269 lines
8 KiB
Python
269 lines
8 KiB
Python
# Copyright (c) Twisted Matrix Laboratories.
|
|
# See LICENSE for details.
|
|
|
|
"""
|
|
This module contains the implementation of the TCP forwarding, which allows
|
|
clients and servers to forward arbitrary TCP data across the connection.
|
|
|
|
Maintainer: Paul Swartz
|
|
"""
|
|
|
|
from __future__ import division, absolute_import
|
|
|
|
import struct
|
|
|
|
from twisted.internet import protocol, reactor
|
|
from twisted.internet.endpoints import HostnameEndpoint, connectProtocol
|
|
from twisted.python import log
|
|
from twisted.python.compat import _PY3, unicode
|
|
|
|
from twisted.conch.ssh import common, channel
|
|
|
|
class SSHListenForwardingFactory(protocol.Factory):
|
|
def __init__(self, connection, hostport, klass):
|
|
self.conn = connection
|
|
self.hostport = hostport # tuple
|
|
self.klass = klass
|
|
|
|
def buildProtocol(self, addr):
|
|
channel = self.klass(conn = self.conn)
|
|
client = SSHForwardingClient(channel)
|
|
channel.client = client
|
|
addrTuple = (addr.host, addr.port)
|
|
channelOpenData = packOpen_direct_tcpip(self.hostport, addrTuple)
|
|
self.conn.openChannel(channel, channelOpenData)
|
|
return client
|
|
|
|
class SSHListenForwardingChannel(channel.SSHChannel):
|
|
|
|
def channelOpen(self, specificData):
|
|
log.msg('opened forwarding channel %s' % self.id)
|
|
if len(self.client.buf)>1:
|
|
b = self.client.buf[1:]
|
|
self.write(b)
|
|
self.client.buf = b''
|
|
|
|
def openFailed(self, reason):
|
|
self.closed()
|
|
|
|
def dataReceived(self, data):
|
|
self.client.transport.write(data)
|
|
|
|
def eofReceived(self):
|
|
self.client.transport.loseConnection()
|
|
|
|
def closed(self):
|
|
if hasattr(self, 'client'):
|
|
log.msg('closing local forwarding channel %s' % self.id)
|
|
self.client.transport.loseConnection()
|
|
del self.client
|
|
|
|
class SSHListenClientForwardingChannel(SSHListenForwardingChannel):
|
|
|
|
name = b'direct-tcpip'
|
|
|
|
class SSHListenServerForwardingChannel(SSHListenForwardingChannel):
|
|
|
|
name = b'forwarded-tcpip'
|
|
|
|
|
|
|
|
class SSHConnectForwardingChannel(channel.SSHChannel):
|
|
"""
|
|
Channel used for handling server side forwarding request.
|
|
It acts as a client for the remote forwarding destination.
|
|
|
|
@ivar hostport: C{(host, port)} requested by client as forwarding
|
|
destination.
|
|
@type hostport: L{tuple} or a C{sequence}
|
|
|
|
@ivar client: Protocol connected to the forwarding destination.
|
|
@type client: L{protocol.Protocol}
|
|
|
|
@ivar clientBuf: Data received while forwarding channel is not yet
|
|
connected.
|
|
@type clientBuf: L{bytes}
|
|
|
|
@var _reactor: Reactor used for TCP connections.
|
|
@type _reactor: A reactor.
|
|
|
|
@ivar _channelOpenDeferred: Deferred used in testing to check the
|
|
result of C{channelOpen}.
|
|
@type _channelOpenDeferred: L{twisted.internet.defer.Deferred}
|
|
"""
|
|
_reactor = reactor
|
|
|
|
def __init__(self, hostport, *args, **kw):
|
|
channel.SSHChannel.__init__(self, *args, **kw)
|
|
self.hostport = hostport
|
|
self.client = None
|
|
self.clientBuf = b''
|
|
|
|
|
|
def channelOpen(self, specificData):
|
|
"""
|
|
See: L{channel.SSHChannel}
|
|
"""
|
|
log.msg("connecting to %s:%i" % self.hostport)
|
|
ep = HostnameEndpoint(
|
|
self._reactor, self.hostport[0], self.hostport[1])
|
|
d = connectProtocol(ep, SSHForwardingClient(self))
|
|
d.addCallbacks(self._setClient, self._close)
|
|
self._channelOpenDeferred = d
|
|
|
|
def _setClient(self, client):
|
|
"""
|
|
Called when the connection was established to the forwarding
|
|
destination.
|
|
|
|
@param client: Client protocol connected to the forwarding destination.
|
|
@type client: L{protocol.Protocol}
|
|
"""
|
|
self.client = client
|
|
log.msg("connected to %s:%i" % self.hostport)
|
|
if self.clientBuf:
|
|
self.client.transport.write(self.clientBuf)
|
|
self.clientBuf = None
|
|
if self.client.buf[1:]:
|
|
self.write(self.client.buf[1:])
|
|
self.client.buf = b''
|
|
|
|
|
|
def _close(self, reason):
|
|
"""
|
|
Called when failed to connect to the forwarding destination.
|
|
|
|
@param reason: Reason why connection failed.
