[readconf.c readconf.h ssh.1 ssh.c sshconnect.c]
     implement 'ssh -b bind_address' like 'telnet -b'
This commit is contained in:
Ben Lindstrom 2001-04-30 13:06:24 +00:00
parent 8a188a8027
commit e0f8804194
6 changed files with 71 additions and 19 deletions

View File

@ -1,3 +1,9 @@
20010501
- OpenBSD CVS Sync
- markus@cvs.openbsd.org 2001/04/30 11:18:52
[readconf.c readconf.h ssh.1 ssh.c sshconnect.c]
implement 'ssh -b bind_address' like 'telnet -b'
20010430 20010430
- OpenBSD CVS Sync - OpenBSD CVS Sync
- markus@cvs.openbsd.org 2001/04/29 18:32:52 - markus@cvs.openbsd.org 2001/04/29 18:32:52
@ -5282,4 +5288,4 @@
- Wrote replacements for strlcpy and mkdtemp - Wrote replacements for strlcpy and mkdtemp
- Released 1.0pre1 - Released 1.0pre1
$Id: ChangeLog,v 1.1184 2001/04/30 03:55:37 djm Exp $ $Id: ChangeLog,v 1.1185 2001/04/30 13:06:24 mouring Exp $

View File

@ -12,7 +12,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: readconf.c,v 1.76 2001/04/17 10:53:25 markus Exp $"); RCSID("$OpenBSD: readconf.c,v 1.77 2001/04/30 11:18:51 markus Exp $");
#include "ssh.h" #include "ssh.h"
#include "xmalloc.h" #include "xmalloc.h"
@ -111,7 +111,7 @@ typedef enum {
oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication, oGlobalKnownHostsFile2, oUserKnownHostsFile2, oPubkeyAuthentication,
oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias, oKbdInteractiveAuthentication, oKbdInteractiveDevices, oHostKeyAlias,
oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication, oDynamicForward, oPreferredAuthentications, oHostbasedAuthentication,
oHostKeyAlgorithms oHostKeyAlgorithms, oBindAddress
} OpCodes; } OpCodes;
/* Textual representations of the tokens. */ /* Textual representations of the tokens. */
@ -177,6 +177,7 @@ static struct {
{ "dynamicforward", oDynamicForward }, { "dynamicforward", oDynamicForward },
{ "preferredauthentications", oPreferredAuthentications }, { "preferredauthentications", oPreferredAuthentications },
{ "hostkeyalgorithms", oHostKeyAlgorithms }, { "hostkeyalgorithms", oHostKeyAlgorithms },
{ "bindaddress", oBindAddress },
{ NULL, 0 } { NULL, 0 }
}; };
@ -459,6 +460,10 @@ parse_string:
charptr = &options->preferred_authentications; charptr = &options->preferred_authentications;
goto parse_string; goto parse_string;
case oBindAddress:
charptr = &options->bind_address;
goto parse_string;
case oProxyCommand: case oProxyCommand:
charptr = &options->proxy_command; charptr = &options->proxy_command;
string = xstrdup(""); string = xstrdup("");
@ -761,6 +766,7 @@ initialize_options(Options * options)
options->num_remote_forwards = 0; options->num_remote_forwards = 0;
options->log_level = (LogLevel) - 1; options->log_level = (LogLevel) - 1;
options->preferred_authentications = NULL; options->preferred_authentications = NULL;
options->bind_address = NULL;
} }
/* /*

View File

@ -11,7 +11,7 @@
* called by a name other than "ssh" or "Secure Shell". * called by a name other than "ssh" or "Secure Shell".
*/ */
/* RCSID("$OpenBSD: readconf.h,v 1.30 2001/04/17 10:53:25 markus Exp $"); */ /* RCSID("$OpenBSD: readconf.h,v 1.31 2001/04/30 11:18:52 markus Exp $"); */
#ifndef READCONF_H #ifndef READCONF_H
#define READCONF_H #define READCONF_H
@ -85,6 +85,7 @@ typedef struct {
char *system_hostfile2; char *system_hostfile2;
char *user_hostfile2; char *user_hostfile2;
char *preferred_authentications; char *preferred_authentications;
char *bind_address; /* local socket address for connection to sshd */
int num_identity_files; /* Number of files for RSA/DSA identities. */ int num_identity_files; /* Number of files for RSA/DSA identities. */
char *identity_files[SSH_MAX_IDENTITY_FILES]; char *identity_files[SSH_MAX_IDENTITY_FILES];

