gssh-agent 1.0.2 → 1.0.4

package/cmd/gssh/main.go

@@ -18,47 +18,66 @@ import (
 
 const (
 	defaultSocketPath = "/tmp/gssh.sock"
-)
-
-var (
-	socketPath = flag.String("socket", defaultSocketPath, "Unix socket path")
+	version          = "0.1.0"
 )
 
 func main() {
-	flag.Parse()
+	// Check for version flag before any parsing
+	if len(os.Args) > 1 && (os.Args[1] == "-v" || os.Args[1] == "--version") {
+		fmt.Printf("gssh version %s\n", version)
+		os.Exit(0)
+	}
 
-	if flag.NArg() < 1 {
+	// Check for help flag
+	if len(os.Args) > 1 && (os.Args[1] == "-h" || os.Args[1] == "--help") {
+		printUsage()
+		os.Exit(0)
+	}
+
+	// Parse global -socket flag manually
+	socketPath := defaultSocketPath
+	args := os.Args[1:]
+	for i := 0; i < len(args); i++ {
+		if args[i] == "-socket" && i+1 < len(args) {
+			socketPath = args[i+1]
+			args = append(args[:i], args[i+2:]...)
+			i--
+		}
+	}
+
+	if len(args) < 1 {
 		printUsage()
 		os.Exit(1)
 	}
 
-	cmd := flag.Arg(0)
+	cmd := args[0]
+	subArgs := args[1:]
 
 	var err error
 	switch cmd {
 	case "connect":
-		err = handleConnect()
+		err = handleConnect(subArgs, socketPath)
 	case "disconnect":
-		err = handleDisconnect()
+		err = handleDisconnect(subArgs, socketPath)
 	case "reconnect":
-		err = handleReconnect()
+		err = handleReconnect(subArgs, socketPath)
 	case "exec":
-		err = handleExec()
+		err = handleExec(subArgs, socketPath)
 	case "list", "ls":
-		err = handleList()
+		err = handleList(socketPath)
 	case "use":
-		err = handleUse()
+		err = handleUse(subArgs, socketPath)
 	case "forward":
-		err = handleForward()
+		err = handleForward(subArgs, socketPath)
 	case "forwards":
-		err = handleForwards()
+		err = handleForwards(socketPath)
 	case "forward-close":
-		err = handleForwardClose()
+		err = handleForwardClose(subArgs, socketPath)
 	case "scp":
-		err = handleSCP()
+		err = handleSCP(subArgs, socketPath)
 	case "sftp":
-		err = handleSFTP()
-	case "help", "-h", "--help":
+		err = handleSFTP(subArgs, socketPath)
+	case "help":
 		printUsage()
 	default:
 		fmt.Fprintf(os.Stderr, "Unknown command: %s\n", cmd)
@@ -74,9 +93,7 @@ func main() {
 
 // readPassword reads password from terminal without echo
 func readPassword() (string, error) {
-	// Check if stdin is a terminal
 	if !term.IsTerminal(int(os.Stdin.Fd())) {
-		// Try to read from stdin
 		reader := bufio.NewReader(os.Stdin)
 		fmt.Print("Password: ")
 		password, err := reader.ReadString('\n')
@@ -116,8 +133,8 @@ func readPassphrase() (string, error) {
 	return string(bytePassphrase), nil
 }
 
-func sendRequest(method string, params interface{}) ([]byte, error) {
-	conn, err := net.Dial("unix", *socketPath)
+func sendRequest(socketPath, method string, params interface{}) ([]byte, error) {
+	conn, err := net.Dial("unix", socketPath)
 	if err != nil {
 		return nil, fmt.Errorf("failed to connect to daemon: %w", err)
 	}
@@ -140,7 +157,6 @@ func sendRequest(method string, params interface{}) ([]byte, error) {
 		return nil, fmt.Errorf("failed to marshal request: %w", err)
 	}
 
-	// Add newline to signal end of request
 	reqData = append(reqData, '\n')
 
 	_, err = conn.Write(reqData)
@@ -148,14 +164,12 @@ func sendRequest(method string, params interface{}) ([]byte, error) {
 		return nil, fmt.Errorf("failed to send request: %w", err)
 	}
 
