Initial working version

2026-03-23 06:16:35 +01:00 · 2024-07-24 22:57:32 +02:00
commit 44d50d5f7c
789 changed files with 270992 additions and 0 deletions
--- a/vendor/github.com/cloudfoundry/socks5-proxy/ssh_test_server.go
+++ b/vendor/github.com/cloudfoundry/socks5-proxy/ssh_test_server.go
@ -0,0 +1,149 @@
+package proxy
+
+import (
+	"bufio"
+	"fmt"
+	"log"
+	"net"
+	"sync"
+	"time"
+
+	"golang.org/x/crypto/ssh"
+)
+
+const jb = "jumpbox"
+
+type checker struct {
+	expired         bool
+	timeout         time.Duration
+	lastMessageTime time.Time
+	sync.RWMutex
+}
+
+func (c *checker) check(reqs <-chan *ssh.Request) {
+	for {
+		select {
+		case req, ok := <-reqs:
+			if !ok {
+				continue
+			}
+
+			if req.Type == "bosh-cli-keep-alive@bosh.io" {
+				c.lastMessageTime = time.Now()
+			}
+
+			if req.WantReply {
+				req.Reply(false, nil)
+			}
+
+		default:
+			if c.lastMessageTime.Add(c.timeout).Before(time.Now()) {
+				c.Lock()
+				c.expired = true
+				c.Unlock()
+			}
+		}
+	}
+}
+
+func StartTestSSHServer(httpServerURL, sshPrivateKey, userName string) string {
+	if userName == "" {
+		userName = jb
+	}
+
+	signer, err := ssh.ParsePrivateKey([]byte(sshPrivateKey))
+	if err != nil {
+		log.Fatal("Failed to parse private key: ", err)
+	}
+
+	config := &ssh.ServerConfig{
+		PublicKeyCallback: func(c ssh.ConnMetadata, pubKey ssh.PublicKey) (*ssh.Permissions, error) {
+			if c.User() != userName {
+				return nil, fmt.Errorf("unknown user: %q", c.User())
+			}
+
+			if string(signer.PublicKey().Marshal()) == string(pubKey.Marshal()) {
+				return nil, nil
+			}
+			return nil, fmt.Errorf("unknown public key for %q", c.User())
+		},
+	}
+
+	config.AddHostKey(signer)
+
+	listener, err := net.Listen("tcp", "127.0.0.1:0")
+	if err != nil {
+		log.Fatal("failed to listen for connection: ", err)
+	}
+	c := &checker{
+		lastMessageTime: time.Now(),
+		timeout:         500 * time.Millisecond,
+	}
+
+	go func() {
+		for {
+			nConn, err := listener.Accept()
+			if err != nil {
+				log.Fatal("failed to accept incoming connection: ", err)
+			}
+
+			_, chans, reqs, err := ssh.NewServerConn(nConn, config)
+			if err != nil {
+				log.Println("failed to handshake: ", err)
+				continue
+			}
+
+			go c.check(reqs)
+
+			for newChannel := range chans {
+				if newChannel.ChannelType() != "direct-tcpip" {
+					newChannel.Reject(ssh.UnknownChannelType, "unknown channel type")
+					continue
+				}
+
+				c.RLock()
+				expired := c.expired
+				c.RUnlock()
+
+				if expired {
+					newChannel.Reject(ssh.ConnectionFailed, "no keepalive sent, you died")
+					continue
+				}
+
+				channel, _, err := newChannel.Accept()
+				if err != nil {
+					log.Fatalf("Could not accept channel: %v", err)
+				}
+				defer channel.Close()
+
+				data, err := bufio.NewReader(channel).ReadString('\n')
+				if err != nil {
+					log.Fatalf("Can't read data from channel: %v", err)
+				}
+
+				httpConn, err := net.Dial("tcp", httpServerURL)
+				if err != nil {
+					log.Fatalf("Could not open connection to http server: %v", err)
+				}
+				defer httpConn.Close()
+
+				_, err = httpConn.Write([]byte(data + "\r\n\r\n"))
+				if err != nil {
+					log.Fatalf("Could not write to http server: %v", err)
+				}
+
+				data, err = bufio.NewReader(httpConn).ReadString('\n')
+				if err != nil {
+					log.Fatalf("Can't read data from http conn: %v", err)
+				}
+
+				_, err = channel.Write([]byte(data))
+				if err != nil {
+					log.Fatalf("Can't write data to channel: %v", err)
+				}
+			}
+		}
+	}()
+
+	return listener.Addr().String()
+}