Use SSH address also for host agent

afbjorklund · afbjorklund · commit f13c6b6266cc · 2024-01-19T17:36:13.000+01:00
Signed-off-by: Anders F Björklund &lt;anders.f.bjorklund@gmail.com&gt;
diff --git a/pkg/hostagent/hostagent.go b/pkg/hostagent/hostagent.go
@@ -178,7 +178,7 @@ func New(instName string, stdout io.Writer, signalCh chan os.Signal, opts ...Opt
 		instName:          instName,
 		instSSHAddress:    inst.SSHAddress,
 		sshConfig:         sshConfig,
-		portForwarder:     newPortForwarder(sshConfig, sshLocalPort, rules, inst.VMType),
+		portForwarder:     newPortForwarder(sshConfig, inst.SSHAddress, sshLocalPort, rules, inst.VMType),
 		driver:            limaDriver,
 		signalCh:          signalCh,
 		eventEnc:          json.NewEncoder(stdout),
@@ -567,7 +567,7 @@ func (a *HostAgent) watchGuestAgentEvents(ctx context.Context) {
 		for _, rule := range a.y.PortForwards {
 			if rule.GuestSocket != "" {
 				local := hostAddress(rule, guestagentapi.IPPort{})
-				_ = forwardSSH(ctx, a.sshConfig, a.sshLocalPort, local, rule.GuestSocket, verbForward, rule.Reverse)
+				_ = forwardSSH(ctx, a.sshConfig, a.instSSHAddress, a.sshLocalPort, local, rule.GuestSocket, verbForward, rule.Reverse)
 			}
 		}
 	}
@@ -582,13 +582,13 @@ func (a *HostAgent) watchGuestAgentEvents(ctx context.Context) {
 			if rule.GuestSocket != "" {
 				local := hostAddress(rule, guestagentapi.IPPort{})
 				// using ctx.Background() because ctx has already been cancelled
-				if err := forwardSSH(context.Background(), a.sshConfig, a.sshLocalPort, local, rule.GuestSocket, verbCancel, rule.Reverse); err != nil {
+				if err := forwardSSH(context.Background(), a.sshConfig, a.instSSHAddress, a.sshLocalPort, local, rule.GuestSocket, verbCancel, rule.Reverse); err != nil {
 					errs = append(errs, err)
 				}
 			}
 		}
 		if a.driver.ForwardGuestAgent() {
-			if err := forwardSSH(context.Background(), a.sshConfig, a.sshLocalPort, localUnix, remoteUnix, verbCancel, false); err != nil {
+			if err := forwardSSH(context.Background(), a.sshConfig, a.instSSHAddress, a.sshLocalPort, localUnix, remoteUnix, verbCancel, false); err != nil {
 				errs = append(errs, err)
 			}
 		}
@@ -597,7 +597,7 @@ func (a *HostAgent) watchGuestAgentEvents(ctx context.Context) {
 	for {
 		if a.client == nil || !isGuestAgentSocketAccessible(ctx, a.client) {
 			if a.driver.ForwardGuestAgent() {
-				_ = forwardSSH(ctx, a.sshConfig, a.sshLocalPort, localUnix, remoteUnix, verbForward, false)
+				_ = forwardSSH(ctx, a.sshConfig, a.instSSHAddress, a.sshLocalPort, localUnix, remoteUnix, verbForward, false)
 			}
 		}
 		client, err := a.getOrCreateClient(ctx)
@@ -684,11 +684,11 @@ const (
 	verbCancel  = "cancel"
 )
 
-func executeSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, command ...string) error {
+func executeSSH(ctx context.Context, sshConfig *ssh.SSHConfig, addr string, port int, command ...string) error {
 	args := sshConfig.Args()
 	args = append(args,
 		"-p", strconv.Itoa(port),
-		"127.0.0.1",
+		addr,
 		"--",
 	)
 	args = append(args, command...)
@@ -699,7 +699,7 @@ func executeSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, command
 	return nil
 }
 
