projects
/
arvados.git
/ blobdiff
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Merge branch '16602-wb-acr-version' refs #16602
[arvados.git]
/
lib
/
dispatchcloud
/
test
/
ssh_service.go
diff --git
a/lib/dispatchcloud/test/ssh_service.go
b/lib/dispatchcloud/test/ssh_service.go
index b1e4e03b12ea142e925b45fe689217a499e59bb9..f1fde4f422ce55198742871883f8a0bbd7c682d3 100644
(file)
--- a/
lib/dispatchcloud/test/ssh_service.go
+++ b/
lib/dispatchcloud/test/ssh_service.go
@@
-32,13
+32,14
@@
func LoadTestKey(c *check.C, fnm string) (ssh.PublicKey, ssh.Signer) {
// An SSHExecFunc handles an "exec" session on a multiplexed SSH
// connection.
// An SSHExecFunc handles an "exec" session on a multiplexed SSH
// connection.
-type SSHExecFunc func(command string, stdin io.Reader, stdout, stderr io.Writer) uint32
+type SSHExecFunc func(
env map[string]string,
command string, stdin io.Reader, stdout, stderr io.Writer) uint32
// An SSHService accepts SSH connections on an available TCP port and
// passes clients' "exec" sessions to the provided SSHExecFunc.
type SSHService struct {
Exec SSHExecFunc
HostKey ssh.Signer
// An SSHService accepts SSH connections on an available TCP port and
// passes clients' "exec" sessions to the provided SSHExecFunc.
type SSHService struct {
Exec SSHExecFunc
HostKey ssh.Signer
+ AuthorizedUser string
AuthorizedKeys []ssh.PublicKey
listener net.Listener
AuthorizedKeys []ssh.PublicKey
listener net.Listener
@@
-64,6
+65,11
@@
func (ss *SSHService) Address() string {
return ln.Addr().String()
}
return ln.Addr().String()
}
+// RemoteUser returns the username that will be accepted.
+func (ss *SSHService) RemoteUser() string {
+ return ss.AuthorizedUser
+}
+
// Close shuts down the server and releases resources. Established
// connections are unaffected.
func (ss *SSHService) Close() {
// Close shuts down the server and releases resources. Established
// connections are unaffected.
func (ss *SSHService) Close() {
@@
-103,7
+109,7
@@
func (ss *SSHService) run() {
}
config.AddHostKey(ss.HostKey)
}
config.AddHostKey(ss.HostKey)
- listener, err := net.Listen("tcp", ":")
+ listener, err := net.Listen("tcp", "
127.0.0.1
:")
if err != nil {
ss.err = err
return
if err != nil {
ss.err = err
return
@@
-146,22
+152,37
@@
func (ss *SSHService) serveConn(nConn net.Conn, config *ssh.ServerConfig) {
log.Printf("accept channel: %s", err)
return
}
log.Printf("accept channel: %s", err)
return
}
- var execReq struct {
- Command string
- }
+ didExec := false
+ sessionEnv := map[string]string{}
go func() {
for req := range reqs {
go func() {
for req := range reqs {
- if req.Type == "exec" && execReq.Command == "" {
+ switch {
+ case didExec:
+ // Reject anything after exec
+ req.Reply(false, nil)
+ case req.Type == "exec":
+ var execReq struct {
+ Command string
+ }
req.Reply(true, nil)
ssh.Unmarshal(req.Payload, &execReq)
go func() {
var resp struct {
Status uint32
}
req.Reply(true, nil)
ssh.Unmarshal(req.Payload, &execReq)
go func() {
var resp struct {
Status uint32
}
- resp.Status = ss.Exec(execReq.Command, ch, ch, ch.Stderr())
+ resp.Status = ss.Exec(
sessionEnv,
execReq.Command, ch, ch, ch.Stderr())
ch.SendRequest("exit-status", false, ssh.Marshal(&resp))
ch.Close()
}()
ch.SendRequest("exit-status", false, ssh.Marshal(&resp))
ch.Close()
}()
+ didExec = true
+ case req.Type == "env":
+ var envReq struct {
+ Name string
+ Value string
+ }
+ req.Reply(true, nil)
+ ssh.Unmarshal(req.Payload, &envReq)
+ sessionEnv[envReq.Name] = envReq.Value
}
}
}()
}
}
}()