With openssh_authAgent & tests

François Leurent · François Leurent · commit 40fa58f2f541 · 2021-06-25T14:11:17.000+02:00
diff --git a/README.md b/README.md
@@ -1180,6 +1180,9 @@ You can find more examples in the `examples` directory of this repository.
 
 * **forwardOut**(< _string_ >boundAddr, < _integer_ >boundPort, < _string_ >remoteAddr, < _integer_ >remotePort, < _function_ >callback) - _(void)_ - Alert the client of an incoming TCP connection on `boundAddr` on port `boundPort` from `remoteAddr` on port `remotePort`. `callback` has 2 parameters: < _Error_ >err, < _Channel_ >stream.
 
+* **openssh_authAgent**(< _function_ >callback) - _boolean_ - Alert the client of an incoming `ssh-agent` socket connection. `callback` has 2 parameters: < _Error_ >err, < _Channel_ >stream. Returns `false` if you should wait for the `continue` event before sending any more traffic.
+
+
 * **openssh_forwardOutStreamLocal**(< _string_ >socketPath, < _function_ >callback) - _(void)_ - Alert the client of an incoming UNIX domain socket connection on `socketPath`. `callback` has 2 parameters: < _Error_ >err, < _Channel_ >stream.
 
 * **rekey**([< _function_ >callback]) - _(void)_ - Initiates a rekey with the client. If `callback` is supplied, it is added as a one-time handler for the `rekey` event.
diff --git a/lib/server.js b/lib/server.js
@@ -1284,6 +1284,12 @@ class Client extends EventEmitter {
     return this;
   }
 
+
+  openssh_authAgent(cb) {
+    openChannel(this, 'auth-agent@openssh.com', cb);
+    return this;
+  }
+
   openssh_forwardOutStreamLocal(socketPath, cb) {
     const opts = { socketPath };
     openChannel(this, 'forwarded-streamlocal@openssh.com', opts, cb);
@@ -1341,6 +1347,9 @@ function openChannel(self, type, opts, cb) {
     case 'x11':
       self._protocol.x11(localChan, initWindow, maxPacket, opts);
       break;
+    case 'auth-agent@openssh.com':
+      self._protocol.openssh_authAgent(localChan, initWindow, maxPacket);
+      break;
     case 'forwarded-streamlocal@openssh.com':
       self._protocol.openssh_forwardedStreamLocal(
         localChan, initWindow, maxPacket, opts
diff --git a/test/test-openssh.js b/test/test-openssh.js
@@ -2,6 +2,7 @@
 
 const assert = require('assert');
 const { inspect } = require('util');
+const { spawn } = require('child_process');
 
 const {
   fixture,
@@ -12,16 +13,27 @@ const {
 
 const debug = false;
 
+const test_forward = (process.platform !== 'win32');
+
+if (!test_forward)
+  console.log('Skipping agent forwarding test on Windows');
+
+
 const clientCfg = { username: 'foo', password: 'bar' };
 const serverCfg = { hostKeys: [ fixture('ssh_host_rsa_key') ] };
 
 {
+  const agent_sock = '/tmp/nodejs-ssh2-test-' + process.pid;
+  let agent;
+  if (test_forward)
+      agent = spawn('ssh-agent', ['-d', '-a', agent_sock]);
+
   const { client, server } = setup_(
     'Exec with OpenSSH agent forwarding',
     {
       client: {
         ...clientCfg,
-        agent: '/path/to/agent',
+        agent: agent_sock,
       },
       server: serverCfg,
 
@@ -45,8 +57,23 @@ const serverCfg = { hostKeys: [ fixture('ssh_host_rsa_key') ] };
           const stream = accept();
           stream.exit(100);
           stream.end();
-          conn.end();
+
+          if (test_forward) {
+            conn.openssh_authAgent(function(err, stream) {
+              assert(!err, `Unexpected openssh_authAgent error: ${err}`);
+              assert(stream.type === 'auth-agent@openssh.com',
+                  `Unexpected openssh_authAgent channel type : ${stream.type}`);
+
+              conn.end();
+              agent.kill();
+            });
+
+          } else {
+              conn.end();
+          }
+
         }));
+
       }));
     }));
   }));
