Minor refactor changes

Author: N2D4

ssh/config/config.go

@@ -12,6 +12,7 @@ import (
 	log "github.com/inconshreveable/log15"
 )
 
+// Config is an interface representing a configuration file
 type Config interface {
 }
 

ssh/server/ssh/sessionchannel.go

@@ -15,149 +15,154 @@ import (
 	"golang.org/x/crypto/ssh"
 )
 
-func handleSession(newChannel ssh.NewChannel) {
+func handleSession(perms *ssh.Permissions, newChannel ssh.NewChannel) {
 	connection, requests, err := newChannel.Accept()
 	if err != nil {
-		log.Debug("Could not accept channel (%s)", err)
+		log.Error("Could not accept channel", "error", err)
 		return
 	}
 
-	var bashf *os.File
-
-	close := func() {
+	closeConn := func() {
 		err = connection.Close()
 		if err != nil {
-			log.Debug("Could not close connection: %v", err)
+			log.Error("Could not close connection", "error", err)
+			return
 		}
+
+		log.Debug("Connection closed")
 	}
+	var once sync.Once
+
+	var cmdf *os.File
+	hasRequestedPty := false
+	var ptyPayload []byte
+
+	execCmd := func(name string, arg ...string) error {
+		cmd := exec.Command(name, arg...)
+		close := func() {
+			cmd.Process.Kill()
+			err := cmd.Wait()
+			if err != nil {
+				log.Error("Error waiting for bash to end", "error", err)
+			}
 
-	// Sessions have out-of-band requests such as "shell", "pty-req" and "env"
-	go func() {
-		var once sync.Once
-		defer once.Do(close)
-		for req := range requests {
-			switch req.Type {
-			case "shell":
-				// We only accept the default shell
-				// (i.e. no command in the Payload)
-				if len(req.Payload) == 0 {
-					req.Reply(true, nil)
-				} else {
-					log.Debug("Non-empty shell payload not yet supported!")
-				}
-			case "pty-req":
+			tb := []byte{0, 0, 0, 0}
+			connection.SendRequest("exit-status", false, tb)
 
-				bash := exec.Command("bash")
+			once.Do(closeConn)
 
-				ptyClose := func() {
-					bash.Process.Kill()
-					err := bash.Wait()
-					if err != nil {
-						log.Debug("Error waiting for bash to end: %v", err)
-					}
+			log.Debug("Session closed")
+		}
 
-					tb := []byte{0, 0, 0, 0}
-					connection.SendRequest("exit-status", false, tb)
+		var pipesWait sync.WaitGroup
+		pipesWait.Add(2)
+		go func() {
+			pipesWait.Wait()
+			close()
+		}()
+
+		if hasRequestedPty {
+			log.Debug("Creating pty...")
+			cmdf, err = pty.Start(cmd)
+			if err != nil {
+				return err
+			}
 
-					close()
+			var once sync.Once
+			go func() {
+				io.Copy(connection, cmdf)
+				pipesWait.Done()
+			}()
+			go func() {
+				io.Copy(cmdf, connection)
+				pipesWait.Done()
+			}()
+
+			termLen := ptyPayload[3]
+			w, h := parseDims(ptyPayload[termLen+4:])
+			SetWinsize(cmdf.Fd(), w, h)
+		} else {
+			stdin, err := cmd.StdinPipe()
+			if err != nil {
+				return err
+			}
 
-					log.Debug("Session closed")
-				}
+			stdout, err := cmd.StdoutPipe()
+			if err != nil {
+				return err
+			}
 
