Subject: Re: win32 tunneling

Re: win32 tunneling

From: Roman Kubiak <kubiak.roman_at_gmail.com>
Date: Wed, 13 May 2009 22:07:11 +0200

Ok, first i need to know if i understand what i should do, here is what i do

1. start a connection using curl to my ssh host, and use curl_getopt()
to get the socket
2. use the socket from curl to start a session using libssh2
3. authorize using libssh2
4. start a channel like so: sshChannel =
libssh2_channel_direct_tcpip(sshSession, destinationHost,
destinationPort), where destinationHost and destinationPort are
    set to localhost:3128 (connection to squid on the same host as the
ssh server)
5. start a listening socket on the client side, accept connections
6. for each new connection on my server socket i start a dataPipe,
that has the connected client socket and the sshChannel, and a new ID
(for streams, in the ssh channel)
7. all data comming from the socket are passed to the channel, and all
data from the channel to the socket, i use ssh2_poll

fds[0].fd.socket = (int)clientSocket->GetSocket();
        fds[0].type = LIBSSH2_POLLFD_SOCKET;
        fds[0].events = LIBSSH2_POLLFD_POLLIN | LIBSSH2_POLLFD_POLLHUP |
LIBSSH2_POLLFD_POLLEX | LIBSSH2_POLLFD_POLLNVAL |
LIBSSH2_POLLFD_POLLERR | LIBSSH2_POLLFD_LISTENER_CLOSED |
LIBSSH2_POLLFD_SESSION_CLOSED;

        fds[1].fd.channel = sshChannel;
        fds[1].type = LIBSSH2_POLLFD_CHANNEL;
        fds[1].events = LIBSSH2_POLLFD_POLLIN | LIBSSH2_POLLFD_POLLOUT |
LIBSSH2_POLLFD_CHANNEL_CLOSED;

now this didn't work, cause no data was passed ( i had some problems
with the poll() but i got that fixed).

Now what i don't know, is:
- should i use a new channel for each connection from the server
socket or can i use streams?
- at witch point does the ssh server establish a connection with the
destinationHost of the tunnel, so i can debug if this happens at all

I was trying with one channel/one-connection mix, no stream ids, and
this is what i got using normal libssh2_channel_read()
libssh2_channel_write() calls:

