extern/sshuttle
1
1
Fork 0
mirror of https://github.com/sshuttle/sshuttle.git synced 2024-11-22 16:03:57 +01:00
Code Issues Packages Projects Releases Wiki Activity

Exit if host specified with -r is actually localhost.

Browse Source
This commit is contained in:
Scott Kuhl 2021-07-16 14:19:18 -04:00
parent 2538beb711
commit 7fd0a776e5
1 changed files with 14 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
sshuttle/client.py
View File

@ -48,10 +48,6 @@ def got_signal(signum, frame):
# Filename of the pidfile created by the sshuttle client. # Filename of the pidfile created by the sshuttle client.
_pidname = None _pidname = None
# This variable is set to true if the client and the server appear to
# be running on the same host.
_client_server_samehost = False
def check_daemon(pidfile): def check_daemon(pidfile):
global _pidname global _pidname
@ -477,9 +473,7 @@ def _main(tcp_listener, udp_listener, fw, ssh_cmd, remotename,
# If the server sees the file, then the server can deduce that it # If the server sees the file, then the server can deduce that it
# is running on the same host as the client. If the client sees # is running on the same host as the client. If the client sees
# that the server deleted the file, then the client can deduce # that the server deleted the file, then the client can deduce
# that it is running on the same host as the server. The # that it is running on the same host as the server.
# _client_server_samehost variable is set to true when they are on
# the same machine.
(_, localhost_detector) = tempfile.mkstemp(prefix="sshuttle-localhost-") (_, localhost_detector) = tempfile.mkstemp(prefix="sshuttle-localhost-")
try: try:
@ -604,14 +598,22 @@ def _main(tcp_listener, udp_listener, fw, ssh_cmd, remotename,
# If the server couldn't delete our localhost_detector file, then # If the server couldn't delete our localhost_detector file, then
# the server is running on a different machine. # the server is running on a different machine.
global _client_server_samehost
if os.path.exists(localhost_detector): if os.path.exists(localhost_detector):
debug2("Client and server appear to be running on different machines.") debug3("Client and server appear to be running on different machines.")
_client_server_samehost = False
os.remove(localhost_detector) # cleanup os.remove(localhost_detector) # cleanup
else: else:
debug1("Client and server are running on the same machine.") # The client and server can't run on the same machine because
_client_server_samehost = True # the firewall rules can't distinguish between data the
# sshuttle server sends (which shouldn't be redirected through
# sshuttle) and the different connections applications make
# (which perhaps should be redirected through sshuttle).
# Previously we set the TTL of the packets the server sent to
# distinguish between the two, but this feature was removed
# since running the client and server on the same machine is
# only useful for debugging.
raise Fatal("Exiting because sshuttle client and server are "
"running on the same machine. The host specified "
"with the -r option must be a remote host.")
if daemon: if daemon:
daemonize() daemonize()