-	// Read line by line
 	reader := bufio.NewReader(conn)
 	line, err := reader.ReadBytes('\n')
 	if err != nil {
 		return nil, fmt.Errorf("failed to read response: %w", err)
 	}
 
-	// Remove trailing newline
 	line = line[:len(line)-1]
 
 	var resp protocol.Response
@@ -175,22 +189,24 @@ func sendRequest(method string, params interface{}) ([]byte, error) {
 	return result, nil
 }
 
-func handleConnect() error {
-	user := flag.String("u", "", "Username")
-	host := flag.String("h", "", "Host")
-	port := flag.Int("p", 22, "Port")
-	password := flag.String("P", "", "Password")
-	keyPath := flag.String("i", "", "SSH key path")
-	askPassword := flag.Bool("ask-pass", false, "Ask for password interactively")
-	askPassphrase := flag.Bool("ask-passphrase", false, "Ask for key passphrase interactively")
+func handleConnect(args []string, socketPath string) error {
+	fs := flag.NewFlagSet("connect", flag.ContinueOnError)
+	fs.SetOutput(os.Stderr)
+
+	user := fs.String("u", "", "Username")
+	host := fs.String("h", "", "Host")
+	port := fs.Int("p", 22, "Port")
+	password := fs.String("P", "", "Password")
+	keyPath := fs.String("i", "", "SSH key path")
+	askPassword := fs.Bool("ask-pass", false, "Ask for password interactively")
+	askPassphrase := fs.Bool("ask-passphrase", false, "Ask for key passphrase interactively")
 
-	flag.CommandLine.Parse(flag.Args()[1:])
+	fs.Parse(args)
 
 	if *user == "" || *host == "" {
 		return fmt.Errorf("user and host are required")
 	}
 
-	// If no password provided via flag and -ask-pass is set, read interactively
 	if *password == "" && *askPassword {
 		p, err := readPassword()
 		if err != nil {
@@ -199,14 +215,11 @@ func handleConnect() error {
 		*password = p
 	}
 
-	// If key path provided and -ask-passphrase is set, read interactively
 	if *keyPath != "" && *askPassphrase {
 		passphrase, err := readPassphrase()
 		if err != nil {
 			return fmt.Errorf("failed to read passphrase: %w", err)
 		}
-		// Note: Passphrase support would require modifying the SSH client
-		// For now, we'll just warn that it's not supported
 		if passphrase != "" {
 			fmt.Println("Note: Passphrase for keys is not yet supported, ignoring")
 		}
@@ -220,7 +233,7 @@ func handleConnect() error {
 		KeyPath:  *keyPath,
 	}
 
-	result, err := sendRequest("connect", params)
+	result, err := sendRequest(socketPath, "connect", params)
 	if err != nil {
 		return err
 	}
@@ -234,15 +247,24 @@ func handleConnect() error {
 	return nil
 }
 
-func handleDisconnect() error {
-	sessionID := flag.String("s", "", "Session ID")
-	flag.CommandLine.Parse(flag.Args()[1:])
+func handleDisconnect(args []string, socketPath string) error {
+	fs := flag.NewFlagSet("disconnect", flag.ContinueOnError)
+	fs.SetOutput(os.Stderr)
+
+	sessionID := fs.String("s", "", "Session ID")
+	fs.Parse(args)
+
+	// Support positional argument
+	sessionIDStr := *sessionID
+	if sessionIDStr == "" && fs.NArg() > 0 {
+		sessionIDStr = fs.Arg(0)
+	}
 
 	params := protocol.DisconnectParams{
-		SessionID: *sessionID,
+		SessionID: sessionIDStr,
 	}
 
-	_, err := sendRequest("disconnect", params)
+	_, err := sendRequest(socketPath, "disconnect", params)
 	if err != nil {
 		return err
 	}
@@ -251,15 +273,24 @@ func handleDisconnect() error {
 	return nil
 }
 
