755 >--- a/package/network/services/ppp/files/ppp.sh >+++ b/package/network/services/ppp/files/ppp.sh >@@ -206,10 +206,65 @@ proto_pptp_teardown() { > ppp_generic_teardown "$@" > } > >+proto_pppossh_init_config() { >+ ppp_generic_init_config >+ proto_config_add_string server sshuser ipaddr peeraddr ssh_options >+ proto_config_add_string 'identity:list(string)' >+ proto_config_add_int port >+ available=1 >+ no_device=1 >+} >+ >+proto_pppossh_setup() { >+ local config="$1" >+ local iface="$2" >+ local user="$(id -nu)" >+ local home=$(sh -c "echo ~$user") >+ local ip serv_addr errmsg >+ local opts pty >+ >+ json_get_vars port sshuser identity ipaddr peeraddr ssh_options >+ json_get_var server server && { >+ for ip in $(resolveip -t 5 "$server"); do >+ ( proto_add_host_dependency "$config" "$ip" ) >+ serv_addr=1 >+ done >+ } >+ [ -n "$serv_addr" ] || errmsg="${errmsg}Could not resolve $server.\n" >+ [ -n "$sshuser" ] || errmsg="${errmsg}Missing sshuser option.\n" >+ [ -z "$identity" ] && identity="'$home/.ssh/id_rsa' '$home/.ssh/id_dsa'" >+ { >+ local fn >+ for fn in $identity; do >+ [ -f "$fn" ] && opts="$opts -i $fn" >+ done >+ [ -n "$opts" ] || errmsg="${errmsg}Cannot find valid identity >file.\n" >+ } >+ [ -n "$errmsg" ] && { >+ echo -ne "$errmsg" >+ sleep 5 >+ proto_setup_failed "$config" >+ exit 1 >+ } >+ opts="$opts ${port:+-p $port}" >+ opts="$opts ${ssh_options}" >+ opts="$opts $sshuser@$server" >+ pty="env 'HOME=$home' /usr/bin/ssh $opts pppd nodetach notty noauth" >+ ippair="$ipaddr:$peeraddr" >+ >+ ppp_generic_setup "$config" \ >+ noauth pty "$pty" "$ippair" >+} >+ >+proto_pppossh_teardown() { >+ ppp_generic_teardown "$@" >+} >+ > [ -n "$INCLUDE_ONLY" ] || { > add_protocol ppp > [ -f /usr/lib/pppd/*/rp-pppoe.so ] && add_protocol pppoe > [ -f /usr/lib/pppd/*/pppoatm.so ] && add_protocol pppoa > [ -f /usr/lib/pppd/*/pptp.so ] && add_protocol pptp >+ [ -x /usr/bin/ssh ] && add_protocol pppossh > } > >-- >1.7.2.5 _______________________________________________ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
