bdy 1.22.65-stage → 1.22.67-master

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/distTs/package.json +1 -1
  2. package/distTs/src/tunnel/server/ssh.js +20 -38
  3. package/distTs/src/tunnel/ssh/client.js +16 -6
  4. package/package.json +1 -1
package/distTs/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "bdy",
3
3
  "preferGlobal": false,
4
- "version": "1.22.65-stage",
4
+ "version": "1.22.67-master",
5
5
  "type": "commonjs",
6
6
  "license": "MIT",
7
7
  "scripts": {
package/distTs/src/tunnel/server/ssh.js CHANGED
@@ -33,6 +33,7 @@ class ServerSsh extends events_1.default {
33
33
  login;
34
34
  password;
35
35
  server;
36
+ injected = 0;
36
37
  constructor(agent, login, password, hostKey) {
37
38
  super();
38
39
  this.agent = agent;
@@ -82,8 +83,14 @@ class ServerSsh extends events_1.default {
82
83
  this.server = null;
83
84
  }
84
85
  handleSshTunnel(stream) {
85
- if (this.server)
86
+ if (this.server) {
87
+ this.injected += 1;
88
+ logger_1.default.debug(`injectSocket: ${this.injected} concurrent injected connection(s)`);
89
+ stream.once('close', () => {
90
+ this.injected -= 1;
91
+ });
86
92
  this.server.injectSocket(stream);
93
+ }
87
94
  }
88
95
  checkValueSafe(input, allowed) {
89
96
  const autoReject = input.length !== allowed.length;
@@ -95,28 +102,16 @@ class ServerSsh extends events_1.default {
95
102
  async verifyKey(ctx, keys) {
96
103
  try {
97
104
  for (let i = 0; i < keys.length; i += 1) {
98
- const key = keys[i];
99
- const content = key.content ? key.content : key;
100
- const publicKey = ssh2_1.default.utils.parseKey(content);
101
- if (publicKey instanceof Error) {
105
+ const publicKey = ssh2_1.default.utils.parseKey(keys[i]);
106
+ if (publicKey instanceof Error)
102
107
  continue;
103
- }
104
- if (ctx.key.algo !== publicKey.type) {
108
+ if (ctx.key.algo !== publicKey.type)
105
109
  continue;
106
- }
107
- if (!this.checkValueSafe(ctx.key.data, publicKey.getPublicSSH())) {
110
+ if (!this.checkValueSafe(ctx.key.data, publicKey.getPublicSSH()))
108
111
  continue;
109
- }
110
112
  if (ctx.signature &&
111
- !publicKey.verify(ctx.blob || '', ctx.signature, ctx.hashAlgo)) {
113
+ !publicKey.verify(ctx.blob || '', ctx.signature, ctx.hashAlgo))
112
114
  continue;
113
- }
114
- if (key.name && key.email) {
115
- return {
116
- name: key.name,
117
- email: key.email
118
- };
119
- }
120
115
  return true;
121
116
  }
122
117
  }
@@ -170,7 +165,7 @@ class ServerSsh extends events_1.default {
170
165
  try {
171
166
  const resp = await buddy_1.default.fetchAgentKeys(this.agent.id, this.agent.host, this.agent.token);
172
167
  logger_1.default.debug(resp);
173
- keys = resp.userKeys || resp.keys;
168
+ keys = resp.keys;
174
169
  privateKey = resp.privateKey;
175
170
  user = resp.user || 'root';
176
171
  }
@@ -189,17 +184,7 @@ class ServerSsh extends events_1.default {
189
184
  const proxyClient = await this.createProxyConnection(privateKey, user);
190
185
  logger_1.default.debug('proxy connected');
191
186
  ctx.accept();
192
- const env = {};
193
- if (typeof verified === 'object' && verified.name && verified.email) {
194
- env.GIT_AUTHOR_NAME = verified.name;
195
- env.GIT_AUTHOR_EMAIL = verified.email;
196
- env.GIT_COMMITTER_NAME = verified.name;
197
- env.GIT_COMMITTER_EMAIL = verified.email;
198
- }
199
- return {
200
- proxyClient,
201
- env
202
- };
187
+ return proxyClient;
203
188
  }
204
189
  catch (err) {
205
190
  logger_1.default.debug('proxy not connected');
@@ -266,8 +251,8 @@ class ServerSsh extends events_1.default {
266
251
  stream.end();
267
252
  }
268
253
  }
269
- clientSession(session, client, proxyClient, globalEnv) {
270
- let env = globalEnv ? { ...globalEnv } : {};
254
+ clientSession(session, client, proxyClient) {
255
+ let env = {};
271
256
  let sftp;
272
257
  let channel;
273
258
  let pty;
@@ -470,14 +455,11 @@ class ServerSsh extends events_1.default {
470
455
  processClient(client) {
471
456
