lib/libssh2
1
0
Fork 0
mirror of https://github.com/libssh2/libssh2.git synced 2025-04-22 00:45:51 +03:00
Code
libssh2/example/tcpip-forward.c
Viktor Szakats 31fb8860db
build: more fixes and tidy-up (mostly for Windows) 
- cmake: always link `ws2_32` on Windows. Also add it to `libssh2.pc`.

   Fixes #745

- agent: fix gcc compiler warning:
   `src/agent.c:296:35: warning: 'snprintf' output truncated before the last format character [-Wformat-truncation=]`

- autotools: fix `EVP_aes_128_ctr` detection with binutils `ld`

   The prerequisite for a successful detection is setting
   `LIBS=-lbcrypt` if the chosen openssl-compatible library requires
   it, e.g. libressl, or quictls/openssl built with
   `-DUSE_BCRYPTGENRANDOM`.

   With llvm `lld`, detection works out of the box. With binutils `ld`,
   it does not. The reason is `ld`s world-famous pickiness with lib
   order.

   To fix it, we pass all custom libs before and after the TLS libs.
   This ugly hack makes `ld` happy and detection succeed.

- agent: fix Windows-specific warning:
  `src/agent.c:318:10: warning: implicit conversion loses integer precision: 'LRESULT' (aka 'long long') to 'int' [-Wshorten-64-to-32]`

- src: fix llvm/clang compiler warning:
  `src/libssh2_priv.h:987:28: warning: variadic macros are a C99 feature [-Wvariadic-macros]`

- src: support `inline` with `__GNUC__` (llvm/clang and gcc), fixing:
  ```
  src/libssh2_priv.h:990:8: warning: extension used [-Wlanguage-extension-token]
  static inline void
         ^
  ```

- blowfish: support `inline` keyword with MSVC.

   Also switch to `__inline__` (from `__inline`) for `__GNUC__`:
     https://gcc.gnu.org/onlinedocs/gcc/Inline.html
     https://clang.llvm.org/docs/UsersManual.html#differences-between-various-standard-modes

- example/test: fix MSVC compiler warnings:

  - `example\direct_tcpip.c(209): warning C4244: 'function': conversion from 'unsigned int' to 'u_short', possible loss of data`
  - `tests\session_fixture.c(96): warning C4013: 'getcwd' undefined; assuming extern returning int`
  - `tests\session_fixture.c(100): warning C4013: 'chdir' undefined; assuming extern returning int`

- delete unused macros:
  - `HAVE_SOCKET`
  - `HAVE_INET_ADDR`
  - `NEED_LIB_NSL`
  - `NEED_LIB_SOCKET`
  - `HAVE_NTSTATUS_H`
  - `HAVE_NTDEF_H`

- build: delete stale zlib/openssl version numbers from path defaults.

- cmake: convert tabs to spaces, add newline at EOFs.

