[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Global Request for tcpip reverse forward


Meng,

Thanks again for the reply, seriously!

So, I have to admit that I get really confused with the semantics of remote_port between client and server. I know that in my example code the ports are probably wrong. Client is requesting port 2000 that is being used by my ssh server. When server receives request for port 2000 it just ignores it and replies with “I will use port 8080”. Then the reverse channel is opened on port 8080. I’m not sure what are the semantics of this port when calling open_reverse really.

I added an event loop that same way I have on my server but in the client. Every time the poll returns a status is -2 (SSH_AGAIN) so I don’t understand why the client is not logging the `SSH_MSG_CHANNEL_OPEN` message from server. Maybe the open_reverse ports have something to do with this ? Not sure really.

Regarding the socket and binding, yes, I understand what you are saying. I’m completely responsible for opening socket and forwarding data when connection arrives. I first want to get the other part working. It should be possible to open the channel on the server and send information to the client simulating that a connection arrived in the server. That is what I’m trying to achieve first!

Thanks a lot for all the help! 

Martín

On Fri, Mar 30, 2018 at 7:06 AM Meng Hourk Tan < Meng Hourk Tan ( Meng Hourk Tan <mtan@xxxxxxxxxx> ) > wrote:

> 
> 
> 
> Hi Martin,
> 
> 
> 
> 
> 
> 
> 
> 
> 
> First, your port requested in the global request (2000, the bind_port in
> the reply was ignored since the port you requested was not 0) is
> inconsistent with the port you asked in the ssh_channel_open_reverse_forward
> () (8080)
> 
> 
> 
> 
> 
> 
> 
> 
> You should at least receive a tcpip-forward channel open request from
> server on the client in ssh_channel_accept_forward but your logs doesn't
> show it.
> 
> 
> 
> I would advice to use a event object with callback also on client side and
> use a callback instead of ssh_channel_accept_forward.
> 
> 
> 
> 
> 
> 
> 
> 
> Beware that your server tcpip-forward channel is bind to nothing, so even
> if the open request is successful, there won't be any data transfering.
> 
> The regular way is to start to bind and listen a socket on a local port
> when receiving the global request on server and then opening the channel
> when something connects to the socket.
> 
> 
> 
> Regards,
> 
> 
> 
> 
> 
> 
> 
> 
> Meng
> 
> 
> 
> *De :* Martín Fernández <fmartin91@xxxxxxxxx>
> *Envoyé :* jeudi 29 mars 2018 18:45:49
> *À :* Meng Hourk Tan; libssh@xxxxxxxxxx
> *Objet :* RE: Global Request for tcpip reverse forward
>  
> 
> Meng,
> 
> 
> Thank you very much for your response!
> 
> 
> Actually, I have tried that before. After sending the global response,
> calling `ssh_channel_open_reverse_forward`. Problem is that after calling
> the function, client and server get blocked. I’m sending a snippet of what
> I changed. Also, just for providing more information, this is the log from
> the server and client.
> 
> 
> 
> 
> Server:
> [2018/03/29 13:41:32.810991, 2] ssh_packet_global_request:  Calling
> callback for SSH_MSG_GLOBAL_REQUEST tcpip-forward 1 0.0.0.0:2000
> [2018/03/29 13:41:32.811025, 3] ssh_socket_unbuffered_write:  Enabling
> POLLOUT for socket
> [2018/03/29 13:41:32.811036, 3] packet_send2:  packet: wrote
> [len=12,padding=10,comp=1,payload=1]
> [2018/03/29 13:41:32.811077, 2] channel_open:  Creating a channel 43 with
> 64000 window and 32768 max packet
> [2018/03/29 13:41:32.811104, 3] packet_send2:  packet: wrote
> [len=76,padding=9,comp=66,payload=66]
> [2018/03/29 13:41:32.811114, 3] channel_open:  Sent a SSH_MSG_CHANNEL_OPEN
