summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2020-10-26 11:10:49 +0100
committerDaniel Stenberg <daniel@haxx.se>2020-10-26 22:59:51 +0100
commit753313206098d4abf63d61314c2e56c49ddc8cf3 (patch)
treeced003ccd599f89f772bc7065209dfdbc36ed192
parent9f4c1c0ccee552401de750737e81f5572b36acca (diff)
downloadcurl-bagder/ssh-https-proxy.tar.gz
libssh2: fix transport over HTTPS proxybagder/ssh-https-proxy
The fix in #6021 was not enough. This fix makes sure SCP/SFTP content can also be transfered over a HTTPS proxy. Fixes #6113
-rw-r--r--lib/vssh/libssh2.c19
-rw-r--r--lib/vssh/ssh.h6
2 files changed, 24 insertions, 1 deletions
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c
index b9ed5be90..fbadb246e 100644
--- a/lib/vssh/libssh2.c
+++ b/lib/vssh/libssh2.c
@@ -3024,9 +3024,15 @@ static ssize_t ssh_tls_recv(libssh2_socket_t sock, void *buffer,
struct connectdata *conn = (struct connectdata *)*abstract;
ssize_t nread;
CURLcode result;
+ Curl_recv *backup = conn->recv[0];
+ struct ssh_conn *ssh = &conn->proto.sshc;
(void)flags;
+ /* swap in the TLS reader function for this call only, and then swap back
+ the SSH one again */
+ conn->recv[0] = ssh->tls_recv;
result = Curl_read(conn, sock, buffer, length, &nread);
+ conn->recv[0] = backup;
if(result == CURLE_AGAIN)
return -EAGAIN; /* magic return code for libssh2 */
else if(result)
@@ -3042,9 +3048,15 @@ static ssize_t ssh_tls_send(libssh2_socket_t sock, const void *buffer,
struct connectdata *conn = (struct connectdata *)*abstract;
ssize_t nwrite;
CURLcode result;
+ Curl_send *backup = conn->send[0];
+ struct ssh_conn *ssh = &conn->proto.sshc;
(void)flags;
+ /* swap in the TLS writer function for this call only, and then swap back
+ the SSH one again */
+ conn->send[0] = ssh->tls_send;
result = Curl_write(conn, sock, buffer, length, &nwrite);
+ conn->send[0] = backup;
if(result == CURLE_AGAIN)
return -EAGAIN; /* magic return code for libssh2 */
else if(result)
@@ -3134,8 +3146,13 @@ static CURLcode ssh_connect(struct connectdata *conn, bool *done)
LIBSSH2_CALLBACK_RECV, sshrecv.recvp);
libssh2_session_callback_set(ssh->ssh_session,
LIBSSH2_CALLBACK_SEND, sshsend.sendp);
+
+ /* Store the underlying TLS recv/send function pointers to be used when
+ reading from the proxy */
+ ssh->tls_recv = conn->recv[FIRSTSOCKET];
+ ssh->tls_send = conn->send[FIRSTSOCKET];
}
- else
+
#endif /* CURL_DISABLE_PROXY */
if(conn->handler->protocol & CURLPROTO_SCP) {
conn->recv[FIRSTSOCKET] = scp_recv;
diff --git a/lib/vssh/ssh.h b/lib/vssh/ssh.h
index 9e49993e9..bae81d654 100644
--- a/lib/vssh/ssh.h
+++ b/lib/vssh/ssh.h
@@ -182,6 +182,12 @@ struct ssh_conn {
LIBSSH2_SFTP *sftp_session; /* SFTP handle */
LIBSSH2_SFTP_HANDLE *sftp_handle;
+#ifndef CURL_DISABLE_PROXY
+ /* for HTTPS proxy storage */
+ Curl_recv *tls_recv;
+ Curl_send *tls_send;
+#endif
+
#ifdef HAVE_LIBSSH2_AGENT_API
LIBSSH2_AGENT *ssh_agent; /* proxy to ssh-agent/pageant */
struct libssh2_agent_publickey *sshagent_identity,