combining multihop and -J command for proxy connect

Walter Harms wharms at bfs.de
Thu Aug 9 00:03:09 AWST 2018 


> Hans Harder <hans at atbas.org> hat am 4. August 2018 um 12:58 geschrieben:
> 
> 
> Underneath the patch against the current git version
> Hans
> 
> diff -w dropbear-git/cli-runopts.c dropbear-patch/cli-runopts.c
> --- dropbear-git/cli-runopts.c
> +++ dropbear-patch/cli-runopts.c
> @@ -629,9 +629,7 @@
>                 /* Set up the proxycmd */
>                 unsigned int cmd_len = 0;
>                 char *passthrough_args = multihop_passthrough_args();
> -               if (cli_opts.proxycmd) {
> -                       dropbear_exit("-J can't be used with multihop mode");
> -               }
> +               char *pproxycmd = NULL;
>                 if (cli_opts.remoteport == NULL) {
>                         cli_opts.remoteport = "22";
>                 }
> @@ -639,14 +637,27 @@
>                         + strlen(cli_opts.remotehost) +
> strlen(cli_opts.remoteport)
>                         + strlen(passthrough_args)
>                         + 30;
> +               /* if proxycmd is filled, pass it also with every exec */
> +               if (cli_opts.proxycmd) {
> +                       int proxylen = strlen(cli_opts.proxycmd) + 10;
> +                       /* save original proxycmd to insert in new cmd */
> +                       pproxycmd = m_malloc(proxylen);
> +                       snprintf(pproxycmd,proxylen,"-J \"%s\"
> ",cli_opts.proxycmd);
> +                       cli_opts.proxycmd = NULL;
> +                       /* increase cmd_len with proxycmd length */
> +                       cmd_len += proxylen;
> +               }

same  notes;

if you use "" for pproxycmd you may have it more easy with sprintf() below
instead of malloc/snprintf would it be possible to use asprintf() ?



>                 cli_opts.proxycmd = m_malloc(cmd_len);
> -               snprintf(cli_opts.proxycmd, cmd_len, "%s -B %s:%s %s %s",
> -                               argv0, cli_opts.remotehost,
> cli_opts.remoteport,
> -                               passthrough_args, remainder);
> +               snprintf(cli_opts.proxycmd, cmd_len, "%s %s-B %s:%s %s %s",
> +                               argv0, (pproxycmd)?pproxycmd:"",
> +                               cli_opts.remotehost,
> cli_opts.remoteport, passthrough_args, remainder);

the "-B" looks very close to the %s

just my 2 cents
re,
 wh


>  #ifndef DISABLE_ZLIB
>                 /* The stream will be incompressible since it's encrypted. */
>                 opts.compress_mode = DROPBEAR_COMPRESS_OFF;
>  #endif
> +               if (pproxycmd) {
> +                       m_free(pproxycmd);
> +               }
>                 m_free(passthrough_args);
>         }
>         m_free(hostbuf);

More information about the Dropbear mailing list