gssh-agent 1.0.3 → 1.0.5

package/internal/client/ssh.go

@@ -11,6 +11,7 @@ import (
 
 	"github.com/pkg/sftp"
 	"golang.org/x/crypto/ssh"
+	"golang.org/x/crypto/ssh/knownhosts"
 )
 
 // SSHClient encapsulates SSH connection logic
@@ -32,12 +33,84 @@ func (k *KeyboardInteractiveHandler) Challenge(name, instruction string, questio
 	return answers, nil
 }
 
+// getHostKeyCallback returns a host key callback that verifies the host key against the user's known_hosts file.
+// If the host is unknown, it implements Trust-On-First-Use (TOFU) by adding the new key to the known_hosts file.
+func getHostKeyCallback() (ssh.HostKeyCallback, error) {
+	homeDir, err := os.UserHomeDir()
+	if err != nil {
+		return nil, fmt.Errorf("could not get user home dir: %w", err)
+	}
+
+	knownHostsPath := filepath.Join(homeDir, ".ssh", "known_hosts")
+
+	// Ensure the .ssh directory exists
+	if err := os.MkdirAll(filepath.Dir(knownHostsPath), 0700); err != nil {
+		return nil, fmt.Errorf("failed to create .ssh directory: %w", err)
+	}
+
+	// Create the known_hosts file if it doesn't exist
+	if _, err := os.Stat(knownHostsPath); os.IsNotExist(err) {
+		f, err := os.OpenFile(knownHostsPath, os.O_CREATE|os.O_RDWR, 0600)
+		if err != nil {
+			return nil, fmt.Errorf("failed to create known_hosts file: %w", err)
+		}
+		f.Close()
+	}
+
+	cb, err := knownhosts.New(knownHostsPath)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create knownhosts callback: %w", err)
+	}
+
+	return func(hostname string, remote net.Addr, key ssh.PublicKey) error {
+		err := cb(hostname, remote, key)
+		if err == nil {
+			return nil
+		}
+
+		keyErr, ok := err.(*knownhosts.KeyError)
+		if !ok {
+			return err
+		}
+
+		// If len(keyErr.Want) is 0, it means the key is completely unknown (not a mismatch).
+		// We implement Trust-On-First-Use (TOFU) by adding the new key to known_hosts.
+		if len(keyErr.Want) == 0 {
+			f, fErr := os.OpenFile(knownHostsPath, os.O_APPEND|os.O_WRONLY, 0600)
+			if fErr != nil {
+				return fmt.Errorf("failed to open known_hosts for appending: %w", fErr)
+			}
+			defer f.Close()
+
+			addresses := []string{knownhosts.Normalize(hostname)}
+			if remoteString := remote.String(); remoteString != hostname {
+				addresses = append(addresses, knownhosts.Normalize(remoteString))
+			}
+
+			line := knownhosts.Line(addresses, key)
+			if _, wErr := f.WriteString(line + "\n"); wErr != nil {
+				return fmt.Errorf("failed to append key to known_hosts: %w", wErr)
+			}
+			return nil
+		}
+
+		// It's a key mismatch (security risk: MITM or host key changed). Reject the connection.
+		return err
+	}, nil
+}
+
 // NewSSHClient creates a new SSH client
 func NewSSHClient(user, host string, port int, authMethods ...ssh.AuthMethod) (*SSHClient, error) {
+	hostKeyCallback, err := getHostKeyCallback()
+	if err != nil {
+		return nil, fmt.Errorf("failed to get host key callback: %w", err)
+	}
+
 	config := &ssh.ClientConfig{
 		User:            user,
 		Auth:            authMethods,
-		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
+		HostKeyCallback: hostKeyCallback,
+		Timeout:         10 * time.Second,
 	}
 
 	addr := fmt.Sprintf("%s:%d", host, port)
@@ -169,8 +242,56 @@ func (c *SSHClient) NewSFTPClient() (*SFTPClient, error) {
 	return &SFTPClient{Client: sftpClient}, nil
 }
 
-// Upload uploads a local file to remote
+// Upload uploads a local file or directory to remote
 func (s *SFTPClient) Upload(localPath, remotePath string) (int64, error) {
+	localInfo, err := os.Stat(localPath)
+	if err != nil {
+		return 0, fmt.Errorf("failed to stat local path: %w", err)
+	}
+
+	if !localInfo.IsDir() {
+		return s.uploadFile(localPath, remotePath)
+	}
+
+	var totalWritten int64
+	err = filepath.Walk(localPath, func(path string, info os.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+
+		relPath, err := filepath.Rel(localPath, path)
+		if err != nil {
+			return err
+		}
+
+		targetPath := filepath.ToSlash(filepath.Join(remotePath, relPath))
+
+		if info.IsDir() {
+			s.Client.MkdirAll(targetPath)
+			return nil
+		}
+
+		// Sync logic
+		remoteInfo, err := s.Client.Stat(targetPath)
+		if err == nil && remoteInfo.Size() == info.Size() && remoteInfo.ModTime().Unix() == info.ModTime().Unix() {
+			return nil
+		}
+
+		written, err := s.uploadFile(path, targetPath)
+		if err != nil {
+			return err
+		}
+
+		totalWritten += written
+		s.Client.Chtimes(targetPath, info.ModTime(), info.ModTime())
+
+		return nil
+	})
+
+	return totalWritten, err
+}
+
+func (s *SFTPClient) uploadFile(localPath, remotePath string) (int64, error) {
 	localFile, err := os.Open(localPath)
 	if err != nil {
 		return 0, fmt.Errorf("failed to open local file: %w", err)
@@ -199,8 +320,62 @@ func (s *SFTPClient) Upload(localPath, remotePath string) (int64, error) {
 	return written, nil
 }
 
-// Download downloads a remote file to local
+// Download downloads a remote file or directory to local
 func (s *SFTPClient) Download(remotePath, localPath string) (int64, error) {
+	remoteInfo, err := s.Client.Stat(remotePath)
+	if err != nil {
+		return 0, fmt.Errorf("failed to stat remote path: %w", err)
+	}
+
+	if !remoteInfo.IsDir() {
+		return s.downloadFile(remotePath, localPath)
+	}
+
+	var totalWritten int64
+	walker := s.Client.Walk(remotePath)
+	for walker.Step() {
+		if walker.Err() != nil {
+			return totalWritten, walker.Err()
+		}
+
+		path := walker.Path()
+		info := walker.Stat()
+
+		relPath, err := filepath.Rel(remotePath, path)
+		if err != nil {
+			return totalWritten, err
+		}
+
+		if err := checkPathTraversal(relPath); err != nil {
+			return totalWritten, err
+		}
+
+		targetPath := filepath.Join(localPath, relPath)
+
+		if info.IsDir() {
+			os.MkdirAll(targetPath, info.Mode())
+			continue
+		}
+
+		// Sync logic
+		localInfo, err := os.Stat(targetPath)
+		if err == nil && localInfo.Size() == info.Size() && localInfo.ModTime().Unix() == info.ModTime().Unix() {
+			continue
+		}
+
+		written, err := s.downloadFile(path, targetPath)
+		if err != nil {
+			return totalWritten, err
+		}
+
+		totalWritten += written
+		os.Chtimes(targetPath, info.ModTime(), info.ModTime())
+	}
+
+	return totalWritten, nil
+}
+
+func (s *SFTPClient) downloadFile(remotePath, localPath string) (int64, error) {
 	remoteFile, err := s.Client.Open(remotePath)
 	if err != nil {
 		return 0, fmt.Errorf("failed to open remote file: %w", err)
@@ -380,6 +555,14 @@ func (pw *progressWriter) Write(p []byte) (n int, err error) {
 	return
 }
 
+// checkPathTraversal ensures that relPath does not escape the destination directory
+func checkPathTraversal(relPath string) error {
+	if !filepath.IsLocal(relPath) {
+		return fmt.Errorf("path traversal detected: %s escapes destination", relPath)
+	}
+	return nil
+}
+
 // expandPath expands ~ to home directory
 func expandPath(path string) string {
 	if len(path) > 0 && path[0] == '~' {

package/internal/client/ssh_test.go

@@ -31,3 +31,46 @@ func TestNewAuthMethodsFromKeyPath(t *testing.T) {
 		t.Error("expected error for non-existent key")
 	}
 }
+
+func TestCheckPathTraversal(t *testing.T) {
+	tests := []struct {
+		name    string
+		relPath string
+		wantErr bool
+	}{
+		{
+			name:    "safe path within directory",
+			relPath: "safe_file.txt",
+			wantErr: false,
+		},
+		{
+			name:    "safe path same as directory",
+			relPath: ".",
+			wantErr: false,
+		},
+		{
+			name:    "path traversal attempt with ../",
+			relPath: "../etc/passwd",
+			wantErr: true,
+		},
+		{
+			name:    "absolute path traversal",
+			relPath: "/etc/passwd",
+			wantErr: true,
+		},
+		{
+			name:    "deep nested safe path",
+			relPath: "a/b/c/d.txt",
+			wantErr: false,
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			err := checkPathTraversal(tt.relPath)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("checkPathTraversal() error = %v, wantErr %v", err, tt.wantErr)
+			}
+		})
+	}
+}

package/internal/portforward/forwarder.go

@@ -6,6 +6,7 @@ import (
 	"log"
 	"net"
 	"sync"
+	"time"
 
 	"golang.org/x/crypto/ssh"
 )
@@ -72,16 +73,32 @@ func (f *Forwarder) startLocalForward() {
 				f.mu.RUnlock()
 				return
 			}
+			listener := f.listener
 			f.mu.RUnlock()
 
-			conn, err := f.listener.Accept()
+			if listener == nil {
+				time.Sleep(1 * time.Second)
+				continue
+			}
+
+			// Set deadline to prevent blocking forever
+			if tcpListener, ok := listener.(*net.TCPListener); ok {
+				tcpListener.SetDeadline(time.Now().Add(5 * time.Second))
+			}
+
+			conn, err := listener.Accept()
 			if err != nil {
+				// Check if it's a timeout
+				if netErr, ok := err.(net.Error); ok && netErr.Timeout() {
+					continue
+				}
 				f.mu.RLock()
 				closed := f.closed
 				f.mu.RUnlock()
 				if closed {
 					return
 				}
+				log.Printf("[portforward] Accept error: %v", err)
 				continue
 			}
 
@@ -105,15 +122,27 @@ func (f *Forwarder) handleLocalConnection(localConn net.Conn) {
 
 	log.Printf("[portforward] Connection accepted from %s", localConn.RemoteAddr())
 
-	remoteAddr := fmt.Sprintf("localhost:%d", f.RemotePort)
-	remoteConn, err := f.sshClient.Dial("tcp", remoteAddr)
+	// Use 127.0.0.1 instead of localhost to avoid IPv6 issues
+	remoteAddr := fmt.Sprintf("127.0.0.1:%d", f.RemotePort)
+
+	// Dial the remote endpoint *through* the SSH tunnel
+	f.mu.RLock()
+	client := f.sshClient
+	f.mu.RUnlock()
+
+	if client == nil {
+		log.Printf("[portforward] SSH client is nil, cannot connect to remote %s", remoteAddr)
+		return
+	}
+
+	remoteConn, err := client.Dial("tcp", remoteAddr)
 	if err != nil {
-		log.Printf("[portforward] Failed to connect to remote %s: %v", remoteAddr, err)
+		log.Printf("[portforward] Failed to connect to remote %s via SSH: %v", remoteAddr, err)
 		return
 	}
 	defer remoteConn.Close()
 
-	log.Printf("[portforward] Tunnel established to remote %s", remoteAddr)
+	log.Printf("[portforward] Tunnel established to remote %s via SSH", remoteAddr)
 
 	// Bidirectional copy
 	done := make(chan struct{})
@@ -135,38 +164,48 @@ func (f *Forwarder) startRemoteForward() {
 	go func() {
 		defer f.wg.Done()
 
-		// Request the SSH server to listen on remote:remotePort and forward connections to us
-		// Payload format: string (address) + uint32 (port)
-		addr := fmt.Sprintf(":%d", f.RemotePort)
-		payload := ssh.Marshal(struct {
-			Addr string
-			Port uint32
-		}{Addr: addr, Port: uint32(f.RemotePort)})
-
-		ok, _, err := f.sshClient.SendRequest("tcpip-forward", true, payload)
-		if err != nil {
-			log.Printf("[portforward] Failed to send tcpip-forward request: %v", err)
+		f.mu.RLock()
+		client := f.sshClient
+		f.mu.RUnlock()
+
+		if client == nil {
+			log.Printf("[portforward] SSH client is nil, cannot start remote forward")
 			return
 		}
-		if !ok {
-			log.Printf("[portforward] SSH server rejected tcpip-forward request for port %d", f.RemotePort)
+
+		// Request the SSH server to listen on remote:remotePort and forward connections to us
+		remoteAddr := fmt.Sprintf("0.0.0.0:%d", f.RemotePort)
+
+		// Note: The ssh.Client.Listen internally sends the tcpip-forward request
+		listener, err := client.Listen("tcp", remoteAddr)
+		if err != nil {
+			log.Printf("[portforward] Failed to listen on remote port %d via SSH: %v", f.RemotePort, err)
 			return
 		}
 
+		f.mu.Lock()
+		f.listener = listener
+		f.mu.Unlock()
+
 		log.Printf("[portforward] Remote forward: SSH server listening on port %d", f.RemotePort)
 
-		// Now we need to accept forwarded connections from the SSH server
-		// The SSH server will open a "forwarded-tcpip" channel for each connection
+		// Accept forwarded connections in a loop
 		for {
 			f.mu.RLock()
 			if f.closed {
 				f.mu.RUnlock()
 				return
 			}
+			currentListener := f.listener
 			f.mu.RUnlock()
 
+			if currentListener == nil {
+				time.Sleep(1 * time.Second)
+				continue
+			}
+
 			// Wait for a forwarded connection
-			ch, reqs, err := f.sshClient.OpenChannel("forwarded-tcpip", nil)
+			remoteConn, err := currentListener.Accept()
 			if err != nil {
 				f.mu.RLock()
 				closed := f.closed
@@ -175,18 +214,17 @@ func (f *Forwarder) startRemoteForward() {
 					return
 				}
 				log.Printf("[portforward] Error accepting forwarded connection: %v", err)
-				continue
+				return // Listener is broken or closed
 			}
 
-			// Discard any requests
-			go ssh.DiscardRequests(reqs)
+			log.Printf("[portforward] Accepted remote connection from %v", remoteConn.RemoteAddr())
 
-			// Connect to local port
-			localAddr := fmt.Sprintf("localhost:%d", f.LocalPort)
-			localConn, err := net.Dial("tcp", localAddr)
+			// Connect to local port to forward the traffic
+			localAddr := fmt.Sprintf("127.0.0.1:%d", f.LocalPort)
+			localConn, err := net.DialTimeout("tcp", localAddr, 5*time.Second)
 			if err != nil {
 				log.Printf("[portforward] Failed to connect to local port %d: %v", f.LocalPort, err)
-				ch.Close()
+				remoteConn.Close()
 				continue
 			}
 
@@ -198,12 +236,20 @@ func (f *Forwarder) startRemoteForward() {
 
 			// Bidirectional copy
 			go func() {
-				io.Copy(ch, localConn)
-				ch.Close()
-				localConn.Close()
-			}()
-			go func() {
-				io.Copy(localConn, ch)
+				defer func() {
+					remoteConn.Close()
+					localConn.Close()
+					f.mu.Lock()
+					delete(f.conns, localConn)
+					f.mu.Unlock()
+				}()
+				done := make(chan struct{})
+				go func() {
+					io.Copy(remoteConn, localConn)
+					close(done)
+				}()
+				io.Copy(localConn, remoteConn)
+				<-done
 			}()
 		}
 	}()
@@ -217,7 +263,6 @@ func (f *Forwarder) Close() {
 		return
 	}
 	f.closed = true
-	f.mu.Unlock()
 
 	if f.listener != nil {
 		f.listener.Close()
@@ -226,6 +271,7 @@ func (f *Forwarder) Close() {
 	for conn := range f.conns {
 		conn.Close()
 	}
+	f.mu.Unlock()
 
 	f.wg.Wait()
 }
@@ -235,8 +281,6 @@ func (f *Forwarder) Restart(sshClient *ssh.Client) {
 	f.mu.Lock()
 	f.sshClient = sshClient
 	f.closed = false
-	f.conns = make(map[net.Conn]bool)
-	f.mu.Unlock()
 
 	if f.listener != nil {
 		f.listener.Close()
@@ -246,11 +290,21 @@ func (f *Forwarder) Restart(sshClient *ssh.Client) {
 		// Create new listener
 		addr := fmt.Sprintf("localhost:%d", f.LocalPort)
 		listener, err := net.Listen("tcp", addr)
-		if err != nil {
-			return
+		if err == nil {
+			f.listener = listener
+		} else {
+			f.listener = nil
+			log.Printf("[portforward] Failed to recreate listener on %s: %v", addr, err)
 		}
-		f.listener = listener
+	} else {
+		f.listener = nil // Will be re-initialized in startRemoteForward
+	}
+
+	for conn := range f.conns {
+		conn.Close()
 	}
+	f.conns = make(map[net.Conn]bool)
+	f.mu.Unlock()
 
 	f.Start()
 }

package/internal/protocol/types.go

@@ -72,6 +72,7 @@ type ReconnectParams struct {
 type ExecParams struct {
 	SessionID string `json:"session_id,omitempty"`
 	Command   string `json:"command"`
+	Timeout   int    `json:"timeout,omitempty"` // 超时时间（秒），0 表示无超时
 }
 
 type ForwardParams struct {
@@ -108,6 +109,7 @@ type SCPResult struct {
 // SFTPParams represents SFTP command parameters
 type SFTPParams struct {
 	SessionID string `json:"session_id,omitempty"`
-	Command   string `json:"command"` // "ls", "cd", "pwd", "mkdir", "rm", "rmdir"
+	Command   string `json:"command"`
+	Timeout   int    `json:"timeout,omitempty"` // 超时时间（秒），0 表示无超时 // "ls", "cd", "pwd", "mkdir", "rm", "rmdir"
 	Path      string `json:"path"`
 }