Patch to allow local port forwarding from an existing connection

[Brian Wellington]

On Thu, 20 Sep 2001, Markus Friedl wrote:

> On Wed, Sep 19, 2001 at 05:04:51PM -0700, Brian Wellington wrote:
> > Hi.  Attached is a patch that introduces a new escape character (~c) that
> > opens a command line.  From the command line, a command of the form:
> >
> > 	-L port:host:hostport
> >
> > can be entered, which will forward the local port, as if the same option
> > has been provided on the command line.  I attempted to allow remote port
> > forwards to be specified similarly, but the server disconnects with a
> > protocol error (and the code is disabled now).
> >
> > This is a bit of a hack, but it works, and it's something that I've been
> > hoping would be added to ssh for a few years now.
> >
> > The patch is against openssh-2.9p2.
> >
> > Comments?  Any chance this will get integrated?
> > +	fprintf(stderr, "\r\n> ");
> > +	s = fgets(string, sizeof string, stdin);
>
> i don't think reading from stdin is correct.
> you need to read from the same FD as bin.

>From what I can tell, process_escapes is called from client_process_input,
and stdin_buffer is passed in as 'bin'.  The fd is hardcoded as
'fileno(stdin)' in client_process_input.

> can you get the command line from 'bin' ?

Probably not easily.  Calling fgets() blocks, and making the commandline
handling non-blocking would require more state to be kept around, so that
the commandline handler would be called at the end of the line.  Using
'bin' would require it to be filled from the event loop.

I don't like the fact that it's making a blocking call, but I don't know
enough about the code to do it any other way.  If you or someone else
would like to, please do.

> or perhaps use readpass.[ch] from -current with echo enabled?

Using read_passphrase() would probably work.  Does it offer any benefits
over fgets()?  I can't try this, since -current likely won't compile on a
non-openbsd machine.

Brian