13
ssh.1
View File

@ -34,7 +34,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\" .\"
.\" $OpenBSD: ssh.1,v 1.107 2001/04/22 23:58:36 markus Exp $ .\" $OpenBSD: ssh.1,v 1.108 2001/04/30 11:18:52 markus Exp $
.Dd September 25, 1999 .Dd September 25, 1999
.Dt SSH 1 .Dt SSH 1
.Os .Os
@ -49,6 +49,7 @@
.Pp .Pp
.Nm ssh .Nm ssh
.Op Fl afgknqstvxACNPTX1246 .Op Fl afgknqstvxACNPTX1246
.Op Fl b Ar bind_address
.Op Fl c Ar cipher_spec .Op Fl c Ar cipher_spec
.Op Fl e Ar escape_char .Op Fl e Ar escape_char
.Op Fl i Ar identity_file .Op Fl i Ar identity_file
@ -383,6 +384,9 @@ Disables forwarding of the authentication agent connection.
.It Fl A .It Fl A
Enables forwarding of the authentication agent connection. Enables forwarding of the authentication agent connection.
This can also be specified on a per-host basis in a configuration file. This can also be specified on a per-host basis in a configuration file.
.It Fl b Ar bind_address
Specify the interface to transmit from on machines with multiple
interfaces or aliased addresses.
.It Fl c Ar blowfish|3des .It Fl c Ar blowfish|3des
Selects the cipher to use for encrypting the session. Selects the cipher to use for encrypting the session.
.Ar 3des .Ar 3des
@ -667,6 +671,13 @@ or
.Dq no . .Dq no .
The default is The default is
.Dq no . .Dq no .
.It Cm BindAddress
Specify the interface to transmit from on machines with multiple
interfaces or aliased addresses.
Note that this option does not work if
.Cm UsePrivilegedPort
is set to
.Dq yes .
.It Cm CheckHostIP .It Cm CheckHostIP
If this flag is set to If this flag is set to
.Dq yes , .Dq yes ,

8
ssh.c
View File

@ -39,7 +39,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: ssh.c,v 1.116 2001/04/17 12:55:04 markus Exp $"); RCSID("$OpenBSD: ssh.c,v 1.117 2001/04/30 11:18:52 markus Exp $");
#include <openssl/evp.h> #include <openssl/evp.h>
#include <openssl/err.h> #include <openssl/err.h>
@ -191,6 +191,7 @@ usage(void)
fprintf(stderr, " -6 Use IPv6 only.\n"); fprintf(stderr, " -6 Use IPv6 only.\n");
fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n"); fprintf(stderr, " -o 'option' Process the option as if it was read from a configuration file.\n");
fprintf(stderr, " -s Invoke command (mandatory) as SSH2 subsystem.\n"); fprintf(stderr, " -s Invoke command (mandatory) as SSH2 subsystem.\n");
fprintf(stderr, " -b Local IP address.\n");
exit(1); exit(1);
} }
@ -318,7 +319,7 @@ main(int ac, char **av)
opt = av[optind][1]; opt = av[optind][1];
if (!opt) if (!opt)
usage(); usage();
if (strchr("eilcmpLRDo", opt)) { /* options with arguments */ if (strchr("eilcmpbLRDo", opt)) { /* options with arguments */
optarg = av[optind] + 2; optarg = av[optind] + 2;
if (strcmp(optarg, "") == 0) { if (strcmp(optarg, "") == 0) {
if (optind >= ac - 1) if (optind >= ac - 1)
@ -517,6 +518,9 @@ main(int ac, char **av)
case 's': case 's':
subsystem_flag = 1; subsystem_flag = 1;
break; break;
case 'b':
options.bind_address = optarg;
break;
default: default:
usage(); usage();
} }

View File

@ -13,7 +13,7 @@
*/ */
#include "includes.h" #include "includes.h"
RCSID("$OpenBSD: sshconnect.c,v 1.104 2001/04/12 19:15:25 markus Exp $"); RCSID("$OpenBSD: sshconnect.c,v 1.105 2001/04/30 11:18:52 markus Exp $");
#include <openssl/bn.h> #include <openssl/bn.h>
@ -147,7 +147,8 @@ ssh_proxy_connect(const char *host, u_short port, struct passwd *pw,
int int
ssh_create_socket(struct passwd *pw, int privileged, int family) ssh_create_socket(struct passwd *pw, int privileged, int family)
{ {
int sock; int sock, gaierr;
struct addrinfo hints, *res;
/* /*
* If we are running as root and want to connect to a privileged * If we are running as root and want to connect to a privileged
@ -160,17 +161,40 @@ ssh_create_socket(struct passwd *pw, int privileged, int family)
error("rresvport: af=%d %.100s", family, strerror(errno)); error("rresvport: af=%d %.100s", family, strerror(errno));
else else
debug("Allocated local port %d.", p); debug("Allocated local port %d.", p);
} else { return sock;
/*
* Just create an ordinary socket on arbitrary port. We use
* the user's uid to create the socket.
*/
temporarily_use_uid(pw);
sock = socket(family, SOCK_STREAM, 0);
if (sock < 0)
error("socket: %.100s", strerror(errno));
restore_uid();
} }
/*
* Just create an ordinary socket on arbitrary port. We use
* the user's uid to create the socket.
*/
temporarily_use_uid(pw);
sock = socket(family, SOCK_STREAM, 0);
if (sock < 0)
error("socket: %.100s", strerror(errno));
restore_uid();
/* Bind the socket to an alternative local IP address */
if (options.bind_address == NULL)
return sock;
memset(&hints, 0, sizeof(hints));
hints.ai_family = IPv4or6;
hints.ai_socktype = SOCK_STREAM;
hints.ai_flags = AI_PASSIVE;
gaierr = getaddrinfo(options.bind_address, "0", &hints, &res);
if (gaierr) {
error("getaddrinfo: %s: %s", options.bind_address,
gai_strerror(gaierr));
close(sock);
return -1;
}
if (bind(sock, res->ai_addr, res->ai_addrlen) < 0) {
error("bind: %s: %s", options.bind_address, strerror(errno));
close(sock);
freeaddrinfo(res);
return -1;
}
freeaddrinfo(res);
return sock; return sock;
} }