Documentation ¶
Index ¶
- Constants
- Variables
- func AppendKnownHost(filename string, host string, cert *x509.Certificate) error
- func GetConfigForHost(host string, config *ssh_config.Config) (hostname string, port int, user string, urlPath string, ...)
- func GetCurrentSoftwareVersion() string
- func GetCurrentVersionString() string
- func IsVersionSupported(other Version) bool
- type AgentAuthMethod
- type AuthenticatedHandlerFunc
- type Channel
- type ChannelDataHandler
- type ChannelInfo
- type ChannelOpenFailure
- type ControlStreamID
- type Conversation
- func (c *Conversation) AcceptChannel(ctx context.Context) (Channel, error)
- func (c *Conversation) AddDatagram(ctx context.Context, datagram []byte) error
- func (c *Conversation) Close()
- func (c *Conversation) Context() context.Context
- func (c *Conversation) ConversationID() ConversationID
- func (c *Conversation) EstablishClientConversation(req *http.Request, roundTripper *http3.RoundTripper, ...) error
- func (c *Conversation) OpenChannel(channelType string, maxPacketSize uint64, datagramsQueueSize uint64) (Channel, error)
- func (c *Conversation) OpenTCPForwardingChannel(maxPacketSize uint64, datagramsQueueSize uint64, localAddr *net.TCPAddr, ...) (Channel, error)
- func (c *Conversation) OpenUDPForwardingChannel(maxPacketSize uint64, datagramsQueueSize uint64, localAddr *net.UDPAddr, ...) (Channel, error)
- type ConversationID
- type ExecReqHandler
- type ExitSignalReqHandler
- type ExitStatusReqHandler
- type Identity
- type InvalidKnownHost
- type InvalidProtocolVersion
- type InvalidSSHVersion
- type InvalidSoftwareVersion
- type KnownHosts
- type MessageOnNonConfirmedChannel
- type OidcAuthMethod
- type PasswordAuthMethod
- type PrivkeyFileAuthMethod
- type ProtocolVersion
- type PtyReqHandler
- type ReceivedDatagramOnNonDatagramChannel
- type SentDatagramOnNonDatagramChannel
- type Server
- type ServerConversationHandler
- type ShellReqHandler
- type SignalReqHandler
- type SoftwareVersion
- type StreamByteReader
- type SubsystemReqHandler
- type TCPForwardingChannelImpl
- type UDPForwardingChannelImpl
- type UnauthenticatedBearerFunc
- type UnsupportedSSHVersion
- type Version
- type WindowChangeReqHandler
- type X11ReqHandler
Constants ¶
const PROTOCOL_EXPERIMENTAL_SPEC_VERSION string = "alpha-00"
const PROTOCOL_MAJOR int = 3
EXPERIMENTAL_SPEC_VERSION specifies which version of the protocol this software is implementing. The protocol version string format is:
major + "." + minor[ + "_" + additional-version-information].
It currently implements a first early version with no specification (alpha). Once IETF drafts get published, we plan on having versions such as 3.0_draft-michel-ssh3-XX when implementing the IETF specification from draft-michel-ssh3-XX.
const PROTOCOL_MINOR int = 0
const SOFTWARE_IMPLEMENTATION_NAME string = "francoismichel/ssh3"
const SOFTWARE_MAJOR int = 0
const SOFTWARE_MINOR int = 1
const SOFTWARE_PATCH int = 6
const SOFTWARE_RC int = 2
const SSH_FRAME_TYPE = 0xaf3627e6
Variables ¶
var AVAILABLE_CLIENT_VERSIONS []Version = []Version{ ThisVersion(), NewVersion("SSH", NewProtocolVersion(3, 0, ""), NewSoftwareVersion(0, 1, 5, SOFTWARE_IMPLEMENTATION_NAME)), NewVersion("SSH", NewProtocolVersion(3, 0, ""), NewSoftwareVersion(0, 1, 4, SOFTWARE_IMPLEMENTATION_NAME)), NewVersion("SSH", NewProtocolVersion(3, 0, ""), NewSoftwareVersion(0, 1, 3, SOFTWARE_IMPLEMENTATION_NAME)), }
Functions ¶
func AppendKnownHost ¶
func AppendKnownHost(filename string, host string, cert *x509.Certificate) error
func GetConfigForHost ¶
func GetCurrentSoftwareVersion ¶
func GetCurrentSoftwareVersion() string
GetCurrentSoftwareVersion() returns the current software version to be displayed to the user For version string to be communicated between endpoints, use GetCurrentVersionString() instead.
