Re: combining multihop and -J command for proxy connect
> Hans Harder hat am 4. August 2018 um 12:58 geschrieben:
>
>
> Underneath the patch against the current git version
> Hans
>
> diff -w dropbear-git/cli-runopts.c dropbear-patch/cli-runopts.c
> --- dropbear-git/cli-runopts.c
> +++ dropbear-patch/cli-runopts.c
> @@ -629,9 +629,7 @@
> /* Set up the proxycmd */
> unsigned int cmd_len = 0;
> char *passthrough_args = multihop_passthrough_args();
> - if (cli_opts.proxycmd) {
> - dropbear_exit("-J can't be used with multihop mode");
> - }
> + char *pproxycmd = NULL;
> if (cli_opts.remoteport == NULL) {
> cli_opts.remoteport = "22";
> }
> @@ -639,14 +637,27 @@
> + strlen(cli_opts.remotehost) +
> strlen(cli_opts.remoteport)
> + strlen(passthrough_args)
> + 30;
> + /* if proxycmd is filled, pass it also with every exec */
> + if (cli_opts.proxycmd) {
> + int proxylen = strlen(cli_opts.proxycmd) + 10;
> + /* save original proxycmd to insert in new cmd */
> + pproxycmd = m_malloc(proxylen);
> + snprintf(pproxycmd,proxylen,"-J \"%s\"
> ",cli_opts.proxycmd);
> + cli_opts.proxycmd = NULL;
> + /* increase cmd_len with proxycmd length */
> + cmd_len += proxylen;
> + }
same notes;
if you use "" for pproxycmd you may have it more easy with sprintf() below
instead of malloc/snprintf would it be possible to use asprintf() ?
> cli_opts.proxycmd = m_malloc(cmd_len);
> - snprintf(cli_opts.proxycmd, cmd_len, "%s -B %s:%s %s %s",
> - argv0, cli_opts.remotehost,
> cli_opts.remoteport,
> - passthrough_args, remainder);
> + snprintf(cli_opts.proxycmd, cmd_len, "%s %s-B %s:%s %s %s",
> + argv0, (pproxycmd)?pproxycmd:"",
> + cli_opts.remotehost,
> cli_opts.remoteport, passthrough_args, remainder);
the "-B" looks very close to the %s
just my 2 cents
re,
wh
> #ifndef DISABLE_ZLIB
> /* The stream will be incompressible since it's encrypted. */
> opts.compress_mode = DROPBEAR_COMPRESS_OFF;
> #endif
> + if (pproxycmd) {
> + m_free(pproxycmd);
> + }
> m_free(passthrough_args);
> }
> m_free(hostbuf);
Re: combining multihop and -J command for proxy connect
Underneath the patch against the current git version
Hans
diff -w dropbear-git/cli-runopts.c dropbear-patch/cli-runopts.c
--- dropbear-git/cli-runopts.c
+++ dropbear-patch/cli-runopts.c
@@ -629,9 +629,7 @@
/* Set up the proxycmd */
unsigned int cmd_len = 0;
char *passthrough_args = multihop_passthrough_args();
- if (cli_opts.proxycmd) {
- dropbear_exit("-J can't be used with multihop mode");
- }
+ char *pproxycmd = NULL;
if (cli_opts.remoteport == NULL) {
cli_opts.remoteport = "22";
}
@@ -639,14 +637,27 @@
+ strlen(cli_opts.remotehost) +
strlen(cli_opts.remoteport)
+ strlen(passthrough_args)
+ 30;
+ /* if proxycmd is filled, pass it also with every exec */
+ if (cli_opts.proxycmd) {
+ int proxylen = strlen(cli_opts.proxycmd) + 10;
+ /* save original proxycmd to insert in new cmd */
+ pproxycmd = m_malloc(proxylen);
+ snprintf(pproxycmd,proxylen,"-J \"%s\"
",cli_opts.proxycmd);
+ cli_opts.proxycmd = NULL;
+ /* increase cmd_len with proxycmd length */
+ cmd_len += proxylen;
+ }
cli_opts.proxycmd = m_malloc(cmd_len);
- snprintf(cli_opts.proxycmd, cmd_len, "%s -B %s:%s %s %s",
- argv0, cli_opts.remotehost, cli_opts.remoteport,
- passthrough_args, remainder);
+ snprintf(cli_opts.proxycmd, cmd_len, "%s %s-B %s:%s %s %s",
+ argv0, (pproxycmd)?pproxycmd:"",
+ cli_opts.remotehost,
cli_opts.remoteport, passthrough_args, remainder);
#ifndef DISABLE_ZLIB
/* The stream will be incompressible since it's encrypted. */
opts.compress_mode = DROPBEAR_COMPRESS_OFF;
#endif
+ if (pproxycmd) {
+ m_free(pproxycmd);
+ }
m_free(passthrough_args);
}
m_free(hostbuf);
Re: combining multihop and -J command for proxy connect
did some testing with a small adaption in cli-runopts.c
Basicly if a proycmd if used and multihop is used, I pass the proxycmd with
-J in each exec
Seems to work :)
underneath the complete function... didn't have time to make a diff to the
original...
