/
proxy.go
63 lines (53 loc) · 1.14 KB
/
proxy.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
package sshr
import (
"net"
"golang.org/x/crypto/ssh"
)
func newSSHProxyConn(conn net.Conn, proxyConf *ssh.ProxyConfig) (proxyConn *ssh.ProxyConn, err error) {
d, err := ssh.NewDownstreamConn(conn, proxyConf.ServerConfig)
if err != nil {
return nil, err
}
defer func() {
if proxyConn == nil {
d.Close()
}
}()
authRequestMsg, err := d.GetAuthRequestMsg()
if err != nil {
return nil, err
}
username := authRequestMsg.User
p := &ssh.ProxyConn{
User: username,
Downstream: d,
}
upstreamHost, err := proxyConf.FindUpstreamHook(username)
if err != nil {
if err := p.SendFailureMsg(err.Error()); err != nil {
return p, err
}
return p, err
}
p.DestinationHost = upstreamHost
upConn, err := net.Dial("tcp", upstreamHost+":"+proxyConf.DestinationPort)
if err != nil {
return p, err
}
u, err := ssh.NewUpstreamConn(upConn, &ssh.ClientConfig{
HostKeyCallback: ssh.InsecureIgnoreHostKey(),
})
if err != nil {
return p, err
}
defer func() {
if proxyConn == nil {
u.Close()
}
}()
p.Upstream = u
if err = p.AuthenticateProxyConn(authRequestMsg, proxyConf); err != nil {
return p, err
}
return p, nil
}