func GetCurrentVersionString ¶
func GetCurrentVersionString() string
GetCurrentVersionString() returns the version string to be exchanged between two endpoints for version negotiation
func IsVersionSupported ¶
Tells if the this version (a.k.a. the version returned by ThisVersion()) is compatible with `other`.
Types ¶
type AgentAuthMethod ¶
type AgentAuthMethod struct {
// contains filtered or unexported fields
}
func NewAgentAuthMethod ¶
func NewAgentAuthMethod(pubkey ssh.PublicKey) *AgentAuthMethod
func (*AgentAuthMethod) IntoIdentity ¶
func (m *AgentAuthMethod) IntoIdentity(agent agent.ExtendedAgent) Identity
A prerequisite of calling this methiod is that the provided pubkey is explicitly listed by the agent This can be verified beforehand by calling agent.List()
type AuthenticatedHandlerFunc ¶
type AuthenticatedHandlerFunc func(authenticatedUserName string, newConv *Conversation, w http.ResponseWriter, r *http.Request)
type Channel ¶
type Channel interface { ChannelID() util.ChannelID ConversationID() ConversationID ConversationStreamID() uint64 NextMessage() (ssh3.Message, error) ReceiveDatagram(ctx context.Context) ([]byte, error) SendDatagram(datagram []byte) error SendRequest(r *ssh3.ChannelRequestMessage) error CancelRead() Close() MaxPacketSize() uint64 WriteData(dataBuf []byte, dataType ssh3.SSHDataType) (int, error) ChannelType() string // contains filtered or unexported methods }
func NewChannel ¶
func NewChannel(conversationStreamID uint64, conversationID ConversationID, channelID uint64, channelType string, maxPacketSize uint64, recv quic.ReceiveStream, send io.WriteCloser, datagramSender util.SSH3DatagramSenderFunc, channelCloseListener channelCloseListener, sendHeader bool, confirmSent bool, confirmReceived bool, datagramsQueueSize uint64, additonalHeaderBytes []byte) Channel
type ChannelDataHandler ¶
type ChannelDataHandler func(channel Channel, dataType ssh3.SSHDataType, data string)
type ChannelInfo ¶
type ChannelInfo struct { MaxPacketSize uint64 ConversationStreamID uint64 ConversationID ConversationID ChannelID uint64 ChannelType string }
type ChannelOpenFailure ¶
func (ChannelOpenFailure) Error ¶
func (e ChannelOpenFailure) Error() string
type ControlStreamID ¶
type ControlStreamID = uint64
type Conversation ¶
type Conversation struct {
// contains filtered or unexported fields
}
func NewClientConversation ¶
func NewClientConversation(maxPacketsize uint64, defaultDatagramsQueueSize uint64, tls *tls.ConnectionState) (*Conversation, error)
func NewServerConversation ¶
func NewServerConversation(ctx context.Context, controlStream http3.Stream, qconn quic.Connection, messageSender util.DatagramSender, maxPacketsize uint64, peerVersion Version) (*Conversation, error)
func (*Conversation) AcceptChannel ¶
func (c *Conversation) AcceptChannel(ctx context.Context) (Channel, error)
func (*Conversation) AddDatagram ¶
func (c *Conversation) AddDatagram(ctx context.Context, datagram []byte) error
blocks until the datagram is added the first field must be the channel ID
func (*Conversation) Close ¶
func (c *Conversation) Close()
func (*Conversation) Context ¶
func (c *Conversation) Context() context.Context
func (*Conversation) ConversationID ¶
func (c *Conversation) ConversationID() ConversationID
func (*Conversation) EstablishClientConversation ¶
func (c *Conversation) EstablishClientConversation(req *http.Request, roundTripper *http3.RoundTripper, supportedVersions []Version) error
func (*Conversation) OpenChannel ¶
func (*Conversation) OpenTCPForwardingChannel ¶
