refactor: add sshClient function

The ssh options needs some weird parameters like (the raw) uri and machine (insecure), so it is not enough with url and identity. The "secure" query parameter was removed in Podman v4.3, it is now replaced with the "machine" option parameter (InsecureIgnoreHostKey) I think that url.Parse will fail to add any url.Port that is not an integer, so the strconv.Atoi error probably can never happen? But since it is only a validation error and not a connection error, it cannot be wrapped in a ConnectError so that goes into function. Signed-off-by: Anders F Björklund <[email protected]>
containers · Sep 10, 2024 · 837755e · 837755e
1 parent c12c86e
commit 837755e
Showing 1 changed file with 38 additions and 23 deletions.
diff --git a/pkg/bindings/connection.go b/pkg/bindings/connection.go
@@ -86,7 +86,7 @@ func NewConnection(ctx context.Context, uri string) (context.Context, error) {
 // A valid URI connection should be scheme://
 // For example tcp://localhost:<port>
 // or unix:///run/podman/podman.sock
-// or ssh://<user>@<host>[:port]/run/podman/podman.sock?secure=True
+// or ssh://<user>@<host>[:port]/run/podman/podman.sock
 func NewConnectionWithIdentity(ctx context.Context, uri string, identity string, machine bool) (context.Context, error) {
 	var (
 		err error
@@ -108,30 +108,11 @@ func NewConnectionWithIdentity(ctx context.Context, uri string, identity string,
 	var connection Connection
 	switch _url.Scheme {
 	case "ssh":
-		port := 22
-		if _url.Port() != "" {
-			port, err = strconv.Atoi(_url.Port())
-			if err != nil {
-				return nil, err
-			}
-		}
-		conn, err := ssh.Dial(&ssh.ConnectionDialOptions{
-			Host:                        uri,
-			Identity:                    identity,
-			User:                        _url.User,
-			Port:                        port,
-			InsecureIsMachineConnection: machine,
-		}, "golang")
+		conn, err := sshClient(_url, uri, identity, machine)
 		if err != nil {
-			return nil, newConnectError(err)
+			return nil, err
 		}
-		connection = Connection{URI: _url}
-		connection.Client = &http.Client{
-			Transport: &http.Transport{
-				DialContext: func(ctx context.Context, _, _ string) (net.Conn, error) {
-					return ssh.DialNet(conn, "unix", _url)
-				},
-			}}
+		connection = conn
 	case "unix":
 		if !strings.HasPrefix(uri, "unix:///") {
 			// autofix unix://path_element vs unix:///path_element
@@ -161,6 +142,40 @@ func NewConnectionWithIdentity(ctx context.Context, uri string, identity string,
 	return ctx, nil
 }
 
+func sshClient(_url *url.URL, uri string, identity string, machine bool) (Connection, error) {
+	var (
+		err error
+	)
+	connection := Connection{
+		URI: _url,
+	}
+	port := 22
+	if _url.Port() != "" {
+		port, err = strconv.Atoi(_url.Port())
+		if err != nil {
+			return connection, err
+		}
+	}
+	conn, err := ssh.Dial(&ssh.ConnectionDialOptions{
+		Host:                        uri,
+		Identity:                    identity,
+		User:                        _url.User,
+		Port:                        port,
+		InsecureIsMachineConnection: machine,
+	}, ssh.GolangMode)
+	if err != nil {
+		return connection, newConnectError(err)
+	}
+	dialContext := func(ctx context.Context, _, _ string) (net.Conn, error) {
+		return ssh.DialNet(conn, "unix", _url)
+	}
+	connection.Client = &http.Client{
+		Transport: &http.Transport{
+			DialContext: dialContext,
+		}}
+	return connection, nil
+}
+
 func tcpClient(_url *url.URL) (Connection, error) {
 	connection := Connection{
 		URI: _url,