diff options
| author |   djm <djm@openbsd.org> | 2017-10-23 05:08:00 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2017-10-23 05:08:00 +0000 |
| commit | 39a288ec9abdad08cdca4429df9f9771a04419dd (patch) | |
| tree | 7cdcf9ef4307992f96f7c1aa88e29de232013596 /usr.bin/ssh/serverloop.c | |
| parent | remove mention of unused MACOBIOVERBOSE and NBUF options (diff) | |
| download | wireguard-openbsd-39a288ec9abdad08cdca4429df9f9771a04419dd.tar.xz wireguard-openbsd-39a288ec9abdad08cdca4429df9f9771a04419dd.zip | |
Expose devices allocated for tun/tap forwarding.
At the client, the device may be obtained from a new %T expansion
for LocalCommand.
At the server, the allocated devices will be listed in a
SSH_TUNNEL variable exposed to the environment of any user sessions
started after the tunnel forwarding was established.
ok markus
Diffstat (limited to 'usr.bin/ssh/serverloop.c')
| -rw-r--r-- | usr.bin/ssh/serverloop.c | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/usr.bin/ssh/serverloop.c b/usr.bin/ssh/serverloop.c index aeb39328c4d..955656ec81e 100644 --- a/usr.bin/ssh/serverloop.c +++ b/usr.bin/ssh/serverloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: serverloop.c,v 1.198 2017/09/12 06:35:32 djm Exp $ */ +/* $OpenBSD: serverloop.c,v 1.199 2017/10/23 05:08:00 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -95,6 +95,9 @@ static volatile sig_atomic_t received_sigterm = 0; /* prototypes */ static void server_init_dispatch(void); +/* requested tunnel forwarding interface(s), shared with session.c */ +char *tun_fwd_ifnames = NULL; + /* * we write to this pipe if a SIGCHLD is caught in order to avoid * the race between select() and child_terminated @@ -512,6 +515,7 @@ server_request_tun(struct ssh *ssh) Channel *c = NULL; int mode, tun; int sock; + char *tmp, *ifname = NULL; mode = packet_get_int(); switch (mode) { @@ -534,13 +538,28 @@ server_request_tun(struct ssh *ssh) goto done; tun = forced_tun_device; } - sock = tun_open(tun, mode); + sock = tun_open(tun, mode, &ifname); if (sock < 0) goto done; + debug("Tunnel forwarding using interface %s", ifname); + c = channel_new(ssh, "tun", SSH_CHANNEL_OPEN, sock, sock, -1, CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); c->datagram = 1; + /* + * Update the list of names exposed to the session + * XXX remove these if the tunnels are closed (won't matter + * much if they are already in the environment though) + */ + tmp = tun_fwd_ifnames; + xasprintf(&tun_fwd_ifnames, "%s%s%s", + tun_fwd_ifnames == NULL ? "" : tun_fwd_ifnames, + tun_fwd_ifnames == NULL ? "" : ",", + ifname); + free(tmp); + free(ifname); + done: if (c == NULL) packet_send_debug("Failed to open the tunnel device."); |