diff options
Diffstat (limited to 'Sshuttle VPN.app/Contents/Resources/sshuttle')
17 files changed, 114 insertions, 6 deletions
diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/client.py b/Sshuttle VPN.app/Contents/Resources/sshuttle/client.py index 1ade5d9..fa93c26 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/client.py +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/client.py @@ -273,6 +273,10 @@ def _main(listener, fw, ssh_cmd, remotename, python, latency_control, sock.close() return chan = mux.next_channel() + if not chan: + log('warning: too many open channels. Discarded connection.\n') + sock.close() + return mux.send(chan, ssnet.CMD_CONNECT, '%s,%s' % dstip) outwrap = MuxWrapper(mux, chan) handlers.append(Proxy(SockWrapper(sock, sock), outwrap)) diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/client.pyc b/Sshuttle VPN.app/Contents/Resources/sshuttle/client.pyc Binary files differindex 64b7efb..23f3bbe 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/client.pyc +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/client.pyc diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/compat/__init__.pyc b/Sshuttle VPN.app/Contents/Resources/sshuttle/compat/__init__.pyc Binary files differindex 736e5ec..463e907 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/compat/__init__.pyc +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/compat/__init__.pyc diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/compat/ssubprocess.pyc b/Sshuttle VPN.app/Contents/Resources/sshuttle/compat/ssubprocess.pyc Binary files differindex dcb10bd..6509e71 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/compat/ssubprocess.pyc +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/compat/ssubprocess.pyc diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/firewall.py b/Sshuttle VPN.app/Contents/Resources/sshuttle/firewall.py index c7557ed..7767d43 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/firewall.py +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/firewall.py @@ -131,11 +131,11 @@ def _fill_oldctls(prefix): def _sysctl_set(name, val): argv = ['sysctl', '-w', '%s=%s' % (name, val)] debug1('>> %s\n' % ' '.join(argv)) - rv = ssubprocess.call(argv, stdout = open('/dev/null', 'w')) + return ssubprocess.call(argv, stdout = open('/dev/null', 'w')) _changedctls = [] -def sysctl_set(name, val): +def sysctl_set(name, val, permanent=False): PREFIX = 'net.inet.ip' assert(name.startswith(PREFIX + '.')) val = str(val) @@ -146,8 +146,16 @@ def sysctl_set(name, val): return oldval = _oldctls[name] if val != oldval: - _changedctls.append(name) - return _sysctl_set(name, val) + rv = _sysctl_set(name, val) + if rv==0 and permanent: + debug1('>> ...saving permanently in /etc/sysctl.conf\n') + f = open('/etc/sysctl.conf', 'a') + f.write('\n' + '# Added by sshuttle\n' + '%s=%s\n' % (name, val)) + f.close() + else: + _changedctls.append(name) def _udp_unpack(p): @@ -206,7 +214,7 @@ def do_ipfw(port, dnsport, subnets): if subnets or dnsport: sysctl_set('net.inet.ip.fw.enable', 1) - sysctl_set('net.inet.ip.scopedroute', 0) + sysctl_set('net.inet.ip.scopedroute', 0, permanent=True) ipfw('add', sport, 'check-state', 'ip', 'from', 'any', 'to', 'any') diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/firewall.pyc b/Sshuttle VPN.app/Contents/Resources/sshuttle/firewall.pyc Binary files differindex 7539b6f..3682bb1 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/firewall.pyc +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/firewall.pyc diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/helpers.pyc b/Sshuttle VPN.app/Contents/Resources/sshuttle/helpers.pyc Binary files differindex ced3de3..d84b651 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/helpers.pyc +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/helpers.pyc diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/hostwatch.pyc b/Sshuttle VPN.app/Contents/Resources/sshuttle/hostwatch.pyc Binary files differindex 5dbb1cc..de2a0ef 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/hostwatch.pyc +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/hostwatch.pyc diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/main.py b/Sshuttle VPN.app/Contents/Resources/sshuttle/main.py index e76e596..3fe1e53 100755 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/main.py +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/main.py @@ -62,6 +62,7 @@ v,verbose increase debug message verbosity e,ssh-cmd= the command to use to connect to the remote [ssh] seed-hosts= with -H, use these hostnames for initial scan (comma-separated) no-latency-control sacrifice latency to improve bandwidth benchmarks +wrap= restart counting channel numbers after this number (for testing) D,daemon run in the background as a daemon syslog send log messages to syslog (default if you use --daemon) pidfile= pidfile name (only if using --daemon) [./sshuttle.pid] @@ -74,6 +75,9 @@ o = options.Options(optspec) if opt.daemon: opt.syslog = 1 +if opt.wrap: + import ssnet + ssnet.MAX_CHANNEL = int(opt.wrap) helpers.verbose = opt.verbose try: diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/options.pyc b/Sshuttle VPN.app/Contents/Resources/sshuttle/options.pyc