-func handleReconnect() error {
-	sessionID := flag.String("s", "", "Session ID")
-	flag.CommandLine.Parse(flag.Args()[1:])
+func handleReconnect(args []string, socketPath string) error {
+	fs := flag.NewFlagSet("reconnect", flag.ContinueOnError)
+	fs.SetOutput(os.Stderr)
+
+	sessionID := fs.String("s", "", "Session ID")
+	fs.Parse(args)
+
+	// Support positional argument
+	sessionIDStr := *sessionID
+	if sessionIDStr == "" && fs.NArg() > 0 {
+		sessionIDStr = fs.Arg(0)
+	}
 
 	params := protocol.ReconnectParams{
-		SessionID: *sessionID,
+		SessionID: sessionIDStr,
 	}
 
-	result, err := sendRequest("reconnect", params)
+	result, err := sendRequest(socketPath, "reconnect", params)
 	if err != nil {
 		return err
 	}
@@ -273,22 +304,21 @@ func handleReconnect() error {
 	return nil
 }
 
-func handleExec() error {
-	// Get remaining args after "exec"
-	args := flag.Args()[1:]
+func handleExec(args []string, socketPath string) error {
+	fs := flag.NewFlagSet("exec", flag.ContinueOnError)
+	fs.SetOutput(os.Stderr)
 
-	sessionID := flag.String("s", "", "Session ID")
-	sudoPassword := flag.String("S", "", "sudo password (will prompt if empty and -s flag used)")
-	askSudoPassword := flag.Bool("ask-sudo-pass", false, "Interactively ask for sudo password")
+	sessionID := fs.String("s", "", "Session ID")
+	sudoPassword := fs.String("S", "", "sudo password")
+	askSudoPassword := fs.Bool("ask-sudo-pass", false, "Interactively ask for sudo password")
 
-	flag.CommandLine.Parse(args)
+	fs.Parse(args)
 
-	if flag.NArg() < 1 {
+	if fs.NArg() < 1 {
 		return fmt.Errorf("command required")
 	}
-	command := strings.Join(flag.Args(), " ")
+	command := strings.Join(fs.Args(), " ")
 
-	// If sudo password needed but not provided, prompt for it
 	if *askSudoPassword && *sudoPassword == "" {
 		p, err := readPassword()
 		if err != nil {
@@ -297,9 +327,7 @@ func handleExec() error {
 		*sudoPassword = p
 	}
 
-	// If command contains sudo and password provided, wrap the command
 	if *sudoPassword != "" && strings.Contains(command, "sudo") {
-		// Use printf to pipe password to sudo -S
 		command = fmt.Sprintf("printf '%%s\\n' '%s' | %s -S", *sudoPassword, command)
 	}
 
@@ -308,7 +336,7 @@ func handleExec() error {
 		Command:   command,
 	}
 
-	result, err := sendRequest("exec", params)
+	result, err := sendRequest(socketPath, "exec", params)
 	if err != nil {
 		return err
 	}
@@ -330,8 +358,8 @@ func handleExec() error {
 	return nil
 }
 
-func handleList() error {
-	result, err := sendRequest("list", nil)
+func handleList(socketPath string) error {
+	result, err := sendRequest(socketPath, "list", nil)
 	if err != nil {
 		return err
 	}
@@ -354,19 +382,22 @@ func handleList() error {
 	return nil
 }
 
-func handleUse() error {
-	flag.CommandLine.Parse(flag.Args()[1:])
+func handleUse(args []string, socketPath string) error {
+	fs := flag.NewFlagSet("use", flag.ContinueOnError)
+	fs.SetOutput(os.Stderr)
 
-	if flag.NArg() < 1 {
+	fs.Parse(args)
+
+	if fs.NArg() < 1 {
 		return fmt.Errorf("session ID required")
 	}
-	sessionIDStr := flag.Arg(0)
+	sessionIDStr := fs.Arg(0)
 
 	params := protocol.UseParams{
 		SessionID: sessionIDStr,
 	}
 
-	_, err := sendRequest("use", params)
+	_, err := sendRequest(socketPath, "use", params)
 	if err != nil {
 		return err
 	}
@@ -375,13 +406,16 @@ func handleUse() error {
 	return nil
 }
 
