Merge pull request #159 from cookielab/cookielab-fixes

davrodpin · Sep 17, 2021 · 045aee0 · 045aee0
2 parents a409de2 + f6864f2
commit 045aee0
Showing 1 changed file with 27 additions and 13 deletions.
diff --git a/tunnel/tunnel.go b/tunnel/tunnel.go
@@ -44,6 +44,8 @@ func NewServer(user, address, key, sshAgent, cfgPath string) (*Server, error) {
 	var host string
 	var hostname string
 	var port string
+	var c *SSHConfigFile
+	var err error
 
 	host = address
 	if strings.Contains(host, ":") {
@@ -52,16 +54,17 @@ func NewServer(user, address, key, sshAgent, cfgPath string) (*Server, error) {
 		port = args[1]
 	}
 
-	c, err := NewSSHConfigFile(cfgPath)
-	if err != nil {
-		if !errors.Is(err, os.ErrNotExist) {
-			return nil, fmt.Errorf("error accessing %s: %v", host, err)
-		}
-	}
-
-	// If ssh config file doesnt exists, create an empty ssh config struct to avoid nil pointer deference
-	if errors.Is(err, os.ErrNotExist) {
+	if cfgPath == "" {
 		c = NewEmptySSHConfigStruct()
+	} else {
+		c, err = NewSSHConfigFile(cfgPath)
+		if err != nil {
+			if !errors.Is(err, os.ErrNotExist) {
+				return nil, fmt.Errorf("error accessing %s: %v", host, err)
+			} else {
+				c = NewEmptySSHConfigStruct()
+			}
+		}
 	}
 
 	h := c.Get(host)
@@ -471,11 +474,16 @@ func (t *Tunnel) Channels() []*SSHChannel {
 func sshClientConfig(server Server) (*ssh.ClientConfig, error) {
 	var signers []ssh.Signer
 
-	signer, err := server.Key.Parse()
-	if err != nil {
-		return nil, err
+	if server.Key == nil && server.SSHAgent == "" {
+		return nil, fmt.Errorf("at least one authentication method (key or ssh agent) must be present.")
+	}
+
+	if server.Key != nil {
+		signer, err := server.Key.Parse()
+		if err == nil {
+			signers = append(signers, signer)
+		}
 	}
-	signers = append(signers, signer)
 
 	if server.SSHAgent != "" {
 		if _, err := os.Stat(server.SSHAgent); err == nil {
@@ -489,6 +497,10 @@ func sshClientConfig(server Server) (*ssh.ClientConfig, error) {
 		}
 	}
 
+	if len(signers) == 0 {
+		return nil, fmt.Errorf("at least one working authentication method (key or ssh agent) must be present.")
+	}
+
 	clb, err := knownHostsCallback(server.Insecure)
 	if err != nil {
 		return nil, err
@@ -506,6 +518,8 @@ func sshClientConfig(server Server) (*ssh.ClientConfig, error) {
 
 func copyConn(writer, reader net.Conn) {
 	_, err := io.Copy(writer, reader)
+	defer writer.Close()
+	defer reader.Close()
 	if err != nil {
 		log.Errorf("%v", err)
 	}