* Handle `Match host ... !exec ...` blocks that ssh-config doesn't evaluate. * * Limitation: Only applies ProxyCommand from matching Match blocks. Other directives * like User, Port, IdentityFile in the same block are ignored. This is sufficient for * Coder configs which only set ProxyCommand in
( config: SSHConfig, hostName: string, user: string | undefined, computed: Record<string, ComputedConfigValue> )
| 175 | * Coder configs which only set ProxyCommand in Match blocks. |
| 176 | */ |
| 177 | function applyNegatedExecMatch( |
| 178 | config: SSHConfig, |
| 179 | hostName: string, |
| 180 | user: string | undefined, |
| 181 | computed: Record<string, ComputedConfigValue> |
| 182 | ): void { |
| 183 | if (getConfigValue(computed, "ProxyCommand")) { |
| 184 | return; |
| 185 | } |
| 186 | |
| 187 | for (const line of config) { |
| 188 | if (line.type !== SSHConfig.DIRECTIVE || line.param !== "Match") { |
| 189 | continue; |
| 190 | } |
| 191 | |
| 192 | if (!("criteria" in line)) { |
| 193 | continue; |
| 194 | } |
| 195 | |
| 196 | const criteria = line.criteria as Record<string, MatchCriteriaValue>; |
| 197 | const hostCriterion = getCriteriaValue(criteria, "host"); |
| 198 | const negatedExec = getCriteriaValue(criteria, "!exec"); |
| 199 | |
| 200 | if (!hostCriterion || !negatedExec) { |
| 201 | continue; |
| 202 | } |
| 203 | |
| 204 | const hostPatterns = criteriaToStringArray(hostCriterion); |
| 205 | if (!glob(hostPatterns, hostName)) { |
| 206 | continue; |
| 207 | } |
| 208 | |
| 209 | const execCommand = criteriaToString(negatedExec); |
| 210 | if (!execCommand) { |
| 211 | continue; |
| 212 | } |
| 213 | |
| 214 | const expandedCommand = expandMatchExecTokens(execCommand, hostName, user); |
| 215 | const execResult = spawnSync(expandedCommand, { shell: true }); |
| 216 | |
| 217 | if (execResult.status === 0) { |
| 218 | continue; |
| 219 | } |
| 220 | |
| 221 | const proxyLine = line.config.find( |
| 222 | (subline) => |
| 223 | subline.type === SSHConfig.DIRECTIVE && subline.param.toLowerCase() === "proxycommand" |
| 224 | ); |
| 225 | |
| 226 | if (proxyLine?.type === SSHConfig.DIRECTIVE) { |
| 227 | computed.ProxyCommand = proxyLine.value as ComputedConfigValue; |
| 228 | return; |
| 229 | } |
| 230 | } |
| 231 | } |
| 232 | |
| 233 | function toStringArray(value: ComputedConfigValue | undefined): string[] { |
| 234 | if (typeof value === "string") { |
no test coverage detected