Merge branch 'houseofkodai-cli_bind_address_connect'

cli-main.c

@@ -66,8 +66,8 @@ int main(int argc, char ** argv) {
 	}
 #endif
-	TRACE(("user='%s' host='%s' port='%s'", cli_opts.username,
-				cli_opts.remotehost, cli_opts.remoteport))
+	TRACE(("user='%s' host='%s' port='%s' bind_address='%s' bind_port='%s'", cli_opts.username,
+				cli_opts.remotehost, cli_opts.remoteport, cli_opts.bind_address, cli_opts.bind_port))
 	if (signal(SIGPIPE, SIG_IGN) == SIG_ERR) {
 		dropbear_exit("signal() error");
@@ -86,7 +86,8 @@ int main(int argc, char ** argv) {
 	} else
 #endif
 	{
-		progress = connect_remote(cli_opts.remotehost, cli_opts.remoteport, cli_connected, &ses);
+		progress = connect_remote(cli_opts.remotehost, cli_opts.remoteport, 
+			cli_connected, &ses, cli_opts.bind_address, cli_opts.bind_port);
 		sock_in = sock_out = -1;
 	}

cli-runopts.c

@@ -92,6 +92,7 @@ static void printhelp() {
 					"-c <cipher list> Specify preferred ciphers ('-c help' to list options)\n"
 					"-m <MAC list> Specify preferred MACs for packet verification (or '-m help')\n"
 #endif
+					"-b    [bind_address][:bind_port]\n"
 					"-V    Version\n"
 #if DEBUG_TRACE
 					"-v    verbose (compiled with DEBUG_TRACE)\n"
@@ -125,12 +126,12 @@ void cli_getopts(int argc, char ** argv) {
 		OPT_OTHER
 	} opt;
 	unsigned int cmdlen;
-	char* dummy = NULL; /* Not used for anything real */
 	char* recv_window_arg = NULL;
 	char* keepalive_arg = NULL;
 	char* idle_timeout_arg = NULL;
 	char *host_arg = NULL;
+	char *bind_arg = NULL;
 	char c;
 	/* see printhelp() for options */
@@ -166,6 +167,8 @@ void cli_getopts(int argc, char ** argv) {
 #if DROPBEAR_CLI_PROXYCMD
 	cli_opts.proxycmd = NULL;
 #endif
+	cli_opts.bind_address = NULL;
+	cli_opts.bind_port = NULL;
 #ifndef DISABLE_ZLIB
 	opts.compress_mode = DROPBEAR_COMPRESS_ON;
 #endif
@@ -314,8 +317,8 @@ void cli_getopts(int argc, char ** argv) {
 					exit(EXIT_SUCCESS);
 					break;
 				case 'b':
-					next = &dummy;
-					/* FALLTHROUGH */
+					next = &bind_arg;
+					break;
 				default:
 					fprintf(stderr,
 						"WARNING: Ignoring unknown option -%c\n", c);
@@ -420,6 +423,18 @@ void cli_getopts(int argc, char ** argv) {
 		cli_opts.remoteport = "22";
 	}
+	if (bind_arg) {
+		/* split [host][:port] */
+		char *port = strrchr(bind_arg, ':');
+		if (port) {
+			cli_opts.bind_port = m_strdup(port+1);
+			*port = '\0';
+		}
+		if (strlen(bind_arg) > 0) {
+			cli_opts.bind_address = m_strdup(bind_arg);
+		}
+	}
+
 	/* If not explicitly specified with -t or -T, we don't want a pty if
 	 * there's a command, but we do otherwise */
 	if (cli_opts.wantpty == 9) {

cli-tcpfwd.c

@@ -274,7 +274,7 @@ static int newtcpforwarded(struct Channel * channel) {
 	}
 	
 	snprintf(portstring, sizeof(portstring), "%u", fwd->connectport);
-	channel->conn_pending = connect_remote(fwd->connectaddr, portstring, channel_connect_done, channel);
+	channel->conn_pending = connect_remote(fwd->connectaddr, portstring, channel_connect_done, channel, NULL, NULL);
 	channel->prio = DROPBEAR_CHANNEL_PRIO_UNKNOWABLE;
 	

dbclient.1

@@ -133,8 +133,8 @@ Can be used to give options in the format used by OpenSSH config file. This is
 useful for specifying options for which there is no separate command-line flag.
 For full details of the options listed below, and their possible values, see
 ssh_config(5).
-For now following options have been implemented:
+The following options have currently been implemented:
 .RS
 .TP
 .B ExitOnForwardFailure
@@ -147,6 +147,10 @@ Send dbclient log messages to syslog in addition to stderr.
 .B \-s 
 The specified command will be requested as a subsystem, used for sftp. Dropbear doesn't implement sftp itself but the OpenSSH sftp client can be used eg \fIsftp -S dbclient user@host\fR
 .TP
+.B \-b \fI[address][:port]
+Bind to a specific local address when connecting to the remote host. This can be used to choose from
+multiple outgoing interfaces. Either address or port (or both) can be given.
+.TP
 .B \-V
 Print the version