|
|
@type reason: L{twisted.python.failure.Failure}
|
|
"""
|
|
log.msg("failed to connect: %s" % reason)
|
|
self.loseConnection()
|
|
|
|
|
|
def dataReceived(self, data):
|
|
"""
|
|
See: L{channel.SSHChannel}
|
|
"""
|
|
if self.client:
|
|
self.client.transport.write(data)
|
|
else:
|
|
self.clientBuf += data
|
|
|
|
|
|
def closed(self):
|
|
"""
|
|
See: L{channel.SSHChannel}
|
|
"""
|
|
if self.client:
|
|
log.msg('closed remote forwarding channel %s' % self.id)
|
|
if self.client.channel:
|
|
self.loseConnection()
|
|
self.client.transport.loseConnection()
|
|
del self.client
|
|
|
|
|
|
|
|
def openConnectForwardingClient(remoteWindow, remoteMaxPacket, data, avatar):
|
|
remoteHP, origHP = unpackOpen_direct_tcpip(data)
|
|
return SSHConnectForwardingChannel(remoteHP,
|
|
remoteWindow=remoteWindow,
|
|
remoteMaxPacket=remoteMaxPacket,
|
|
avatar=avatar)
|
|
|
|
class SSHForwardingClient(protocol.Protocol):
|
|
|
|
def __init__(self, channel):
|
|
self.channel = channel
|
|
self.buf = b'\000'
|
|
|
|
def dataReceived(self, data):
|
|
if self.buf:
|
|
self.buf += data
|
|
else:
|
|
self.channel.write(data)
|
|
|
|
def connectionLost(self, reason):
|
|
if self.channel:
|
|
self.channel.loseConnection()
|
|
self.channel = None
|
|
|
|
|
|
def packOpen_direct_tcpip(destination, source):
|
|
"""
|
|
Pack the data suitable for sending in a CHANNEL_OPEN packet.
|
|
|
|
@type destination: L{tuple}
|
|
@param destination: A tuple of the (host, port) of the destination host.
|
|
|
|
@type source: L{tuple}
|
|
@param source: A tuple of the (host, port) of the source host.
|
|
"""
|
|
(connHost, connPort) = destination
|
|
(origHost, origPort) = source
|
|
if isinstance(connHost, unicode):
|
|
connHost = connHost.encode("utf-8")
|
|
if isinstance(origHost, unicode):
|
|
origHost = origHost.encode("utf-8")
|
|
conn = common.NS(connHost) + struct.pack('>L', connPort)
|
|
orig = common.NS(origHost) + struct.pack('>L', origPort)
|
|
return conn + orig
|
|
|
|
packOpen_forwarded_tcpip = packOpen_direct_tcpip
|
|
|
|
def unpackOpen_direct_tcpip(data):
|
|
"""Unpack the data to a usable format.
|
|
"""
|
|
connHost, rest = common.getNS(data)
|
|
if _PY3 and isinstance(connHost, bytes):
|
|
connHost = connHost.decode("utf-8")
|
|
connPort = int(struct.unpack('>L', rest[:4])[0])
|
|
origHost, rest = common.getNS(rest[4:])
|
|
if _PY3 and isinstance(origHost, bytes):
|
|
origHost = origHost.decode("utf-8")
|
|
origPort = int(struct.unpack('>L', rest[:4])[0])
|
|
return (connHost, connPort), (origHost, origPort)
|
|
|
|
unpackOpen_forwarded_tcpip = unpackOpen_direct_tcpip
|
|
|
|
|
|
|
|
def packGlobal_tcpip_forward(peer):
|
|
"""
|
|
Pack the data for tcpip forwarding.
|
|
|
|
@param peer: A tuple of the (host, port) .
|
|
@type peer: L{tuple}
|
|
"""
|
|
(host, port) = peer
|
|
return common.NS(host) + struct.pack('>L', port)
|
|
|
|
|
|
|
|
def unpackGlobal_tcpip_forward(data):
|
|
host, rest = common.getNS(data)
|
|
if _PY3 and isinstance(host, bytes):
|
|
host = host.decode("utf-8")
|
|
port = int(struct.unpack('>L', rest[:4])[0])
|
|
return host, port
|
|
|
|
"""This is how the data -> eof -> close stuff /should/ work.
|
|
|
|
debug3: channel 1: waiting for connection
|
|
debug1: channel 1: connected
|
|
debug1: channel 1: read<=0 rfd 7 len 0
|
|
debug1: channel 1: read failed
|
|
debug1: channel 1: close_read
|
|
debug1: channel 1: input open -> drain
|
|
debug1: channel 1: ibuf empty
|
|
debug1: channel 1: send eof
|
|
debug1: channel 1: input drain -> closed
|
|
debug1: channel 1: rcvd eof
|
|
debug1: channel 1: output open -> drain
|
|
debug1: channel 1: obuf empty
|
|
debug1: channel 1: close_write
|
|
debug1: channel 1: output drain -> closed
|
|
debug1: channel 1: rcvd close
|
|
debug3: channel 1: will not send data after close
|
|
debug1: channel 1: send close
|
|
debug1: channel 1: is dead
|
|
"""
|