If you want to run it all within Dropbear itself I'd modify sessioncommand() which handles subsystem requests. Rather than calling ptycommand() or noptycommand() make it call connect_remote() - have a look at newtcpdirect() for an example. Set channel->writefd and channel->readfd to the returned socket, and make sure you set ses.maxfd appropriately. It's an asynchronous connection, but I think it should work OK.
Another option would be to make a little helper script that runs 'nc host port' and add another special case like that for sftp in sessioncommand(). Cheers, Matt On Thu, Sep 25, 2014 at 10:27:12AM -0400, Paul Lemay wrote: > Actually Matt, > > it is a NETCONF server that I am implementing but I was expecting to have a > TCP communication from dropbear! I see that you already trigger a subsystem > in such a context. Is it possible to setup a tcp communication link with > the server at this point in the code? > > On Thu, Sep 25, 2014 at 6:37 AM, Paul Lemay <[email protected]> wrote: > > > Hello Matt, > > > > Thanks for your reply. > > > > Let me provide additional information on what I am trying to do with > > Dropbear. There are several types of client applications (i.e., some > > running their own client version of SSH others running through the Dropbear > > SSH clients apps with prot forwarding). They are all looking for secure > > services provided by a single server (i.e., MyTcpServer). In other words, > > all SSH clients connects to a single Dropbear server for services provided > > by MyTcpServer. The other connections to the Dropbear server will be > > rejected by MyTcpServer because they won't support MyTcpServer XML > > protocol. Threfore, in my simple view of things, the Dropbear server > > instance provides the secure authentication and communication. All > > decrypted communication channels are forwarded to MyTcpServer. > > > > Hope this could help in finding a good solution. > > > > Best Regards! > > > > On Wed, Sep 24, 2014 at 1:01 PM, Paul Lemay <[email protected]> wrote: > > > >> Hello there, > >> > >> I have a SSH client browser. It is connected to the Dropbear server. I > >> would like to know if it is possible to tailor dropbear so that, once the > >> dropbear authentication process is completed, a connection is establish to > >> my local server ready to takeover TCP communication for this browser. > >> > >> I understand there is a cli-tcpfwd that seems to support this function > >> but I do not know how to use it. Are there some examples available? > >> > > > > > > -- > > > Avis de confidentialité > > Les informations contenues dans le présent message et dans toute pièce qui > lui est jointe sont confidentielles et peuvent être protégées par le secret > professionnel. Ces informations sont à l’usage exclusif de son ou de ses > destinataires. Si vous recevez ce message par erreur, veuillez s’il vous > plait communiquer immédiatement avec l’expéditeur et en détruire tout > exemplaire. De plus, il vous est strictement interdit de le divulguer, de > le distribuer ou de le reproduire sans l’autorisation de l’expéditeur. > Merci. > > Confidentiality notice > > This e-mail message and any attachment hereto contain confidential > information which may be privileged and which is intended for the exclusive > use of its addressee(s). If you receive this message in error, please > inform sender immediately and destroy any copy thereof. Furthermore, any > disclosure, distribution or copying of this message and/or any attachment > hereto without the consent of the sender is strictly prohibited. Thank you.
