SimonFrings
diff --git a/‎README.md
Lines changed: 14 additions & 4 deletions b/‎README.md
Lines changed: 14 additions & 4 deletions
diff --git a/‎src/SshSocksConnector.php
Lines changed: 13 additions & 4 deletions b/‎src/SshSocksConnector.php
Lines changed: 13 additions & 4 deletions
diff --git a/‎tests/FunctionalSshSocksConnectorTest.php
Lines changed: 13 additions & 0 deletions b/‎tests/FunctionalSshSocksConnectorTest.php
Lines changed: 13 additions & 0 deletions
diff --git a/‎tests/SshSocksConnectorTest.php
Lines changed: 31 additions & 0 deletions b/‎tests/SshSocksConnectorTest.php
Lines changed: 31 additions & 0 deletions
@@ -195,12 +195,22 @@ approach. If you plan to only use a single or few connections (such as a single
 database connection), you're recommended to use the [`SshProcessConnector`](#sshprocessconnector)
 instead.
 
+This class defaults to spawning the SSH client process in SOCKS proxy server
+mode listening on `127.0.0.1:1080`. If this port is already in use or if you want
+to use multiple instances of this class to connect to different SSH proxy
+servers, you may optionally pass a unique bind address like this:
+
+```php
+$proxy = new Clue\React\SshProxy\SshSocksConnector('user@example.com?bind=127.1.1.1:1081', $loop);
+```
+
 > *Security note for multi-user systems*: This class will spawn the SSH client
-  process in local SOCKS server mode and will accept connections on the
-  localhost interface only. If you're running on a multi-user system, other
-  users on the same system may be able to connect to this proxy server and
+  process in local SOCKS server mode and will accept connections only on the
+  localhost interface by default. If you're running on a multi-user system,
+  other users on the same system may be able to connect to this proxy server and
   create connections over it. If this applies to your deployment, you're
-  recommended to use the [`SshProcessConnector](#sshprocessconnector) instead.
+  recommended to use the [`SshProcessConnector](#sshprocessconnector) instead
+  or set up custom firewall rules to prevent unauthorized access to this port.
 
 This is one of the two main classes in this package.
 Because it implements ReactPHP's standard
 
@@ -18,7 +18,7 @@ class SshSocksConnector implements ConnectorInterface
 
     private $debug = false;
 
-    private $port;
+    private $bind = '127.0.0.1:1080';
     private $socks;
 
     private $listen;
@@ -65,9 +65,18 @@ public function __construct($uri, LoopInterface $loop)
             $this->cmd .= '-p ' . $parts['port'] . ' ';
         }
 
-        $this->port = 1080;
-        $this->socks = new Client('socks4://127.0.0.1:' . $this->port, new TcpConnector($loop));
-        $this->cmd .= '-D ' . \escapeshellarg('127.0.0.1:' . $this->port) . ' ' . \escapeshellarg($target);
+        $args = array();
+        \parse_str(parse_url($uri, \PHP_URL_QUERY), $args);
+        if (isset($args['bind'])) {
+            $parts = parse_url('tcp://' . $args['bind']);
+            if (!isset($parts['scheme'], $parts['host'], $parts['port']) || \filter_var(\trim($parts['host'], '[]'), \FILTER_VALIDATE_IP) === false) {
+                throw new \InvalidArgumentException('Invalid bind address given');
+            }
+            $this->bind = $args['bind'];
+        }
+
+        $this->socks = new Client('socks4://' . $this->bind, new TcpConnector($loop));
+        $this->cmd .= '-D ' . \escapeshellarg($this->bind) . ' ' . \escapeshellarg($target);
         $this->loop = $loop;
     }
 
 
@@ -76,6 +76,19 @@ public function testConnectValidTargetWillReturnPromiseWhichResolvesToConnection
         $connection->close();
     }
 
+    public function testConnectValidTargetWillReturnPromiseWhichResolvesToConnectionForCustomBindAddress()
+    {
+        $this->connector = new SshSocksConnector(getenv('SSH_PROXY') . '?bind=127.0.0.1:1081', $this->loop);
+        $promise = $this->connector->connect('example.com:80');
+
+        $connection = \Clue\React\Block\await($promise, $this->loop, self::TIMEOUT);
+
+        $this->assertInstanceOf('React\Socket\ConnectionInterface', $connection);
+        $this->assertTrue($connection->isReadable());
+        $this->assertTrue($connection->isWritable());
+        $connection->close();
+    }
+
     public function testConnectValidTargetWillNotInheritActiveFileDescriptors()
     {
         $server = stream_socket_server('tcp://127.0.0.1:0');
 
@@ -50,6 +50,28 @@ public function testConstructorAcceptsUriWithPasswordWillPrefixSshCommandWithSsh
         $this->assertEquals('exec sshpass -p \'pass\' ssh -v -o ExitOnForwardFailure=yes -N -D \'127.0.0.1:1080\' \'user@host\'', $ref->getValue($connector));
     }
 
+    public function testConstructorAcceptsUriWithCustomBindUrl()
+    {
+        $loop = $this->getMockBuilder('React\EventLoop\LoopInterface')->getMock();
+        $connector = new SshSocksConnector('host?bind=127.1.0.1:2711', $loop);
+
+        $ref = new ReflectionProperty($connector, 'cmd');
+        $ref->setAccessible(true);
+
+        $this->assertEquals('exec ssh -v -o ExitOnForwardFailure=yes -N -o BatchMode=yes -D \'127.1.0.1:2711\' \'host\'', $ref->getValue($connector));
+    }
+
+    public function testConstructorAcceptsUriWithCustomBindUrlIpv6()
+    {
+        $loop = $this->getMockBuilder('React\EventLoop\LoopInterface')->getMock();
+        $connector = new SshSocksConnector('host?bind=[::1]:2711', $loop);
+
+        $ref = new ReflectionProperty($connector, 'cmd');
+        $ref->setAccessible(true);
+
+        $this->assertEquals('exec ssh -v -o ExitOnForwardFailure=yes -N -o BatchMode=yes -D \'[::1]:2711\' \'host\'', $ref->getValue($connector));
+    }
+
     /**
      * @expectedException InvalidArgumentException
      */
@@ -86,6 +108,15 @@ public function testConstructorThrowsForInvalidHost()
         new SshSocksConnector('-host', $loop);
     }
 
+    /**
+     * @expectedException InvalidArgumentException
+     */
+    public function testConstructorThrowsForInvalidBindHost()
+    {
+        $loop = $this->getMockBuilder('React\EventLoop\LoopInterface')->getMock();
+        new SshSocksConnector('host?bind=example:1080', $loop);
+    }
+
     /**
      * @doesNotPerformAssertions
      */