AUTH-2159: Moves shutdownC close into error handling

AUTH-2161: Lowers size of preamble length
AUTH-2160: Fixes url parsing logic
This commit is contained in:
Michael Borkenstein 2019-10-16 10:53:46 -05:00
parent 95704b11fb
commit 8b6e3bc1d1
3 changed files with 15 additions and 9 deletions

View File

@ -407,9 +407,9 @@ func StartServer(c *cli.Context, version string, shutdownC, graceShutdownC chan
defer wg.Done()
if err = server.Start(); err != nil && err != ssh.ErrServerClosed {
logger.WithError(err).Error("SSH server error")
}
// TODO: remove when declarative tunnels are implemented.
close(shutdownC)
}
}()
c.Set("url", "ssh://"+localServerAddress)
}

View File

@ -11,7 +11,7 @@ import (
"fmt"
"io"
"net"
"net/url"
"regexp"
"runtime"
"strings"
"time"
@ -36,7 +36,7 @@ const (
sshContextEventLogger = "eventLogger"
sshContextPreamble = "sshPreamble"
sshContextSSHClient = "sshClient"
SSHPreambleLength = 4
SSHPreambleLength = 2
)
type auditEvent struct {
@ -271,7 +271,7 @@ func (s *SSHProxy) readPreamble(conn net.Conn) (*SSHPreamble, error) {
if _, err := io.ReadFull(conn, size); err != nil {
return nil, err
}
payloadLength := binary.BigEndian.Uint32(size)
payloadLength := binary.BigEndian.Uint16(size)
payload := make([]byte, payloadLength)
if _, err := io.ReadFull(conn, payload); err != nil {
return nil, err
@ -283,13 +283,15 @@ func (s *SSHProxy) readPreamble(conn net.Conn) (*SSHPreamble, error) {
return nil, err
}
destUrl, err := url.Parse(preamble.Destination)
ok, err := regexp.Match(`^[^:]*:\d+$`, []byte(preamble.Destination))
if err != nil {
return nil, errors.Wrap(err, "failed to parse URL")
return nil, err
}
if destUrl.Port() == "" {
if !ok {
preamble.Destination += ":22"
}
return &preamble, nil
}

View File

@ -180,8 +180,12 @@ func sendSSHPreamble(stream net.Conn, destination, token string) error {
return err
}
if uint16(len(payload)) > ^uint16(0) {
return errors.New("ssh preamble payload too large")
}
sizeBytes := make([]byte, sshserver.SSHPreambleLength)
binary.BigEndian.PutUint32(sizeBytes, uint32(len(payload)))
binary.BigEndian.PutUint16(sizeBytes, uint16(len(payload)))
if _, err := stream.Write(sizeBytes); err != nil {
return err
}