From 4eefc61f97160e10e9c75c0ba92fd41d279c7813 Mon Sep 17 00:00:00 2001 From: moul-bot Date: Sat, 24 Apr 2021 07:14:32 +0000 Subject: [PATCH 1/2] =?UTF-8?q?chore:=20repo=20maintenance=20=F0=9F=A4=96?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit more details: https://github.com/moul/repoman Signed-off-by: moul-bot --- .github/workflows/ci.yml | 2 +- rules.mk | 18 +++++++++--------- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2327cd074..3dc7cd90d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,7 +22,7 @@ jobs: - name: lint uses: golangci/golangci-lint-action@v2.5.2 with: - version: v1.28 + version: v1.38 github-token: ${{ secrets.GITHUB_TOKEN }} tests-on-windows: needs: golangci-lint # run after golangci-lint action to not produce duplicated errors diff --git a/rules.mk b/rules.mk index cc1fe6177..e6d0c31c3 100644 --- a/rules.mk +++ b/rules.mk @@ -113,13 +113,13 @@ ifeq ($(CI),true) @echo "mode: atomic" > /tmp/gocoverage @rm -f $(GOTESTJSON_FILE) @set -e; for dir in $(GOMOD_DIRS); do (set -e; (set -euf pipefail; \ - cd $$dir; \ - (($(GO) test ./... $(GO_TEST_OPTS) -cover -coverprofile=/tmp/profile.out -covermode=atomic -race -json && touch $@.ok) | tee -a $(GOTESTJSON_FILE) 3>&1 1>&2 2>&3 | tee -a $(GOBUILDLOG_FILE); \ + cd $$dir; \ + (($(GO) test ./... $(GO_TEST_OPTS) -cover -coverprofile=/tmp/profile.out -covermode=atomic -race -json && touch $@.ok) | tee -a $(GOTESTJSON_FILE) 3>&1 1>&2 2>&3 | tee -a $(GOBUILDLOG_FILE); \ ); \ rm $@.ok 2>/dev/null || exit 1; \ if [ -f /tmp/profile.out ]; then \ - cat /tmp/profile.out | sed "/mode: atomic/d" >> /tmp/gocoverage; \ - rm -f /tmp/profile.out; \ + cat /tmp/profile.out | sed "/mode: atomic/d" >> /tmp/gocoverage; \ + rm -f /tmp/profile.out; \ fi)); done @mv /tmp/gocoverage $(GOCOVERAGE_FILE) else @@ -128,8 +128,8 @@ else cd $$dir; \ $(GO) test ./... $(GO_TEST_OPTS) -cover -coverprofile=/tmp/profile.out -covermode=atomic -race); \ if [ -f /tmp/profile.out ]; then \ - cat /tmp/profile.out | sed "/mode: atomic/d" >> /tmp/gocoverage; \ - rm -f /tmp/profile.out; \ + cat /tmp/profile.out | sed "/mode: atomic/d" >> /tmp/gocoverage; \ + rm -f /tmp/profile.out; \ fi); done @mv /tmp/gocoverage $(GOCOVERAGE_FILE) endif @@ -243,8 +243,8 @@ npm.publish: @echo -n "Do you want to npm publish? [y/N] " && read ans && \ @if [ $${ans:-N} = y ]; then \ set -e; for dir in $(NPM_PACKAGES); do ( set -xe; \ - cd $$dir; \ - npm publish --access=public; \ + cd $$dir; \ + npm publish --access=public; \ ); done; \ fi RELEASE_STEPS += npm.publish @@ -254,7 +254,7 @@ endif ## Docker ## -docker_build = docker build \ +docker_build = docker build \ --build-arg VCS_REF=`git rev-parse --short HEAD` \ --build-arg BUILD_DATE=`date -u +"%Y-%m-%dT%H:%M:%SZ"` \ --build-arg VERSION=`git describe --tags --always` \ From e2fa2bb48bbbb42f3d7740ba90444702d0a4b615 Mon Sep 17 00:00:00 2001 From: Manfred Touron <94029+moul@users.noreply.github.com> Date: Sat, 24 Apr 2021 07:31:47 +0000 Subject: [PATCH 2/2] chore: fix lint --- contrib/webapp/main.go | 2 +- pkg/commands/info.go | 2 +- pkg/commands/proxy.go | 24 ++-- pkg/config/config.go | 