From d0fe81e277c7fc2793fe3a654dec101eb593107e Mon Sep 17 00:00:00 2001 From: Artem Nistratov Date: Wed, 27 Nov 2024 16:06:51 +0300 Subject: [PATCH] use proxy.Dial instead of net.Dial for ScanHostKey ssh.Dial uses net.DialTimeout under the hood and there is no possibility to use a proxy when running command like `flux create source git` so we use almost all internal implementation of ssh.Dial except net.DialTimeout is replaced with proxy.Dial like it is done in go-git --- ssh/go.mod | 2 +- ssh/host_key.go | 18 +++++++++++++++--- 2 files changed, 16 insertions(+), 4 deletions(-) diff --git a/ssh/go.mod b/ssh/go.mod index a9f24343..a98fce32 100644 --- a/ssh/go.mod +++ b/ssh/go.mod @@ -5,11 +5,11 @@ go 1.22.0 require ( github.com/onsi/gomega v1.34.2 golang.org/x/crypto v0.27.0 + golang.org/x/net v0.29.0 ) require ( github.com/google/go-cmp v0.6.0 // indirect - golang.org/x/net v0.29.0 // indirect golang.org/x/sys v0.25.0 // indirect golang.org/x/text v0.18.0 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect diff --git a/ssh/host_key.go b/ssh/host_key.go index e3b2e8d3..cde1be88 100644 --- a/ssh/host_key.go +++ b/ssh/host_key.go @@ -17,6 +17,7 @@ limitations under the License. package ssh import ( + "context" "encoding/base64" "fmt" "net" @@ -24,6 +25,7 @@ import ( "golang.org/x/crypto/ssh" "golang.org/x/crypto/ssh/knownhosts" + "golang.org/x/net/proxy" ) // ScanHostKey collects the given host's preferred public key for the @@ -45,10 +47,20 @@ func ScanHostKey(host string, timeout time.Duration, clientHostKeyAlgos []string config.HostKeyAlgorithms = clientHostKeyAlgos } - client, err := ssh.Dial("tcp", host, config) - if err == nil { - defer client.Close() + ctx, cancel := context.WithTimeout(context.Background(), timeout) + defer cancel() + // support for ALL_PROXY ENV varaible + conn, err := proxy.Dial(ctx, "tcp", host) + if err != nil { + return nil, err } + c, chans, reqs, err := ssh.NewClientConn(conn, host, config) + if err != nil { + return nil, err + } + client := ssh.NewClient(c, chans, reqs) + defer client.Close() + if len(col.knownKeys) > 0 { return col.knownKeys, nil }