1 From fb64db9eac3fdc6434f2dc7b5ea407fe5df76e6f Mon Sep 17 00:00:00 2001
2 From: Diederik De Coninck <diederik.deconinck_ext@softathome.com>
3 Date: Tue, 11 Apr 2023 15:38:04 +0200
4 Subject: Add option to bind to interface
7 netio.c | 13 +++++++++++--
11 svr-runopts.c | 9 +++++++++
15 8 files changed, 26 insertions(+), 5 deletions(-)
19 @@ -467,7 +467,7 @@ int get_sock_port(int sock) {
20 * failure, if errstring wasn't NULL, it'll be a newly malloced error
22 int dropbear_listen(const char* address, const char* port,
23 - int *socks, unsigned int sockcount, char **errstring, int *maxfd) {
24 + int *socks, unsigned int sockcount, char **errstring, int *maxfd, const char* interface) {
26 struct addrinfo hints, *res = NULL, *res0 = NULL;
28 @@ -497,7 +497,11 @@ int dropbear_listen(const char* address,
29 TRACE(("dropbear_listen: local loopback"))
31 if (address[0] == '\0') {
32 - TRACE(("dropbear_listen: all interfaces"))
34 + TRACE(("dropbear_listen: %s", interface))
36 + TRACE(("dropbear_listen: all interfaces"))
40 hints.ai_flags = AI_PASSIVE;
41 @@ -551,6 +555,11 @@ int dropbear_listen(const char* address,
42 /* set to reuse, quick timeout */
43 setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void*) &val, sizeof(val));
45 + if(interface && setsockopt(sock, SOL_SOCKET, SO_BINDTODEVICE, interface, strlen(interface)) < 0) {
46 + dropbear_log(LOG_WARNING, "Couldn't set SO_BINDTODEVICE");
47 + TRACE(("Failed setsockopt with errno failure, %d %s", errno, strerror(errno)))
50 #if defined(IPPROTO_IPV6) && defined(IPV6_V6ONLY)
51 if (res->ai_family == AF_INET6) {
55 @@ -19,7 +19,7 @@ void get_socket_address(int fd, char **l
56 void getaddrstring(struct sockaddr_storage* addr,
57 char **ret_host, char **ret_port, int host_lookup);
58 int dropbear_listen(const char* address, const char* port,
59 - int *socks, unsigned int sockcount, char **errstring, int *maxfd);
60 + int *socks, unsigned int sockcount, char **errstring, int *maxfd, const char* interface);
62 struct dropbear_progress_connection;
66 @@ -128,6 +128,7 @@ typedef struct svr_runopts {
69 char * forced_command;
76 @@ -488,7 +488,7 @@ static size_t listensockets(int *socks,
78 nsock = dropbear_listen(svr_opts.addresses[i], svr_opts.ports[i], &socks[sockpos],
81 + &errstring, maxfd, svr_opts.interface);
84 dropbear_log(LOG_WARNING, "Failed listening on '%s': %s",
87 @@ -98,6 +98,8 @@ static void printhelp(const char * progn
88 " (default port is %s if none specified)\n"
89 "-P PidFile Create pid file PidFile\n"
92 + " interface to bind on\n"
94 "-i Start for inetd\n"
96 @@ -265,6 +267,9 @@ void svr_getopts(int argc, char ** argv)
98 next = &svr_opts.pidfile;
101 + next = &svr_opts.interface;
104 /* motd is displayed by default, -m turns it off */
106 @@ -438,6 +443,10 @@ void svr_getopts(int argc, char ** argv)
107 dropbear_log(LOG_INFO, "Forced command set to '%s'", svr_opts.forced_command);
110 + if (svr_opts.interface) {
111 + dropbear_log(LOG_INFO, "Binding to interface '%s'", svr_opts.interface);
115 if (m_str_to_uint(reexec_fd_arg, &svr_opts.reexec_childpipe) == DROPBEAR_FAILURE
116 || svr_opts.reexec_childpipe < 0) {
119 @@ -205,6 +205,7 @@ static int svr_remotetcpreq(int *allocat
120 tcpinfo->listenport = port;
121 tcpinfo->chantype = &svr_chan_tcpremote;
122 tcpinfo->tcp_type = forwarded;
123 + tcpinfo->interface = svr_opts.interface;
125 tcpinfo->request_listenaddr = request_addr;
126 if (!opts.listen_fwd_all || (strcmp(request_addr, "localhost") == 0) ) {
129 @@ -117,7 +117,7 @@ int listen_tcpfwd(struct TCPListener* tc
130 snprintf(portstring, sizeof(portstring), "%u", tcpinfo->listenport);
132 nsocks = dropbear_listen(tcpinfo->listenaddr, portstring, socks,
133 - DROPBEAR_MAX_SOCKS, &errstring, &ses.maxfd);
134 + DROPBEAR_MAX_SOCKS, &errstring, &ses.maxfd, tcpinfo->interface);
136 dropbear_log(LOG_INFO, "TCP forward failed: %s", errstring);
140 @@ -42,6 +42,7 @@ struct TCPListener {
141 unsigned int listenport;
142 /* The address that the remote host asked to listen on */
143 char *request_listenaddr;
146 const struct ChanType *chantype;
147 enum {direct, forwarded} tcp_type;