type ConversationID ¶
type ConversationID [32]byte
func GenerateConversationID ¶
func GenerateConversationID(tls *tls.ConnectionState) (convID ConversationID, err error)
func (ConversationID) String ¶
func (cid ConversationID) String() string
type ExecReqHandler ¶
type ExecReqHandler func(channel Channel, request ssh3.ExecRequest, wantReply bool)
type ExitSignalReqHandler ¶
type ExitSignalReqHandler func(channel Channel, request ssh3.ExitSignalRequest, wantReply bool)
type ExitStatusReqHandler ¶
type ExitStatusReqHandler func(channel Channel, request ssh3.ExitStatusRequest, wantReply bool)
type Identity ¶
type Identity interface { SetAuthorizationHeader(req *http.Request, username string, conversation *Conversation) error // provides an authentication name that can be used as a hint for the server in the url query params AuthHint() string fmt.Stringer }
a generic way to generate SSH3 identities to populate the HTTP Authorization header
type InvalidKnownHost ¶
type InvalidKnownHost struct {
// contains filtered or unexported fields
}
func (InvalidKnownHost) Error ¶
func (e InvalidKnownHost) Error() string
type InvalidProtocolVersion ¶
type InvalidProtocolVersion struct {
// contains filtered or unexported fields
}
func (InvalidProtocolVersion) Error ¶
func (e InvalidProtocolVersion) Error() string
type InvalidSSHVersion ¶
type InvalidSSHVersion struct {
// contains filtered or unexported fields
}
func (InvalidSSHVersion) Error ¶
func (e InvalidSSHVersion) Error() string
type InvalidSoftwareVersion ¶
type InvalidSoftwareVersion struct {
// contains filtered or unexported fields
}
func (InvalidSoftwareVersion) Error ¶
func (e InvalidSoftwareVersion) Error() string
type KnownHosts ¶
type KnownHosts map[string][]*x509.Certificate
func ParseKnownHosts ¶
func ParseKnownHosts(filename string) (knownHosts KnownHosts, invalidLines []int, err error)
func (KnownHosts) Knows ¶
func (kh KnownHosts) Knows(hostname string) bool
type MessageOnNonConfirmedChannel ¶
type MessageOnNonConfirmedChannel struct {
// contains filtered or unexported fields
}
func (MessageOnNonConfirmedChannel) Error ¶
func (e MessageOnNonConfirmedChannel) Error() string
type OidcAuthMethod ¶
type OidcAuthMethod struct {
// contains filtered or unexported fields
}
func NewOidcAuthMethod ¶
func NewOidcAuthMethod(doPKCE bool, config *auth.OIDCConfig) *OidcAuthMethod
func (*OidcAuthMethod) DoPKCE ¶
func (m *OidcAuthMethod) DoPKCE() bool
func (*OidcAuthMethod) IntoIdentity ¶
func (m *OidcAuthMethod) IntoIdentity(bearerToken string) Identity
func (*OidcAuthMethod) OIDCConfig ¶
func (m *OidcAuthMethod) OIDCConfig() *auth.OIDCConfig
type PasswordAuthMethod ¶
type PasswordAuthMethod struct{}
func NewPasswordAuthMethod ¶
func NewPasswordAuthMethod() *PasswordAuthMethod
func (*PasswordAuthMethod) IntoIdentity ¶
func (m *PasswordAuthMethod) IntoIdentity(password string) Identity
type PrivkeyFileAuthMethod ¶
type PrivkeyFileAuthMethod struct {
// contains filtered or unexported fields
}
func NewPrivkeyFileAuthMethod ¶
func NewPrivkeyFileAuthMethod(filename string) *PrivkeyFileAuthMethod
func (*PrivkeyFileAuthMethod) Filename ¶
func (m *PrivkeyFileAuthMethod) Filename() string
func (*PrivkeyFileAuthMethod) IntoIdentityPassphrase ¶
func (m *PrivkeyFileAuthMethod) IntoIdentityPassphrase(passphrase string) (Identity, error)
IntoIdentityPassphrase returns a passphrase-protected private key stored on the provided path. It supports the same keys as ssh.ParsePrivateKey If the passphrase is wrong, it returns an x509.IncorrectPasswordError.