-func handleForward() error {
-	sessionID := flag.String("s", "", "Session ID")
-	local := flag.Int("l", 0, "Local port")
-	remote := flag.Int("r", 0, "Remote port")
-	isRemote := flag.Bool("R", false, "Remote port forward")
+func handleForward(args []string, socketPath string) error {
+	fs := flag.NewFlagSet("forward", flag.ContinueOnError)
+	fs.SetOutput(os.Stderr)
+
+	sessionID := fs.String("s", "", "Session ID")
+	local := fs.Int("l", 0, "Local port")
+	remote := fs.Int("r", 0, "Remote port")
+	isRemote := fs.Bool("R", false, "Remote port forward")
 
-	flag.CommandLine.Parse(flag.Args()[1:])
+	fs.Parse(args)
 
 	if *local == 0 || *remote == 0 {
 		return fmt.Errorf("local and remote ports are required")
@@ -399,7 +433,7 @@ func handleForward() error {
 		Remote:    *remote,
 	}
 
-	result, err := sendRequest("forward", params)
+	result, err := sendRequest(socketPath, "forward", params)
 	if err != nil {
 		return err
 	}
@@ -413,8 +447,8 @@ func handleForward() error {
 	return nil
 }
 
-func handleForwards() error {
-	result, err := sendRequest("forwards", nil)
+func handleForwards(socketPath string) error {
+	result, err := sendRequest(socketPath, "forwards", nil)
 	if err != nil {
 		return err
 	}
@@ -437,19 +471,22 @@ func handleForwards() error {
 	return nil
 }
 
-func handleForwardClose() error {
-	flag.CommandLine.Parse(flag.Args()[1:])
+func handleForwardClose(args []string, socketPath string) error {
+	fs := flag.NewFlagSet("forward-close", flag.ContinueOnError)
+	fs.SetOutput(os.Stderr)
+
+	fs.Parse(args)
 
-	if flag.NArg() < 1 {
+	if fs.NArg() < 1 {
 		return fmt.Errorf("forward ID required")
 	}
-	forwardID := flag.Arg(0)
+	forwardID := fs.Arg(0)
 
 	params := protocol.ForwardCloseParams{
 		ForwardID: forwardID,
 	}
 
-	_, err := sendRequest("forward_close", params)
+	_, err := sendRequest(socketPath, "forward_close", params)
 	if err != nil {
 		return err
 	}
@@ -458,19 +495,22 @@ func handleForwardClose() error {
 	return nil
 }
 
-func handleSCP() error {
-	sessionID := flag.String("s", "", "Session ID")
-	isUpload := flag.Bool("put", false, "Upload mode (local->remote)")
-	isDownload := flag.Bool("get", false, "Download mode (remote->local)")
+func handleSCP(args []string, socketPath string) error {
+	fs := flag.NewFlagSet("scp", flag.ContinueOnError)
+	fs.SetOutput(os.Stderr)
 
-	flag.CommandLine.Parse(flag.Args()[1:])
+	sessionID := fs.String("s", "", "Session ID")
+	isUpload := fs.Bool("put", false, "Upload mode (local->remote)")
+	isDownload := fs.Bool("get", false, "Download mode (remote->local)")
 
-	if flag.NArg() < 2 {
+	fs.Parse(args)
+
+	if fs.NArg() < 2 {
 		return fmt.Errorf("source and destination paths required")
 	}
 
-	source := flag.Arg(0)
-	dest := flag.Arg(1)
+	source := fs.Arg(0)
+	dest := fs.Arg(1)
 
 	if !*isUpload && !*isDownload {
 		return fmt.Errorf("must specify -put or -get")
@@ -483,7 +523,7 @@ func handleSCP() error {
 		IsUpload:  *isUpload,
 	}
 
-	result, err := sendRequest("scp", params)
+	result, err := sendRequest(socketPath, "scp", params)
 	if err != nil {
 		return err
 	}
@@ -502,12 +542,15 @@ func handleSCP() error {
 	return nil
 }
 
