- millert@cvs.openbsd.org 2014/07/15 15:54:15
[forwarding.sh multiplex.sh] Add support for Unix domain socket forwarding. A remote TCP port may be forwarded to a local Unix domain socket and vice versa or both ends may be a Unix domain socket. This is a reimplementation of the streamlocal patches by William Ahern from: http://www.25thandclement.com/~william/projects/streamlocal.html OK djm@ markus@
This commit is contained in:
parent
93a87ab27e
commit
0e4e95566c
11
ChangeLog
11
ChangeLog
|
@ -1,3 +1,14 @@
|
||||||
|
20140721
|
||||||
|
- OpenBSD CVS Sync
|
||||||
|
- millert@cvs.openbsd.org 2014/07/15 15:54:15
|
||||||
|
[forwarding.sh multiplex.sh]
|
||||||
|
Add support for Unix domain socket forwarding. A remote TCP port
|
||||||
|
may be forwarded to a local Unix domain socket and vice versa or
|
||||||
|
both ends may be a Unix domain socket. This is a reimplementation
|
||||||
|
of the streamlocal patches by William Ahern from:
|
||||||
|
http://www.25thandclement.com/~william/projects/streamlocal.html
|
||||||
|
OK djm@ markus@
|
||||||
|
|
||||||
20140721
|
20140721
|
||||||
- (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits
|
- (dtucker) [cipher.c openbsd-compat/openssl-compat.h] Restore the bits
|
||||||
needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm
|
needed to build AES CTR mode against OpenSSL 0.9.8f and above. ok djm
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# $OpenBSD: forwarding.sh,v 1.11 2013/06/10 21:56:43 dtucker Exp $
|
# $OpenBSD: forwarding.sh,v 1.12 2014/07/15 15:54:15 millert Exp $
|
||||||
# Placed in the Public Domain.
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
tid="local and remote forwarding"
|
tid="local and remote forwarding"
|
||||||
|
@ -28,7 +28,7 @@ for p in 1 2; do
|
||||||
trace "transfer over forwarded channels and check result"
|
trace "transfer over forwarded channels and check result"
|
||||||
${SSH} -$q -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=4' \
|
${SSH} -$q -F $OBJ/ssh_config -p$last -o 'ConnectionAttempts=4' \
|
||||||
somehost cat ${DATA} > ${COPY}
|
somehost cat ${DATA} > ${COPY}
|
||||||
test -f ${COPY} || fail "failed copy of ${DATA}"
|
test -s ${COPY} || fail "failed copy of ${DATA}"
|
||||||
cmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}"
|
cmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}"
|
||||||
|
|
||||||
sleep 10
|
sleep 10
|
||||||
|
@ -114,8 +114,24 @@ for p in 1 2; do
|
||||||
trace "config file: transfer over forwarded channels and check result"
|
trace "config file: transfer over forwarded channels and check result"
|
||||||
${SSH} -F $OBJ/ssh_config -p${base}02 -o 'ConnectionAttempts=4' \
|
${SSH} -F $OBJ/ssh_config -p${base}02 -o 'ConnectionAttempts=4' \
|
||||||
somehost cat ${DATA} > ${COPY}
|
somehost cat ${DATA} > ${COPY}
|
||||||
test -f ${COPY} || fail "failed copy of ${DATA}"
|
test -s ${COPY} || fail "failed copy of ${DATA}"
|
||||||
cmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}"
|
cmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}"
|
||||||
|
|
||||||
wait
|
wait
|
||||||
done
|
done
|
||||||
|
|
||||||
|
for p in 2; do
|
||||||
|
trace "transfer over chained unix domain socket forwards and check result"
|
||||||
|
rm -f $OBJ/unix-[123].fwd
|
||||||
|
${SSH} -f -F $OBJ/ssh_config -R${base}01:[$OBJ/unix-1.fwd] somehost sleep 10
|
||||||
|
${SSH} -f -F $OBJ/ssh_config -L[$OBJ/unix-1.fwd]:[$OBJ/unix-2.fwd] somehost sleep 10
|
||||||
|
${SSH} -f -F $OBJ/ssh_config -R[$OBJ/unix-2.fwd]:[$OBJ/unix-3.fwd] somehost sleep 10
|
||||||
|
${SSH} -f -F $OBJ/ssh_config -L[$OBJ/unix-3.fwd]:127.0.0.1:$PORT somehost sleep 10
|
||||||
|
${SSH} -F $OBJ/ssh_config -p${base}01 -o 'ConnectionAttempts=4' \
|
||||||
|
somehost cat ${DATA} > ${COPY}
|
||||||
|
test -s ${COPY} || fail "failed copy ${DATA}"
|
||||||
|
cmp ${DATA} ${COPY} || fail "corrupted copy of ${DATA}"
|
||||||
|
|
||||||
|
#wait
|
||||||
|
sleep 10
|
||||||
|
done
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# $OpenBSD: multiplex.sh,v 1.23 2014/07/07 08:15:26 djm Exp $
