Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add fixed header and write skipping to multiplexer #35762

Merged
merged 4 commits into from
Dec 18, 2023
Merged

Add fixed header and write skipping to multiplexer #35762

merged 4 commits into from
Dec 18, 2023

Conversation

espadolini
Copy link
Contributor

@espadolini espadolini commented Dec 14, 2023
edited

Add the ability to unconditionally send some fixed header to the client before protocol detection in multiplexer.Mux, together with the ability to skip the same amount of data sent from the application side; this lets us send a SSH version identification header before we run PROXY header detection, where appropriate.

Fixes #35647.

Changelog: Restored direct dial SSH server compatibility with certain SSH tools such as ssh-keyscan (#35647)

@espadolini espadolini added no-changelog Indicates that a PR does not require a changelog entry backport/branch/v14 and removed no-changelog Indicates that a PR does not require a changelog entry labels Dec 14, 2023
@espadolini espadolini mentioned this pull request Dec 15, 2023
Closed
@espadolini espadolini changed the title Add fixed early data and write skipping to multiplexer Add fixed header and write skipping to multiplexer Dec 15, 2023
@espadolini espadolini marked this pull request as ready for review December 15, 2023 01:32
AntonAM
AntonAM approved these changes Dec 15, 2023
View reviewed changes
lib/multiplexer/multiplexer_test.go

func TestFixedHeader(t *testing.T) {
t.Parallel()
require := require.New(t)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

TIL

lib/multiplexer/wrappers.go Outdated
@@ -37,6 +37,7 @@ type Conn struct {
protocol Protocol
proxyLine *ProxyLine
reader *bufio.Reader
writeSkip int
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do you think just skipping amount of bytes without controlling those bytes match prefix is enough?
We most probably should be fine, but if something goes wrong there's possibility for some cryptic bugs 😅

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You're right, I added a check for that.

smallinsky
smallinsky approved these changes Dec 15, 2023
View reviewed changes
lib/multiplexer/wrappers.go Outdated Show resolved Hide resolved
@espadolini espadolini added this pull request to the merge queue Dec 18, 2023
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Dec 18, 2023
@espadolini espadolini added this pull request to the merge queue Dec 18, 2023
Merged via the queue into master with commit 5618cf8 Dec 18, 2023
34 checks passed
@espadolini espadolini deleted the espadolini/multiplexer-header branch December 18, 2023 19:28
@public-teleport-github-review-bot
Copy link

@espadolini See the table below for backport results.

Branch Result
branch/v14 Create PR

@espadolini espadolini mentioned this pull request Dec 18, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AntonAM AntonAM AntonAM approved these changes

@rosstimothy rosstimothy rosstimothy approved these changes

@smallinsky smallinsky Awaiting requested review from smallinsky

Assignees
No one assigned
Labels
backport/branch/v14 size/sm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

SSH listener violates spec by waiting for client data
4 participants
@espadolini @AntonAM @smallinsky @rosstimothy