Add windows ssh named pipe

quexten · Feb 3, 2024 · 1e24bce · 1e24bce
1 parent 1455cf9
commit 1e24bce
Show file tree

Hide file tree

Showing 3 changed files with 84 additions and 37 deletions.
diff --git a/agent/ssh/ssh.go b/agent/ssh/ssh.go
@@ -5,8 +5,6 @@ import (
 	"crypto/rand"
 	"errors"
 	"fmt"
-	"net"
-	"os"
 	"time"
 
 	"github.com/quexten/goldwarden/agent/config"
@@ -184,38 +182,3 @@ func NewVaultAgent(vault *vault.Vault, config *config.Config, runtimeConfig *con
 		},
 	}
 }
-
-func (v SSHAgentServer) Serve() {
-	path := v.runtimeConfig.SSHAgentSocketPath
-	if _, err := os.Stat(path); err == nil {
-		if err := os.Remove(path); err != nil {
-			log.Error("Could not remove old socket file: %s", err)
-			return
-		}
-	}
-	listener, err := net.Listen("unix", path)
-	if err != nil {
-		panic(err)
-	}
-
-	log.Info("SSH Agent listening on %s", path)
-
-	for {
-		var conn, err = listener.Accept()
-		if err != nil {
-			panic(err)
-		}
-
-		callingContext := sockets.GetCallingContext(conn)
-
-		log.Info("SSH Agent connection from %s>%s>%s \nby user %s", callingContext.GrandParentProcessName, callingContext.ParentProcessName, callingContext.ProcessName, callingContext.UserName)
-		log.Info("SSH Agent connection accepted")
-
-		go agent.ServeAgent(vaultAgent{
-			vault:               v.vault,
-			config:              v.config,
-			unlockRequestAction: v.unlockRequestAction,
-			context:             callingContext,
-		}, conn)
-	}
-}
diff --git a/agent/ssh/sshsocketunix.go b/agent/ssh/sshsocketunix.go
@@ -0,0 +1,46 @@
+//go:build !windows
+
+package ssh
+
+import (
+	"net"
+	"os"
+
+	"github.com/quexten/goldwarden/agent/sockets"
+	"golang.org/x/crypto/ssh/agent"
+)
+
+func (v SSHAgentServer) Serve() {
+	path := v.runtimeConfig.SSHAgentSocketPath
+	if _, err := os.Stat(path); err == nil {
+		if err := os.Remove(path); err != nil {
+			log.Error("Could not remove old socket file: %s", err)
+			return
+		}
+	}
+	listener, err := net.Listen("unix", path)
+	if err != nil {
+		panic(err)
+	}
+
+	log.Info("SSH Agent listening on %s", path)
+
+	for {
+		var conn, err = listener.Accept()
+		if err != nil {
+			panic(err)
+		}
+
+		callingContext := sockets.GetCallingContext(conn)
+
+		log.Info("SSH Agent connection from %s>%s>%s \nby user %s", callingContext.GrandParentProcessName, callingContext.ParentProcessName, callingContext.ProcessName, callingContext.UserName)
+		log.Info("SSH Agent connection accepted")
+
+		go agent.ServeAgent(vaultAgent{
+			vault:               v.vault,
+			config:              v.config,
+			unlockRequestAction: v.unlockRequestAction,
+			context:             callingContext,
+		}, conn)
+	}
+}
diff --git a/agent/ssh/sshsocketwindows.go b/agent/ssh/sshsocketwindows.go
@@ -0,0 +1,38 @@
+//go:build windows
+
+package ssh
+
+import (
+	"github.com/quexten/goldwarden/agent/sockets"
+	"golang.org/x/crypto/ssh/agent"
+)
+
+func (v SSHAgentServer) Serve() {
+	pipePath := `\\.\pipe\openssh-ssh-agent`
+
+	l, err := winio.ListenPipe(pipePath, nil)
+	if err != nil {
+		log.Fatal("listen error:", err)
+	}
+	defer l.Close()
+	log.Printf("Server listening on named pipe %v\n", pipePath)
+
+	for {
+		conn, err := l.Accept()
+		if err != nil {
+			log.Fatal("accept error:", err)
+		}
+
+		callingContext := sockets.GetCallingContext(conn)
+
+		log.Info("SSH Agent connection from %s>%s>%s \nby user %s", callingContext.GrandParentProcessName, callingContext.ParentProcessName, callingContext.ProcessName, callingContext.UserName)
+		log.Info("SSH Agent connection accepted")
+
+		go agent.ServeAgent(vaultAgent{
+			vault:               v.vault,
+			config:              v.config,
+			unlockRequestAction: v.unlockRequestAction,
+			context:             callingContext,
+		}, conn)
+	}
+}