-func handleSFTP() error {
-	sessionID := flag.String("s", "", "Session ID")
-	command := flag.String("c", "", "SFTP command (ls, mkdir, rm)")
-	path := flag.String("p", ".", "Path")
+func handleSFTP(args []string, socketPath string) error {
+	fs := flag.NewFlagSet("sftp", flag.ContinueOnError)
+	fs.SetOutput(os.Stderr)
+
+	sessionID := fs.String("s", "", "Session ID")
+	command := fs.String("c", "", "SFTP command (ls, mkdir, rm)")
+	path := fs.String("p", ".", "Path")
 
-	flag.CommandLine.Parse(flag.Args()[1:])
+	fs.Parse(args)
 
 	if *command == "" {
 		return fmt.Errorf("SFTP command required (-c ls|mkdir|rm)")
@@ -520,7 +563,7 @@ func handleSFTP() error {
 			Command:   "ls",
 			Path:      *path,
 		}
-		result, err := sendRequest("sftp_list", params)
+		result, err := sendRequest(socketPath, "sftp_list", params)
 		if err != nil {
 			return err
 		}
@@ -540,7 +583,7 @@ func handleSFTP() error {
 			Command:   "mkdir",
 			Path:      *path,
 		}
-		_, err := sendRequest("sftp_mkdir", params)
+		_, err := sendRequest(socketPath, "sftp_mkdir", params)
 		if err != nil {
 			return err
 		}
@@ -552,7 +595,7 @@ func handleSFTP() error {
 			Command:   "rm",
 			Path:      *path,
 		}
-		_, err := sendRequest("sftp_remove", params)
+		_, err := sendRequest(socketPath, "sftp_remove", params)
 		if err != nil {
 			return err
 		}
@@ -566,47 +609,54 @@ func handleSFTP() error {
 }
 
 func printUsage() {
-	fmt.Println(`gssh - SSH Session Manager for Agents (Stateless)
+	fmt.Printf(`gssh - SSH Session Manager for Agents v%s
 
 Usage:
   gssh connect -u user -h host [-p port] [-i key_path] [-P password] [--ask-pass]
-  gssh disconnect [-s session_id]
-  gssh reconnect [-s session_id]
-  gssh exec [-s session_id] [-S password | --ask-sudo-pass] "sudo command"
+  gssh disconnect [session_id]
+  gssh reconnect [session_id]
+  gssh exec [-s session_id] [-S password | --ask-sudo-pass] "command"
   gssh list
   gssh use <session_id>
-  gssh forward [-s session_id] -l local_port -r remote_port
+  gssh forward [-s session_id] -l local_port -r remote_port [-R]
   gssh forwards
   gssh forward-close <forward_id>
-  gssh scp [-s session_id] [-put|-get] <source> <dest>
-  gssh sftp [-s session_id] -c <command> -p <path>
-
-Note: For sudo commands, use key-based authentication or configure passwordless sudo.
+  gssh scp [-s session_id] -put <local> <remote>
+  gssh scp [-s session_id] -get <remote> <local>
+  gssh sftp [-s session_id] -c <ls|mkdir|rm> -p <path>
+  gssh -v, --version
 
 Options:
-  -socket path        Unix socket path (default: /tmp/gssh.sock)
+  -socket path         Unix socket path (default: /tmp/gssh.sock)
   -s session_id       Session ID
   -u user             Username
   -h host             Host
   -p port             Port (default: 22)
-  -P password         Password (or use --ask-pass for interactive input)
-  -i key_path        SSH key path
-  -S password        sudo password (for executing sudo commands)
-  --ask-sudo-pass    Interactively ask for sudo password
+  -P password         Password
+  -i key_path         SSH key path
+  -S password         sudo password
+  --ask-pass          Ask for password interactively
+  --ask-sudo-pass     Ask for sudo password interactively
   -l local            Local port
   -r remote           Remote port
-  -R                  Remote port forward
-  -put                Upload mode (local -> remote)
-  -get                Download mode (remote -> local)
+  -R                  Remote port forward (default: local)
+  -put                Upload (local -> remote)
+  -get                Download (remote -> local)
   -c command          SFTP command (ls, mkdir, rm)
   -p path             Path for SFTP command
-  --ask-pass          Interactively ask for SSH password (secure)
-  --ask-passphrase    Interactively ask for key passphrase (secure)`)
+  -v, --version       Show version
+
+Examples:
+  gssh connect -u admin -h 192.168.1.1 -P password
+  gssh exec "ls -la"
+  gssh reconnect 549b6eff-f62c-4dae-a7e9-298815233cf4
+  gssh forward -l 8080 -r 80
+  gssh scp -put local.txt /home/user/remote.txt
+`, version)
 }
 