Binary files differindex 99ebce5..4a2df17 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/options.pyc +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/options.pyc diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/server.pyc b/Sshuttle VPN.app/Contents/Resources/sshuttle/server.pyc Binary files differindex 6e4a14b..6c46ecc 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/server.pyc +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/server.pyc diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/ssh.pyc b/Sshuttle VPN.app/Contents/Resources/sshuttle/ssh.pyc Binary files differindex 6118b39..fbcb512 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/ssh.pyc +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/ssh.pyc diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/sshuttle b/Sshuttle VPN.app/Contents/Resources/sshuttle/sshuttle index e76e596..3fe1e53 100755 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/sshuttle +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/sshuttle @@ -62,6 +62,7 @@ v,verbose increase debug message verbosity e,ssh-cmd= the command to use to connect to the remote [ssh] seed-hosts= with -H, use these hostnames for initial scan (comma-separated) no-latency-control sacrifice latency to improve bandwidth benchmarks +wrap= restart counting channel numbers after this number (for testing) D,daemon run in the background as a daemon syslog send log messages to syslog (default if you use --daemon) pidfile= pidfile name (only if using --daemon) [./sshuttle.pid] @@ -74,6 +75,9 @@ o = options.Options(optspec) if opt.daemon: opt.syslog = 1 +if opt.wrap: + import ssnet + ssnet.MAX_CHANNEL = int(opt.wrap) helpers.verbose = opt.verbose try: diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/ssnet.py b/Sshuttle VPN.app/Contents/Resources/sshuttle/ssnet.py index 554d870..2145431 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/ssnet.py +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/ssnet.py @@ -1,6 +1,8 @@ import struct, socket, errno, select if not globals().get('skip_imports'): from helpers import * + +MAX_CHANNEL = 65535 # these don't exist in the socket module in python 2.3! SHUT_RD = 0 @@ -300,7 +302,7 @@ class Mux(Handler): # channel 0 is special, so we never allocate it for timeout in xrange(1024): self.chani += 1 - if self.chani > 65535: + if self.chani > MAX_CHANNEL: self.chani = 1 if not self.channels.get(self.chani): return self.chani diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/ssnet.pyc b/Sshuttle VPN.app/Contents/Resources/sshuttle/ssnet.pyc Binary files differindex a810bc3..e162b8e 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/ssnet.pyc +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/ssnet.pyc diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/ssyslog.pyc b/Sshuttle VPN.app/Contents/Resources/sshuttle/ssyslog.pyc Binary files differindex b5ac023..acbfc5e 100644 --- a/Sshuttle VPN.app/Contents/Resources/sshuttle/ssyslog.pyc +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/ssyslog.pyc diff --git a/Sshuttle VPN.app/Contents/Resources/sshuttle/stresstest.py b/Sshuttle VPN.app/Contents/Resources/sshuttle/stresstest.py new file mode 100755 index 0000000..f42df09 --- /dev/null +++ b/Sshuttle VPN.app/Contents/Resources/sshuttle/stresstest.py @@ -0,0 +1,86 @@ +#!/usr/bin/python +import sys, os, socket, select, struct, time + +listener = socket.socket() +listener.bind(('127.0.0.1', 0)) +listener.listen(500) + +servers = [] +clients = [] +remain = {} + +NUMCLIENTS = 50 +count = 0 + + +while 1: + if len(clients) < NUMCLIENTS: + c = socket.socket() + c.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) + c.bind(('0.0.0.0', 0)) + c.connect(listener.getsockname()) + count += 1 + if count >= 16384: + count = 1 + print 'cli CREATING %d' % count + b = struct.pack('I', count) + 'x'*count + remain[c] = count + print 'cli >> %r' % len(b) + c.send(b) + c.shutdown(socket.SHUT_WR) + clients.append(c) + r = [listener] + time.sleep(0.1) + else: + r = [listener]+servers+clients + print 'select(%d)' % len(r) + r,w,x = select.select(r, [], [], 5) + assert(r) + for i in r: + if i == listener: + s,addr = listener.accept() + servers.append(s) + elif i in servers: + b = i.recv(4096) + print 'srv << %r' % len(b) + if not i in remain: + assert(len(b) >= 4) + want = struct.unpack('I', b[:4])[0] + b = b[4:] + #i.send('y'*want) + else: + want = remain[i] + if want < len(b): + print 'weird wanted %d bytes, got %d: %r' % (want, len(b), b) + assert(want >= len(b)) + want -= len(b) + remain[i] = want + if not b: # EOF + if want: + print 'weird: eof but wanted %d more' % want + assert(want == 0) + i.close() + servers.remove(i) + del remain[i] + else: + print 'srv >> %r' % len(b) + i.send('y'*len(b)) + if not want: + i.shutdown(socket.SHUT_WR) + elif i in clients: + b = i.recv(4096) + print 'cli << %r' % len(b) + want = remain[i] + if want < len(b): + print 'weird wanted %d bytes, got %d: %r' % (want, len(b), b) + assert(want >= len(b)) + want -= len(b) + remain[i] = want + if not b: # EOF + if want: + print 'weird: eof but wanted %d more' % want + assert(want == 0) + i.close() + clients.remove(i) + del remain[i] +listener.accept() |