Merge pull request #5320 from trajano/patch-1

disable pseudoterminal creation
This commit is contained in:
Sebastiaan van Stijn 2024-08-12 16:59:47 +02:00 committed by GitHub
commit 1a7b7dd7dd
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 46 additions and 0 deletions

View File

@ -52,6 +52,7 @@ func getConnectionHelper(daemonURL string, sshFlags []string) (*ConnectionHelper
args = append(args, "--host", "unix://"+sp.Path) args = append(args, "--host", "unix://"+sp.Path)
} }
sshFlags = addSSHTimeout(sshFlags) sshFlags = addSSHTimeout(sshFlags)
sshFlags = disablePseudoTerminalAllocation(sshFlags)
args = append(args, "system", "dial-stdio") args = append(args, "system", "dial-stdio")
return commandconn.New(ctx, "ssh", append(sshFlags, sp.Args(args...)...)...) return commandconn.New(ctx, "ssh", append(sshFlags, sp.Args(args...)...)...)
}, },
@ -79,3 +80,14 @@ func addSSHTimeout(sshFlags []string) []string {
} }
return sshFlags return sshFlags
} }
// disablePseudoTerminalAllocation disables pseudo-terminal allocation to
// prevent SSH from executing as a login shell
func disablePseudoTerminalAllocation(sshFlags []string) []string {
for _, flag := range sshFlags {
if flag == "-T" {
return sshFlags
}
}
return append(sshFlags, "-T")
}

View File

@ -1,6 +1,7 @@
package connhelper package connhelper
import ( import (
"reflect"
"testing" "testing"
"gotest.tools/v3/assert" "gotest.tools/v3/assert"
@ -29,3 +30,36 @@ func TestSSHFlags(t *testing.T) {
assert.DeepEqual(t, addSSHTimeout(tc.in), tc.out) assert.DeepEqual(t, addSSHTimeout(tc.in), tc.out)
} }
} }
func TestDisablePseudoTerminalAllocation(t *testing.T) {
testCases := []struct {
name string
sshFlags []string
expected []string
}{
{
name: "No -T flag present",
sshFlags: []string{"-v", "-oStrictHostKeyChecking=no"},
expected: []string{"-v", "-oStrictHostKeyChecking=no", "-T"},
},
{
name: "Already contains -T flag",
sshFlags: []string{"-v", "-T", "-oStrictHostKeyChecking=no"},
expected: []string{"-v", "-T", "-oStrictHostKeyChecking=no"},
},
{
name: "Empty sshFlags",
sshFlags: []string{},
expected: []string{"-T"},
},
}
for _, tc := range testCases {
t.Run(tc.name, func(t *testing.T) {
result := disablePseudoTerminalAllocation(tc.sshFlags)
if !reflect.DeepEqual(result, tc.expected) {
t.Errorf("expected %v, got %v", tc.expected, result)
}
})
}
}