12 +- pkg/config/config_test.go | 168 ++++++++++++------------- pkg/config/host.go | 44 +++---- pkg/config/host_test.go | 174 +++++++++++++------------- pkg/controlsockets/control-sockets.go | 4 +- pkg/ratelimit/ratelimit.go | 4 +- 9 files changed, 217 insertions(+), 217 deletions(-) diff --git a/contrib/webapp/main.go b/contrib/webapp/main.go index d66085427..87aa517f5 100644 --- a/contrib/webapp/main.go +++ b/contrib/webapp/main.go @@ -63,7 +63,7 @@ func server(c *cli.Context) error { }) } else { c.JSON(200, gin.H{ - //"assh_config": json.AsshConfig, + // "assh_config": json.AsshConfig, "ssh_config": buffer.String(), }) } diff --git a/pkg/commands/info.go b/pkg/commands/info.go index 142170d12..741d75950 100644 --- a/pkg/commands/info.go +++ b/pkg/commands/info.go @@ -40,7 +40,7 @@ func runInfoCommand(cmd *cobra.Command, args []string) error { fmt.Printf("RC files:\n") homeDir := utils.GetHomeDir() for _, filename := range conf.IncludedFiles() { - relativeFilename := strings.Replace(filename, homeDir, "~", -1) + relativeFilename := strings.ReplaceAll(filename, homeDir, "~") fmt.Printf("- %s\n", relativeFilename) } fmt.Println("") diff --git a/pkg/commands/proxy.go b/pkg/commands/proxy.go index be3cda635..bbbbd6088 100644 --- a/pkg/commands/proxy.go +++ b/pkg/commands/proxy.go @@ -187,27 +187,27 @@ func expandSSHTokens(tokenized string, host *config.Host) string { if result[0] == '~' { result = strings.Replace(result, "~", homedir, 1) } - result = strings.Replace(result, "%d", homedir, -1) + result = strings.ReplaceAll(result, "%d", homedir) - result = strings.Replace(result, "%%", "%", -1) - result = strings.Replace(result, "%C", "%l%h%p%r", -1) - result = strings.Replace(result, "%h", host.Name(), -1) - result = strings.Replace(result, "%i", strconv.Itoa(os.Geteuid()), -1) - result = strings.Replace(result, "%p", host.Port, -1) + result = strings.ReplaceAll(result, "%%", "%") + result = strings.ReplaceAll(result, "%C", "%l%h%p%r") + result = strings.ReplaceAll(result, "%h", host.Name()) + result = strings.ReplaceAll(result, "%i", strconv.Itoa(os.Geteuid())) + result = strings.ReplaceAll(result, "%p", host.Port) if hostname, err := os.Hostname(); err == nil { - result = strings.Replace(result, "%L", hostname, -1) + result = strings.ReplaceAll(result, "%L", hostname) } else { - result = strings.Replace(result, "%L", "hostname", -1) + result = strings.ReplaceAll(result, "%L", "hostname") } if host.User != "" { - result = strings.Replace(result, "%r", host.User, -1) + result = strings.ReplaceAll(result, "%r", host.User) } else { if userdata, err := user.Current(); err == nil { - result = strings.Replace(result, "%r", userdata.Username, -1) + result = strings.ReplaceAll(result, "%r", userdata.Username) } else { - result = strings.Replace(result, "%r", "username", -1) + result = strings.ReplaceAll(result, "%r", "username") } } @@ -542,7 +542,7 @@ func proxyGo(host *config.Host, dryRun bool) error { // human stats.WrittenBytesHuman = humanize.Bytes(stats.WrittenBytes) connectionDurationHuman := humanize.RelTime(stats.DisconnectedAt, stats.ConnectedAt, "", "") - stats.ConnectionDurationHuman = strings.Replace(connectionDurationHuman, "now", "0 sec", -1) + stats.ConnectionDurationHuman = strings.ReplaceAll(connectionDurationHuman, "now", "0 sec") stats.AverageSpeedHuman = humanize.Bytes(uint64(stats.AverageSpeed)) + "/s" // OnDisconnect hook diff --git a/pkg/config/config.go b/pkg/config/config.go index c784b0f5e..1260d11f1 100644 --- a/pkg/config/config.go +++ b/pkg/config/config.go @@ -195,13 +195,13 @@ func computeHost(host *Host, config *Config, name string, fullCompute bool) (*Ho } // expands variables in host // i.e: %h.some.zone -> {name}.some.zone - hostname := strings.Replace(computedHost.HostName, "%h", "%n", -1) + hostname := strings.ReplaceAll(computedHost.HostName, "%h", "%n") // ssh resolve '%h' in hostnames // -> we bypass the string expansion if the input matches // an already resolved hostname // See https://github.com/moul/assh/issues/103 - pattern := strings.Replace(hostname, "%n", "*", -1) + pattern := strings.ReplaceAll(hostname, "%n", "*") if match, _ := path.Match(pattern, computedHost.inputName); match { computedHost.HostName = computedHost.inputName } else { @@ -412,7 +412,7 @@ func (c *Config) mergeWildCardEntries() { } } } else { - tempKey := strings.Replace(key, "*", "", -1) + tempKey := strings.ReplaceAll(key, "*", "") // if the wildcard matches if strings.Contains(k, tempKey) { if err := mergo.Merge(host, subHost); err != nil { @@ -623,9 +623,9 @@ func (c *Config) WriteSSHConfigTo(w io.Writer) error { # # more info: https://github.com/moul/assh `) - header = strings.Replace(header, "%VERSION", version.Version, -1) - header = strings.Replace(header, "%VCS_REF", version.VcsRef, -1) - header = strings.Replace(header, "%BUILD_DATE", time.Now().Format("2006-01-02 15:04:05 -0700 MST"), -1) + header = strings.ReplaceAll(header, "%VERSION", version.Version) + header = strings.ReplaceAll(header, "%VCS_REF", version.VcsRef) + header = strings.ReplaceAll(header, "%BUILD_DATE", time.Now().Format("2006-01-02 15:04:05 -0700 MST")) _, _ = fmt.Fprintln(w, header) // FIXME: add version _, _ = fmt.Fprintln(w) diff --git a/pkg/config/config_test.go b/pkg/config/config_test.go index ea6de728d..36e4d7261 100644 --- a/pkg/config/config_test.go +++ b/pkg/config/config_test.go @@ -195,96 +195,96 @@ func dummyConfig() *Config { } config.Hosts["zzz"] = &Host{ // ssh-config fields - AddressFamily: "any", - AskPassGUI: "yes", - BatchMode: "no", - BindAddress: "", - CanonicalDomains: "42.am", - CanonicalizeFallbackLocal: "no", - CanonicalizeHostname: "yes", - CanonicalizeMaxDots: "1", - CanonicalizePermittedCNAMEs: "*.a.example.com:*.b.example.com:*.c.example.com", - ChallengeResponseAuthentication: "yes", - CheckHostIP: "yes", - Cipher: "blowfish", - Ciphers: []string{"aes128-ctr,aes192-ctr", "aes256-ctr"}, - ClearAllForwardings: "yes", - Compression: "yes", - CompressionLevel: 6, - ConnectionAttempts: "1", - ConnectTimeout: 10, - ControlMaster: "yes", - ControlPath: "/tmp/%L-%l-%n-%p-%u-%r-%C-%h", - ControlPersist: "yes", - DynamicForward: []string{"0.0.0.0:4242", "0.0.0.0:4343"}, - EnableSSHKeysign: "yes", - EscapeChar: "~", - ExitOnForwardFailure: "yes", - FingerprintHash: "sha256", - ForwardAgent: "yes", - ForwardX11: "yes", - ForwardX11Timeout: 42, - ForwardX11Trusted: "yes", - GatewayPorts: "yes", - GlobalKnownHostsFile: []string{"/etc/ssh/ssh_known_hosts", "/tmp/ssh_known_hosts"}, - GSSAPIAuthentication: "no", - GSSAPIKeyExchange: "no", - GSSAPIClientIdentity: "moul", - GSSAPIServerIdentity: "gssapi.example.com", - GSSAPIDelegateCredentials: "no", - GSSAPIRenewalForcesRekey: "no", - GSSAPITrustDNS: "no", - HashKnownHosts: "no", - HostbasedAuthentication: "no", - HostbasedKeyTypes: "*", - HostKeyAlgorithms: "ecdsa-sha2-nistp256-cert-v01@openssh.com", - HostKeyAlias: "z", - IdentitiesOnly: "yes", - IdentityFile: []string{"~/.ssh/identity", "~/.ssh/identity2"}, - IgnoreUnknown: "testtest", // FIXME: looks very interesting to generate .ssh/config without comments ! - IPQoS: []string{"lowdelay", "highdelay"}, - KbdInteractiveAuthentication: "yes", - KbdInteractiveDevices: []string{"bsdauth", "test"}, - KeychainIntegration: "yes", - KexAlgorithms: []string{"curve25519-sha256@libssh.org", "test"}, // for all algorithms/ciphers, we could have an "assh diagnose" that warns about unsafe connections - LocalCommand: "echo %h > /tmp/logs", - LocalForward: []string{"0.0.0.0:1234", "0.0.0.0:1235"}, - LogLevel: "DEBUG3", - MACs: []string{"umac-64-etm@openssh.com,umac-128-etm@openssh.com", "test"}, - Match: "all", + AddressFamily: "any", + AskPassGUI: "yes", + BatchMode: "no", + BindAddress: "", + CanonicalDomains: "42.am", + CanonicalizeFallbackLocal: "no", + CanonicalizeHostname: "yes", + CanonicalizeMaxDots: "1", + CanonicalizePermittedCNAMEs: "*.a.example.com:*.b.example.com:*.c.example.com", + ChallengeResponseAuthentication: "yes", + CheckHostIP: "yes", + Cipher: "blowfish", + Ciphers: []string{"aes128-ctr,aes192-ctr", "aes256-ctr"}, + ClearAllForwardings: "yes", + Compression: "yes", + CompressionLevel: 6, + ConnectionAttempts: "1", + ConnectTimeout: 10, + ControlMaster: "yes", + ControlPath: "/tmp/%L-%l-%n-%p-%u-%r-%C-%h", + ControlPersist: "yes", + DynamicForward: []string{"0.0.0.0:4242", "0.0.0.0:4343"}, + EnableSSHKeysign: "yes", + EscapeChar: "~", + ExitOnForwardFailure: "yes", + FingerprintHash: "sha256", + ForwardAgent: "yes", + ForwardX11: "yes", + ForwardX11Timeout: 42, + ForwardX11Trusted: "yes", + GatewayPorts: "yes", + GlobalKnownHostsFile: []string{"/etc/ssh/ssh_known_hosts", "/tmp/ssh_known_hosts"}, + GSSAPIAuthentication: "no", + GSSAPIKeyExchange: "no", + GSSAPIClientIdentity: "moul", + GSSAPIServerIdentity: "gssapi.example.com", + GSSAPIDelegateCredentials: "no", + GSSAPIRenewalForcesRekey: "no", + GSSAPITrustDNS: "no", + HashKnownHosts: "no", + HostbasedAuthentication: "no", + HostbasedKeyTypes: "*", + HostKeyAlgorithms: "ecdsa-sha2-nistp256-cert-v01@openssh.com", + HostKeyAlias: "z", + IdentitiesOnly: "yes", + IdentityFile: []string{"~/.ssh/identity", "~/.ssh/identity2"}, + IgnoreUnknown: "testtest", // FIXME: looks very interesting to generate .ssh/config without comments ! + IPQoS: []string{"lowdelay", "highdelay"}, + KbdInteractiveAuthentication: "yes", + KbdInteractiveDevices: []string{"bsdauth", "test"}, + KeychainIntegration: "yes", + KexAlgorithms: []string{"curve25519-sha256@libssh.org", "test"}, // for all algorithms/ciphers, we could have an "assh diagnose" that warns about unsafe connections + LocalCommand: "echo %h > /tmp/logs", + LocalForward: []string{"0.0.0.0:1234", "0.0.0.0:1235"}, + LogLevel: "DEBUG3", + MACs: []string{"umac-64-etm@openssh.com,umac-128-etm@openssh.com", "test"}, + Match: "all", NoHostAuthenticationForLocalhost: "yes", NumberOfPasswordPrompts: "3", PasswordAuthentication: "yes", PermitLocalCommand: "yes", PKCS11Provider: "/a/b/c/pkcs11.so", Port: "22", - PreferredAuthentications: "gssapi-with-mic,hostbased,publickey", - Protocol: []string{"2", "3"}, - ProxyUseFdpass: "no", - PubkeyAuthentication: "yes", - RekeyLimit: "default none", - RemoteForward: []string{"0.0.0.0:1234", "0.0.0.0:1255"}, - RequestTTY: "yes", - RevokedHostKeys: "/a/revoked-keys", - RhostsRSAAuthentication: "no", - RSAAuthentication: "yes", - SendEnv: []string{"CUSTOM_*,TEST", "TEST2"}, - ServerAliveCountMax: 3, - ServerAliveInterval: 0, - StreamLocalBindMask: "0177", - StreamLocalBindUnlink: "no", - StrictHostKeyChecking: "ask", - TCPKeepAlive: "yes", - Tunnel: "yes", - TunnelDevice: "any:any", - UpdateHostKeys: "ask", - UseKeychain: "no", - UsePrivilegedPort: "no", - User: "moul", - UserKnownHostsFile: []string{"~/.ssh/known_hosts ~/.ssh/known_hosts2", "/tmp/known_hosts"}, - VerifyHostKeyDNS: "no", - VisualHostKey: "yes", - XAuthLocation: "xauth", + PreferredAuthentications: "gssapi-with-mic,hostbased,publickey", + Protocol: []string{"2", "3"}, + ProxyUseFdpass: "no", + PubkeyAuthentication: "yes", + RekeyLimit: "default none", + RemoteForward: []string{"0.0.0.0:1234", "0.0.0.0:1255"}, + RequestTTY: "yes", + RevokedHostKeys: "/a/revoked-keys", + RhostsRSAAuthentication: "no", + RSAAuthentication: "yes", + SendEnv: []string{"CUSTOM_*,TEST", "TEST2"}, + ServerAliveCountMax: 3, + ServerAliveInterval: 0, + StreamLocalBindMask: "0177", + StreamLocalBindUnlink: "no", + StrictHostKeyChecking: "ask", + TCPKeepAlive: "yes", + Tunnel: "yes", + TunnelDevice: "any:any", + UpdateHostKeys: "ask", + UseKeychain: "no", + UsePrivilegedPort: "no", + User: "moul", + UserKnownHostsFile: []string{"~/.ssh/known_hosts ~/.ssh/known_hosts2", "/tmp/known_hosts"}, + VerifyHostKeyDNS: "no", + VisualHostKey: "yes", + XAuthLocation: "xauth", // ssh-config fields with a different behavior ProxyCommand: "nc %h %p", diff --git a/pkg/config/host.go b/pkg/config/host.go index 169921800..e012af7b2 100644 --- a/pkg/config/host.go +++ b/pkg/config/host.go @@ -521,27 +521,27 @@ func (h *Host) Options() OptionsList { } // ssh-config fields with a different behavior - //HostName - //ProxyCommand + // HostName + // ProxyCommand // exposed assh fields - //Inherits - //Gateways - //ResolveNameservers - //ResolveCommand - //ControlMasterMkdir - //Aliases - //Comment - //Hooks + // Inherits + // Gateways + // ResolveNameservers + // ResolveCommand + // ControlMasterMkdir + // Aliases + // Comment + // Hooks // private assh fields - //knownHosts - //pattern - //name - //inputName - //isDefault - //isTemplate - //inherited + // knownHosts + // pattern + // name + // inputName + // isDefault + // isTemplate + // inherited return options } @@ -1489,19 +1489,19 @@ func (h *Host) ExpandString(input string, gateway string) string { output := input // name of the host in config - output = strings.Replace(output, "%name", h.Name(), -1) + output = strings.ReplaceAll(output, "%name", h.Name()) // original target host name specified on the command line - output = strings.Replace(output, "%n", h.inputName, -1) + output = strings.ReplaceAll(output, "%n", h.inputName) // target host name - output = strings.Replace(output, "%h", h.HostName, -1) + output = strings.ReplaceAll(output, "%h", h.HostName) // port - output = strings.Replace(output, "%p", h.Port, -1) + output = strings.ReplaceAll(output, "%p", h.Port) // gateway - output = strings.Replace(output, "%g", gateway, -1) + output = strings.ReplaceAll(output, "%g", gateway) // FIXME: add // %L -> first component of the local host name diff --git a/pkg/config/host_test.go b/pkg/config/host_test.go index 8faccc3a6..57d07e6a7 100644 --- a/pkg/config/host_test.go +++ b/pkg/config/host_test.go @@ -185,99 +185,99 @@ func TestHost_Options(t *testing.T) { func dummyHost() *Host { return &Host{ // ssh-config fields - AddKeysToAgent: "yes", - AddressFamily: "any", - AskPassGUI: "yes", - BatchMode: "no", - BindAddress: "", - CanonicalDomains: "42.am", - CanonicalizeFallbackLocal: "no", - CanonicalizeHostname: "yes", - CanonicalizeMaxDots: "1", - CanonicalizePermittedCNAMEs: "*.a.example.com:*.b.example.com:*.c.example.com", - ChallengeResponseAuthentication: "yes", - CheckHostIP: "yes", - Cipher: "blowfish", - Ciphers: []string{"aes128-ctr,aes192-ctr,aes256-ctr", "test"}, - ClearAllForwardings: "yes", - Compression: "yes", - CompressionLevel: 6, - ConnectionAttempts: "1", - ConnectTimeout: 10, - ControlMaster: "yes", - ControlPath: "/tmp/%L-%l-%n-%p-%u-%r-%C-%h", - ControlPersist: "yes", - DynamicForward: []string{"0.0.0.0:4242", "0.0.0.0:4343"}, - EnableSSHKeysign: "yes", - EscapeChar: "~", - ExitOnForwardFailure: "yes", - FingerprintHash: "sha256", - ForwardAgent: "yes", - ForwardX11: "yes", - ForwardX11Timeout: 42, - ForwardX11Trusted: "yes", - GatewayPorts: "yes", - GlobalKnownHostsFile: []string{"/etc/ssh/ssh_known_hosts", "/tmp/ssh_known_hosts"}, - GSSAPIAuthentication: "no", - GSSAPIKeyExchange: "no", - GSSAPIClientIdentity: "moul", - GSSAPIServerIdentity: "gssapi.example.com", - GSSAPIDelegateCredentials: "no", - GSSAPIRenewalForcesRekey: "no", - GSSAPITrustDNS: "no", - HashKnownHosts: "no", - HostbasedAuthentication: "no", - HostbasedKeyTypes: "*", - HostKeyAlgorithms: "ecdsa-sha2-nistp256-cert-v01@openssh.com", - HostKeyAlias: "z", - IdentitiesOnly: "yes", - IdentityFile: []string{"~/.ssh/identity", "~/.ssh/identity2"}, - IgnoreUnknown: "testtest", // FIXME: looks very interesting to generate .ssh/config without comments ! - IPQoS: []string{"lowdelay", "highdelay"}, - KbdInteractiveAuthentication: "yes", - KbdInteractiveDevices: []string{"bsdauth", "test"}, - KeychainIntegration: "yes", - KexAlgorithms: []string{"curve25519-sha256@libssh.org", "test"}, // for all algorithms/ciphers, we could have an "assh diagnose" that warns about unsafe connections - LocalCommand: "echo %h > /tmp/logs", - LocalForward: []string{"0.0.0.0:1234", "0.0.0.0:1235"}, // FIXME: may be a list - LogLevel: "DEBUG3", - MACs: []string{"umac-64-etm@openssh.com,umac-128-etm@openssh.com", "test"}, - Match: "all", + AddKeysToAgent: "yes", + AddressFamily: "any", + AskPassGUI: "yes", + BatchMode: "no", + BindAddress: "", + CanonicalDomains: "42.am", + CanonicalizeFallbackLocal: "no", + CanonicalizeHostname: "yes", + CanonicalizeMaxDots: "1", + CanonicalizePermittedCNAMEs: "*.a.example.com:*.b.example.com:*.c.example.com", + ChallengeResponseAuthentication: "yes", + CheckHostIP: "yes", + Cipher: "blowfish", + Ciphers: []string{"aes128-ctr,aes192-ctr,aes256-ctr", "test"}, + ClearAllForwardings: "yes", + Compression: "yes", + CompressionLevel: 6, + ConnectionAttempts: "1", + ConnectTimeout: 10, + ControlMaster: "yes", + ControlPath: "/tmp/%L-%l-%n-%p-%u-%r-%C-%h", + ControlPersist: "yes", + DynamicForward: []string{"0.0.0.0:4242", "0.0.0.0:4343"}, + EnableSSHKeysign: "yes", + EscapeChar: "~", + ExitOnForwardFailure: "yes", + FingerprintHash: "sha256", + ForwardAgent: "yes", + ForwardX11: "yes", + ForwardX11Timeout: 42, + ForwardX11Trusted: "yes", + GatewayPorts: "yes", + GlobalKnownHostsFile: []string{"/etc/ssh/ssh_known_hosts", "/tmp/ssh_known_hosts"}, + GSSAPIAuthentication: "no", + GSSAPIKeyExchange: "no", + GSSAPIClientIdentity: "moul", + GSSAPIServerIdentity: "gssapi.example.com", + GSSAPIDelegateCredentials: "no", + GSSAPIRenewalForcesRekey: "no", + GSSAPITrustDNS: "no", + HashKnownHosts: "no", + HostbasedAuthentication: "no", + HostbasedKeyTypes: "*", + HostKeyAlgorithms: "ecdsa-sha2-nistp256-cert-v01@openssh.com", + HostKeyAlias: "z", + IdentitiesOnly: "yes", + IdentityFile: []string{"~/.ssh/identity", "~/.ssh/identity2"}, + IgnoreUnknown: "testtest", // FIXME: looks very interesting to generate .ssh/config without comments ! + IPQoS: []string{"lowdelay", "highdelay"}, + KbdInteractiveAuthentication: "yes", + KbdInteractiveDevices: []string{"bsdauth", "test"}, + KeychainIntegration: "yes", + KexAlgorithms: []string{"curve25519-sha256@libssh.org", "test"}, // for all algorithms/ciphers, we could have an "assh diagnose" that warns about unsafe connections + LocalCommand: "echo %h > /tmp/logs", + LocalForward: []string{"0.0.0.0:1234", "0.0.0.0:1235"}, // FIXME: may be a list + LogLevel: "DEBUG3", + MACs: []string{"umac-64-etm@openssh.com,umac-128-etm@openssh.com", "test"}, + Match: "all", NoHostAuthenticationForLocalhost: "yes", NumberOfPasswordPrompts: "3", PasswordAuthentication: "yes", PermitLocalCommand: "yes", PKCS11Provider: "/a/b/c/pkcs11.so", Port: "22", - PreferredAuthentications: "gssapi-with-mic,hostbased,publickey", - Protocol: []string{"2", "3"}, - ProxyUseFdpass: "no", - PubkeyAcceptedKeyTypes: "+ssh-dss", - PubkeyAuthentication: "yes", - RekeyLimit: "default none", - RemoteCommand: "echo %h > /tmp/logs", - RemoteForward: []string{"0.0.0.0:1234", "0.0.0.0:1235"}, - RequestTTY: "yes", - RevokedHostKeys: "/a/revoked-keys", - RhostsRSAAuthentication: "no", - RSAAuthentication: "yes", - SendEnv: []string{"CUSTOM_*,TEST", "TEST2"}, - ServerAliveCountMax: 3, - ServerAliveInterval: 0, - StreamLocalBindMask: "0177", - StreamLocalBindUnlink: "no", - StrictHostKeyChecking: "ask", - TCPKeepAlive: "yes", - Tunnel: "yes", - TunnelDevice: "any:any", - UpdateHostKeys: "ask", - UseKeychain: "no", - UsePrivilegedPort: "no", - User: "moul", - UserKnownHostsFile: []string{"~/.ssh/known_hosts ~/.ssh/known_hosts2", "/tmp/known_hosts"}, - VerifyHostKeyDNS: "no", - VisualHostKey: "yes", - XAuthLocation: "xauth", + PreferredAuthentications: "gssapi-with-mic,hostbased,publickey", + Protocol: []string{"2", "3"}, + ProxyUseFdpass: "no", + PubkeyAcceptedKeyTypes: "+ssh-dss", + PubkeyAuthentication: "yes", + RekeyLimit: "default none", + RemoteCommand: "echo %h > /tmp/logs", + RemoteForward: []string{"0.0.0.0:1234", "0.0.0.0:1235"}, + RequestTTY: "yes", + RevokedHostKeys: "/a/revoked-keys", + RhostsRSAAuthentication: "no", + RSAAuthentication: "yes", + SendEnv: []string{"CUSTOM_*,TEST", "TEST2"}, + ServerAliveCountMax: 3, + ServerAliveInterval: 0, + StreamLocalBindMask: "0177", + StreamLocalBindUnlink: "no", + StrictHostKeyChecking: "ask", + TCPKeepAlive: "yes", + Tunnel: "yes", + TunnelDevice: "any:any", + UpdateHostKeys: "ask", + UseKeychain: "no", + UsePrivilegedPort: "no", + User: "moul", + UserKnownHostsFile: []string{"~/.ssh/known_hosts ~/.ssh/known_hosts2", "/tmp/known_hosts"}, + VerifyHostKeyDNS: "no", + VisualHostKey: "yes", + XAuthLocation: "xauth", // ssh-config fields with a different behavior ProxyCommand: "nc %h %p", diff --git a/pkg/controlsockets/control-sockets.go b/pkg/controlsockets/control-sockets.go index e0d254fce..65d0e59bf 100644 --- a/pkg/controlsockets/control-sockets.go +++ b/pkg/controlsockets/control-sockets.go @@ -25,10 +25,10 @@ func translateControlPath(input string) string { return input } - controlPath = strings.Replace(controlPath, "%h", "**/*", -1) + controlPath = strings.ReplaceAll(controlPath, "%h", "**/*") for _, component := range []string{"%L", "%p", "%n", "%C", "%l", "%r"} { - controlPath = strings.Replace(controlPath, component, "*", -1) + controlPath = strings.ReplaceAll(controlPath, component, "*") } return controlPath } diff --git a/pkg/ratelimit/ratelimit.go b/pkg/ratelimit/ratelimit.go index 22b741e40..62b479e5d 100644 --- a/pkg/ratelimit/ratelimit.go +++ b/pkg/ratelimit/ratelimit.go @@ -37,7 +37,7 @@ func (r *reader) Read(buf []byte) (int, error) { return 0, fmt.Errorf("exceeds limiter's burst") } delay := rv.DelayFrom(now) - //fmt.Printf("Read %d bytes, delay %d\n", n, delay) + // fmt.Printf("Read %d bytes, delay %d\n", n, delay) time.Sleep(delay) return n, err } @@ -69,7 +69,7 @@ func (w *writer) Write(buf []byte) (int, error) { return 0, fmt.Errorf("exceeds limiter's burst") } delay := rv.DelayFrom(now) - //fmt.Printf("Write %d bytes, delay %d\n", n, delay) + // fmt.Printf("Write %d bytes, delay %d\n", n, delay) time.Sleep(delay) return n, err }