Hello gustav.paul@gmail.com, jeff@somethingsimilar.com (cc: golang-dev@googlegroups.com), I'd like you to review this change to https://code.google.com/p/go.crypto
11 years, 12 months ago
(2012-04-21 22:37:27 UTC)
#3
Thank you for your comments. http://codereview.appspot.com/6038047/diff/22001/ssh/client.go File ssh/client.go (right): http://codereview.appspot.com/6038047/diff/22001/ssh/client.go#newcode278 ssh/client.go:278: return Done. I have ...
11 years, 12 months ago
(2012-04-24 12:40:55 UTC)
#7
Thank you for your comments.
http://codereview.appspot.com/6038047/diff/22001/ssh/client.go
File ssh/client.go (right):
http://codereview.appspot.com/6038047/diff/22001/ssh/client.go#newcode278
ssh/client.go:278: return
Done. I have no idea why I did not do that, I do later on in the method.
On 2012/04/23 15:12:04, agl1 wrote:
> send channelOpenFailureMsg back?
http://codereview.appspot.com/6038047/diff/22001/ssh/client.go#newcode313
ssh/client.go:313: func decodeAddr(b []byte) (*net.TCPAddr, error) {
Added, and I use the error in the failure message.
On 2012/04/23 15:12:04, agl1 wrote:
> Needs a comment, probably referencing an RFC section.
>
> Also, since the caller ignores the contents of the error, maybe just return a
> bool for that?
http://codereview.appspot.com/6038047/diff/22001/ssh/client.go#newcode322
ssh/client.go:322: ip, err := net.ResolveIPAddr("tcp", string(addr))
On 2012/04/23 15:12:04, agl1 wrote:
> addr must be an IP address? If so, net.ParseIP may be better. ResolveIPAddr
also
> disallows "tcp" as a value of the net argument.
Although net.Conn#RemoteAddr and friends return net.Adds', they dont' define
equality so are hard to use internally. Also, this type of tunneled connection
is only useful for stream connections, so *net.TCPAddr makes sense here.
Having said that, I don't want to try to resolve it, as it's already an IP, in
string form, not a name, so you are correct that ParseIP is a better choice.
http://codereview.appspot.com/6038047/diff/22001/ssh/example_test.go
File ssh/example_test.go (right):
http://codereview.appspot.com/6038047/diff/22001/ssh/example_test.go#newcode141
ssh/example_test.go:141: l, err := conn.Listen("tcp", "0.0.0.0:8080")
On 2012/04/24 04:48:16, lieqie wrote:
> It doesn't open the specified port in fact.
> I think in this case should need a
> net.Dial("tcp", "127.0.0.1:8080") to test it.
This is just an example, all the test harness guarantees is that it compiles. Is
that what you meant ?
http://codereview.appspot.com/6038047/diff/22001/ssh/tcpip.go
File ssh/tcpip.go (right):
http://codereview.appspot.com/6038047/diff/22001/ssh/tcpip.go#newcode67
ssh/tcpip.go:67: // forwardlist stores a mappin between remote
On 2012/04/23 15:12:04, agl1 wrote:
> typo: mapping.
Done.
http://codereview.appspot.com/6038047/diff/22001/ssh/tcpip.go#newcode76
ssh/tcpip.go:76: c chan struct {
On 2012/04/23 15:12:04, agl1 wrote:
> this struct has been written a few times - it probably deserves a name.
Yup - it was an interesting experiment with anon structs, but clearly neither
the time nor the place.
http://codereview.appspot.com/6038047/diff/22001/ssh/tcpip.go#newcode88
ssh/tcpip.go:88: f := forward{
On 2012/04/23 15:12:04, agl1 wrote:
> Check for duplicates before appending? Otherwise Remove goes wrong.
Is it possible to have a duplicate ? That would imply that the remote end had
accepted two connections with the same IP:Port raddr.
LGTM http://codereview.appspot.com/6038047/diff/29003/ssh/client.go File ssh/client.go (right): http://codereview.appspot.com/6038047/diff/29003/ssh/client.go#newcode304 ssh/client.go:304: l <- struct { This has a name ...
11 years, 12 months ago
(2012-04-24 15:03:30 UTC)
#9
// Request the remote side to open a port. l, err := client.Listen("tcp", ":1080") if ...
11 years, 12 months ago
(2012-04-25 04:06:38 UTC)
#12
// Request the remote side to open a port.
l, err := client.Listen("tcp", ":1080")
if err != nil {
log.Fatalf("unable to register tcp forward: %v", err)
}
log.Println("ssh start successful on :1080")
defer l.Close()
http.Serve(l, http.HandlerFunc(func(resp http.ResponseWriter, req
*http.Request) {
fmt.Fprintf(resp, "Hello world!\n")
}))
-----------------------------------
this code compile ok, run ok, but don't open port 1080 to listen for
connections.
-----------------------------------
if I change
l, err := client.Listen("tcp", ":1080")
to
l, err = net.Listen("tcp", ":1080")
it works ok.
What you may be seeing is your ssh server filtering the hosts that can connect ...
11 years, 12 months ago
(2012-04-25 05:57:22 UTC)
#13
What you may be seeing is your ssh server filtering the hosts that can connect
to it. For example on my system, no matter what I pass to client.Listen, the ssh
daemon will only listen on the loopback.
> if I change
> l, err := client.Listen("tcp", ":1080")
> to
> l, err = net.Listen("tcp", ":1080")
This is because (assuming your connecting to an ssh daemon on your local
machine), the first bind bound 127.0.0.1:1080 to your ssh daemon, the second
net.Listen will bind :1080 on any other interface.
Lets take this discussion to the golang-nuts mailing list.
so let's assume ssh server: ssh.example.com:22 after l, err := client.Listen("tcp", ":1080") defer l.Close() http.Serve(l, ...
11 years, 12 months ago
(2012-04-25 07:05:44 UTC)
#14
so let's assume
ssh server: ssh.example.com:22
after
l, err := client.Listen("tcp", ":1080")
defer l.Close()
http.Serve(l, http.HandlerFunc(func(resp http.ResponseWriter, req
*http.Request) {
fmt.Fprintf(resp, "Hello world!\n")
}))
how can we get to the "Hello world!" web page.
http://localhost:1080/http://ssh.example.com:1080/
all refused.
the ssh server hasn't filter client ip.
ssh into ssh.example.com:22
in the shell do
wget http://localhost:1080/
refused too.
*** Submitted as http://code.google.com/p/go/source/detail?r=306e41c8d097&repo=crypto *** go.crypto/ssh: add support for remote tcpip forwarding Add support for ...
11 years, 12 months ago
(2012-04-26 10:37:16 UTC)
#16
Issue 6038047: code review 6038047: go.crypto/ssh: add support for remote tcpip forwarding
(Closed)
Created 12 years ago by dfc
Modified 11 years, 12 months ago
Reviewers:
Base URL:
Comments: 28