ssh: leverage proxy from environment #1090
Conversation
|
This looks awesome! Can you create test for this? |
dweomer
force-pushed
the
ssh-proxy-from-environment
branch
from
c97bd89
to
69de49d
Compare
|
@mcuadros, I added a |
|
Please keep in mind, this change does not honor the I thought of writing a simple select wrapper (with the timeout fallthrough) around the Let me know if you would prefer that the timeout still be honored and I will have another go at it. |
|
I am looking into submitting a couple of upstream fixes (x/net/proxy, and x/crypto/ssh) that would result in this change being simpler. |
This enables interacting with git remotes over SSH when behind a SOCKSv5 firewall. Signed-off-by: Jacob Blain Christen <[email protected]>
dweomer
force-pushed
the
ssh-proxy-from-environment
branch
from
69de49d
to
bbc05c7
Compare
|
@mcuadros I've updated to use my I have added a test suite that is just a repeat of the plumbing/transport/ssh.UploadPackSuite but communicating to a SOCKSv5 server via github.com/armon/go-socks5. |
|
@mcuadros Additionally, I checked the coverage of the plumbing/transport/ssh package and it was at 74.2% before my change and at 74.3% after (according to |
|
So: But: 🤔 |
I was working on a little git-cli drop-in that creates an orphan branch for tracking (per-branch) versioning information when I realized that it did not work for clone/pull/push with SSH URLs in a proxied environment (good ole SOCKS5). I made a small change in
ssh.command#connect()to replace the invocation ofssh.Dial()to a copy of that function that usesgolang.org/x/net/proxy.FromEnvironment()to get a dialer and then hands off the dialed connection tossh.NewClientConn. This breaks the connection timeout facility becauseproxy.FromEnvironment()returns aproxy.Dialerwhich is a single-method interface type (that doesn't support a timeout or context arg).The cool thing about
proxy.FromEnvironment()is that it returns a workingDialer(i.e. directly connecting) if no proxy details are found or the setup for recognized proxy details fails for any reason.There are some existing issues tracking some sort of
proxy.DialContextimplementation:I am not confident that the Go folks will be tackling this lack of a timeout-capable dialer in
x/net/proxyanytime soon so I understand if the behavioral breakage in this proposed change is not acceptable.Signed-off-by: Jacob Blain Christen [email protected]