C: can I forward port for external application with libssh?
Asked Answered
E

1

2

I'm implementing VNC connection for xen VM in my app. In order to connect I have to forward the port as XenServer accept only local connection. I do it like this:

ssh -L 5903:localhost:5903 [email protected]

After it a can connect my VNC to localhost with corresponding port. But I have to frequently reconnect to different hosts, and using bash is not a good idea as I have a windows build also. Installing ssh-client is not always possible.
I read http://api.libssh.org/stable/libssh_tutor_forwarding.html and tried to test it.

 ssh_channel forwarding_channel;        
    forwarding_channel = ssh_channel_new(session);    
    int rc = channel_open_forward(forwarding_channel,
                              "192.168.1.4", 5903,
                              "localhost", 5903);
    if (rc != SSH_OK)
    {
        ssh_channel_free(forwarding_channel);
        return rc;
    }    
    for(;;)
    {
        usleep(100000);
    }       

The tunnel itself is created, according to status. But I can see no ports listening via netstat. What I'm doing wrong and is it possible at all?

Update:

Here is resulted code that seems to work properly using libssh

int32_t forward_port (ssh_session session, char *remote_host, int32_t remote_port, int32_t local_port)
{   
    int32_t server_sock = 0;    
    int32_t client_sock = -1;
    struct sockaddr_in client_name;
    socklen_t client_name_len = sizeof client_name;
    char buf[4096] = {0};
    server_sock = server_startup(local_port);
    client_sock = accept(server_sock,
                         (struct sockaddr *)&client_name,
                         &client_name_len);
    if (client_sock == -1)
    {
        perror("Error on accept");
        return SSH_ERROR;
    }
    int32_t client_port = ntohs(client_name.sin_port);  
    int32_t size_recv, nwritten, nread = 0;
    uint8_t data[4096];
    fcntl(client_sock, F_SETFL, O_NONBLOCK);
    /*  */
    ssh_channel forwarding_channel;
    forwarding_channel = ssh_channel_new(session);
    int rc = channel_open_forward(forwarding_channel,
                                  remote_host, remote_port,
                                  "127.0.0.1", client_port);
    if (rc != SSH_OK)
    {
        ssh_channel_free(forwarding_channel);
        close(client_sock);
        close(server_sock);
        return rc;
    }
    while(!ssh_channel_is_eof (forwarding_channel)) 
    {
        if((size_recv = recv(client_sock, data, sizeof data, MSG_DONTWAIT) ) < 0)
        {
            if((nread = ssh_channel_read_nonblocking(forwarding_channel, data, sizeof data, 0))>0)
            {
                if(write(client_sock,data,nread)<0)
                {                   
                    perror("Error writing to socket");
                    close(client_sock);
                    close(server_sock);
                    ssh_channel_free(forwarding_channel);
                    return SSH_ERROR;
                }               
            }

        }       
        else if (!size_recv)
        {
            puts("Local client disconnected, exiting");
            goto exit;  
        }
        nwritten = channel_write(forwarding_channel, data, size_recv);
            if (size_recv != nwritten)
            {
                ssh_channel_free(forwarding_channel);
                return SSH_ERROR;
            }
    }
exit:
    close(client_sock);
    close(server_sock);
    ssh_channel_free(forwarding_channel);
    return SSH_OK;
}
Estheresthesia answered 15/9, 2013 at 11:20 Comment(3)
What does server_startup do?Puddling
Starting local server that listens to incoming connectionsEstheresthesia
I mean, having that function in the code snippet too would be helpful.Puddling
D
1

ssh_channel_open_forward documentation

## Warning ##
This function does not bind the local port and does not automatically forward the content of a socket to the channel. You still have to use channel_read and channel_write for this. 
Decare answered 15/9, 2013 at 11:37 Comment(1)
Thanks a lot, it's a pity I missed that warning. However I was able to make it possible, thank for your help. I added resulted codeEstheresthesia

© 2022 - 2024 — McMap. All rights reserved.