From f17dc9b81e4cd1cb02f09bf3279254a2c4ce5512 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fran=C3=A7ois=20Leurent?= <131.js@cloudyks.org> Date: Sat, 20 Apr 2019 13:56:33 +0200 Subject: [PATCH] Add server-side auth-agent --- README.md | 4 +++- lib/server.js | 7 +++++++ 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index cfbcae2c..7cf78432 100644 --- a/README.md +++ b/README.md @@ -901,6 +901,8 @@ You can find more examples in the `examples` directory of this repository. * **forwardOut**(< _string_ >boundAddr, < _integer_ >boundPort, < _string_ >remoteAddr, < _integer_ >remotePort, < _function_ >callback) - _boolean_ - Alert the client of an incoming TCP connection on `boundAddr` on port `boundPort` from `remoteAddr` on port `remotePort`. `callback` has 2 parameters: < _Error_ >err, < _Channel_ >stream. Returns `false` if you should wait for the `continue` event before sending any more traffic. +* **openssh_authAgent**(< _function_ >callback) - _boolean_ - Alert the client of an incoming `ssh-agent` socket connection. `callback` has 2 parameters: < _Error_ >err, < _Channel_ >stream. Returns `false` if you should wait for the `continue` event before sending any more traffic. + * **openssh_forwardOutStreamLocal**(< _string_ >socketPath, < _function_ >callback) - _boolean_ - Alert the client of an incoming UNIX domain socket connection on `socketPath`. `callback` has 2 parameters: < _Error_ >err, < _Channel_ >stream. Returns `false` if you should wait for the `continue` event before sending any more traffic. * **rekey**([< _function_ >callback]) - _boolean_ - Initiates a rekeying with the client. If `callback` is supplied, it is added as a one-time handler for the `rekey` event. Returns `false` if you should wait for the `continue` event before sending any more traffic. @@ -949,7 +951,7 @@ You can find more examples in the `examples` directory of this repository. * **name** - _string_ - The signal name (e.g. `SIGUSR1`). -* **auth-agent**(< _mixed_ >accept, < _mixed_ >reject) - The client has requested incoming ssh-agent requests be forwarded to them. `accept` and `reject` are functions if the client requested a response and return `false` if you should wait for the `continue` event before sending any more traffic. +* **auth-agent**(< _mixed_ >accept, < _mixed_ >reject) - The client has requested incoming ssh-agent requests be forwarded to them. `accept` and `reject` are functions if the client requested a response. * **shell**(< _mixed_ >accept, < _mixed_ >reject) - The client has requested an interactive shell. `accept` and `reject` are functions if the client requested a response. `accept()` returns a _Channel_ for the interactive shell. `reject()` Returns `false` if you should wait for the `continue` event before sending any more traffic. diff --git a/lib/server.js b/lib/server.js index 424ad272..23b02e03 100644 --- a/lib/server.js +++ b/lib/server.js @@ -648,6 +648,11 @@ Client.prototype.forwardOut = function(boundAddr, boundPort, remoteAddr, return openChannel(this, 'forwarded-tcpip', opts, cb); }; +Client.prototype.openssh_authAgent = function(cb) { + var opts = {}; + return openChannel(this, 'auth-agent@openssh.com', opts, cb); +}; + Client.prototype.openssh_forwardOutStreamLocal = function(socketPath, cb) { var opts = { socketPath: socketPath @@ -1123,6 +1128,8 @@ function openChannel(self, type, opts, cb) { ret = sshstream.forwardedTcpip(localChan, initWindow, maxPacket, opts); else if (type === 'x11') ret = sshstream.x11(localChan, initWindow, maxPacket, opts); + else if(type == "auth-agent@openssh.com") + ret = sshstream.openssh_authAgent(localChan, initWindow, maxPacket); else if (type === 'forwarded-streamlocal@openssh.com') { ret = sshstream.openssh_forwardedStreamLocal(localChan, initWindow,