(c net.Conn)
| 213 | } |
| 214 | |
| 215 | func (s *Server) HandleConn(c net.Conn) { |
| 216 | clientConn, clientChans, clientReqs, err := ssh.NewServerConn(c, s.sshConfig) |
| 217 | if err != nil { |
| 218 | c.Close() |
| 219 | ReportSSHAttemptMetrics(err) |
| 220 | return |
| 221 | } |
| 222 | defer clientConn.Close() |
| 223 | |
| 224 | if clientConn.Permissions == nil || clientConn.Permissions.Extensions == nil || clientConn.Permissions.Extensions["workspaceId"] == "" { |
| 225 | return |
| 226 | } |
| 227 | workspaceId := clientConn.Permissions.Extensions["workspaceId"] |
| 228 | wsInfo := s.workspaceInfoProvider.WorkspaceInfo(workspaceId) |
| 229 | if wsInfo == nil { |
| 230 | ReportSSHAttemptMetrics(ErrWorkspaceNotFound) |
| 231 | return |
| 232 | } |
| 233 | ctx, cancel := context.WithTimeout(context.Background(), time.Second*5) |
| 234 | key, err := s.GetWorkspaceSSHKey(ctx, wsInfo.IPAddress) |
| 235 | if err != nil { |
| 236 | cancel() |
| 237 | s.TrackSSHConnection(wsInfo, "connect", ErrCreateSSHKey) |
| 238 | ReportSSHAttemptMetrics(ErrCreateSSHKey) |
| 239 | log.WithField("instanceId", wsInfo.InstanceID).WithError(err).Error("failed to create private pair in workspace") |
| 240 | return |
| 241 | } |
| 242 | cancel() |
| 243 | |
| 244 | session := &Session{ |
| 245 | Conn: clientConn, |
| 246 | WorkspaceID: workspaceId, |
| 247 | InstanceID: wsInfo.InstanceID, |
| 248 | OwnerUserId: wsInfo.OwnerUserId, |
| 249 | WorkspacePrivateKey: key, |
| 250 | } |
| 251 | remoteAddr := wsInfo.IPAddress + ":23001" |
| 252 | conn, err := net.Dial("tcp", remoteAddr) |
| 253 | if err != nil { |
| 254 | s.TrackSSHConnection(wsInfo, "connect", ErrConnFailed) |
| 255 | ReportSSHAttemptMetrics(ErrConnFailed) |
| 256 | log.WithField("instanceId", wsInfo.InstanceID).WithField("workspaceIP", wsInfo.IPAddress).WithError(err).Error("dail failed") |
| 257 | return |
| 258 | } |
| 259 | defer conn.Close() |
| 260 | |
| 261 | workspaceConn, workspaceChans, workspaceReqs, err := ssh.NewClientConn(conn, remoteAddr, &ssh.ClientConfig{ |
| 262 | HostKeyCallback: ssh.InsecureIgnoreHostKey(), |
| 263 | User: GitpodUsername, |
| 264 | Auth: []ssh.AuthMethod{ |
| 265 | ssh.PublicKeysCallback(func() (signers []ssh.Signer, err error) { |
| 266 | return []ssh.Signer{key}, nil |
| 267 | }), |
| 268 | }, |
| 269 | Timeout: 10 * time.Second, |
| 270 | }) |
| 271 | if err != nil { |
| 272 | s.TrackSSHConnection(wsInfo, "connect", ErrConnFailed) |
no test coverage detected