From d34d5db9d996901fb6066f06404252742807ed9b Mon Sep 17 00:00:00 2001
From: Alexandru Bogdan Stefan <astefan@ixiacom.com>
Date: Thu, 21 Apr 2016 19:14:50 +0300
Subject: [PATCH] Add support for using ShellInABox with a custom SSH port

---
 shellinabox/service.c | 42 ++++++++++++++++++++++++++++++------------
 1 file changed, 30 insertions(+), 12 deletions(-)

diff --git a/shellinabox/service.c b/shellinabox/service.c
index c2e6b99..eee1d3c 100644
--- a/shellinabox/service.c
+++ b/shellinabox/service.c
@@ -121,19 +121,28 @@ void initService(struct Service *service, const char *arg) {
     service->group                          = NULL;
     check(service->cwd                      = strdup("/"));
     char *host;
+    char *sshPort;
     check(host                              = strdup("localhost"));
+    check(sshPort                           = strdup("22"));
     if ((ptr                                = strchr(arg, ':')) != NULL) {
-      check(ptr                             = strdup(ptr + 1));
-      char *end;
-      if ((end                              = strchr(ptr, ':')) != NULL) {
-        *end                                = '\000';
-      }
-      if (*ptr) {
-        free(host);
-        host                                = ptr;
-      } else {
-        free(ptr);
-      }
+        ptr                                 = ptr + 1;
+        if (*ptr) {
+            char * tmp = strchr(ptr, ':');
+            if(tmp == NULL)//if the second ":" is not found, keep as host whatever is after first ":"
+            {
+                free(host);
+                host = strdup(ptr);
+            }
+            else // if we find a second ":", keep as a host whatever is in between first ":" and second ":" and as sshPort whatever is after second ":"
+            {
+                int size = (tmp - ptr + 1);
+                free(host);
+                host = malloc(size);
+                memset(host, 0, size);
+                memcpy(host, ptr , size-1);
+                sshPort                    = strdup (tmp + 1);
+            }
+        }
     }
 
     // Don't allow manipulation of the SSH command line through "creative" use
@@ -148,6 +157,14 @@ void initService(struct Service *service, const char *arg) {
       }
     }
 
+    // Don't allow manipulation of the SSH command line through "creative" use
+    // of the port.
+    for (char *h = sshPort; *h; h++) {
+      char ch                               = *h;
+      if (!(ch >= '0' && ch <= '9')) {
+        fatal("[config] Invalid port \"%s\" in service definition!", sshPort);
+      }
+    }
     service->cmdline                        = stringPrintf(NULL,
       "ssh -a -e none -i /dev/null -x -oChallengeResponseAuthentication=no "
           "-oCheckHostIP=no -oClearAllForwardings=yes -oCompression=no "
@@ -162,8 +179,9 @@ void initService(struct Service *service, const char *arg) {
 //          feature, we cannot be sure that it is available on the
 //          target server.  Removing it for the sake of Centos.
 //          "-oVisualHostKey=no"
-          " -oLogLevel=FATAL %%s@%s", host);
+          " -oLogLevel=FATAL -p%s %%s@%s",sshPort,  host);
     free(host);
+    free(sshPort);
   } else {
     service->useLogin                       = 0;