From 9cea961525a03dbeabfc8c3b803d3fe10518b67b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Anders=20F=20Bj=C3=B6rklund?= Date: Fri, 24 Nov 2023 08:25:42 +0100 Subject: [PATCH] Use SSH address also for host agent --- pkg/hostagent/hostagent.go | 20 ++++++++++---------- pkg/hostagent/mount.go | 2 +- pkg/hostagent/port.go | 8 +++++--- pkg/hostagent/port_darwin.go | 12 ++++++------ pkg/hostagent/port_others.go | 4 ++-- pkg/hostagent/port_windows.go | 4 ++-- 6 files changed, 26 insertions(+), 24 deletions(-) diff --git a/pkg/hostagent/hostagent.go b/pkg/hostagent/hostagent.go index 5d720f9127cb..004b4b127f30 100644 --- a/pkg/hostagent/hostagent.go +++ b/pkg/hostagent/hostagent.go @@ -171,7 +171,7 @@ func New(instName string, stdout io.Writer, sigintCh chan os.Signal, opts ...Opt instName: instName, instSSHAddress: inst.SSHAddress, sshConfig: sshConfig, - portForwarder: newPortForwarder(sshConfig, sshLocalPort, rules, inst.VMType), + portForwarder: newPortForwarder(sshConfig, inst.SSHAddress, sshLocalPort, rules, inst.VMType), driver: limaDriver, sigintCh: sigintCh, eventEnc: json.NewEncoder(stdout), @@ -559,7 +559,7 @@ func (a *HostAgent) watchGuestAgentEvents(ctx context.Context) { for _, rule := range a.y.PortForwards { if rule.GuestSocket != "" { local := hostAddress(rule, guestagentapi.IPPort{}) - _ = forwardSSH(ctx, a.sshConfig, a.sshLocalPort, local, rule.GuestSocket, verbForward, rule.Reverse) + _ = forwardSSH(ctx, a.sshConfig, a.instSSHAddress, a.sshLocalPort, local, rule.GuestSocket, verbForward, rule.Reverse) } } } @@ -571,7 +571,7 @@ func (a *HostAgent) watchGuestAgentEvents(ctx context.Context) { if rule.GuestSocket != "" { local := hostAddress(rule, guestagentapi.IPPort{}) // using ctx.Background() because ctx has already been cancelled - if err := forwardSSH(context.Background(), a.sshConfig, a.sshLocalPort, local, rule.GuestSocket, verbCancel, rule.Reverse); err != nil { + if err := forwardSSH(context.Background(), a.sshConfig, a.instSSHAddress, a.sshLocalPort, local, rule.GuestSocket, verbCancel, rule.Reverse); err != nil { errs = append(errs, err) } } @@ -653,11 +653,11 @@ const ( verbCancel = "cancel" ) -func executeSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, command ...string) error { +func executeSSH(ctx context.Context, sshConfig *ssh.SSHConfig, addr string, port int, command ...string) error { args := sshConfig.Args() args = append(args, "-p", strconv.Itoa(port), - "127.0.0.1", + addr, "--", ) args = append(args, command...) @@ -668,7 +668,7 @@ func executeSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, command return nil } -func forwardSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, remote string, verb string, reverse bool) error { +func forwardSSH(ctx context.Context, sshConfig *ssh.SSHConfig, addr string, port int, local, remote string, verb string, reverse bool) error { args := sshConfig.Args() args = append(args, "-T", @@ -687,7 +687,7 @@ func forwardSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, "-N", "-f", "-p", strconv.Itoa(port), - "127.0.0.1", + addr, "--", ) if strings.HasPrefix(local, "/") { @@ -695,7 +695,7 @@ func forwardSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, case verbForward: if reverse { logrus.Infof("Forwarding %q (host) to %q (guest)", local, remote) - if err := executeSSH(ctx, sshConfig, port, "rm", "-f", remote); err != nil { + if err := executeSSH(ctx, sshConfig, addr, port, "rm", "-f", remote); err != nil { logrus.WithError(err).Warnf("Failed to clean up %q (guest) before setting up forwarding", remote) } } else { @@ -710,7 +710,7 @@ func forwardSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, case verbCancel: if reverse { logrus.Infof("Stopping forwarding %q (host) to %q (guest)", local, remote) - if err := executeSSH(ctx, sshConfig, port, "rm", "-f", remote); err != nil { + if err := executeSSH(ctx, sshConfig, addr, port, "rm", "-f", remote); err != nil { logrus.WithError(err).Warnf("Failed to clean up %q (guest) after stopping forwarding", remote) } } else { @@ -730,7 +730,7 @@ func forwardSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, if verb == verbForward && strings.HasPrefix(local, "/") { if reverse { logrus.WithError(err).Warnf("Failed to set up forward from %q (host) to %q (guest)", local, remote) - if err := executeSSH(ctx, sshConfig, port, "rm", "-f", remote); err != nil { + if err := executeSSH(ctx, sshConfig, addr, port, "rm", "-f", remote); err != nil { logrus.WithError(err).Warnf("Failed to clean up %q (guest) after forwarding failed", remote) } } else { diff --git a/pkg/hostagent/mount.go b/pkg/hostagent/mount.go index 3f881416bba0..d1990d99f982 100644 --- a/pkg/hostagent/mount.go +++ b/pkg/hostagent/mount.go @@ -58,7 +58,7 @@ func (a *HostAgent) setupMount(m limayaml.Mount) (*mount, error) { Driver: *m.SSHFS.SFTPDriver, SSHConfig: a.sshConfig, LocalPath: location, - Host: "127.0.0.1", + Host: a.instSSHAddress, Port: a.sshLocalPort, RemotePath: mountPoint, Readonly: !(*m.Writable), diff --git a/pkg/hostagent/port.go b/pkg/hostagent/port.go index 772f951bd97c..6b26e42c9696 100644 --- a/pkg/hostagent/port.go +++ b/pkg/hostagent/port.go @@ -12,6 +12,7 @@ import ( type portForwarder struct { sshConfig *ssh.SSHConfig + sshHostAddr string sshHostPort int rules []limayaml.PortForward vmType limayaml.VMType @@ -19,9 +20,10 @@ type portForwarder struct { const sshGuestPort = 22 -func newPortForwarder(sshConfig *ssh.SSHConfig, sshHostPort int, rules []limayaml.PortForward, vmType limayaml.VMType) *portForwarder { +func newPortForwarder(sshConfig *ssh.SSHConfig, sshHostAddr string, sshHostPort int, rules []limayaml.PortForward, vmType limayaml.VMType) *portForwarder { return &portForwarder{ sshConfig: sshConfig, + sshHostAddr: sshHostAddr, sshHostPort: sshHostPort, rules: rules, vmType: vmType, @@ -88,7 +90,7 @@ func (pf *portForwarder) OnEvent(ctx context.Context, ev api.Event, instSSHAddre continue } logrus.Infof("Stopping forwarding TCP from %s to %s", remote, local) - if err := forwardTCP(ctx, pf.sshConfig, pf.sshHostPort, local, remote, verbCancel); err != nil { + if err := forwardTCP(ctx, pf.sshConfig, pf.sshHostAddr, pf.sshHostPort, local, remote, verbCancel); err != nil { logrus.WithError(err).Warnf("failed to stop forwarding tcp port %d", f.Port) } } @@ -99,7 +101,7 @@ func (pf *portForwarder) OnEvent(ctx context.Context, ev api.Event, instSSHAddre continue } logrus.Infof("Forwarding TCP from %s to %s", remote, local) - if err := forwardTCP(ctx, pf.sshConfig, pf.sshHostPort, local, remote, verbForward); err != nil { + if err := forwardTCP(ctx, pf.sshConfig, pf.sshHostAddr, pf.sshHostPort, local, remote, verbForward); err != nil { logrus.WithError(err).Warnf("failed to set up forwarding tcp port %d (negligible if already forwarded)", f.Port) } } diff --git a/pkg/hostagent/port_darwin.go b/pkg/hostagent/port_darwin.go index bd889674e6c5..8e18b422536e 100644 --- a/pkg/hostagent/port_darwin.go +++ b/pkg/hostagent/port_darwin.go @@ -16,9 +16,9 @@ import ( ) // forwardTCP is not thread-safe -func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, remote string, verb string) error { +func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, addr string, port int, local, remote string, verb string) error { if strings.HasPrefix(local, "/") { - return forwardSSH(ctx, sshConfig, port, local, remote, verb, false) + return forwardSSH(ctx, sshConfig, addr, port, local, remote, verb, false) } localIPStr, localPortStr, err := net.SplitHostPort(local) if err != nil { @@ -31,7 +31,7 @@ func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, } if !localIP.Equal(api.IPv4loopback1) || localPort >= 1024 { - return forwardSSH(ctx, sshConfig, port, local, remote, verb, false) + return forwardSSH(ctx, sshConfig, addr, port, local, remote, verb, false) } // on macOS, listening on 127.0.0.1:80 requires root while 0.0.0.0:80 does not require root. @@ -46,7 +46,7 @@ func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, localUnix := plf.unixAddr.Name _ = plf.Close() delete(pseudoLoopbackForwarders, local) - if err := forwardSSH(ctx, sshConfig, port, localUnix, remote, verb, false); err != nil { + if err := forwardSSH(ctx, sshConfig, addr, port, localUnix, remote, verb, false); err != nil { return err } } else { @@ -61,12 +61,12 @@ func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, } localUnix := filepath.Join(localUnixDir, "sock") logrus.Debugf("forwarding %q to %q", localUnix, remote) - if err := forwardSSH(ctx, sshConfig, port, localUnix, remote, verb, false); err != nil { + if err := forwardSSH(ctx, sshConfig, addr, port, localUnix, remote, verb, false); err != nil { return err } plf, err := newPseudoLoopbackForwarder(localPort, localUnix) if err != nil { - if cancelErr := forwardSSH(ctx, sshConfig, port, localUnix, remote, verbCancel, false); cancelErr != nil { + if cancelErr := forwardSSH(ctx, sshConfig, addr, port, localUnix, remote, verbCancel, false); cancelErr != nil { logrus.WithError(cancelErr).Warnf("failed to cancel forwarding %q to %q", localUnix, remote) } return err diff --git a/pkg/hostagent/port_others.go b/pkg/hostagent/port_others.go index 38239743c4d7..d50ea58b295e 100644 --- a/pkg/hostagent/port_others.go +++ b/pkg/hostagent/port_others.go @@ -8,8 +8,8 @@ import ( "github.com/lima-vm/sshocker/pkg/ssh" ) -func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, remote string, verb string) error { - return forwardSSH(ctx, sshConfig, port, local, remote, verb, false) +func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, addr string, port int, local, remote string, verb string) error { + return forwardSSH(ctx, sshConfig, addr, port, local, remote, verb, false) } func getFreeVSockPort() (int, error) { diff --git a/pkg/hostagent/port_windows.go b/pkg/hostagent/port_windows.go index ce791cfe0914..f1c8e3d9a436 100644 --- a/pkg/hostagent/port_windows.go +++ b/pkg/hostagent/port_windows.go @@ -7,8 +7,8 @@ import ( "github.com/lima-vm/sshocker/pkg/ssh" ) -func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, remote string, verb string) error { - return forwardSSH(ctx, sshConfig, port, local, remote, verb, false) +func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, addr string, port int, local, remote string, verb string) error { + return forwardSSH(ctx, sshConfig, addr, port, local, remote, verb, false) } func getFreeVSockPort() (int, error) {