-				// Allocate a terminal for this channel
-				log.Debug("Creating pty...")
-				bashf, err = pty.Start(bash)
+			stderr, err := cmd.StderrPipe()
+			if err != nil {
+				return err
+			}
+
+			// we want to wait for stdout and stderr before closing connection, but don't really mind about stdin
+			go func() {
+				_, err := io.Copy(stdin, connection)
+				log.Debug("Stdin copy ended", "error", err)
+			}()
+			go func() {
+				_, err := io.Copy(connection, stdout)
+				log.Debug("Stdout copy ended", "error", err)
+				pipesWait.Done()
+			}()
+			go func() {
+				_, err := io.Copy(connection.Stderr(), stderr)
+				log.Debug("Stderr copy ended", "error", err)
+				pipesWait.Done()
+			}()
+
+			err = cmd.Start()
+			if err != nil {
+				return err
+			}
+		}
+
+		return nil
+	}
+
+	// Sessions have out-of-band requests such as "shell", "pty-req" and "exec"
+	go func() {
+		defer once.Do(closeConn)
+		for req := range requests {
+			switch req.Type {
+			case "shell":
+				// TODO determine and use default shell, don't force bash
+				err := execCmd("bash")
 				if err != nil {
-					log.Debug("Could not start pty (%s)", err)
-					return
+					log.Error("Can't create shell!", "error", err)
 				}
 
-				//pipe session to bash and visa-versa
-				go func() {
-					io.Copy(connection, bashf)
-					once.Do(ptyClose)
-				}()
-				go func() {
-					io.Copy(bashf, connection)
-					once.Do(ptyClose)
-				}()
-
-				termLen := req.Payload[3]
-				w, h := parseDims(req.Payload[termLen+4:])
-				SetWinsize(bashf.Fd(), w, h)
-				// Responding true (OK) here will let the client
-				// know we have a pty ready for input
-				req.Reply(true, nil)
+				if req.WantReply {
+					req.Reply(true, nil)
+				}
+			case "pty-req":
+				hasRequestedPty = true
+				ptyPayload = req.Payload
+				if req.WantReply {
+					req.Reply(true, nil)
+				}
 			case "window-change":
-				if bashf == nil {
-					log.Debug("No pty requested!")
+				if cmdf == nil {
+					log.Debug("Tried to change window size but no pty requested!")
 				} else {
 					w, h := parseDims(req.Payload)
-					SetWinsize(bashf.Fd(), w, h)
+					SetWinsize(cmdf.Fd(), w, h)
+					if req.WantReply {
+						req.Reply(true, nil)
+					}
 				}
 			case "exec":
 				cmdStrLen := binary.BigEndian.Uint32(req.Payload[0:4])
 				cmdStr := string(req.Payload[4 : cmdStrLen+4])
-				cmd := exec.Command("bash", "-c", cmdStr)
-
-				stdin, err := cmd.StdinPipe()
-				if err != nil {
-					log.Debug("Error creating stdin pipe: %v", err)
-					continue
-				}
-
-				stdout, err := cmd.StdoutPipe()
+				err := execCmd("bash", "-c", cmdStr)
 				if err != nil {
-					log.Debug("Error creating stdout pipe: %v", err)
-					continue
+					log.Error("Can't create shell!", "error", err)
 				}
 
-				stderr, err := cmd.StderrPipe()
-				if err != nil {
-					log.Debug("Error creating stderr pipe: %v", err)
-					continue
-				}
-
-				var pipesWait sync.WaitGroup
-
-				// we want to wait for stdout and stderr before closing connection, but don't really mind about stdin
-				pipesWait.Add(2)
-				go func() {
-					io.Copy(stdin, connection)
-				}()
-				go func() {
-					io.Copy(connection, stdout)
-					pipesWait.Done()
-				}()
-				go func() {
-					io.Copy(connection.Stderr(), stderr)
-					pipesWait.Done()
-				}()
-
-				err = cmd.Start()
-				if err != nil {
-					log.Debug("Error running command %s: %v", cmdStr, err)
-					continue
-				}
-
-				go func() {
-					err := cmd.Wait()
-					if err != nil {
-						log.Debug("Error waiting for command %s to end: %v", cmdStr, err)
-					}
-
-					pipesWait.Wait()
-
-					tb := []byte{0, 0, 0, 0}
-					connection.SendRequest("exit-status", false, tb)
-
-					once.Do(close)
-				}()
-
-				err = req.Reply(true, nil)
-				if err != nil {
-					log.Debug("Error responding to request: %v", err)
-					continue
+				if req.WantReply {
+					req.Reply(true, nil)
 				}
 			default:
 				log.Debug("Unkown session request type %s", req.Type)

ssh/server/ssh/ssh.go

@@ -15,7 +15,7 @@ import (
 )
 