Closes #811
2023-03-07 15:14:22 +00:00

328 lines
9.2 KiB
C
Raw Blame History

#ifdef WIN32
#ifndef _WINSOCK_DEPRECATED_NO_WARNINGS
#define _WINSOCK_DEPRECATED_NO_WARNINGS
#endif
#endif
#include "libssh2_config.h"
#include <libssh2.h>
#ifdef WIN32
#include <windows.h>
#include <winsock2.h>
#include <ws2tcpip.h>
#else
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <sys/time.h>
#endif
#include <fcntl.h>
#include <errno.h>
#include <stdio.h>
#ifdef HAVE_STDLIB_H
#include <stdlib.h>
#endif
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#include <sys/types.h>
#ifdef HAVE_SYS_SELECT_H
#include <sys/select.h>
#endif
#ifndef INADDR_NONE
#define INADDR_NONE (in_addr_t)-1
#endif
const char *keyfile1 = "/home/username/.ssh/id_rsa.pub";
const char *keyfile2 = "/home/username/.ssh/id_rsa";
const char *username = "username";
const char *password = "";
const char *server_ip = "127.0.0.1";
const char *remote_listenhost = "localhost"; /* resolved by the server */
int remote_wantport = 2222;
int remote_listenport;
const char *local_destip = "127.0.0.1";
int local_destport = 22;
enum {
AUTH_NONE = 0,
AUTH_PASSWORD,
AUTH_PUBLICKEY
};
int main(int argc, char *argv[])
{
int rc, i, auth = AUTH_NONE;
struct sockaddr_in sin;
socklen_t sinlen = sizeof(sin);
const char *fingerprint;
char *userauthlist;
LIBSSH2_SESSION *session;
LIBSSH2_LISTENER *listener = NULL;
LIBSSH2_CHANNEL *channel = NULL;
fd_set fds;
struct timeval tv;
ssize_t len, wr;
char buf[16384];
libssh2_socket_t sock = LIBSSH2_INVALID_SOCKET;
libssh2_socket_t forwardsock = LIBSSH2_INVALID_SOCKET;
#ifdef WIN32
WSADATA wsadata;
int err;
err = WSAStartup(MAKEWORD(2, 0), &wsadata);
if(err != 0) {
fprintf(stderr, "WSAStartup failed with error: %d\n", err);
return 1;
}
#endif
if(argc > 1)
server_ip = argv[1];
if(argc > 2)
username = argv[2];
if(argc > 3)
password = argv[3];
if(argc > 4)
remote_listenhost = argv[4];
if(argc > 5)
remote_wantport = atoi(argv[5]);
if(argc > 6)
local_destip = argv[6];
if(argc > 7)
local_destport = atoi(argv[7]);
rc = libssh2_init(0);
if(rc != 0) {
fprintf(stderr, "libssh2 initialization failed (%d)\n", rc);
return 1;
}
/* Connect to SSH server */
sock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
if(sock == LIBSSH2_INVALID_SOCKET) {
#ifdef WIN32
fprintf(stderr, "failed to open socket!\n");
#else
perror("socket");
#endif
return -1;
}
sin.sin_family = AF_INET;
sin.sin_addr.s_addr = inet_addr(server_ip);
if(INADDR_NONE == sin.sin_addr.s_addr) {
perror("inet_addr");
return -1;
}
sin.sin_port = htons(22);
if(connect(sock, (struct sockaddr*)(&sin),
sizeof(struct sockaddr_in)) != 0) {
fprintf(stderr, "failed to connect!\n");
return -1;
}
/* Create a session instance */
session = libssh2_session_init();
if(!session) {
fprintf(stderr, "Could not initialize SSH session!\n");
return -1;
}
/* ... start it up. This will trade welcome banners, exchange keys,
* and setup crypto, compression, and MAC layers
*/
rc = libssh2_session_handshake(session, sock);
if(rc) {
fprintf(stderr, "Error when starting up SSH session: %d\n", rc);
return -1;
}
/* At this point we havn't yet authenticated. The first thing to do
* is check the hostkey's fingerprint against our known hosts Your app
* may have it hard coded, may go to a file, may present it to the
* user, that's your call
*/
fingerprint = libssh2_hostkey_hash(session, LIBSSH2_HOSTKEY_HASH_SHA1);
fprintf(stderr, "Fingerprint: ");
for(i = 0; i < 20; i++)
fprintf(stderr, "%02X ", (unsigned char)fingerprint[i]);
fprintf(stderr, "\n");
/* check what authentication methods are available */
userauthlist = libssh2_userauth_list(session, username, strlen(username));
fprintf(stderr, "Authentication methods: %s\n", userauthlist);
if(strstr(userauthlist, "password"))
auth |= AUTH_PASSWORD;
if(strstr(userauthlist, "publickey"))
auth |= AUTH_PUBLICKEY;
/* check for options */
if(argc > 8) {
