From 2f8dfdd350b8dd01fbd521dd7cda6adaf1e41b82 Mon Sep 17 00:00:00 2001 From: lostystyg <54471935+lostystyg@users.noreply.github.com> Date: Tue, 5 Sep 2023 00:54:19 +0300 Subject: [PATCH] Force reverse tunnel socket to be binded to localhost (#600) * Do not fail if SocketEndpoint::name is specified for tcp tunneling * Force pfsr source to be bounded to localhost --- src/base/TunnelUtils.cpp | 2 ++ src/terminal/forwarding/PortForwardHandler.cpp | 4 ---- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/src/base/TunnelUtils.cpp b/src/base/TunnelUtils.cpp index 6683c7151..a95384acf 100644 --- a/src/base/TunnelUtils.cpp +++ b/src/base/TunnelUtils.cpp @@ -37,6 +37,7 @@ vector parseRangesToRequests(const string& input) { int portRangeLength = sourcePortEnd - sourcePortStart + 1; for (int i = 0; i < portRangeLength; ++i) { PortForwardSourceRequest pfsr; + pfsr.mutable_source()->set_name("localhost"); pfsr.mutable_source()->set_port(sourcePortStart + i); pfsr.mutable_destination()->set_port(destinationPortStart + i); pfsrs.push_back(pfsr); @@ -49,6 +50,7 @@ vector parseRangesToRequests(const string& input) { "destination must be a range (and vice versa)"); } else { PortForwardSourceRequest pfsr; + pfsr.mutable_source()->set_name("localhost"); pfsr.mutable_source()->set_port(stoi(sourceDestination[0])); pfsr.mutable_destination()->set_port(stoi(sourceDestination[1])); pfsrs.push_back(pfsr); diff --git a/src/terminal/forwarding/PortForwardHandler.cpp b/src/terminal/forwarding/PortForwardHandler.cpp index 45e1a0bc8..df70c01c1 100644 --- a/src/terminal/forwarding/PortForwardHandler.cpp +++ b/src/terminal/forwarding/PortForwardHandler.cpp @@ -45,10 +45,6 @@ PortForwardSourceResponse PortForwardHandler::createSource( SocketEndpoint source; if (pfsr.has_source()) { source = pfsr.source(); - if (source.has_name()) { - throw runtime_error( - "Named socket tunneling is only allowed with temporary filenames."); - } } else { // Make a random file to forward the pipe string sourcePattern =