[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Global Request for tcpip reverse forward


Hi Martin,


First, your port requested in the global request (2000, the bind_port in the reply was ignored since the port you requested was not 0) is inconsistent with the port you asked in the ssh_channel_open_reverse_forward() (8080)


You should at least receive a tcpip-forward channel open request from server on the client in ssh_channel_accept_forward but your logs doesn't show it.

I would advice to use a event object with callback also on client side and use a callback instead of ssh_channel_accept_forward.


Beware that your server tcpip-forward channel is bind to nothing, so even if the open request is successful, there won't be any data transfering.

The regular way is to start to bind and listen a socket on a local port when receiving the global request on server and then opening the channel when something connects to the socket.


Regards,


Meng

________________________________
De : Martín Fernández <fmartin91@xxxxxxxxx>
Envoyé : jeudi 29 mars 2018 18:45:49
À : Meng Hourk Tan; libssh@xxxxxxxxxx
Objet : RE: Global Request for tcpip reverse forward


Meng,

Thank you very much for your response!

Actually, I have tried that before. After sending the global response, calling `ssh_channel_open_reverse_forward`. Problem is that after calling the function, client and server get blocked. I’m sending a snippet of what I changed. Also, just for providing more information, this is the log from the server and client.


Server:
[2018/03/29 13:41:32.810991, 2] ssh_packet_global_request:  Calling callback for SSH_MSG_GLOBAL_REQUEST tcpip-forward 1 0.0.0.0:2000
[2018/03/29 13:41:32.811025, 3] ssh_socket_unbuffered_write:  Enabling POLLOUT for socket
[2018/03/29 13:41:32.811036, 3] packet_send2:  packet: wrote [len=12,padding=10,comp=1,payload=1]
[2018/03/29 13:41:32.811077, 2] channel_open:  Creating a channel 43 with 64000 window and 32768 max packet
[2018/03/29 13:41:32.811104, 3] packet_send2:  packet: wrote [len=76,padding=9,comp=66,payload=66]
[2018/03/29 13:41:32.811114, 3] channel_open:  Sent a SSH_MSG_CHANNEL_OPEN type forwarded-tcpip for channel 43

Client:
[2018/03/29 13:41:32.810891, 3] global_request:  Sent a SSH_MSG_GLOBAL_REQUEST tcpip-forward
[2018/03/29 13:41:32.811106, 3] ssh_packet_socket_callback:  packet: read type 81 [len=12,padding=10,comp=1,payload=1]
[2018/03/29 13:41:32.811121, 3] ssh_packet_process:  Dispatching handler for packet type 81
[2018/03/29 13:41:32.811130, 3] ssh_request_success:  Received SSH_REQUEST_SUCCESS
[2018/03/29 13:41:32.811139, 2] global_request:  Global request tcpip-forward success


/**
* @brief Global request callback
*
* @param session
* @param message
* @param userdata
*/
static void handle_global_request(ssh_session session, ssh_message message, void *userdata) {
ssh_message_global_request_reply_success(message, 8080);

ssh_channel channel = ssh_channel_new(session);
int result = ssh_channel_open_reverse_forward(channel, "localhost", 8080, "localhost", 8080);

printf("RESULT %d\n", result);
}

Thanks before hand!

Martín

On Thu, Mar 29, 2018 at 7:22 AM Meng Hourk Tan <Meng Hourk Tan <mailto:Meng%20Hourk%20Tan%20<mtan@xxxxxxxxxx>> > wrote:

Hi Martin,


I think your code lacks one step on server side:

After the Server handles the request using callback global_request_function and responds with ssh_message_global_request_reply_success,

You need to create a new channel and call ssh_channel_open_reverse_forward() on this channel.

Then the client will receive the opening request of the reverse port forwarding channel.

Hope it helps,

Regards,


Meng

________________________________
De : Martín Fernández <fmartin91@xxxxxxxxx>
Envoyé : lundi 26 mars 2018 08:20:23
À : libssh@xxxxxxxxxx
Objet : Global Request for tcpip reverse forward


Hello!

This is my first time writing in the mailing list, I’m really new to libssh.

I’m trying to get a server and client implementation for reverse port forwarding.

My understanding it that client requests the server for reverse port forwarding in a given port, server handles the petition and is responsible for managing the socket and redirecting data from socket to ssh channel. Client is responsible for reading ssh channel and sending data to the local server.

I have successfully managed to get authentication between client and server work correctly.

The part I’m probably missing something is on how to handle the global request from client and how to pull for data in the client.

Basic pseudo code that I’m doing.

- Client send global request to server using `ssh_channel_listen_forward`.
- Server handles the request using callback global_request_function and responds with ssh_message_global_request_reply_success
- Client calls ssh_channel_accept_forward to get a new channel

My problem is that `ssh_channel_accept_forward` never returns. I’m not sure If I’m missing something on the server side to initiate the channel. I know that I then need to redirect data between socket and channel but first I think I need to get a valid channel for forwarding right ?

My complete code can be found here: https://gist.github.com/bilby91/22d5cc5db0e6118f06d6d35051c32cc6

Thanks before hand!

Martín


Follow-Ups:
RE: Global Request for tcpip reverse forwardMartín Fernández <fmartin91@xxxxxxxxx>
References:
RE: Global Request for tcpip reverse forwardMeng Hourk Tan <mtan@xxxxxxxxxx>
RE: Global Request for tcpip reverse forwardMartín Fernández <fmartin91@xxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org