|
# $OpenBSD: multiplex.sh,v 1.24 2014/07/15 15:54:15 millert Exp $
|
||||||
# Placed in the Public Domain.
|
# Placed in the Public Domain.
|
||||||
|
|
||||||
CTL=/tmp/openssh.regress.ctl-sock.$$
|
CTL=/tmp/openssh.regress.ctl-sock.$$
|
||||||
|
@ -72,6 +72,25 @@ test -f ${COPY} || fail "scp: failed copy ${DATA}"
|
||||||
cmp ${DATA} ${COPY} || fail "scp: corrupted copy of ${DATA}"
|
cmp ${DATA} ${COPY} || fail "scp: corrupted copy of ${DATA}"
|
||||||
|
|
||||||
rm -f ${COPY}
|
rm -f ${COPY}
|
||||||
|
verbose "test $tid: forward"
|
||||||
|
trace "forward over TCP/IP and check result"
|
||||||
|
nc -N -l 127.0.0.1 $((${PORT} + 1)) < ${DATA} &
|
||||||
|
netcat_pid=$!
|
||||||
|
${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -L127.0.0.1:$((${PORT} + 2)):127.0.0.1:$((${PORT} + 1)) otherhost >>$TEST_SSH_LOGFILE 2>&1
|
||||||
|
nc 127.0.0.1 $((${PORT} + 2)) > ${COPY}
|
||||||
|
cmp ${DATA} ${COPY} || fail "ssh: corrupted copy of ${DATA}"
|
||||||
|
kill $netcat_pid 2>/dev/null
|
||||||
|
rm -f ${COPY} $OBJ/unix-[123].fwd
|
||||||
|
|
||||||
|
trace "forward over UNIX and check result"
|
||||||
|
nc -N -Ul $OBJ/unix-1.fwd < ${DATA} &
|
||||||
|
netcat_pid=$!
|
||||||
|
${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -L$OBJ/unix-2.fwd:$OBJ/unix-1.fwd otherhost >>$TEST_SSH_LOGFILE 2>&1
|
||||||
|
${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -R$OBJ/unix-3.fwd:$OBJ/unix-2.fwd otherhost >>$TEST_SSH_LOGFILE 2>&1
|
||||||
|
nc -U $OBJ/unix-3.fwd > ${COPY}
|
||||||
|
cmp ${DATA} ${COPY} || fail "ssh: corrupted copy of ${DATA}"
|
||||||
|
kill $netcat_pid 2>/dev/null
|
||||||
|
rm -f ${COPY} $OBJ/unix-[123].fwd
|
||||||
|
|
||||||
for s in 0 1 4 5 44; do
|
for s in 0 1 4 5 44; do
|
||||||
trace "exit status $s over multiplexed connection"
|
trace "exit status $s over multiplexed connection"
|
||||||
|
@ -96,7 +115,7 @@ verbose "test $tid: cmd check"
|
||||||
${SSH} -F $OBJ/ssh_config -S $CTL -Ocheck otherhost >>$TEST_REGRESS_LOGFILE 2>&1 \
|
${SSH} -F $OBJ/ssh_config -S $CTL -Ocheck otherhost >>$TEST_REGRESS_LOGFILE 2>&1 \
|
||||||
|| fail "check command failed"
|
|| fail "check command failed"
|
||||||
|
|
||||||
verbose "test $tid: cmd forward local"
|
verbose "test $tid: cmd forward local (TCP)"
|
||||||
${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -L $P:localhost:$PORT otherhost \
|
${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -L $P:localhost:$PORT otherhost \
|
||||||
|| fail "request local forward failed"
|
|| fail "request local forward failed"
|
||||||
${SSH} -F $OBJ/ssh_config -p$P otherhost true \
|
${SSH} -F $OBJ/ssh_config -p$P otherhost true \
|
||||||
|
@ -106,7 +125,7 @@ ${SSH} -F $OBJ/ssh_config -S $CTL -Ocancel -L $P:localhost:$PORT otherhost \
|
||||||
