curben
/
cloudflared-mirror
mirror of https://github.com/cloudflare/cloudflared.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

AUTH-2159: Moves shutdownC close into error handling 

AUTH-2161: Lowers size of preamble length
AUTH-2160: Fixes url parsing logic
This commit is contained in:
Michael Borkenstein 2019-10-16 10:53:46 -05:00
parent 95704b11fb
commit 8b6e3bc1d1
3 changed files with 15 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/cloudflared/tunnel/cmd.go
View File

@ -407,9 +407,9 @@ func StartServer(c *cli.Context, version string, shutdownC, graceShutdownC chan
defer wg.Done() defer wg.Done()
if err = server.Start(); err != nil && err != ssh.ErrServerClosed { if err = server.Start(); err != nil && err != ssh.ErrServerClosed {
logger.WithError(err).Error("SSH server error") logger.WithError(err).Error("SSH server error")
// TODO: remove when declarative tunnels are implemented.
close(shutdownC)
} }
// TODO: remove when declarative tunnels are implemented.
close(shutdownC)
}() }()
c.Set("url", "ssh://"+localServerAddress) c.Set("url", "ssh://"+localServerAddress)
} }

14
sshserver/sshserver_unix.go
View File

@ -11,7 +11,7 @@ import (
"fmt" "fmt"
"io" "io"
"net" "net"
"net/url" "regexp"
"runtime" "runtime"
"strings" "strings"
"time" "time"
@ -36,7 +36,7 @@ const (
sshContextEventLogger = "eventLogger" sshContextEventLogger = "eventLogger"
sshContextPreamble = "sshPreamble" sshContextPreamble = "sshPreamble"
sshContextSSHClient = "sshClient" sshContextSSHClient = "sshClient"
SSHPreambleLength = 4 SSHPreambleLength = 2
) )
type auditEvent struct { type auditEvent struct {
@ -271,7 +271,7 @@ func (s *SSHProxy) readPreamble(conn net.Conn) (*SSHPreamble, error) {
if _, err := io.ReadFull(conn, size); err != nil { if _, err := io.ReadFull(conn, size); err != nil {
return nil, err return nil, err
} }
payloadLength := binary.BigEndian.Uint32(size) payloadLength := binary.BigEndian.Uint16(size)
payload := make([]byte, payloadLength) payload := make([]byte, payloadLength)
if _, err := io.ReadFull(conn, payload); err != nil { if _, err := io.ReadFull(conn, payload); err != nil {
return nil, err return nil, err
@ -283,13 +283,15 @@ func (s *SSHProxy) readPreamble(conn net.Conn) (*SSHPreamble, error) {
return nil, err return nil, err
} }
destUrl, err := url.Parse(preamble.Destination) ok, err := regexp.Match(`^[^:]*:\d+$`, []byte(preamble.Destination))
if err != nil { if err != nil {
return nil, errors.Wrap(err, "failed to parse URL") return nil, err
} }
if destUrl.Port() == "" {
if !ok {
preamble.Destination += ":22" preamble.Destination += ":22"
} }
return &preamble, nil return &preamble, nil
} }

6
websocket/websocket.go
View File

@ -180,8 +180,12 @@ func sendSSHPreamble(stream net.Conn, destination, token string) error {
return err return err
} }
if uint16(len(payload)) > ^uint16(0) {
return errors.New("ssh preamble payload too large")
}
sizeBytes := make([]byte, sshserver.SSHPreambleLength) sizeBytes := make([]byte, sshserver.SSHPreambleLength)
binary.BigEndian.PutUint32(sizeBytes, uint32(len(payload))) binary.BigEndian.PutUint16(sizeBytes, uint16(len(payload)))
if _, err := stream.Write(sizeBytes); err != nil { if _, err := stream.Write(sizeBytes); err != nil {
return err return err
} }