Hans
static void parse_multihop_hostname(const char* orighostarg, const char*
argv0) {
char *userhostarg = NULL;
char *hostbuf = NULL;
char *last_hop = NULL;
char *remainder = NULL;
/* both scp and rsync parse a user@host argument
* and turn it into "-l user host". This breaks
* for our multihop syntax, so we suture it back together.
* This will break usernames that have both '@' and ',' in them,
* though that should be fairly uncommon. */
if (cli_opts.username
&& strchr(cli_opts.username, ',')
&& strchr(cli_opts.username, '@')) {
unsigned int len = strlen(orighostarg) + strlen(cli_opts.username) + 2;
hostbuf = m_malloc(len);
snprintf(hostbuf, len, "%s@%s", cli_opts.username, orighostarg);
} else {
hostbuf = m_strdup(orighostarg);
}
userhostarg = hostbuf;
last_hop = strrchr(userhostarg, ',');
if (last_hop) {
if (last_hop == userhostarg) {
dropbear_exit("Bad multi-hop hostnames");
}
*last_hop = '\0';
last_hop++;
remainder = userhostarg;
userhostarg = last_hop;
}
parse_hostname(userhostarg);
if (last_hop) {
/* Set up the proxycmd */
unsigned int cmd_len = 0;
char *passthrough_args = multihop_passthrough_args();
char *pproxycmd = NULL;
if (cli_opts.remoteport == NULL) {
cli_opts.remoteport = "22";
}
cmd_len = strlen(argv0) + strlen(remainder)
+ strlen(cli_opts.remotehost) + strlen(cli_opts.remoteport)
+ strlen(passthrough_args)
+ 30;
/* if proxycmd is filled, pass it also with every exec */
if (cli_opts.proxycmd) {
int proxylen = strlen(cli_opts.proxycmd) + 10;
/* save original proxycmd to insert in new cmd */
pproxycmd = m_malloc(proxylen);
snprintf(pproxycmd,proxylen,"-J \"%s\"
",cli_opts.proxycmd);
cli_opts.proxycmd = NULL;
/* increase cmd_len with proxycmd length */
cmd_len += proxylen;
}
cli_opts.proxycmd = m_malloc(cmd_len);
snprintf(cli_opts.proxycmd, cmd_len, "%s %s-B %s:%s %s %s",
argv0, (pproxycmd)?pproxycmd:"",
cli_opts.remotehost, cli_opts.remoteport,
passthrough_args, remainder);
#ifndef DISABLE_ZLIB
/* The stream will be incompressible since it's encrypted. */
opts.compress_mode = DROPBEAR_COMPRESS_OFF;
#endif
if (pproxycmd) m_free(pproxycmd);
m_free(passthrough_args);
}
m_free(hostbuf);
}
>
combining multihop and -J command for proxy connect
I have to do a multihop behind after a proxy connect... so I do something like: dbclient -J "corkscrew proxyserver proxyport makado 22" user@makado ,user@canyons but I get the message : Exited: -J can't be used with multihop mode Basicly what I see in cli-runopts.c that if multihop is detected it prevents that -J is used, because multihop uses itself the -J option... Any suggestion how I get this working ? Hans