 // Restore terminal on exit
 func init() {
-	// Setup cleanup to restore terminal state on unexpected exit
 	c := make(chan os.Signal, 1)
 	signal.Notify(c, syscall.SIGINT, syscall.SIGTERM)
 	go func() {

package/internal/session/manager.go

@@ -2,6 +2,7 @@ package session
 
 import (
 	"fmt"
+	"strings"
 	"sync"
 	"time"
 
@@ -45,6 +46,53 @@ func NewManager() *Manager {
 	}
 }
 
+// needsShell returns true if the command needs to be executed through a shell
+func needsShell(cmd string) bool {
+	// Check for heredoc
+	if strings.Contains(cmd, "<<") {
+		return true
+	}
+
+	// Check for newlines (multi-line commands)
+	if strings.Contains(cmd, "\n") {
+		return true
+	}
+
+	// Check for pipe
+	if strings.Contains(cmd, " | ") {
+		return true
+	}
+
+	// Check for redirection
+	if strings.ContainsAny(cmd, "><") {
+		if strings.Contains(cmd, ">") || strings.Contains(cmd, "<") {
+			return true
+		}
+	}
+
+	// Check for logical operators
+	if strings.Contains(cmd, " && ") || strings.Contains(cmd, " || ") {
+		return true
+	}
+
+	// Check for background execution
+	if strings.HasSuffix(strings.TrimSpace(cmd), "&") {
+		return true
+	}
+
+	// Check for command substitution
+	if strings.Contains(cmd, "$(") || strings.Contains(cmd, "`") {
+		return true
+	}
+
+	// Check for environment variables (but not $$ which is PID)
+	if strings.Contains(cmd, "${") || (strings.Contains(cmd, "$") && !strings.Contains(cmd, "$$")) {
+		return true
+	}
+
+	return false
+}
+
 // Connect creates a new SSH session
 func (m *Manager) Connect(user, host string, port int, password, keyPath string) (*protocol.Session, error) {
 	m.mu.Lock()
@@ -101,6 +149,11 @@ func (m *Manager) Connect(user, host string, port int, password, keyPath string)
 
 // Disconnect closes a session
 func (m *Manager) Disconnect(sessionID string) error {
+	// Use default session if not specified
+	if sessionID == "" {
+		sessionID = m.defaultID
+	}
+
 	m.mu.Lock()
 	defer m.mu.Unlock()
 
@@ -125,6 +178,11 @@ func (m *Manager) Disconnect(sessionID string) error {
 
 // Reconnect reconnects a session
 func (m *Manager) Reconnect(sessionID string) (*protocol.Session, error) {
+	// Use default session if not specified
+	if sessionID == "" {
+		sessionID = m.defaultID
+	}
+
 	m.mu.Lock()
 	ms, ok := m.sessions[sessionID]
 	m.mu.Unlock()
@@ -194,9 +252,12 @@ func (m *Manager) Exec(sessionID, command string) (*protocol.ExecResult, error)
 	}
 	defer session.Close()
 
-	// 直接执行命令，不通过 shell
-	
+	// 检测是否需要通过 shell 执行
 	fullCmd := command
+	if needsShell(command) {
+		// 使用 /bin/sh 更通用
+		fullCmd = fmt.Sprintf("/bin/sh -c %q", command)
+	}
 
 	output, err := session.CombinedOutput(fullCmd)
 	if err != nil {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "gssh-agent",
-  "version": "1.0.2",
+  "version": "1.0.4",
   "description": "SSH Session Manager for Agents - Stateless SSH client with SFTP support",
   "bin": {
     "gssh": "./bin/gssh",