Re: combining multihop and -J command for proxy connect
> Hans Harder hat am 4. August 2018 um 12:58 geschrieben: > > > Underneath the patch against the current git version > Hans > > diff -w dropbear-git/cli-runopts.c dropbear-patch/cli-runopts.c > --- dropbear-git/cli-runopts.c > +++ dropbear-patch/cli-runopts.c > @@ -629,9 +629,7 @@ > /* Set up the proxycmd */ > unsigned int cmd_len = 0; > char *passthrough_args = multihop_passthrough_args(); > - if (cli_opts.proxycmd) { > - dropbear_exit("-J can't be used with multihop mode"); > - } > + char *pproxycmd = NULL; > if (cli_opts.remoteport == NULL) { > cli_opts.remoteport = "22"; > } > @@ -639,14 +637,27 @@ > + strlen(cli_opts.remotehost) + > strlen(cli_opts.remoteport) > + strlen(passthrough_args) > + 30; > + /* if proxycmd is filled, pass it also with every exec */ > + if (cli_opts.proxycmd) { > + int proxylen = strlen(cli_opts.proxycmd) + 10; > + /* save original proxycmd to insert in new cmd */ > + pproxycmd = m_malloc(proxylen); > + snprintf(pproxycmd,proxylen,"-J \"%s\" > ",cli_opts.proxycmd); > + cli_opts.proxycmd = NULL; > + /* increase cmd_len with proxycmd length */ > + cmd_len += proxylen; > + } same notes; if you use "" for pproxycmd you may have it more easy with sprintf() below instead of malloc/snprintf would it be possible to use asprintf() ? > cli_opts.proxycmd = m_malloc(cmd_len); > - snprintf(cli_opts.proxycmd, cmd_len, "%s -B %s:%s %s %s", > - argv0, cli_opts.remotehost, > cli_opts.remoteport, > - passthrough_args, remainder); > + snprintf(cli_opts.proxycmd, cmd_len, "%s %s-B %s:%s %s %s", > + argv0, (pproxycmd)?pproxycmd:"", > + cli_opts.remotehost, > cli_opts.remoteport, passthrough_args, remainder); the "-B" looks very close to the %s just my 2 cents re, wh > #ifndef DISABLE_ZLIB > /* The stream will be incompressible since it's encrypted. */ > opts.compress_mode = DROPBEAR_COMPRESS_OFF; > #endif > + if (pproxycmd) { > + m_free(pproxycmd); > + } > m_free(passthrough_args); > } > m_free(hostbuf);
Re: combining multihop and -J command for proxy connect
Underneath the patch against the current git version Hans diff -w dropbear-git/cli-runopts.c dropbear-patch/cli-runopts.c --- dropbear-git/cli-runopts.c +++ dropbear-patch/cli-runopts.c @@ -629,9 +629,7 @@ /* Set up the proxycmd */ unsigned int cmd_len = 0; char *passthrough_args = multihop_passthrough_args(); - if (cli_opts.proxycmd) { - dropbear_exit("-J can't be used with multihop mode"); - } + char *pproxycmd = NULL; if (cli_opts.remoteport == NULL) { cli_opts.remoteport = "22"; } @@ -639,14 +637,27 @@ + strlen(cli_opts.remotehost) + strlen(cli_opts.remoteport) + strlen(passthrough_args) + 30; + /* if proxycmd is filled, pass it also with every exec */ + if (cli_opts.proxycmd) { + int proxylen = strlen(cli_opts.proxycmd) + 10; + /* save original proxycmd to insert in new cmd */ + pproxycmd = m_malloc(proxylen); + snprintf(pproxycmd,proxylen,"-J \"%s\" ",cli_opts.proxycmd); + cli_opts.proxycmd = NULL; + /* increase cmd_len with proxycmd length */ + cmd_len += proxylen; + } cli_opts.proxycmd = m_malloc(cmd_len); - snprintf(cli_opts.proxycmd, cmd_len, "%s -B %s:%s %s %s", - argv0, cli_opts.remotehost, cli_opts.remoteport, - passthrough_args, remainder); + snprintf(cli_opts.proxycmd, cmd_len, "%s %s-B %s:%s %s %s", + argv0, (pproxycmd)?pproxycmd:"", + cli_opts.remotehost, cli_opts.remoteport, passthrough_args, remainder); #ifndef DISABLE_ZLIB /* The stream will be incompressible since it's encrypted. */ opts.compress_mode = DROPBEAR_COMPRESS_OFF; #endif + if (pproxycmd) { + m_free(pproxycmd); + } m_free(passthrough_args); } m_free(hostbuf);
