From 837755e64367a52066e523ab903499a9b8059995 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Anders=20F=20Bj=C3=B6rklund?= Date: Sat, 7 Sep 2024 10:39:41 +0200 Subject: [PATCH] refactor: add sshClient function MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The ssh options needs some weird parameters like (the raw) uri and machine (insecure), so it is not enough with url and identity. The "secure" query parameter was removed in Podman v4.3, it is now replaced with the "machine" option parameter (InsecureIgnoreHostKey) I think that url.Parse will fail to add any url.Port that is not an integer, so the strconv.Atoi error probably can never happen? But since it is only a validation error and not a connection error, it cannot be wrapped in a ConnectError so that goes into function. Signed-off-by: Anders F Björklund --- pkg/bindings/connection.go | 61 ++++++++++++++++++++++++-------------- 1 file changed, 38 insertions(+), 23 deletions(-) diff --git a/pkg/bindings/connection.go b/pkg/bindings/connection.go index d1ced36efc..1534576a9f 100644 --- a/pkg/bindings/connection.go +++ b/pkg/bindings/connection.go @@ -86,7 +86,7 @@ func NewConnection(ctx context.Context, uri string) (context.Context, error) { // A valid URI connection should be scheme:// // For example tcp://localhost: // or unix:///run/podman/podman.sock -// or ssh://@[:port]/run/podman/podman.sock?secure=True +// or ssh://@[:port]/run/podman/podman.sock func NewConnectionWithIdentity(ctx context.Context, uri string, identity string, machine bool) (context.Context, error) { var ( err error @@ -108,30 +108,11 @@ func NewConnectionWithIdentity(ctx context.Context, uri string, identity string, var connection Connection switch _url.Scheme { case "ssh": - port := 22 - if _url.Port() != "" { - port, err = strconv.Atoi(_url.Port()) - if err != nil { - return nil, err - } - } - conn, err := ssh.Dial(&ssh.ConnectionDialOptions{ - Host: uri, - Identity: identity, - User: _url.User, - Port: port, - InsecureIsMachineConnection: machine, - }, "golang") + conn, err := sshClient(_url, uri, identity, machine) if err != nil { - return nil, newConnectError(err) + return nil, err } - connection = Connection{URI: _url} - connection.Client = &http.Client{ - Transport: &http.Transport{ - DialContext: func(ctx context.Context, _, _ string) (net.Conn, error) { - return ssh.DialNet(conn, "unix", _url) - }, - }} + connection = conn case "unix": if !strings.HasPrefix(uri, "unix:///") { // autofix unix://path_element vs unix:///path_element @@ -161,6 +142,40 @@ func NewConnectionWithIdentity(ctx context.Context, uri string, identity string, return ctx, nil } +func sshClient(_url *url.URL, uri string, identity string, machine bool) (Connection, error) { + var ( + err error + ) + connection := Connection{ + URI: _url, + } + port := 22 + if _url.Port() != "" { + port, err = strconv.Atoi(_url.Port()) + if err != nil { + return connection, err + } + } + conn, err := ssh.Dial(&ssh.ConnectionDialOptions{ + Host: uri, + Identity: identity, + User: _url.User, + Port: port, + InsecureIsMachineConnection: machine, + }, ssh.GolangMode) + if err != nil { + return connection, newConnectError(err) + } + dialContext := func(ctx context.Context, _, _ string) (net.Conn, error) { + return ssh.DialNet(conn, "unix", _url) + } + connection.Client = &http.Client{ + Transport: &http.Transport{ + DialContext: dialContext, + }} + return connection, nil +} + func tcpClient(_url *url.URL) (Connection, error) { connection := Connection{ URI: _url,