starainrt
b29246a9c4
- 为 LoginInput 增加 ForwardSSHAgent 配置,并在 Exec/PTTY 会话创建时按需自动请求 agent forwarding - 新增 agent_forward 运行时,封装本地 ssh-agent 建连、转发注册、显式请求与 unavailable/denied 语义 - 自动 agent forwarding 改为 best-effort:本地 agent 不可用、转发被拒绝或初始化失败时不再打断会话创建 - 为 StarSSH 增加 closing 状态与 agent forwarder 生命周期回收,避免 Close 与会话创建并发时泄漏资源 - 扩展 ForwardRequest 为带网络归一化的转发模型,支持 tcp/tcp4/tcp6/unix 端点组合 - 新增本地/远端 tcp<->unix、unix<->unix 及 detached helper,补齐 streamlocal 场景下的常用 API - 将显式网络地址编码收口为 tcp4://、tcp6://、unix://,消除 tcp:22 一类值的解析歧义 - 为本地 unix listener 增加 stale socket 探测、复用与关闭清理,避免遗留 socket 导致重启失败 - 补充 agent forwarding、关闭竞态、remote unix forward、local unix forward、stale socket 复用与端点解析等回归测试
136 lines
2.6 KiB
Go
136 lines
2.6 KiB
Go
package starssh
|
|
|
|
import (
|
|
"errors"
|
|
|
|
"golang.org/x/crypto/ssh"
|
|
)
|
|
|
|
var errSSHClientClosing = errors.New("ssh client is closing")
|
|
|
|
type sshClientRequester interface {
|
|
SendRequest(name string, wantReply bool, payload []byte) (bool, []byte, error)
|
|
Close() error
|
|
}
|
|
|
|
var closeSSHClient = func(client sshClientRequester) error {
|
|
if client == nil {
|
|
return nil
|
|
}
|
|
return client.Close()
|
|
}
|
|
|
|
func (s *StarSSH) snapshotSSHClient() *ssh.Client {
|
|
if s == nil {
|
|
return nil
|
|
}
|
|
|
|
s.stateMu.RLock()
|
|
defer s.stateMu.RUnlock()
|
|
return s.Client
|
|
}
|
|
|
|
func (s *StarSSH) requireSSHClient() (*ssh.Client, error) {
|
|
if s == nil {
|
|
return nil, errors.New("ssh client is nil")
|
|
}
|
|
if s.closing.Load() {
|
|
return nil, errSSHClientClosing
|
|
}
|
|
client := s.snapshotSSHClient()
|
|
if client == nil {
|
|
return nil, errors.New("ssh client is nil")
|
|
}
|
|
if s.closing.Load() {
|
|
return nil, errSSHClientClosing
|
|
}
|
|
return client, nil
|
|
}
|
|
|
|
func (s *StarSSH) setTransport(client *ssh.Client, upstream *StarSSH) {
|
|
if s == nil {
|
|
return
|
|
}
|
|
|
|
s.stateMu.Lock()
|
|
defer s.stateMu.Unlock()
|
|
s.Client = client
|
|
s.upstream = upstream
|
|
s.online = client != nil
|
|
s.closing.Store(false)
|
|
}
|
|
|
|
func (s *StarSSH) detachTransport() (*ssh.Client, *StarSSH) {
|
|
if s == nil {
|
|
return nil, nil
|
|
}
|
|
|
|
s.stateMu.Lock()
|
|
defer s.stateMu.Unlock()
|
|
|
|
client := s.Client
|
|
upstream := s.upstream
|
|
s.Client = nil
|
|
s.upstream = nil
|
|
s.online = false
|
|
return client, upstream
|
|
}
|
|
|
|
func (s *StarSSH) takeKeepaliveHandles() (chan struct{}, chan struct{}) {
|
|
if s == nil {
|
|
return nil, nil
|
|
}
|
|
|
|
s.keepaliveMu.Lock()
|
|
defer s.keepaliveMu.Unlock()
|
|
|
|
stop := s.keepaliveStop
|
|
done := s.keepaliveDone
|
|
s.keepaliveStop = nil
|
|
s.keepaliveDone = nil
|
|
return stop, done
|
|
}
|
|
|
|
func (s *StarSSH) closeTransport(waitKeepalive bool) error {
|
|
if s == nil {
|
|
return nil
|
|
}
|
|
|
|
s.closing.Store(true)
|
|
_ = s.closeReusableSFTPClient()
|
|
agentForwarder := s.takeAgentForwarder()
|
|
|
|
client, upstream := s.detachTransport()
|
|
stop, done := s.takeKeepaliveHandles()
|
|
if stop != nil {
|
|
close(stop)
|
|
}
|
|
|
|
var closeErr error
|
|
if agentForwarder != nil {
|
|
closeErr = normalizeAlreadyClosedError(agentForwarder.Close())
|
|
}
|
|
if client != nil {
|
|
if err := normalizeAlreadyClosedError(closeSSHClient(client)); closeErr == nil {
|
|
closeErr = err
|
|
}
|
|
}
|
|
if waitKeepalive && done != nil {
|
|
<-done
|
|
}
|
|
if upstreamErr := closeUpstream(upstream); closeErr == nil {
|
|
closeErr = upstreamErr
|
|
}
|
|
return closeErr
|
|
}
|
|
|
|
func (s *StarSSH) canAttachAgentForwarder(client *ssh.Client) bool {
|
|
if s == nil || client == nil || s.closing.Load() {
|
|
return false
|
|
}
|
|
|
|
s.stateMu.RLock()
|
|
defer s.stateMu.RUnlock()
|
|
return !s.closing.Load() && s.Client == client
|
|
}
|