Re: combining multihop and -J command for proxy connect
did some testing with a small adaption in cli-runopts.c Basicly if a proycmd if used and multihop is used, I pass the proxycmd with -J in each exec Seems to work :) underneath the complete function... didn't have time to make a diff to the original... Hans static void parse_multihop_hostname(const char* orighostarg, const char* argv0) { char *userhostarg = NULL; char *hostbuf = NULL; char *last_hop = NULL; char *remainder = NULL; /* both scp and rsync parse a user@host argument * and turn it into "-l user host". This breaks * for our multihop syntax, so we suture it back together. * This will break usernames that have both '@' and ',' in them, * though that should be fairly uncommon. */ if (cli_opts.username && strchr(cli_opts.username, ',') && strchr(cli_opts.username, '@')) { unsigned int len = strlen(orighostarg) + strlen(cli_opts.username) + 2; hostbuf = m_malloc(len); snprintf(hostbuf, len, "%s@%s", cli_opts.username, orighostarg); } else { hostbuf = m_strdup(orighostarg); } userhostarg = hostbuf; last_hop = strrchr(userhostarg, ','); if (last_hop) { if (last_hop == userhostarg) { dropbear_exit("Bad multi-hop hostnames"); } *last_hop = '\0'; last_hop++; remainder = userhostarg; userhostarg = last_hop; } parse_hostname(userhostarg); if (last_hop) { /* Set up the proxycmd */ unsigned int cmd_len = 0; char *passthrough_args = multihop_passthrough_args(); char *pproxycmd = NULL; if (cli_opts.remoteport == NULL) { cli_opts.remoteport = "22"; } cmd_len = strlen(argv0) + strlen(remainder) + strlen(cli_opts.remotehost) + strlen(cli_opts.remoteport) + strlen(passthrough_args) + 30; /* if proxycmd is filled, pass it also with every exec */ if (cli_opts.proxycmd) { int proxylen = strlen(cli_opts.proxycmd) + 10; /* save original proxycmd to insert in new cmd */ pproxycmd = m_malloc(proxylen); snprintf(pproxycmd,proxylen,"-J \"%s\" ",cli_opts.proxycmd); cli_opts.proxycmd = NULL; /* increase cmd_len with proxycmd length */ cmd_len += proxylen; } cli_opts.proxycmd = m_malloc(cmd_len); snprintf(cli_opts.proxycmd, cmd_len, "%s %s-B %s:%s %s %s", argv0, (pproxycmd)?pproxycmd:"", cli_opts.remotehost, cli_opts.remoteport, passthrough_args, remainder); #ifndef DISABLE_ZLIB /* The stream will be incompressible since it's encrypted. */ opts.compress_mode = DROPBEAR_COMPRESS_OFF; #endif if (pproxycmd) m_free(pproxycmd); m_free(passthrough_args); } m_free(hostbuf); } >
combining multihop and -J command for proxy connect
I have to do a multihop behind after a proxy connect... so I do something like: dbclient -J "corkscrew proxyserver proxyport makado 22" user@makado ,user@canyons but I get the message : Exited: -J can't be used with multihop mode Basicly what I see in cli-runopts.c that if multihop is detected it prevents that -J is used, because multihop uses itself the -J option... Any suggestion how I get this working ? Hans