Matt Johnston <[email protected]> wrote: |Steffen Daode Nurpmeso <[email protected]> wrote: |> $ dbclient -Y [HOST:]PORT steffen@crux3 | |Hi, | |Thanks for the patch. To clarify, is the reason for using \ |this so that "crux3" is used to lookup the known_hosts key?
I suddenly realized that you possibly wanted a different approach via the already existent -p mechanism, and doing it like that is indeed much simpler than the version i've sent first. I'm using -P this time; the second patch for scp(1) still uses -Y, since both -P and -p are taken. Patches against 2013.62. --steffen
commit 04a44812c483de062a5acdd0a86e8869a101ba24 Author: Steffen (Daode) Nurpmeso <[email protected]> Date: 2014-01-25 14:41:01 +0100 Proxy over localhost, attempt II. --- cli-main.c | 5 +++-- cli-runopts.c | 6 ++++++ dbclient.1 | 6 ++++++ runopts.h | 1 + 4 files changed, 16 insertions(+), 2 deletions(-) diff --git a/cli-main.c b/cli-main.c index 3db8f2f..4f9e2b7 100644 --- a/cli-main.c +++ b/cli-main.c @@ -72,8 +72,9 @@ int main(int argc, char ** argv) { } else #endif { - int sock = connect_remote(cli_opts.remotehost, cli_opts.remoteport, - 0, &error); + int sock = connect_remote((cli_opts.proxy_over_localhost + ? "localhost" : cli_opts.remotehost), + cli_opts.remoteport, 0, &error); sock_in = sock_out = sock; if (cli_opts.wantpty) { set_sock_priority(sock, DROPBEAR_PRIO_LOWDELAY); diff --git a/cli-runopts.c b/cli-runopts.c index 9877740..4b006c9 100644 --- a/cli-runopts.c +++ b/cli-runopts.c @@ -56,6 +56,7 @@ static void printhelp() { "Usage: %s [options] [user@]host[/port] [command]\n" #endif "-p <remoteport>\n" + "-P <port> Connect to localhost:port, authenticate as [user@]host\n" "-l <username>\n" "-t Allocate a pty\n" "-T Don't allocate a pty\n" @@ -221,6 +222,9 @@ void cli_getopts(int argc, char ** argv) { } cli_opts.always_accept_key = 1; break; + case 'P': /* "local-remoteport" */ + cli_opts.proxy_over_localhost = 1; + /* FALLTRHU */ case 'p': /* remoteport */ next = &cli_opts.remoteport; break; @@ -623,6 +627,8 @@ static void parse_hostname(const char* orighostarg) { port = strchr(cli_opts.remotehost, '/'); } if (port) { + if (cli_opts.proxy_over_localhost) + dropbear_exit("-P mutually exclusive with %%port"); *port = '\0'; cli_opts.remoteport = port+1; } diff --git a/dbclient.1 b/dbclient.1 index 4839982..6b44dc0 100644 --- a/dbclient.1 +++ b/dbclient.1 @@ -4,6 +4,7 @@ dbclient \- lightweight SSH client .SH SYNOPSIS .B dbclient [\-Tt] [\-p +.I port\fR] [\-P .I port\fR] [\-i .I id\fR] [\-L .I l\fR:\fIh\fR:\fIr\fR] [\-R @@ -29,6 +30,11 @@ Connect to on the remote host. Alternatively a port can be specified as hostname%port. Default is 22. .TP +.B \-P \fIport +Connect to +.I port +on localhost, but use the given hostname for key comparison purposes. +.TP .B \-i \fIidfile Identity file. Read the identity key from file diff --git a/runopts.h b/runopts.h index 21fc8e5..acbc019 100644 --- a/runopts.h +++ b/runopts.h @@ -128,6 +128,7 @@ typedef struct cli_runopts { int wantpty; int always_accept_key; int no_hostkey_check; + int proxy_over_localhost; int no_cmd; int backgrounded; int is_subsystem;
commit 5141053da5475109a3e887c2b1e76b85f3a941bc (HEAD, refs/heads/Yflag) Author: Steffen (Daode) Nurpmeso <[email protected]> Date: 2014-01-25 14:47:27 +0100 scp.c: support for proxy over localhost --- scp.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/scp.c b/scp.c index 65cbb77..567b1a2 100644 --- a/scp.c +++ b/scp.c @@ -324,7 +324,7 @@ main(int argc, char **argv) addargs(&args, "%s", ssh_program); fflag = tflag = 0; - while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:q1246S:o:F:")) != -1) + while ((ch = getopt(argc, argv, "dfl:prtvBCc:i:P:Y:q1246S:o:F:")) != -1) switch (ch) { /* User-visible flags. */ case '1': @@ -343,6 +343,9 @@ main(int argc, char **argv) case 'P': addargs(&args, "-p%s", optarg); break; + case 'Y': + addargs(&args, "-P%s", optarg); + break; case 'B': fprintf(stderr, "Note: -B option is disabled in this version of scp"); break; @@ -1146,7 +1149,7 @@ usage(void) { (void) fprintf(stderr, "usage: scp [-1246BCpqrv] [-c cipher] [-F ssh_config] [-i identity_file]\n" - " [-l limit] [-o ssh_option] [-P port] [-S program]\n" + " [-l limit] [-o ssh_option] [-P port] [-Y port] [-S program]\n" " [[user@]host1:]file1 [...] [[user@]host2:]file2\n"); exit(1); }