> type forwarded-tcpip for channel 43
> 
> 
> Client:
> [2018/03/29 13:41:32.810891, 3] global_request:  Sent a
> SSH_MSG_GLOBAL_REQUEST tcpip-forward
> [2018/03/29 13:41:32.811106, 3] ssh_packet_socket_callback:  packet: read
> type 81 [len=12,padding=10,comp=1,payload=1]
> [2018/03/29 13:41:32.811121, 3] ssh_packet_process:  Dispatching handler
> for packet type 81
> [2018/03/29 13:41:32.811130, 3] ssh_request_success:  Received
> SSH_REQUEST_SUCCESS
> [2018/03/29 13:41:32.811139, 2] global_request:  Global request
> tcpip-forward success
> 
> 
> 
> 
> /**
> * @brief Global request callback
> *
> * @param session
> * @param message
> * @param userdata
> */
> static void handle_global_request (ssh_session session, ssh_message
> message, void *userdata) {
> ssh_message_global_request_reply_success (message, 8080 );
> 
> ssh_channel channel = ssh_channel_new (session);
> int result = ssh_channel_open_reverse_forward (channel, "localhost" , 8080
> , "localhost" , 8080 );
> 
> printf ( "RESULT %d \n " , result);
> }
> 
> 
> Thanks before hand!
> 
> 
> Martín
> 
> On Thu, Mar 29, 2018 at 7:22 AM Meng Hourk Tan < Meng Hourk Tan (
> Meng%20Hourk%20Tan%20<mtan@xxxxxxxxxx> ) > wrote:
> 
> 
>> 
>> 
>> Hi Martin,
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> I think your code lacks one step on server side:
>> 
>> 
>> 
>> After the Server handles the request using callback global_request_function
>> and responds with ssh_message_global_request_reply_success,
>> 
>> 
>> 
>> You need to create a new channel and call
>> ssh_channel_open_reverse_forward() on this channel.
>> 
>> 
>> 
>> 
>> Then the client will receive the opening request of the reverse port
>> forwarding channel.
>> 
>> 
>> Hope it helps,
>> 
>> Regards,
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> 
>> Meng
>> 
>> 
>> 
>> *De :* Martín Fernández <fmartin91@xxxxxxxxx>
>> *Envoyé :* lundi 26 mars 2018 08:20:23
>> *À :* libssh@xxxxxxxxxx
>> *Objet :* Global Request for tcpip reverse forward
>>  
>> 
>> Hello!
>> 
>> 
>> This is my first time writing in the mailing list, I’m really new to
>> libssh.
>> 
>> 
>> I’m trying to get a server and client implementation for reverse port
>> forwarding. 
>> 
>> 
>> My understanding it that client requests the server for reverse port
>> forwarding in a given port, server handles the petition and is responsible
>> for managing the socket and redirecting data from socket to ssh channel.
>> Client is responsible for reading ssh channel and sending data to the
>> local server.
>> 
>> 
>> I have successfully managed to get authentication between client and
>> server work correctly.
>> 
>> 
>> The part I’m probably missing something is on how to handle the global
>> request from client and how to pull for data in the client.
>> 
>> 
>> Basic pseudo code that I’m doing.
>> 
>> 
>> - Client send global request to server using `ssh_channel_listen_forward`.
>> 
>> - Server handles the request using callback global_request_function and
>> responds with ssh_message_global_request_reply_success
>> - Client calls ssh_channel_accept_forward to get a new channel
>> 
>> 
>> My problem is that `ssh_channel_accept_forward` never returns. I’m not
>> sure If I’m missing something on the server side to initiate the channel.
>> I know that I then need to redirect data between socket and channel but
>> first I think I need to get a valid channel for forwarding right ?
>> 
>> 
>> My complete code can be found here:
>> https://gist.github.com/bilby91/22d5cc5db0e6118f06d6d35051c32cc6
>> 
>> 
>> Thanks before hand!
>> 
>> 
>> Martín
>> 
> 
> 
> 
>

References:
RE: Global Request for tcpip reverse forwardMeng Hourk Tan <mtan@xxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org