Commit f659ec83 authored by Niels Möller's avatar Niels Möller

* src/gateway.c (check_string_l): New function.

(check_string): New function.
(make_gateway_address): New function.

Rev: src/gateway.c:1.3
parent 12443a84
......@@ -22,6 +22,13 @@
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
#include "gateway.h"
#include "format.h"
#include "io.h"
#include "gateway.c.x"
/* A gateway is a mechanism to delegate some channels to a separate
* process. The main lsh process opens a unix domain socket, and other
* processes can connect and read and write cleartext ssh packets.
......@@ -30,6 +37,62 @@
* delegated and can be read from the gateway. */
/* The gateway socket is named "TMP/x-lsh-USER/HOST%REMOTE-USER".
*
* The choice of the '%' separator in the socket name makes sure we
* don't collide with any valid dns names, or with literal IPv4 or IPv6
* addresses. And it should be really rare in usernames. */
static int
check_string_l(unsigned length, const UINT8 *s)
{
unsigned i;
for (i = 0; i<length; i++)
switch(*s++)
{
case '\0':
case '%':
case '/':
return 0;
default:
break;
}
return 1;
}
static int
check_string(const UINT8 *s)
{
for (;;)
switch(*s++)
{
case '\0':
return 1;
case '%':
case '/':
return 0;
default:
break;
}
}
struct local_info *
make_gateway_address(char *local_user, char *remote_user,
struct address_info *target)
{
char *tmp = getenv("TMPDIR");
if (!tmp)
tmp = "/tmp";
if (check_string(local_user)
&& check_string(remote_user)
&& check_string_l(target->ip->length, target->ip->data))
return make_local_info(ssh_cformat("%lz/x-lsh-%lz", tmp, local_user),
ssh_cformat("%lS:%lz", target->ip, remote_user));
else
return NULL;
}
/* Keeps track of one connection to the gateway. */
/* GABA:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment