typescript-virtual-container 1.2.5 → 1.2.7

package/src/SSHMimic/executor.ts

@@ -1,13 +1,79 @@
 import { runCommand as runSingleCommand } from "../commands";
 import { resolvePath } from "../commands/helpers";
-import type { CommandMode, CommandResult } from "../types/commands";
-import type { Pipeline, PipelineCommand } from "../types/pipeline";
+import type { CommandMode, CommandResult, ShellEnv } from "../types/commands";
+import type { Pipeline, PipelineCommand, Script, Statement } from "../types/pipeline";
 import type { VirtualShell } from "../VirtualShell";
 
-/**
- * Execute a parsed pipeline, chaining commands and handling redirections.
- * Manages stdout/stderr flow between commands and file I/O.
- */
+// ── Script executor (handles &&/||/;) ────────────────────────────────────────
+
+export async function executeScript(
+	script: Script,
+	authUser: string,
+	hostname: string,
+	mode: CommandMode,
+	cwd: string,
+	shell: VirtualShell,
+	env: ShellEnv,
+): Promise<CommandResult> {
+	if (!script.isValid) return { stderr: script.error || "Syntax error", exitCode: 1 };
+
+	let lastResult: CommandResult = { exitCode: 0 };
+
+	for (const stmt of script.statements) {
+		// Decide whether to run this statement based on previous op
+		lastResult = await executePipeline(stmt.pipeline, authUser, hostname, mode, cwd, shell, env);
+		env.lastExitCode = lastResult.exitCode ?? 0;
+
+		// Propagate session-control signals
+		if (lastResult.closeSession || lastResult.switchUser || lastResult.nextCwd) {
+			break;
+		}
+	}
+
+	return lastResult;
+}
+
+/** Execute statements connected by &&/||/; */
+export async function executeStatements(
+	statements: Statement[],
+	authUser: string,
+	hostname: string,
+	mode: CommandMode,
+	cwd: string,
+	shell: VirtualShell,
+	env: ShellEnv,
+): Promise<CommandResult> {
+	let last: CommandResult = { exitCode: 0 };
+	let i = 0;
+
+	while (i < statements.length) {
+		const stmt = statements[i]!;
+		last = await executePipeline(stmt.pipeline, authUser, hostname, mode, cwd, shell, env);
+		env.lastExitCode = last.exitCode ?? 0;
+
+		if (last.closeSession || last.switchUser) return last;
+
+		const op = stmt.op;
+		if (!op || op === ";") {
+			// always run next
+		} else if (op === "&&") {
+			if ((last.exitCode ?? 0) !== 0) {
+				// skip until next ; or end
+				while (i < statements.length && statements[i]?.op === "&&") i++;
+			}
+		} else if (op === "||") {
+			if ((last.exitCode ?? 0) === 0) {
+				// skip until next ; or end
+				while (i < statements.length && statements[i]?.op === "||") i++;
+			}
+		}
+		i++;
+	}
+	return last;
+}
+
+// ── Pipeline executor ─────────────────────────────────────────────────────────
+
 export async function executePipeline(
 	pipeline: Pipeline,
 	authUser: string,
@@ -15,37 +81,26 @@ export async function executePipeline(
 	mode: CommandMode,
 	cwd: string,
 	shell: VirtualShell,
+	env?: ShellEnv,
 ): Promise<CommandResult> {
-	if (pipeline.commands.length === 0) {
-		return { exitCode: 0 };
-	}
+	if (!pipeline.isValid) return { stderr: pipeline.error || "Syntax error", exitCode: 1 };
+	if (pipeline.commands.length === 0) return { exitCode: 0 };
+
+	const shellEnv: ShellEnv = env ?? { vars: {}, lastExitCode: 0 };
 
 	if (pipeline.commands.length === 1) {
-		// Single command with possible redirections
 		return executeSingleCommandWithRedirections(
 			pipeline.commands[0] as PipelineCommand,
-			authUser,
-			hostname,
-			mode,
-			cwd,
-			shell,
+			authUser, hostname, mode, cwd, shell, shellEnv,
 		);
 	}
 
-	// Multiple commands in a pipeline
 	return executePipelineChain(
 		pipeline.commands as PipelineCommand[],
-		authUser,
-		hostname,
-		mode,
-		cwd,
-		shell,
+		authUser, hostname, mode, cwd, shell, shellEnv,
 	);
 }
 
-/**
- * Execute a single command with input/output redirections
- */
 async function executeSingleCommandWithRedirections(
 	cmd: PipelineCommand,
 	authUser: string,
@@ -53,66 +108,37 @@ async function executeSingleCommandWithRedirections(
 	mode: CommandMode,
 	cwd: string,
 	shell: VirtualShell,
+	env: ShellEnv,
 ): Promise<CommandResult> {
-	// Prepare input if input file specified
 	let stdin: string | undefined;
 	if (cmd.inputFile) {
 		const inputPath = resolvePath(cwd, cmd.inputFile);
-		try {
-			stdin = shell.vfs.readFile(inputPath);
-		} catch {
-			return {
-				stderr: `cat: ${cmd.inputFile}: No such file or directory`,
-				exitCode: 1,
-			};
-		}
+		try { stdin = shell.vfs.readFile(inputPath); }
+		catch { return { stderr: `${cmd.inputFile}: No such file or directory`, exitCode: 1 }; }
 	}
 
-	// Build raw input for the command
 	const rawInput = [cmd.name, ...cmd.args].join(" ");
+	const result = await runSingleCommand(rawInput, authUser, hostname, mode, cwd, shell, stdin, env);
 
-	// Run the command with potential input
-	const result = await runSingleCommand(
-		rawInput,
-		authUser,
-		hostname,
-		mode,
-		cwd,
-		shell,
-		stdin,
-	);
-
-	// Handle output redirection
 	if (cmd.outputFile) {
 		const outputPath = resolvePath(cwd, cmd.outputFile);
 		const output = result.stdout || "";
 		try {
 			if (cmd.appendOutput) {
-				try {
-					const existing = shell.vfs.readFile(outputPath);
-					shell.writeFileAsUser(authUser, outputPath, existing + output);
-				} catch {
-					shell.writeFileAsUser(authUser, outputPath, output);
-				}
+				const existing = (() => { try { return shell.vfs.readFile(outputPath); } catch { return ""; } })();
+				shell.writeFileAsUser(authUser, outputPath, existing + output);
 			} else {
 				shell.writeFileAsUser(authUser, outputPath, output);
 			}
 			return { ...result, stdout: "" };
 		} catch {
-			return {
-				...result,
-				stderr: `Failed to write to ${cmd.outputFile}`,
-				exitCode: 1,
-			};
+			return { ...result, stderr: `Failed to write to ${cmd.outputFile}`, exitCode: 1 };
 		}
 	}
 
 	return result;
 }
 
-/**
- * Execute a chain of commands connected by pipes
- */
 async function executePipelineChain(
 	commands: PipelineCommand[],
 	authUser: string,
@@ -120,6 +146,7 @@ async function executePipelineChain(
 	mode: CommandMode,
 	cwd: string,
 	shell: VirtualShell,
+	env: ShellEnv,
 ): Promise<CommandResult> {
 	let currentOutput = "";
 	let exitCode = 0;
@@ -127,66 +154,36 @@ async function executePipelineChain(
 	for (let i = 0; i < commands.length; i++) {
 		const cmd = commands[i] as PipelineCommand;
 
-		// Handle input file for first command
 		if (i === 0 && cmd.inputFile) {
 			const inputPath = resolvePath(cwd, cmd.inputFile);
-			try {
-				currentOutput = shell.vfs.readFile(inputPath);
-			} catch {
-				return {
-					stderr: `cat: ${cmd.inputFile}: No such file or directory`,
-					exitCode: 1,
-				};
-			}
+			try { currentOutput = shell.vfs.readFile(inputPath); }
+			catch { return { stderr: `${cmd.inputFile}: No such file or directory`, exitCode: 1 }; }
 		}
 
-		// Build raw input
 		const rawInput = [cmd.name, ...cmd.args].join(" ");
-
-		// Create a modified context that might accept stdin
-		// For now, we'll append input as an additional arg for commands that support it
-		const result = await runSingleCommand(
-			rawInput,
-			authUser,
-			hostname,
-			mode,
-			cwd,
-			shell,
-			currentOutput,
-		);
-
+		const result = await runSingleCommand(rawInput, authUser, hostname, mode, cwd, shell, currentOutput, env);
 		exitCode = result.exitCode ?? 0;
 
-		// Handle output redirection (only for last command)
 		if (i === commands.length - 1 && cmd.outputFile) {
 			const outputPath = resolvePath(cwd, cmd.outputFile);
 			const output = result.stdout || "";
 			try {
 				if (cmd.appendOutput) {
-					try {
-						const existing = shell.vfs.readFile(outputPath);
-						shell.writeFileAsUser(authUser, outputPath, existing + output);
-					} catch {
-						shell.writeFileAsUser(authUser, outputPath, output);
-					}
+					const existing = (() => { try { return shell.vfs.readFile(outputPath); } catch { return ""; } })();
+					shell.writeFileAsUser(authUser, outputPath, existing + output);
 				} else {
 					shell.writeFileAsUser(authUser, outputPath, output);
 				}
 				currentOutput = "";
 			} catch {
-				return {
-					stderr: `Failed to write to ${cmd.outputFile}`,
-					exitCode: 1,
-				};
+				return { stderr: `Failed to write to ${cmd.outputFile}`, exitCode: 1 };
 			}
 		} else {
-			// Pass output to next command
 			currentOutput = result.stdout || "";
 		}
 
-		if (result.stderr && exitCode !== 0) {
-			return { stderr: result.stderr, exitCode };
-		}
+		if (result.stderr && exitCode !== 0) return { stderr: result.stderr, exitCode };
+		if (result.closeSession || result.switchUser) return result;
 	}
 
 	return { stdout: currentOutput, exitCode };

package/src/SSHMimic/index.ts

@@ -140,11 +140,7 @@ class SshMimic extends EventEmitter {
 
 					// Rate-limit check
 					if (this.isLockedOut(remoteAddress)) {
-						this.emit("auth:failure", {
-							username: candidateUser,
-							remoteAddress,
-							reason: "lockout",
-						});
+						this.emit("auth:failure", { username: candidateUser, remoteAddress, reason: "lockout" });
 						ctx.reject();
 						return;
 					}
@@ -156,10 +152,7 @@ class SshMimic extends EventEmitter {
 								`User ${candidateUser} has no password set, allowing login without verification`,
 							);
 							authUser = candidateUser;
-							sessionId = shell.users.registerSession(
-								authUser,
-								remoteAddress,
-							).id;
+							sessionId = shell.users.registerSession(authUser, remoteAddress).id;
 							this.recordSuccess(remoteAddress);
 							this.emit("auth:success", { username: authUser, remoteAddress });
 							this.ensureHomeDir(authUser);
@@ -173,10 +166,7 @@ class SshMimic extends EventEmitter {
 							!shell.users.verifyPassword(candidateUser, ctx.password)
 						) {
 							this.recordFailure(remoteAddress);
-							this.emit("auth:failure", {
-								username: candidateUser,
-								remoteAddress,
-							});
+							this.emit("auth:failure", { username: candidateUser, remoteAddress });
 							ctx.reject();
 							return;
 						}
@@ -202,16 +192,13 @@ class SshMimic extends EventEmitter {
 						const incomingKey = ctx.key;
 						const keyMatches = authorizedKeys.some(
 							(k) =>
-								k.algo === incomingKey.algo && k.data.equals(incomingKey.data),
+								k.algo === incomingKey.algo &&
+								k.data.equals(incomingKey.data),
 						);
 
 						if (!keyMatches) {
 							this.recordFailure(remoteAddress);
-							this.emit("auth:failure", {
-								username: candidateUser,
-								remoteAddress,
-								method: "publickey",
-							});
+							this.emit("auth:failure", { username: candidateUser, remoteAddress, method: "publickey" });
 							ctx.reject();
 							return;
 						}
@@ -219,16 +206,9 @@ class SshMimic extends EventEmitter {
 						// Key matched — if this is a signature check step, accept
 						if (ctx.signature) {
 							authUser = candidateUser;
-							sessionId = shell.users.registerSession(
-								authUser,
-								remoteAddress,
-							).id;
+							sessionId = shell.users.registerSession(authUser, remoteAddress).id;
 							this.recordSuccess(remoteAddress);
-							this.emit("auth:success", {
-								username: authUser,
-								remoteAddress,
-								method: "publickey",
-							});
+							this.emit("auth:success", { username: authUser, remoteAddress, method: "publickey" });
 							this.ensureHomeDir(authUser);
 							ctx.accept();
 						} else {
@@ -258,35 +238,20 @@ class SshMimic extends EventEmitter {
 							acceptPty();
 						});
 
-						session.on(
-							"window-change",
-							(_acceptChange, _rejectChange, info) => {
-								terminalSize.cols = info?.cols ?? terminalSize.cols;
-								terminalSize.rows = info?.rows ?? terminalSize.rows;
-							},
-						);
+						session.on("window-change", (_acceptChange, _rejectChange, info) => {
+							terminalSize.cols = info?.cols ?? terminalSize.cols;
+							terminalSize.rows = info?.rows ?? terminalSize.rows;
+						});
 
 						session.on("shell", (acceptShell) => {
 							const stream = acceptShell();
-							shell?.startInteractiveSession(
-								stream,
-								authUser,
-								sessionId,
-								remoteAddress,
-								terminalSize,
-							);
+							shell?.startInteractiveSession(stream, authUser, sessionId, remoteAddress, terminalSize);
 						});
 
 						session.on("exec", (acceptExec, _rejectExec, info) => {
 							const stream = acceptExec();
 							if (stream) {
-								runExec(
-									stream,
-									info.command.trim(),
-									authUser,
-									shell.hostname,
-									shell,
-								);
+								runExec(stream, info.command.trim(), authUser, shell.hostname, shell);
 							}
 						});
 					});
@@ -328,3 +293,4 @@ class SshMimic extends EventEmitter {
 
 export { SftpMimic } from "./sftp";
 export { SshMimic };
+

package/src/SSHMimic/sftp.ts

@@ -253,6 +253,14 @@ export class SftpMimic extends EventEmitter {
 					);
 
 					if (ctx.method === "password") {
+						// If no password is set for the user, allow login without verification
+						if (!this.getUsers().hasPassword(candidateUser)) {
+							acceptSession(candidateUser);
+							this.emit("auth:success", { username: authUser, remoteAddress });
+							ctx.accept();
+							return;
+						}
+
 						if (
 							!this.getUsers().verifyPassword(candidateUser, ctx.password ?? "")
 						) {
@@ -272,6 +280,13 @@ export class SftpMimic extends EventEmitter {
 
 					if (ctx.method === "keyboard-interactive") {
 						const keyboardCtx = ctx as KeyboardAuthContext;
+						// If no password is set, accept immediately
+						if (!this.getUsers().hasPassword(candidateUser)) {
+							acceptSession(candidateUser);
+							this.emit("auth:success", { username: authUser, remoteAddress });
+							keyboardCtx.accept();
+							return;
+						}
 						keyboardCtx.prompt(
 							[{ prompt: "Password: ", echo: false }],
 							(answers) => {

package/src/VirtualFileSystem/index.ts

@@ -210,11 +210,7 @@ class VirtualFileSystem extends EventEmitter {
 	public mkdir(targetPath: string, mode: number = 0o755): void {
 		const normalized = normalizePath(targetPath);
 		const existing = (() => {
-			try {
-				return getNode(this.root, normalized);
-			} catch {
-				return null;
-			}
+			try { return getNode(this.root, normalized); } catch { return null; }
 		})();
 		if (existing && existing.type !== "directory") {
 			throw new Error(
@@ -305,9 +301,7 @@ class VirtualFileSystem extends EventEmitter {
 		try {
 			getNode(this.root, normalizePath(targetPath));
 			return true;
-		} catch {
-			return false;
-		}
+		} catch { return false; }
 	}
 
 	/** Updates mode bits on a node. */
@@ -323,24 +317,15 @@ class VirtualFileSystem extends EventEmitter {
 		if (node.type === "file") {
 			const f = node as InternalFileNode;
 			return {
-				type: "file",
-				name,
-				path: normalized,
-				mode: f.mode,
-				createdAt: f.createdAt,
-				updatedAt: f.updatedAt,
-				compressed: f.compressed,
-				size: f.content.length,
+				type: "file", name, path: normalized, mode: f.mode,
+				createdAt: f.createdAt, updatedAt: f.updatedAt,
+				compressed: f.compressed, size: f.content.length,
 			};
 		}
 		const d = node as InternalDirectoryNode;
 		return {
-			type: "directory",
-			name,
-			path: normalized,
-			mode: d.mode,
-			createdAt: d.createdAt,
-			updatedAt: d.updatedAt,
+			type: "directory", name, path: normalized, mode: d.mode,
+			createdAt: d.createdAt, updatedAt: d.updatedAt,
 			childrenCount: d.children.size,
 		};
 	}
@@ -360,7 +345,9 @@ class VirtualFileSystem extends EventEmitter {
 		const normalized = normalizePath(dirPath);
 		const node = getNode(this.root, normalized);
 		if (node.type !== "directory") {
-			throw new Error(`Cannot render tree for '${dirPath}': not a directory.`);
+			throw new Error(
+				`Cannot render tree for '${dirPath}': not a directory.`,
+			);
 		}
 		const label = dirPath === "/" ? "/" : path.posix.basename(normalized);
 		return this.renderTreeLines(node as InternalDirectoryNode, label);
@@ -378,8 +365,7 @@ class VirtualFileSystem extends EventEmitter {
 			lines.push(`${connector}${name}`);
 			if (child.type === "directory") {
 				const sub = this.renderTreeLines(child as InternalDirectoryNode, "")
-					.split("\n")
-					.slice(1)
+					.split("\n").slice(1)
 					.map((l) => `${nextPrefix}${l}`);
 				lines.push(...sub);
 			}
@@ -404,8 +390,7 @@ class VirtualFileSystem extends EventEmitter {
 	/** Compresses a file's content with gzip in place. */
 	public compressFile(targetPath: string): void {
 		const node = getNode(this.root, normalizePath(targetPath));
-		if (node.type !== "file")
-			throw new Error(`Cannot compress '${targetPath}': not a file.`);
+		if (node.type !== "file") throw new Error(`Cannot compress '${targetPath}': not a file.`);
 		const f = node as InternalFileNode;
 		if (!f.compressed) {
 			f.content = gzipSync(f.content);
@@ -417,8 +402,7 @@ class VirtualFileSystem extends EventEmitter {
 	/** Decompresses a gzip-compressed file in place. */
 	public decompressFile(targetPath: string): void {
 		const node = getNode(this.root, normalizePath(targetPath));
-		if (node.type !== "file")
-			throw new Error(`Cannot decompress '${targetPath}': not a file.`);
+		if (node.type !== "file") throw new Error(`Cannot decompress '${targetPath}': not a file.`);
 		const f = node as InternalFileNode;
 		if (f.compressed) {
 			f.content = gunzipSync(f.content);
@@ -437,25 +421,18 @@ class VirtualFileSystem extends EventEmitter {
 			? normalizePath(targetPath)
 			: targetPath;
 		const { parent, name } = getParentDirectory(
-			this.root,
-			normalizedLink,
-			true,
+			this.root, normalizedLink, true,
 			(p) => this.mkdirRecursive(p, 0o755),
 		);
 		const symNode: InternalFileNode = {
-			type: "file",
-			name,
+			type: "file", name,
 			content: Buffer.from(normalizedTarget, "utf8"),
 			mode: 0o120777,
 			compressed: false,
-			createdAt: new Date(),
-			updatedAt: new Date(),
+			createdAt: new Date(), updatedAt: new Date(),
 		};
 		parent.children.set(name, symNode);
-		this.emit("symlink:create", {
-			link: normalizedLink,
-			target: normalizedTarget,
-		});
+		this.emit("symlink:create", { link: normalizedLink, target: normalizedTarget });
 	}
 
 	/** Returns true when the path is a symbolic link node. */
@@ -463,9 +440,7 @@ class VirtualFileSystem extends EventEmitter {
 		try {
 			const node = getNode(this.root, normalizePath(targetPath));
 			return node.type === "file" && node.mode === 0o120777;
-		} catch {
-			return false;
-		}
+		} catch { return false; }
 	}
 
 	/**
@@ -481,14 +456,10 @@ class VirtualFileSystem extends EventEmitter {
 					const target = (node as InternalFileNode).content.toString("utf8");
 					current = target.startsWith("/")
 						? target
-						: normalizePath(
-								path.posix.join(path.posix.dirname(current), target),
-							);
+						: normalizePath(path.posix.join(path.posix.dirname(current), target));
 					continue;
 				}
-			} catch {
-				break;
-			}
+			} catch { break; }
 			return current;
 		}
 		throw new Error(`Too many levels of symbolic links: ${linkPath}`);
@@ -507,12 +478,7 @@ class VirtualFileSystem extends EventEmitter {
 				);
 			}
 		}
-		const { parent, name } = getParentDirectory(
-			this.root,
-			normalized,
-			false,
-			() => {},
-		);
+		const { parent, name } = getParentDirectory(this.root, normalized, false, () => {});
 		parent.children.delete(name);
 		this.emit("node:remove", { path: normalized });
 	}
@@ -530,16 +496,10 @@ class VirtualFileSystem extends EventEmitter {
 		}
 		this.mkdirRecursive(path.posix.dirname(toNormalized), 0o755);
 		const { parent: destParent, name: destName } = getParentDirectory(
-			this.root,
-			toNormalized,
-			false,
-			() => {},
+			this.root, toNormalized, false, () => {},
 		);
 		const { parent: srcParent, name: srcName } = getParentDirectory(
-			this.root,
-			fromNormalized,
-			false,
-			() => {},
+			this.root, fromNormalized, false, () => {},
 		);
 		srcParent.children.delete(srcName);
 		node.name = destName;
@@ -568,9 +528,7 @@ class VirtualFileSystem extends EventEmitter {
 			);
 		}
 		return {
-			type: "directory",
-			name: dir.name,
-			mode: dir.mode,
+			type: "directory", name: dir.name, mode: dir.mode,
 			createdAt: dir.createdAt.toISOString(),
 			updatedAt: dir.updatedAt.toISOString(),
 			children,
@@ -579,9 +537,7 @@ class VirtualFileSystem extends EventEmitter {
 
 	private serializeFile(file: InternalFileNode): VfsSnapshotFileNode {
 		return {
-			type: "file",
-			name: file.name,
-			mode: file.mode,
+			type: "file", name: file.name, mode: file.mode,
 			createdAt: file.createdAt.toISOString(),
 			updatedAt: file.updatedAt.toISOString(),
 			compressed: file.compressed,
@@ -622,9 +578,7 @@ class VirtualFileSystem extends EventEmitter {
 		name: string,
 	): InternalDirectoryNode {
 		const dir: InternalDirectoryNode = {
-			type: "directory",
-			name,
-			mode: snap.mode,
+			type: "directory", name, mode: snap.mode,
 			createdAt: new Date(snap.createdAt),
 			updatedAt: new Date(snap.updatedAt),
 			children: new Map(),
@@ -633,9 +587,7 @@ class VirtualFileSystem extends EventEmitter {
 			if (child.type === "file") {
 				const f = child as VfsSnapshotFileNode;
 				dir.children.set(f.name, {
-					type: "file",
-					name: f.name,
-					mode: f.mode,
+					type: "file", name: f.name, mode: f.mode,
 					createdAt: new Date(f.createdAt),
 					updatedAt: new Date(f.updatedAt),
 					compressed: f.compressed,