Skip to content

Commit

Permalink
wip
Browse files Browse the repository at this point in the history
  • Loading branch information
tsipinakis committed Dec 15, 2024
1 parent 68d0093 commit bdc2859
Showing 1 changed file with 44 additions and 16 deletions.
60 changes: 44 additions & 16 deletions internal/sshserver/serverImpl.go
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,7 @@ package sshserver

import (
"context"
"encoding/json"
"errors"
"fmt"
"io"
Expand Down Expand Up @@ -480,23 +481,15 @@ func (s *serverImpl) createPubKeyCallback(
if err != nil {
return permissions, err
}
// HACK: check HACKS.md "OnHandshakeSuccess conformanceTestHandler"
sshConnectionHandler, _, err := handlerNetworkConnection.OnHandshakeSuccess(
authenticatedMetadata,
)
marshaledMetadata, err := json.Marshal(authenticatedMetadata)
if err != nil {
err = messageCodes.WrapUser(
err,
messageCodes.ESSHBackendRejected,
"Authentication currently unavailable, please try again later.",
"The backend has rejected the user after successful authentication.",
)
logger.Error(err)
return permissions, err
return nil, err
}
handlerNetworkConnection.authenticatedMetadata = authenticatedMetadata
handlerNetworkConnection.sshConnectionHandler = sshConnectionHandler
return permissions, err
return &ssh.Permissions{
Extensions: map[string]string{
"containerssh-metadata": string(marshaledMetadata),
},
}, err
}
return pubkeyCallback
}
Expand Down Expand Up @@ -582,7 +575,42 @@ func (s *serverImpl) handleConnection(conn net.Conn) {
s.wg.Done()
return
}
authenticatedMetadata := wrapper.authenticatedMetadata
var authenticatedMetadata metadata.ConnectionAuthenticatedMetadata
marshaledMetadata, ok := sshConn.Permissions.Extensions["containerssh-metadata"]
if !ok {
logger.Info(messageCodes.Wrap(err, messageCodes.ESSHHandshakeFailed, "SSH handshake failed"))
handlerNetworkConnection.OnHandshakeFailed(connectionMeta, err)
s.shutdownHandlers.Unregister(shutdownHandlerID)
logger.Debug(messageCodes.NewMessage(messageCodes.MSSHDisconnected, "Client disconnected"))
handlerNetworkConnection.OnDisconnect()
_ = conn.Close()
s.wg.Done()
return
}
err = json.Unmarshal([]byte(marshaledMetadata), &authenticatedMetadata)
sshConnectionHandler, _, err := handlerNetworkConnection.OnHandshakeSuccess(
authenticatedMetadata,
)
if err != nil {
err = messageCodes.WrapUser(
err,
messageCodes.ESSHBackendRejected,
"Authentication currently unavailable, please try again later.",
"The backend has rejected the user after successful authentication.",
)
logger.Error(err)
logger.Info(messageCodes.Wrap(err, messageCodes.ESSHHandshakeFailed, "SSH handshake failed"))
handlerNetworkConnection.OnHandshakeFailed(connectionMeta, err)
s.shutdownHandlers.Unregister(shutdownHandlerID)
logger.Debug(messageCodes.NewMessage(messageCodes.MSSHDisconnected, "Client disconnected"))
handlerNetworkConnection.OnDisconnect()
_ = conn.Close()
s.wg.Done()
return
}
wrapper.authenticatedMetadata = authenticatedMetadata
wrapper.sshConnectionHandler = sshConnectionHandler

logger = logger.WithLabel("username", sshConn.User())
logger.Debug(messageCodes.NewMessage(messageCodes.MSSHHandshakeSuccessful, "SSH handshake successful"))
s.lock.Lock()
Expand Down

0 comments on commit bdc2859

Please sign in to comment.