11305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#	$OpenBSD: dynamic-forward.sh,v 1.9 2011/06/03 00:29:52 dtucker Exp $
21305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood#	Placed in the Public Domain.
31305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood
41305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodtid="dynamic forwarding"
51305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood
61305e95ba6ff9fa202d0818caf10405df4b0f648Mike LockwoodFWDPORT=`expr $PORT + 1`
71305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood
81305e95ba6ff9fa202d0818caf10405df4b0f648Mike LockwoodDATA=/bin/ls${EXEEXT}
91305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood
101305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodif have_prog nc && nc -h 2>&1 | grep "proxy address" >/dev/null; then
111305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	proxycmd="nc -x 127.0.0.1:$FWDPORT -X"
121305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodelif have_prog connect; then
131305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	proxycmd="connect -S 127.0.0.1:$FWDPORT -"
141305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodelse
151305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	echo "skipped (no suitable ProxyCommand found)"
161305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	exit 0
171305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodfi
181305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodtrace "will use ProxyCommand $proxycmd"
191305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood
201305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodstart_sshd
211305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood
221305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwoodfor p in 1 2; do
231305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	n=0
241305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	error="1"
251305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	trace "start dynamic forwarding, fork to background"
261305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	while [ "$error" -ne 0 -a "$n" -lt 3 ]; do
271305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		n=`expr $n + 1`
281305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		${SSH} -$p -F $OBJ/ssh_config -f -D $FWDPORT -q \
291305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		    -oExitOnForwardFailure=yes somehost exec sh -c \
301305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood			\'"echo \$\$ > $OBJ/remote_pid; exec sleep 444"\'
311305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		error=$?
321305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		if [ "$error" -ne 0 ]; then
331305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood			trace "forward failed proto $p attempt $n err $error"
341305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood			sleep $n
351305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		fi
361305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	done
371305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	if [ "$error" -ne 0 ]; then
381305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		fatal "failed to start dynamic forwarding proto $p"
391305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	fi
401305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood
411305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	for s in 4 5; do
421305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	    for h in 127.0.0.1 localhost; do
431305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		trace "testing ssh protocol $p socks version $s host $h"
441305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		${SSH} -F $OBJ/ssh_config \
451305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood			-o "ProxyCommand ${proxycmd}${s} $h $PORT" \
461305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood			somehost cat $DATA > $OBJ/ls.copy
471305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		test -f $OBJ/ls.copy	 || fail "failed copy $DATA"
481305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		cmp $DATA $OBJ/ls.copy || fail "corrupted copy of $DATA"
491305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	    done
501305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	done
511305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood
521305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	if [ -f $OBJ/remote_pid ]; then
531305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		remote=`cat $OBJ/remote_pid`
541305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		trace "terminate remote shell, pid $remote"
551305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		if [ $remote -gt 1 ]; then
561305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood			kill -HUP $remote
571305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		fi
581305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	else
591305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood		fail "no pid file: $OBJ/remote_pid"
601305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwood	fi
611305e95ba6ff9fa202d0818caf10405df4b0f648Mike Lockwooddone
62