--- cut here
EdoSSHTunnel::startTunnel
maczo - debug -
-------------------------------------------------------------------------
maczo - debug - tunnelName: maczo
maczo - debug - destinationHost: atom.maczo.pl
maczo - debug - destinationPort: 22
maczo - debug - tunnelDestinationHost: localhost
maczo - debug - tunnelDestinationPort: 3128
maczo - debug - destinationUsername: root
maczo - debug - destinationPassword: MY-PASSWORD-HERE
maczo - debug - localPort: 8081
maczo - debug - proxy: disabled
maczo - debug -
-------------------------------------------------------------------------
EdoSSHTunnel::run()
'Edo.exe': Loaded 'C:\Windows\System32\WSHTCPIP.DLL'
'Edo.exe': Loaded 'C:\Windows\System32\nlaapi.dll'
'Edo.exe': Loaded 'C:\Windows\System32\NapiNSP.dll'
'Edo.exe': Loaded 'C:\Windows\System32\pnrpnsp.dll'
'Edo.exe': Loaded 'C:\Windows\System32\winrnr.dll'
'Edo.exe': Loaded 'C:\Windows\System32\wshbth.dll'
'Edo.exe': Loaded 'C:\Windows\System32\rasadhlp.dll'
The thread 'Win32 Thread' (0xfd0) has exited with code 0 (0x0).
maczo - debug - EdoSSHTunnel::curlDebugCallback: About to connect() to
atom.maczo.pl port 22 (#0)
maczo - debug - EdoSSHTunnel::curlDebugCallback: Trying 85.128.110.3...
maczo - debug - EdoSSHTunnel::curlDebugCallback: connected
maczo - debug - EdoSSHTunnel::curlDebugCallback: Connected to
atom.maczo.pl (85.128.110.3) port 22 (#0)
maczo - debug - EdoSSHTunnel::curlDebugCallback: Connection #0 to host
atom.maczo.pl left intact
maczo - debug - EdoSSHTunnel::run: curl startTransfer returned true
maczo - debug - EdoSSHTunnel::run: looks like we got the socket
maczo - debug - EdoTunnel::startTunnel libssh2 session initialized
'Edo.exe': Loaded 'C:\Windows\System32\netapi32.dll'
'Edo.exe': Unloaded 'C:\Windows\System32\netapi32.dll'
'Edo.exe': Loaded 'C:\Windows\System32\rsaenh.dll'
maczo - debug - EdoTunnel::startTunnel libssh2 session startup success
maczo - debug - EdoTunnel::startTunnel remote host fingerprint: 90 6D
37 43 29 C1 CC 9F 77 4D 5A BC C2 55 4C C6
maczo - debug - EdoTunnel::startTunnel authentication methods:
publickey,password
maczo - debug - EdoTunnel::startTunnel authentication by password succeeded
maczo - debug - EdoTunnel::startTunnel channel created
maczo - debug - EdoSSHTunnel::run: Connection from client: 127.0.0.1
EdoDataPipe::ctor
EdoDataPipe::run
EdoDataPipe::run poll() for data
EdoDataPipe::run socket read len: 21 write to channel (<- here i send
get http://some.url and press enter)
EdoDataPipe::run wrote to channel len: 21
EdoDataPipe::run poll libssh2_channel_read: SSH-2.0-OpenSSH_4.3p2
Debian-8 len:31
The thread 'Win32 Thread' (0xadc) has exited with code 0 (0x0).
EdoDataPipe::run socket read len: 22 write to channel
EdoDataPipe::run wrote to channel len: 22
EdoDataPipe::run poll libssh2_channel_read: Protocol mismatch.
p2 Debian-8 len:19
EdoDataPipe::run socket read len: 2 write to channel
EdoDataPipe::run wrote to channel len: 2
--- cut here

what is that: Protocol mismatch.
p2 Debian-8 len:19

???

this is Windows (either XP or Vista) with VS2008, latest curl for ssh sockets.

Any hints/help is welcome, perhaps i could ask this on IRC?

best reagards
-------------------------------
  Voltage Controlled
-------------------------------

On Wed, May 13, 2009 at 8:10 PM, Daniel Stenberg <daniel_at_haxx.se> wrote:
> On Wed, 13 May 2009, Roman Kubiak wrote:
>
>> I saw many issues with the windows support for libssh2_channel_direct_tcpip
>> calls. I downloaded the latest CVS and can't get any decent results, has
>> this issue been fixed and i should look at my code, or is this still
>> pending?
>
> I don't know. I would assume that if you follow the docs and it still doesn't
> work, it is a big risk the problem is within libssh2 (or possibly in the
> docs).
>
> But then the code is here so you can just dive in and start searching for the
> answer. Waiting for someone else to fix the problems can become a long wait.
>
> To say that we're undermanned in this project would be an understatement.
>
> --
>
>  / daniel.haxx.se
>
> ------------------------------------------------------------------------------
> The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your
> production scanning environment may not be a perfect world - but thanks to
> Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700
> Series Scanner you'll get full speed at 300 dpi even with all image
> processing features enabled. http://p.sf.net/sfu/kodak-com
> _______________________________________________
> libssh2-devel mailing list
> libssh2-devel_at_lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/libssh2-devel
>

------------------------------------------------------------------------------
The NEW KODAK i700 Series Scanners deliver under ANY circumstances! Your
production scanning environment may not be a perfect world - but thanks to
Kodak, there's a perfect scanner to get the job done! With the NEW KODAK i700
Series Scanner you'll get full speed at 300 dpi even with all image
processing features enabled. http://p.sf.net/sfu/kodak-com
_______________________________________________
libssh2-devel mailing list
libssh2-devel_at_lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/libssh2-devel
Received on 2009-05-13