diff options
| author | Matt Johnston <matt@ucc.asn.au> | 2005-12-04 16:13:11 +0000 |
|---|---|---|
| committer | Matt Johnston <matt@ucc.asn.au> | 2005-12-04 16:13:11 +0000 |
| commit | a673d609639b180eee3a4ba49d7f07d0239ea666 (patch) | |
| tree | cc1c3b4f3d9d52b79861942a360bca266e98bdcb /tcp-accept.c | |
| parent | 736f370dce614b717193f45d084e9e009de723ce (diff) | |
* add -g (dbclient) and -a (dropbear) options for allowing non-local
hosts to connect to forwarded ports. Rearranged various some of the
tcp listening code.
* changed to /* */ style brackets in svr-authpam.c
--HG--
extra : convert_revision : c1e04e648867db464fe9818c4910e4320cd50c32
Diffstat (limited to 'tcp-accept.c')
| -rw-r--r-- | tcp-accept.c | 24 |
1 files changed, 17 insertions, 7 deletions
diff --git a/tcp-accept.c b/tcp-accept.c index e75224e..ac33566 100644 --- a/tcp-accept.c +++ b/tcp-accept.c @@ -39,6 +39,7 @@ static void cleanup_tcp(struct Listener *listener) { struct TCPListener *tcpinfo = (struct TCPListener*)(listener->typedata); m_free(tcpinfo->sendaddr); + m_free(tcpinfo->listenaddr); m_free(tcpinfo); } @@ -65,10 +66,14 @@ static void tcp_acceptor(struct Listener *listener, int sock) { if (send_msg_channel_open_init(fd, tcpinfo->chantype) == DROPBEAR_SUCCESS) { - buf_putstring(ses.writepayload, tcpinfo->sendaddr, - strlen(tcpinfo->sendaddr)); - buf_putint(ses.writepayload, tcpinfo->sendport); + // address that was connected + buf_putstring(ses.writepayload, tcpinfo->listenaddr, + strlen(tcpinfo->listenaddr)); + // port that was connected + buf_putint(ses.writepayload, tcpinfo->listenport); + // originator ip buf_putstring(ses.writepayload, ipstring, strlen(ipstring)); + // originator port buf_putint(ses.writepayload, atol(portstring)); encrypt_packet(); @@ -86,16 +91,21 @@ int listen_tcpfwd(struct TCPListener* tcpinfo) { struct Listener *listener = NULL; int nsocks; char* errstring = NULL; + // listen_spec = NULL indicates localhost + const char* listen_spec = NULL; TRACE(("enter listen_tcpfwd")) /* first we try to bind, so don't need to do so much cleanup on failure */ snprintf(portstring, sizeof(portstring), "%d", tcpinfo->listenport); - /* XXX Note: we're just listening on localhost, no matter what they tell - * us. If someone wants to make it listen otherways, then change - * the "" argument. but that requires UI changes too */ - nsocks = dropbear_listen("", portstring, socks, + /* a listenaddr of "" will indicate all interfaces */ + if (opts.listen_fwd_all + && (strcmp(tcpinfo->listenaddr, "localhost") != 0) ) { + listen_spec = tcpinfo->listenaddr; + } + + nsocks = dropbear_listen(listen_spec, portstring, socks, DROPBEAR_MAX_SOCKS, &errstring, &ses.maxfd); if (nsocks < 0) { dropbear_log(LOG_INFO, "TCP forward failed: %s", errstring); |