func (*PrivkeyFileAuthMethod) IntoIdentityWithoutPassphrase ¶
func (m *PrivkeyFileAuthMethod) IntoIdentityWithoutPassphrase() (Identity, error)
IntoIdentityWithoutPassphrase returns an SSH3 identity stored on the provided path. It supports the same keys as ssh.ParsePrivateKey If the private key is encrypted, it returns an ssh.PassphraseMissingError.
type ProtocolVersion ¶
func NewProtocolVersion ¶
func NewProtocolVersion(major int, minor int, experimentalspecversion string) ProtocolVersion
func ParseProtocolVersion ¶
func ParseProtocolVersion(versionString string) (ProtocolVersion, error)
func (ProtocolVersion) String ¶
func (v ProtocolVersion) String() string
type PtyReqHandler ¶
type PtyReqHandler func(channel Channel, request ssh3.PtyRequest, wantReply bool)
type ReceivedDatagramOnNonDatagramChannel ¶
type ReceivedDatagramOnNonDatagramChannel struct {
// contains filtered or unexported fields
}
func (ReceivedDatagramOnNonDatagramChannel) Error ¶
func (e ReceivedDatagramOnNonDatagramChannel) Error() string
type SentDatagramOnNonDatagramChannel ¶
type SentDatagramOnNonDatagramChannel struct {
// contains filtered or unexported fields
}
func (SentDatagramOnNonDatagramChannel) Error ¶
func (e SentDatagramOnNonDatagramChannel) Error() string
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
func (*Server) GetHTTPHandlerFunc ¶
func (s *Server) GetHTTPHandlerFunc(ctx context.Context) AuthenticatedHandlerFunc
type ServerConversationHandler ¶
type ServerConversationHandler func(authenticatedUsername string, conversation *Conversation) error
type ShellReqHandler ¶
type ShellReqHandler func(channel Channel, request ssh3.ShellRequest, wantReply bool)
type SignalReqHandler ¶
type SignalReqHandler func(channel Channel, request ssh3.SignalRequest, wantReply bool)
type SoftwareVersion ¶
func NewSoftwareVersion ¶
func NewSoftwareVersion(major int, minor int, patch int, implementationName string) SoftwareVersion
func ParseSoftwareVersion ¶
func ParseSoftwareVersion(implementationName string, versionString string) (SoftwareVersion, error)
func (SoftwareVersion) String ¶
func (v SoftwareVersion) String() string
type StreamByteReader ¶
func (*StreamByteReader) ReadByte ¶
func (r *StreamByteReader) ReadByte() (byte, error)
type SubsystemReqHandler ¶
type SubsystemReqHandler func(channel Channel, request ssh3.SubsystemRequest, wantReply bool)
type UnsupportedSSHVersion ¶
type UnsupportedSSHVersion struct {
// contains filtered or unexported fields
}
func (UnsupportedSSHVersion) Error ¶
func (e UnsupportedSSHVersion) Error() string
type Version ¶
type Version struct {
// contains filtered or unexported fields
}
func NewVersion ¶
func NewVersion(protocolName string, protocolVersion ProtocolVersion, softwareVersion SoftwareVersion) Version
func ParseVersionString ¶
func ThisVersion ¶
func ThisVersion() Version
func (Version) GetProtocolVersion ¶
func (v Version) GetProtocolVersion() ProtocolVersion
func (Version) GetSoftwareVersion ¶
func (v Version) GetSoftwareVersion() SoftwareVersion
func (Version) GetVersionString ¶
GetVersionString() returns the version string to be exchanged between two endpoints for version negotiation
type WindowChangeReqHandler ¶
type WindowChangeReqHandler func(channel Channel, request ssh3.WindowChangeRequest, wantReply bool)
type X11ReqHandler ¶
type X11ReqHandler func(channel Channel, request ssh3.X11Request, wantReply bool)