if((auth & AUTH_PASSWORD) && !strcasecmp(argv[8], "-p"))
auth = AUTH_PASSWORD;
if((auth & AUTH_PUBLICKEY) && !strcasecmp(argv[8], "-k"))
auth = AUTH_PUBLICKEY;
}
if(auth & AUTH_PASSWORD) {
if(libssh2_userauth_password(session, username, password)) {
fprintf(stderr, "Authentication by password failed.\n");
goto shutdown;
}
}
else if(auth & AUTH_PUBLICKEY) {
if(libssh2_userauth_publickey_fromfile(session, username, keyfile1,
keyfile2, password)) {
fprintf(stderr, "\tAuthentication by public key failed!\n");
goto shutdown;
}
fprintf(stderr, "\tAuthentication by public key succeeded.\n");
}
else {
fprintf(stderr, "No supported authentication methods found!\n");
goto shutdown;
}
fprintf(stderr, "Asking server to listen on remote %s:%d\n",
remote_listenhost, remote_wantport);
listener = libssh2_channel_forward_listen_ex(session, remote_listenhost,
remote_wantport, &remote_listenport, 1);
if(!listener) {
fprintf(stderr, "Could not start the tcpip-forward listener!\n"
"(Note that this can be a problem at the server!"
" Please review the server logs.)\n");
goto shutdown;
}
fprintf(stderr, "Server is listening on %s:%d\n", remote_listenhost,
remote_listenport);
fprintf(stderr, "Waiting for remote connection\n");
channel = libssh2_channel_forward_accept(listener);
if(!channel) {
fprintf(stderr, "Could not accept connection!\n"
"(Note that this can be a problem at the server!"
" Please review the server logs.)\n");
goto shutdown;
}
fprintf(stderr,
"Accepted remote connection. Connecting to local server %s:%d\n",
local_destip, local_destport);
forwardsock = socket(PF_INET, SOCK_STREAM, IPPROTO_TCP);
if(forwardsock == LIBSSH2_INVALID_SOCKET) {
#ifdef WIN32
fprintf(stderr, "failed to open forward socket!\n");
#else
perror("socket");
#endif
goto shutdown;
}
sin.sin_family = AF_INET;
sin.sin_port = htons((unsigned short)local_destport);
sin.sin_addr.s_addr = inet_addr(local_destip);
if(INADDR_NONE == sin.sin_addr.s_addr) {
perror("inet_addr");
goto shutdown;
}
if(-1 == connect(forwardsock, (struct sockaddr *)&sin, sinlen)) {
perror("connect");
goto shutdown;
}
fprintf(stderr, "Forwarding connection from remote %s:%d to local %s:%d\n",
remote_listenhost, remote_listenport, local_destip, local_destport);
/* Must use non-blocking IO hereafter due to the current libssh2 API */
libssh2_session_set_blocking(session, 0);
while(1) {
FD_ZERO(&fds);
FD_SET(forwardsock, &fds);
tv.tv_sec = 0;
tv.tv_usec = 100000;
rc = select(forwardsock + 1, &fds, NULL, NULL, &tv);
if(-1 == rc) {
perror("select");
goto shutdown;
}
if(rc && FD_ISSET(forwardsock, &fds)) {
len = recv(forwardsock, buf, sizeof(buf), 0);
if(len < 0) {
perror("read");
goto shutdown;
}
else if(0 == len) {
fprintf(stderr, "The local server at %s:%d disconnected!\n",
local_destip, local_destport);
goto shutdown;
}
wr = 0;
do {
i = libssh2_channel_write(channel, buf, len);
if(i < 0) {
fprintf(stderr, "libssh2_channel_write: %d\n", i);
goto shutdown;
}
wr += i;
} while(i > 0 && wr < len);
}
while(1) {
len = libssh2_channel_read(channel, buf, sizeof(buf));
if(LIBSSH2_ERROR_EAGAIN == len)
break;
else if(len < 0) {
fprintf(stderr, "libssh2_channel_read: %d", (int)len);
goto shutdown;
}
wr = 0;
while(wr < len) {
i = send(forwardsock, buf + wr, len - wr, 0);
if(i <= 0) {
perror("write");
goto shutdown;
}
wr += i;
}
if(libssh2_channel_eof(channel)) {
fprintf(stderr, "The remote client at %s:%d disconnected!\n",
remote_listenhost, remote_listenport);
goto shutdown;
}
}
}
shutdown:
#ifdef WIN32
closesocket(forwardsock);
#else
close(forwardsock);
#endif
if(channel)
libssh2_channel_free(channel);
if(listener)
libssh2_channel_forward_cancel(listener);
libssh2_session_disconnect(session, "Client disconnecting normally");
libssh2_session_free(session);
#ifdef WIN32
closesocket(sock);
#else
close(sock);
#endif
libssh2_exit();
return 0;
}
View Git Blame Copy Permalink