EldoS | Feel safer!

Software components for data protection, secure storage and transfer

How to modify data being sent or received by TElSSHLocalPortForwarding

Also by EldoS: MsgConnect
Cross-platform protocol-independent communication framework for building peer-to-peer and client-server applications and middleware components.
#31483
Posted: 11/22/2014 23:27:31
by Didi Junaedi (Basic support level)
Joined: 11/21/2014
Posts: 7

Hi,

I am currently evaluating SecureBlackBox especially TElSSHLocalPortForwarding, and I would like to say that it is a great software.

What I am currently trying to achieve is creating an SSH tunnel with Local Port Forwarding through a HTTPs Proxy Server.

The sample LocalPortForwardDemo program (modified a bit to use HTTPs Tunneling) works as expected, but I want to be able to read and modify the net data being sent or received by the component. How and where can I do this?

My work around is adding an Indy TIdMappedPortTCP, point the webTunnelPort of the TElSSHLocalPortForwarding to TidMappedPortTCP Binding Port, and read/modify the net data using onExecute and onOutBoundData event in the TIdMappedPortTCP.

I hope you can see what I am doing.

Thank you in advance
#31484
Posted: 11/23/2014 00:45:15
by Eugene Mayevski (EldoS Corp.)

Thank you for your interest in our products.

In the LocalPortForwarding sample there' ForwardingMain.pas unit. In this unit there's TSSHForwardingThread class where all the magic happens. The methods of this thread read the data from one side and write it to another side. And that's where you can insert your modification logic.


Sincerely yours
Eugene Mayevski
#31485
Posted: 11/23/2014 01:56:42
by Didi Junaedi (Basic support level)
Joined: 11/21/2014
Posts: 7

Thank you for your kind reply.

I was testing the SimplePortForwarding demo, and all I need is there except the read and modify data part. I will start studying the AdvancedPortForwarding demo.

Mean while, can you point me the direction if I want to use the SimplePortForwarding instead as a starting point for that specific purpose (read and modify net data) because it's a lot simpler than the Advanced demo. I don't need any other functionality, only the forwarding, HTTPS Tunneling and data modification part.

Thank you.

#Sorry for my poor english
#31486
Posted: 11/23/2014 04:50:41
by Eugene Mayevski (EldoS Corp.)

I am afraid there's no way to do what you need with simple* components for the exact reason that they are *simple*. For non-trivial and rare operations we offer those advanced (lower-level) components.


Sincerely yours
Eugene Mayevski
#31489
Posted: 11/23/2014 11:39:01
by Didi Junaedi (Basic support level)
Joined: 11/21/2014
Posts: 7

Ok, thank you for the confirmation. I will study the advanced sample deeper.

One more question though, When I was testing the SimplePortForwarding Demo, the SSH Connection keep on closed unexpectedly and randomly after some period of time.

I have been limiting the connection number to no more then 8 channels opened.
I am pretty sure it's not time based limitation. Downloading files didn't trigger the disconnection, but I always failed to upload. I am guessing that the connection closed automatically after some amount of data sent to the server.
There wasn't any error triggered and the server didn't close the connection.

Is it by design, some kind of trial limitation or something else?
#31490
Posted: 11/23/2014 12:04:51
by Eugene Mayevski (EldoS Corp.)

It's possible that this behavior is due to trial limitations, yes. You can request the time-limited key here. This key is similar to production keys issued for licensed customers, other than it has a hardcoded expiration date.


Sincerely yours
Eugene Mayevski
#31491
Posted: 11/23/2014 12:18:20
by Didi Junaedi (Basic support level)
Joined: 11/21/2014
Posts: 7

Thank you, I have sent the time-limited key request using my company email
#31492
Posted: 11/23/2014 13:28:29
by Didi Junaedi (Basic support level)
Joined: 11/21/2014
Posts: 7

Hi, I have received the time-limited key thank you.

But the problem persists, I used the SimplePortForwarding demo program as is. the modification I've made are:
1. set the UseDynamicForwarding to true;
2. set the useWebTunneling to true;
3. Set the WebTunneling's address and port;
4. set the onConnectionSocksAuthMethodChoose event;
5. set the license key on the initialization part.

What I did
1. I browsed some web page and the SSH Connection closed by itself after some time
2. I do a 10 MBs file download right after the SSH Connection opened, the operation went successfully
3. Do a 5 MBs file upload, the SSH Connection stopped in the middle of the upload operation
4. Do a speed test using public speed test facility (speedtest.net, speedtest.telin.us), failed in the uploading test.

Update:

I also did the same test using Bitvise SSH Client, a commercial SSH Tunneler program, and there was no problem with the connection.

Haven't test it any further.

I'm guessing some specific amount of data being sent have triggered the Connection closed. The connection is closed normally, no error or exception thrown, the server didn't do the connection closing.

Can you confirm that this behaviour is not from the bug in the component it self?

Thank you

My development environment is:
- Delphi XE7
- Windows 7 x64
- No antivirus/firewall
#31493
Posted: 11/24/2014 00:27:48
by Eugene Mayevski (EldoS Corp.)

Remove as many complications from your architecture as possible. I.e. remove the HTTP proxy, remove data modification, remove network connection (instead test the problem locally). Then, if the problem disappears, add complications one by one.


Sincerely yours
Eugene Mayevski
#31497
Posted: 11/24/2014 03:22:17
by Ken Ivanov (EldoS Corp.)

Hi Didi,

Just a little correction to Eugene's answer above.

Quote
The sample LocalPortForwardDemo program (modified a bit to use HTTPs Tunneling) works as expected, but I want to be able to read and modify the net data being sent or received by the component. How and where can I do this?

In fact, you can read and modify data transmitted by the simple components. This can be achieved by overriding an abstract TElSSHForwardingIntercept class and assigning an instance of that class to your simple forwarding component's Intercept property.

What you basically need to do is override several methods of the base class, in particular
- ChannelRead: this method is called by the forwarding component when data arrives from the SSH channel;
- SocketRead: this method is called when another portion of data arrives from the socket endpoint.

Inside the methods you can handle the data as you like. The base intercept class simply passes the data on to the socket or channel respectively with WriteToSocket() and WriteToChannel() methods. Your own implementation of the intercept may choose to behave differently.

Ken
Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.

Reply

Statistics

Topic viewed 1196 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!