diff options
author | Daniel Stenberg <daniel@haxx.se> | 2020-10-26 11:10:49 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2020-10-26 22:59:51 +0100 |
commit | 753313206098d4abf63d61314c2e56c49ddc8cf3 (patch) | |
tree | ced003ccd599f89f772bc7065209dfdbc36ed192 | |
parent | 9f4c1c0ccee552401de750737e81f5572b36acca (diff) | |
download | curl-bagder/ssh-https-proxy.tar.gz |
libssh2: fix transport over HTTPS proxybagder/ssh-https-proxy
The fix in #6021 was not enough. This fix makes sure SCP/SFTP content
can also be transfered over a HTTPS proxy.
Fixes #6113
-rw-r--r-- | lib/vssh/libssh2.c | 19 | ||||
-rw-r--r-- | lib/vssh/ssh.h | 6 |
2 files changed, 24 insertions, 1 deletions
diff --git a/lib/vssh/libssh2.c b/lib/vssh/libssh2.c index b9ed5be90..fbadb246e 100644 --- a/lib/vssh/libssh2.c +++ b/lib/vssh/libssh2.c @@ -3024,9 +3024,15 @@ static ssize_t ssh_tls_recv(libssh2_socket_t sock, void *buffer, struct connectdata *conn = (struct connectdata *)*abstract; ssize_t nread; CURLcode result; + Curl_recv *backup = conn->recv[0]; + struct ssh_conn *ssh = &conn->proto.sshc; (void)flags; + /* swap in the TLS reader function for this call only, and then swap back + the SSH one again */ + conn->recv[0] = ssh->tls_recv; result = Curl_read(conn, sock, buffer, length, &nread); + conn->recv[0] = backup; if(result == CURLE_AGAIN) return -EAGAIN; /* magic return code for libssh2 */ else if(result) @@ -3042,9 +3048,15 @@ static ssize_t ssh_tls_send(libssh2_socket_t sock, const void *buffer, struct connectdata *conn = (struct connectdata *)*abstract; ssize_t nwrite; CURLcode result; + Curl_send *backup = conn->send[0]; + struct ssh_conn *ssh = &conn->proto.sshc; (void)flags; + /* swap in the TLS writer function for this call only, and then swap back + the SSH one again */ + conn->send[0] = ssh->tls_send; result = Curl_write(conn, sock, buffer, length, &nwrite); + conn->send[0] = backup; if(result == CURLE_AGAIN) return -EAGAIN; /* magic return code for libssh2 */ else if(result) @@ -3134,8 +3146,13 @@ static CURLcode ssh_connect(struct connectdata *conn, bool *done) LIBSSH2_CALLBACK_RECV, sshrecv.recvp); libssh2_session_callback_set(ssh->ssh_session, LIBSSH2_CALLBACK_SEND, sshsend.sendp); + + /* Store the underlying TLS recv/send function pointers to be used when + reading from the proxy */ + ssh->tls_recv = conn->recv[FIRSTSOCKET]; + ssh->tls_send = conn->send[FIRSTSOCKET]; } - else + #endif /* CURL_DISABLE_PROXY */ if(conn->handler->protocol & CURLPROTO_SCP) { conn->recv[FIRSTSOCKET] = scp_recv; diff --git a/lib/vssh/ssh.h b/lib/vssh/ssh.h index 9e49993e9..bae81d654 100644 --- a/lib/vssh/ssh.h +++ b/lib/vssh/ssh.h @@ -182,6 +182,12 @@ struct ssh_conn { LIBSSH2_SFTP *sftp_session; /* SFTP handle */ LIBSSH2_SFTP_HANDLE *sftp_handle; +#ifndef CURL_DISABLE_PROXY + /* for HTTPS proxy storage */ + Curl_recv *tls_recv; + Curl_send *tls_send; +#endif + #ifdef HAVE_LIBSSH2_AGENT_API LIBSSH2_AGENT *ssh_agent; /* proxy to ssh-agent/pageant */ struct libssh2_agent_publickey *sshagent_identity, |