  logger_1.default.debug('new ssh client');
472
457
  let proxyClient;
473
- let globalEnv = {};
474
458
  client.setNoDelay();
475
459
  client.on('authentication', async (ctx) => {
476
460
  logger_1.default.debug('ssh authentication');
477
- const ac = await this.authenticateClient(ctx);
478
- if (ac) {
479
- proxyClient = ac.proxyClient;
480
- globalEnv = ac.env;
461
+ proxyClient = await this.authenticateClient(ctx);
462
+ if (proxyClient) {
481
463
  proxyClient.on('tcp connection', (details, accept, reject) => {
482
464
  logger_1.default.debug('new ssh client forward connection');
483
465
  logger_1.default.debug(details);
@@ -581,7 +563,7 @@ class ServerSsh extends events_1.default {
581
563
  });
582
564
  client.on('session', (accept) => {
583
565
  logger_1.default.debug('ssh session');
584
- this.clientSession(accept(), client, proxyClient, globalEnv);
566
+ this.clientSession(accept(), client, proxyClient);
585
567
  });
586
568
  }
587
569
  }
package/distTs/src/tunnel/ssh/client.js CHANGED
@@ -15,6 +15,7 @@ class SshClient extends events_1.default {
15
15
  password;
16
16
  keepalive;
17
17
  client;
18
+ lastError;
18
19
  constructor(ip, port, username, password) {
19
20
  super();
20
21
  this.ip = ip;
@@ -30,9 +31,13 @@ class SshClient extends events_1.default {
30
31
  this.client = new ssh2_1.Client();
31
32
  this.client.setNoDelay();
32
33
  this.client.on('ready', () => {
34
+ this.lastError = null;
33
35
  if (this.client) {
34
36
  this.client.removeAllListeners();
35
- this.client.on('error', () => { });
37
+ this.client.on('error', (err) => {
38
+ this.lastError = err;
39
+ logger_1.default.debug(`SSH client transport error: ${err?.message}`);
40
+ });
36
41
  }
37
42
  resolve();
38
43
  });
@@ -51,6 +56,7 @@ class SshClient extends events_1.default {
51
56
  kex: ['ecdh-sha2-nistp256'],
52
57
  },
53
58
  keepaliveInterval: 10000,
59
+ keepaliveCountMax: 6,
54
60
  host: this.ip,
55
61
  port: this.port,
56
62
  username: this.username,
@@ -67,16 +73,19 @@ class SshClient extends events_1.default {
67
73
  s.once('readable', resolve);
68
74
  });
69
75
  }
70
- async readStreamBytes(s, toRead) {
76
+ async readStreamBytes(s, toRead, reads = 0) {
71
77
  await this.waitForStreamReadable(s);
72
78
  const data = s.read(toRead) ?? s.read();
73
79
  if (data === null) {
74
- return this.readStreamBytes(s, toRead);
80
+ return this.readStreamBytes(s, toRead, reads + 1);
75
81
  }
76
82
  const newToRead = toRead - data.length;
77
- if (newToRead <= 0)
83
+ if (newToRead <= 0) {
84
+ if (reads > 0)
85
+ logger_1.default.debug(`handshake read took ${reads + 1} reads`);
78
86
  return data;
79
- const newData = await this.readStreamBytes(s, newToRead);
87
+ }
88
+ const newData = await this.readStreamBytes(s, newToRead, reads + 1);
80
89
  return Buffer.concat([data, newData]);
81
90
  }
82
91
  async processStream(stream, info) {
@@ -144,6 +153,7 @@ class SshClient extends events_1.default {
144
153
  }
145
154
  if (type === tunnel_1.TUNNEL_SOCKET_TYPE.SSH) {
146
155
  logger_1.default.debug((0, texts_1.LOG_DETECTED_STREAM)('SSH'));
156
+ logger_1.default.debug(`SSH handoff: ${stream.readableLength} leftover bytes buffered at injectSocket`);
147
157
  triggerStream(tunnel_1.TUNNEL_SSH_EVENT.STREAM_SSH, ip);
148
158
  return;
149
159
  }
@@ -179,7 +189,7 @@ class SshClient extends events_1.default {
179
189
  this.emit(tunnel_1.TUNNEL_SSH_EVENT.CONNECTED);
180
190
  if (this.client) {
181
191
  this.client.on('close', () => {
182
- logger_1.default.debug(`SSH client closed`);
192
+ logger_1.default.debug(`SSH client closed (reason: ${this.lastError?.message || 'clean close / no transport error'})`);
183
193
  if (this.keepalive)
184
194
  this.openKeepAlive();
185
195
  });
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "bdy",
3
3
  "preferGlobal": false,
4
- "version": "1.22.65-stage",
4
+ "version": "1.22.67-master",
5
5
  "type": "commonjs",
6
6
  "license": "MIT",
7
7
  "scripts": {