combining multihop and -J command for proxy connect

Hans Harder hans at atbas.org
Sat Aug 4 05:05:52 AWST 2018


did some testing with a small adaption in cli-runopts.c
Basicly if a proycmd if used and multihop is used, I pass the proxycmd with
-J in each exec

Seems to work :)
underneath the complete function...  didn't have time to make a diff to the
original...

Hans


static void parse_multihop_hostname(const char* orighostarg, const char*
argv0) {
char *userhostarg = NULL;
char *hostbuf = NULL;
char *last_hop = NULL;
char *remainder = NULL;

/* both scp and rsync parse a user at host argument
* and turn it into "-l user host". This breaks
* for our multihop syntax, so we suture it back together.
* This will break usernames that have both '@' and ',' in them,
* though that should be fairly uncommon. */
if (cli_opts.username
&& strchr(cli_opts.username, ',')
&& strchr(cli_opts.username, '@')) {
unsigned int len = strlen(orighostarg) + strlen(cli_opts.username) + 2;
hostbuf = m_malloc(len);
snprintf(hostbuf, len, "%[email protected]%s", cli_opts.username, orighostarg);
} else {
hostbuf = m_strdup(orighostarg);
}
userhostarg = hostbuf;

last_hop = strrchr(userhostarg, ',');
if (last_hop) {
if (last_hop == userhostarg) {
dropbear_exit("Bad multi-hop hostnames");
}
*last_hop = '\0';
last_hop++;
remainder = userhostarg;
userhostarg = last_hop;
}

parse_hostname(userhostarg);

if (last_hop) {
/* Set up the proxycmd */
unsigned int cmd_len = 0;
char *passthrough_args = multihop_passthrough_args();
                char *pproxycmd = NULL;
if (cli_opts.remoteport == NULL) {
cli_opts.remoteport = "22";
}
cmd_len = strlen(argv0) + strlen(remainder)
+ strlen(cli_opts.remotehost) + strlen(cli_opts.remoteport)
+ strlen(passthrough_args)
+ 30;
                /* if proxycmd is filled, pass it also with every exec */
if (cli_opts.proxycmd) {
                     int proxylen = strlen(cli_opts.proxycmd) + 10;
                     /* save original proxycmd to insert in new cmd */
         pproxycmd = m_malloc(proxylen);
                     snprintf(pproxycmd,proxylen,"-J \"%s\"
",cli_opts.proxycmd);
                     cli_opts.proxycmd = NULL;
                     /* increase cmd_len with proxycmd length */
                     cmd_len += proxylen;
}
cli_opts.proxycmd = m_malloc(cmd_len);
snprintf(cli_opts.proxycmd, cmd_len, "%s %s-B %s:%s %s %s",
argv0, (pproxycmd)?pproxycmd:"",
                                cli_opts.remotehost, cli_opts.remoteport,
passthrough_args, remainder);
#ifndef DISABLE_ZLIB
/* The stream will be incompressible since it's encrypted. */
opts.compress_mode = DROPBEAR_COMPRESS_OFF;
#endif
if (pproxycmd) m_free(pproxycmd);
m_free(passthrough_args);
}
m_free(hostbuf);
}


>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/attachments/20180803/c602f37d/attachment.htm 


More information about the Dropbear mailing list