From 40fa58f2f54137cfd6b41217dbb7f1f902563792 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Leurent?= <131.js@leurent.email> Date: Fri, 25 Jun 2021 13:55:16 +0200 Subject: [PATCH] With openssh_authAgent & tests --- README.md | 3 +++ lib/server.js | 9 +++++++++ test/test-openssh.js | 31 +++++++++++++++++++++++++++++-- 3 files changed, 41 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 91007b69..35bae173 100644 --- a/README.md +++ b/README.md @@ -1180,6 +1180,9 @@ You can find more examples in the `examples` directory of this repository. * **forwardOut**(< _string_ >boundAddr, < _integer_ >boundPort, < _string_ >remoteAddr, < _integer_ >remotePort, < _function_ >callback) - _(void)_ - Alert the client of an incoming TCP connection on `boundAddr` on port `boundPort` from `remoteAddr` on port `remotePort`. `callback` has 2 parameters: < _Error_ >err, < _Channel_ >stream. +* **openssh_authAgent**(< _function_ >callback) - _boolean_ - Alert the client of an incoming `ssh-agent` socket connection. `callback` has 2 parameters: < _Error_ >err, < _Channel_ >stream. Returns `false` if you should wait for the `continue` event before sending any more traffic. + + * **openssh_forwardOutStreamLocal**(< _string_ >socketPath, < _function_ >callback) - _(void)_ - Alert the client of an incoming UNIX domain socket connection on `socketPath`. `callback` has 2 parameters: < _Error_ >err, < _Channel_ >stream. * **rekey**([< _function_ >callback]) - _(void)_ - Initiates a rekey with the client. If `callback` is supplied, it is added as a one-time handler for the `rekey` event. diff --git a/lib/server.js b/lib/server.js index 9137cdf9..c3a05f2b 100644 --- a/lib/server.js +++ b/lib/server.js @@ -1284,6 +1284,12 @@ class Client extends EventEmitter { return this; } + + openssh_authAgent(cb) { + openChannel(this, 'auth-agent@openssh.com', cb); + return this; + } + openssh_forwardOutStreamLocal(socketPath, cb) { const opts = { socketPath }; openChannel(this, 'forwarded-streamlocal@openssh.com', opts, cb); @@ -1341,6 +1347,9 @@ function openChannel(self, type, opts, cb) { case 'x11': self._protocol.x11(localChan, initWindow, maxPacket, opts); break; + case 'auth-agent@openssh.com': + self._protocol.openssh_authAgent(localChan, initWindow, maxPacket); + break; case 'forwarded-streamlocal@openssh.com': self._protocol.openssh_forwardedStreamLocal( localChan, initWindow, maxPacket, opts diff --git a/test/test-openssh.js b/test/test-openssh.js index 67e1b860..4c59f1ef 100644 --- a/test/test-openssh.js +++ b/test/test-openssh.js @@ -2,6 +2,7 @@ const assert = require('assert'); const { inspect } = require('util'); +const { spawn } = require('child_process'); const { fixture, @@ -12,16 +13,27 @@ const { const debug = false; +const test_forward = (process.platform !== 'win32'); + +if (!test_forward) + console.log('Skipping agent forwarding test on Windows'); + + const clientCfg = { username: 'foo', password: 'bar' }; const serverCfg = { hostKeys: [ fixture('ssh_host_rsa_key') ] }; { + const agent_sock = '/tmp/nodejs-ssh2-test-' + process.pid; + let agent; + if (test_forward) + agent = spawn('ssh-agent', ['-d', '-a', agent_sock]); + const { client, server } = setup_( 'Exec with OpenSSH agent forwarding', { client: { ...clientCfg, - agent: '/path/to/agent', + agent: agent_sock, }, server: serverCfg, @@ -45,8 +57,23 @@ const serverCfg = { hostKeys: [ fixture('ssh_host_rsa_key') ] }; const stream = accept(); stream.exit(100); stream.end(); - conn.end(); + + if (test_forward) { + conn.openssh_authAgent(function(err, stream) { + assert(!err, `Unexpected openssh_authAgent error: ${err}`); + assert(stream.type === 'auth-agent@openssh.com', + `Unexpected openssh_authAgent channel type : ${stream.type}`); + + conn.end(); + agent.kill(); + }); + + } else { + conn.end(); + } + })); + })); })); }));