${SSH} -F $OBJ/ssh_config -p$P otherhost true \
|
${SSH} -F $OBJ/ssh_config -p$P otherhost true \
|
||||||
&& fail "local forward port still listening"
|
&& fail "local forward port still listening"
|
||||||
|
|
||||||
verbose "test $tid: cmd forward remote"
|
verbose "test $tid: cmd forward remote (TCP)"
|
||||||
${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -R $P:localhost:$PORT otherhost \
|
${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -R $P:localhost:$PORT otherhost \
|
||||||
|| fail "request remote forward failed"
|
|| fail "request remote forward failed"
|
||||||
${SSH} -F $OBJ/ssh_config -p$P otherhost true \
|
${SSH} -F $OBJ/ssh_config -p$P otherhost true \
|
||||||
|
@ -116,6 +135,28 @@ ${SSH} -F $OBJ/ssh_config -S $CTL -Ocancel -R $P:localhost:$PORT otherhost \
|
||||||
${SSH} -F $OBJ/ssh_config -p$P otherhost true \
|
${SSH} -F $OBJ/ssh_config -p$P otherhost true \
|
||||||
&& fail "remote forward port still listening"
|
&& fail "remote forward port still listening"
|
||||||
|
|
||||||
|
verbose "test $tid: cmd forward local (UNIX)"
|
||||||
|
${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -L $OBJ/unix-1.fwd:localhost:$PORT otherhost \
|
||||||
|
|| fail "request local forward failed"
|
||||||
|
echo "" | nc -U $OBJ/unix-1.fwd | grep "Protocol mismatch" >/dev/null 2>&1 \
|
||||||
|
|| fail "connect to local forward path failed"
|
||||||
|
${SSH} -F $OBJ/ssh_config -S $CTL -Ocancel -L $OBJ/unix-1.fwd:localhost:$PORT otherhost \
|
||||||
|
|| fail "cancel local forward failed"
|
||||||
|
N=$(echo "" | nc -U $OBJ/unix-1.fwd 2>&1 | wc -l)
|
||||||
|
test ${N} -eq 0 || fail "local forward path still listening"
|
||||||
|
rm -f $OBJ/unix-1.fwd
|
||||||
|
|
||||||
|
verbose "test $tid: cmd forward remote (UNIX)"
|
||||||
|
${SSH} -F $OBJ/ssh_config -S $CTL -Oforward -R $OBJ/unix-1.fwd:localhost:$PORT otherhost \
|
||||||
|
|| fail "request remote forward failed"
|
||||||
|
echo "" | nc -U $OBJ/unix-1.fwd | grep "Protocol mismatch" >/dev/null 2>&1 \
|
||||||
|
|| fail "connect to remote forwarded path failed"
|
||||||
|
${SSH} -F $OBJ/ssh_config -S $CTL -Ocancel -R $OBJ/unix-1.fwd:localhost:$PORT otherhost \
|
||||||
|
|| fail "cancel remote forward failed"
|
||||||
|
N=$(echo "" | nc -U $OBJ/unix-1.fwd 2>&1 | wc -l)
|
||||||
|
test ${N} -eq 0 || fail "remote forward path still listening"
|
||||||
|
rm -f $OBJ/unix-1.fwd
|
||||||
|
|
||||||
verbose "test $tid: cmd exit"
|
verbose "test $tid: cmd exit"
|
||||||
${SSH} -F $OBJ/ssh_config -S $CTL -Oexit otherhost >>$TEST_REGRESS_LOGFILE 2>&1 \
|
${SSH} -F $OBJ/ssh_config -S $CTL -Oexit otherhost >>$TEST_REGRESS_LOGFILE 2>&1 \
|
||||||
|| fail "send exit command failed"
|
|| fail "send exit command failed"
|
||||||
|
|
Loading…
Reference in New Issue