 // ChannelHandlerFunction is a type for channel handlers, such as terminal sessions, tunnels, or X11 forwarding.
-type ChannelHandlerFunction func(newChannel ssh.NewChannel)
+type ChannelHandlerFunction func(perms *ssh.Permissions, newChannel ssh.NewChannel)
 
 // Server is a struct containing information about SSH servers.
 type Server struct {
@@ -58,16 +58,16 @@ func Create(config *serverconfig.ServerConfig, version string) (*Server, error)
 	return server, nil
 }
 
-func (s *Server) handleChannels(chans <-chan ssh.NewChannel) {
+func (s *Server) handleChannels(perms *ssh.Permissions, chans <-chan ssh.NewChannel) {
 	// Service the incoming Channel channel in go routine
 	for newChannel := range chans {
-		go s.handleChannel(newChannel)
+		go s.handleChannel(perms, newChannel)
 	}
 }
 
-func (s *Server) handleChannel(newChannel ssh.NewChannel) {
+func (s *Server) handleChannel(perms *ssh.Permissions, newChannel ssh.NewChannel) {
 	if handler, exists := s.channelHandlers[newChannel.ChannelType()]; exists {
-		handler(newChannel)
+		handler(perms, newChannel)
 	} else {
 		newChannel.Reject(ssh.UnknownChannelType, fmt.Sprintf("unknown channel type: %s", newChannel.ChannelType()))
 		return
@@ -79,16 +79,16 @@ func (s *Server) HandleConnection(conn net.Conn) error {
 	log.Debug("Handling new connection")
 	sshConn, chans, reqs, err := ssh.NewServerConn(conn, s.configuration)
 	if err != nil {
-		log.Debug("Failed to create new connection (%s)", err)
+		log.Error("Failed to create new connection", "error", err)
 		conn.Close()
 		return err
 	}
 
-	log.Debug("New SSH connection from %s (%s)", sshConn.RemoteAddr(), sshConn.ClientVersion())
+	log.Debug("New SSH connection", "remoteAddress", sshConn.RemoteAddr(), "clientVersion", sshConn.ClientVersion())
 	// Discard all global out-of-band Requests
 	go ssh.DiscardRequests(reqs)
 	// Accept all channels
-	s.handleChannels(chans)
+	s.handleChannels(sshConn.Permissions, chans)
 
 	return nil
 }

ssh/server/ssh/tunnelchannel.go

@@ -31,7 +31,7 @@ func handleTunnelForRemoteConnection(connection ssh.Channel, remoteConnection ne
 	}()
 }
 
-func handleTCPTunnel(newChannel ssh.NewChannel) {
+func handleTCPTunnel(perms *ssh.Permissions, newChannel ssh.NewChannel) {
 	extraData := newChannel.ExtraData()
 	addressLen := binary.BigEndian.Uint32(extraData[0:4])
 	address := string(extraData[4 : addressLen+4])
@@ -54,7 +54,7 @@ func handleTCPTunnel(newChannel ssh.NewChannel) {
 	handleTunnelForRemoteConnection(connection, remoteConnection)
 }
 
-func handleSCIONQUICTunnel(newChannel ssh.NewChannel) {
+func handleSCIONQUICTunnel(perms *ssh.Permissions, newChannel ssh.NewChannel) {
 	extraData := newChannel.ExtraData()
 	addressLen := binary.BigEndian.Uint32(extraData[0:4])
 	address := string(extraData[4 : addressLen+4])