[OpenWrt-Devel] [PATCH] [package] sshtunnel: Limited support to run with the dropbear ssh client.

Andreas Thienemann Fri, 28 Mar 2014 09:55:43 -0700

From 2ae11499cf31ab57ce3b33aaac3232b23f3f3a6d Mon Sep 17 00:00:00 2001
From: Andreas Thienemann <[email protected]>
Date: Fri, 28 Mar 2014 17:27:26 +0100

Subject: [PATCH] [package] sshtunnel: Limited support to run with thedropbear ssh client.

sshtunnel currently requires openssh which increases the openwrtfootprint measurably.This patch adds limited support for dropbear offering remote and locateredirect based ssh tunnels.

---
 net/sshtunnel/Makefile             |  8 ++++--

net/sshtunnel/files/sshtunnel.init | 55+++++++++++++++++++++++++++++++++++---

 2 files changed, 58 insertions(+), 5 deletions(-)

diff --git a/net/sshtunnel/Makefile b/net/sshtunnel/Makefile
index f47279f..c60c96d 100644
--- a/net/sshtunnel/Makefile
+++ b/net/sshtunnel/Makefile
@@ -21,11 +21,15 @@ define Package/sshtunnel
   CATEGORY:=Network
   SUBMENU:=SSH
   TITLE:=Manages Local and Remote openssh ssh(1) tunnels
-  DEPENDS:=+openssh-client
 endef

 define Package/sshtunnel/description

-Creates openssh ssh(1) Local and Remote tunnels configured in UCI file.Can be used to allow remote connections, possibly over NATed connectionsor without public IP/DNS

+Creates local and remote ssh tunnels as configured in an UCI file.

+This can be used to allow remote connections, possibly over NATedconnections or without public IP/DNS.

+If the dropbear ssh client is installed, only basic functionality suchas local and remote tunnels is supported.+If the openssh client is installed, full functionality such as SOCKSproxy and TUN/TAP VPN tunnels are available.

+The openssh client does increase the footprint however
 endef

 define Package/sshtunnel/conffiles

diff --git a/net/sshtunnel/files/sshtunnel.initb/net/sshtunnel/files/sshtunnel.init

index e44796b..f664bbf 100644
--- a/net/sshtunnel/files/sshtunnel.init
+++ b/net/sshtunnel/files/sshtunnel.init
@@ -16,6 +16,31 @@ append_params() {
        ARGS_options="${args# *}"
 }

+append_dropbear_params() {

+ # We need to translate from the OpenSSH arguments to Dropbeararguments

+       local p; local v; local args;
+       for p in $*; do
+               eval "v=\$$p"
+               case $p in
+                       CheckHostIP)
+                               if [ "$v" == "no" -o "$v" == "NO" ]; then
+                                       args="$args -y"
+                               fi
+                               ;;
+                       IdentityFile)
+                               [ -n "$v" ] && args="$args -i $v"
+                               ;;
+                       ServerAliveInterval)
+                               [ -n "$v" ] && args="$args -K $v"
+                               ;;
+                       *)
+                               ;;
+               esac
+       done
+
+       ARGS_options="${args# *}"
+}
+
 append_string() {

local varname="$1"; local add="$2"; local separator="${3:- }"; localactual

        eval "actual=\$$varname"
@@ -150,12 +175,25 @@ load_server() {
         ARGS_tunnels=""

        count=0

- config_foreach load_tunnelR tunnelR && config_foreachload_tunnelL tunnelL && config_foreach load_tunnelD tunnelD &&config_foreach load_tunnelW tunnelW

+       if [ "$MODE" == "OpenSSH" ]; then

+ config_foreach load_tunnelR tunnelR && config_foreachload_tunnelL tunnelL && config_foreach load_tunnelD tunnelD &&config_foreach load_tunnelW

+       elif [ "$MODE" == "Dropbear" ]; then

+ config_foreach load_tunnelR tunnelR && config_foreachload_tunnelL tunnelL

+       fi

[ -n "$error" ] && { logger -p user.err -t "sshtunnel" "tunnels to$server not started - $error"; return; }[ "$count" -eq 0 ] && { logger -p user.err -t "sshtunnel" "tunnels to$server not started - no tunnels defined"; return; }

- append_params CheckHostIP Compression CompressionLevel IdentityFileLogLevel PKCS11Provider ServerAliveCountMax ServerAliveIntervalStrictHostKeyChecking TCPKeepAlive VerifyHostKeyDNS- ARGS="$ARGS_options -o ExitOnForwardFailure=yes -o BatchMode=yes -nN$ARGS_tunnels -p $port $user@$hostname"

+       if [ "$MODE" == "OpenSSH" ]; then

+ append_params CheckHostIP Compression CompressionLevel IdentityFileLogLevel PKCS11Provider ServerAliveCountMax ServerAliveIntervalStrictHostKeyChecking TCPKeepAlive VerifyHostKeyDNS

+       elif [ "$MODE" == "Dropbear" ]; then
+               append_dropbear_params CheckHostIP IdentityFile 
ServerAliveInterval
+       fi
+
+       if [ "$MODE" == "OpenSSH" ]; then

+ ARGS="$ARGS_options -o ExitOnForwardFailure=yes -o BatchMode=yes -nN$ARGS_tunnels -p $port $user@$hostname"

+       elif [ "$MODE" == "Dropbear" ]; then
+               ARGS="$ARGS_options -N -T $ARGS_tunnels -p $port 
$user@$hostname"
+       fi

        /usr/bin/sshtunnel.sh "$ARGS" "$retrydelay" "$server" &
        echo $! >> "${PIDFILE}.pids"
@@ -190,6 +228,17 @@ stop() {

 start() {
         [ -f "${PIDFILE}.pids" ] && stop
+
+        if [ "$(ssh -V 2>&1 | grep -o '^OpenSSH')" == "OpenSSH" ]; then

+ logger -p user.info -t "sshtunnel" "OpenSSH client detected, fullfunctionality supported."

+               MODE="OpenSSH"
+       elif [ "$(ssh 2>&1 | grep -o '^Dropbear')" == "Dropbear" ]; then

+ logger -p user.info -t "sshtunnel" "Dropbear client detected, limitedfunctionality supported."

+               MODE="Dropbear"
+       else

+ logger -p user.info -t "sshtunnel" "Error detecting SSH client.Exiting."

+               exit 1
+       fi

        config_load sshtunnel

if [ -n "$(uci show sshtunnel.@server[0])" ] # at least one serversection exists

--
1.8.5.3
_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel

[OpenWrt-Devel] [PATCH] [package] sshtunnel: Limited support to run with the dropbear ssh client.

Reply via email to