netio.c

@@ -19,6 +19,7 @@ struct dropbear_progress_connection {
 	int sock;
 	char* errstring;
+	char *bind_address, *bind_port;
 };
 /* Deallocate a progress connection. Removes from the pending list if iter!=NULL.
@@ -30,6 +31,8 @@ static void remove_connect(struct dropbear_progress_connection *c, m_list_elem *
 	m_free(c->remotehost);
 	m_free(c->remoteport);
 	m_free(c->errstring);
+	m_free(c->bind_address);
+	m_free(c->bind_port);
 	m_free(c);
 	if (iter) {
@@ -51,6 +54,7 @@ void cancel_connect(struct dropbear_progress_connection *c) {
 static void connect_try_next(struct dropbear_progress_connection *c) {
 	struct addrinfo *r;
+	int err;
 	int res = 0;
 	int fastopen = 0;
 #if DROPBEAR_CLIENT_TCP_FAST_OPEN
@@ -66,6 +70,44 @@ static void connect_try_next(struct dropbear_progress_connection *c) {
 			continue;
 		}
+		if (c->bind_address || c->bind_port) {
+			/* bind to a source port/address */
+			struct addrinfo hints;
+			struct addrinfo *bindaddr = NULL;
+			memset(&hints, 0, sizeof(hints));
+			hints.ai_socktype = SOCK_STREAM;
+			hints.ai_family = r->ai_family;
+			hints.ai_flags = AI_PASSIVE;
+
+			err = getaddrinfo(c->bind_address, c->bind_port, &hints, &bindaddr);
+			if (err) {
+				int len = 100 + strlen(gai_strerror(err));
+				m_free(c->errstring);
+				c->errstring = (char*)m_malloc(len);
+				snprintf(c->errstring, len, "Error resolving bind address '%s' (port %s). %s", 
+						c->bind_address, c->bind_port, gai_strerror(err));
+				TRACE(("Error resolving bind: %s", gai_strerror(err)))
+				close(c->sock);
+				c->sock = -1;
+				continue;
+			}
+			res = bind(c->sock, bindaddr->ai_addr, bindaddr->ai_addrlen);
+			freeaddrinfo(bindaddr);
+			bindaddr = NULL;
+			if (res < 0) {
+				/* failure */
+				int keep_errno = errno;
+				int len = 300;
+				m_free(c->errstring);
+				c->errstring = m_malloc(len);
+				snprintf(c->errstring, len, "Error binding local address '%s' (port %s). %s", 
+						c->bind_address, c->bind_port, strerror(keep_errno));
+				close(c->sock);
+				c->sock = -1;
+				continue;
+			}
+		}
+
 		ses.maxfd = MAX(ses.maxfd, c->sock);
 		set_sock_nodelay(c->sock);
 		setnonblocking(c->sock);
@@ -130,7 +172,8 @@ static void connect_try_next(struct dropbear_progress_connection *c) {
 /* Connect via TCP to a host. */
 struct dropbear_progress_connection *connect_remote(const char* remotehost, const char* remoteport,
-	connect_callback cb, void* cb_data)
+	connect_callback cb, void* cb_data, 
+	const char* bind_address, const char* bind_port)
 {
 	struct dropbear_progress_connection *c = NULL;
 	int err;
@@ -160,6 +203,13 @@ struct dropbear_progress_connection *connect_remote(const char* remotehost, cons
 	} else {
 		c->res_iter = c->res;
 	}
+	
+	if (bind_address) {
+		c->bind_address = m_strdup(bind_address);
+	}
+	if (bind_port) {
+		c->bind_port = m_strdup(bind_port);
+	}
 	return c;
 }

netio.h

@@ -30,7 +30,7 @@ typedef void(*connect_callback)(int result, int sock, void* data, const char* er
 /* Always returns a progress connection, if it fails it will call the callback at a later point */
 struct dropbear_progress_connection * connect_remote (const char* remotehost, const char* remoteport,
-	connect_callback cb, void *cb_data);
+	connect_callback cb, void *cb_data, const char* bind_address, const char* bind_port);
 /* Sets up for select() */
 void set_connect_fds(fd_set *writefd);

runopts.h

@@ -167,6 +167,8 @@ typedef struct cli_runopts {
 #if DROPBEAR_CLI_PROXYCMD
 	char *proxycmd;
 #endif
+	char *bind_address;
+	char *bind_port;
 } cli_runopts;
 extern cli_runopts cli_opts;

svr-tcpfwd.c

@@ -285,7 +285,7 @@ static int newtcpdirect(struct Channel * channel) {
 	}
 	snprintf(portstring, sizeof(portstring), "%u", destport);
-	channel->conn_pending = connect_remote(desthost, portstring, channel_connect_done, channel);
+	channel->conn_pending = connect_remote(desthost, portstring, channel_connect_done, channel, NULL, NULL);
 	channel->prio = DROPBEAR_CHANNEL_PRIO_UNKNOWABLE;