-func forwardSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, remote, verb string, reverse bool) error {
+func forwardSSH(ctx context.Context, sshConfig *ssh.SSHConfig, addr string, port int, local, remote, verb string, reverse bool) error {
 	args := sshConfig.Args()
 	args = append(args,
 		"-T",
@@ -718,15 +718,15 @@ func forwardSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local,
 		"-N",
 		"-f",
 		"-p", strconv.Itoa(port),
-		"127.0.0.1",
+		addr,
 		"--",
 	)
 	if strings.HasPrefix(local, "/") {
 		switch verb {
 		case verbForward:
 			if reverse {
 				logrus.Infof("Forwarding %q (host) to %q (guest)", local, remote)
-				if err := executeSSH(ctx, sshConfig, port, "rm", "-f", remote); err != nil {
+				if err := executeSSH(ctx, sshConfig, addr, port, "rm", "-f", remote); err != nil {
 					logrus.WithError(err).Warnf("Failed to clean up %q (guest) before setting up forwarding", remote)
 				}
 			} else {
@@ -741,7 +741,7 @@ func forwardSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local,
 		case verbCancel:
 			if reverse {
 				logrus.Infof("Stopping forwarding %q (host) to %q (guest)", local, remote)
-				if err := executeSSH(ctx, sshConfig, port, "rm", "-f", remote); err != nil {
+				if err := executeSSH(ctx, sshConfig, addr, port, "rm", "-f", remote); err != nil {
 					logrus.WithError(err).Warnf("Failed to clean up %q (guest) after stopping forwarding", remote)
 				}
 			} else {
@@ -761,7 +761,7 @@ func forwardSSH(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local,
 		if verb == verbForward && strings.HasPrefix(local, "/") {
 			if reverse {
 				logrus.WithError(err).Warnf("Failed to set up forward from %q (host) to %q (guest)", local, remote)
-				if err := executeSSH(ctx, sshConfig, port, "rm", "-f", remote); err != nil {
+				if err := executeSSH(ctx, sshConfig, addr, port, "rm", "-f", remote); err != nil {
 					logrus.WithError(err).Warnf("Failed to clean up %q (guest) after forwarding failed", remote)
 				}
 			} else {
diff --git a/pkg/hostagent/mount.go b/pkg/hostagent/mount.go
@@ -58,7 +58,7 @@ func (a *HostAgent) setupMount(m limayaml.Mount) (*mount, error) {
 		Driver:              *m.SSHFS.SFTPDriver,
 		SSHConfig:           a.sshConfig,
 		LocalPath:           location,
-		Host:                "127.0.0.1",
+		Host:                a.instSSHAddress,
 		Port:                a.sshLocalPort,
 		RemotePath:          mountPoint,
 		Readonly:            !(*m.Writable),
diff --git a/pkg/hostagent/port.go b/pkg/hostagent/port.go
@@ -12,16 +12,18 @@ import (
 
 type portForwarder struct {
 	sshConfig   *ssh.SSHConfig
+	sshHostAddr string
 	sshHostPort int
 	rules       []limayaml.PortForward
 	vmType      limayaml.VMType
 }
 
 const sshGuestPort = 22
 
-func newPortForwarder(sshConfig *ssh.SSHConfig, sshHostPort int, rules []limayaml.PortForward, vmType limayaml.VMType) *portForwarder {
+func newPortForwarder(sshConfig *ssh.SSHConfig, sshHostAddr string, sshHostPort int, rules []limayaml.PortForward, vmType limayaml.VMType) *portForwarder {
 	return &portForwarder{
 		sshConfig:   sshConfig,
+		sshHostAddr: sshHostAddr,
 		sshHostPort: sshHostPort,
 		rules:       rules,
 		vmType:      vmType,
@@ -88,7 +90,7 @@ func (pf *portForwarder) OnEvent(ctx context.Context, ev api.Event, instSSHAddre
 			continue
 		}
 		logrus.Infof("Stopping forwarding TCP from %s to %s", remote, local)
-		if err := forwardTCP(ctx, pf.sshConfig, pf.sshHostPort, local, remote, verbCancel); err != nil {
+		if err := forwardTCP(ctx, pf.sshConfig, pf.sshHostAddr, pf.sshHostPort, local, remote, verbCancel); err != nil {
 			logrus.WithError(err).Warnf("failed to stop forwarding tcp port %d", f.Port)
 		}
 	}
@@ -99,7 +101,7 @@ func (pf *portForwarder) OnEvent(ctx context.Context, ev api.Event, instSSHAddre
 			continue
 		}
 		logrus.Infof("Forwarding TCP from %s to %s", remote, local)
-		if err := forwardTCP(ctx, pf.sshConfig, pf.sshHostPort, local, remote, verbForward); err != nil {
+		if err := forwardTCP(ctx, pf.sshConfig, pf.sshHostAddr, pf.sshHostPort, local, remote, verbForward); err != nil {
 			logrus.WithError(err).Warnf("failed to set up forwarding tcp port %d (negligible if already forwarded)", f.Port)
 		}
 	}
diff --git a/pkg/hostagent/port_darwin.go b/pkg/hostagent/port_darwin.go
@@ -16,9 +16,9 @@ import (
 )
 
 // forwardTCP is not thread-safe
-func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, remote, verb string) error {
+func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, addr string, port int, local, remote, verb string) error {
 	if strings.HasPrefix(local, "/") {
-		return forwardSSH(ctx, sshConfig, port, local, remote, verb, false)
+		return forwardSSH(ctx, sshConfig, addr, port, local, remote, verb, false)
 	}
 	localIPStr, localPortStr, err := net.SplitHostPort(local)
 	if err != nil {
@@ -31,7 +31,7 @@ func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local,
 	}
 
 	if !localIP.Equal(api.IPv4loopback1) || localPort >= 1024 {
-		return forwardSSH(ctx, sshConfig, port, local, remote, verb, false)
+		return forwardSSH(ctx, sshConfig, addr, port, local, remote, verb, false)
 	}
 
 	// on macOS, listening on 127.0.0.1:80 requires root while 0.0.0.0:80 does not require root.
@@ -46,7 +46,7 @@ func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local,
 			localUnix := plf.unixAddr.Name
 			_ = plf.Close()
 			delete(pseudoLoopbackForwarders, local)
-			if err := forwardSSH(ctx, sshConfig, port, localUnix, remote, verb, false); err != nil {
+			if err := forwardSSH(ctx, sshConfig, addr, port, localUnix, remote, verb, false); err != nil {
 				return err
 			}
 		} else {
@@ -61,12 +61,12 @@ func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local,
 	}
 	localUnix := filepath.Join(localUnixDir, "sock")
 	logrus.Debugf("forwarding %q to %q", localUnix, remote)
-	if err := forwardSSH(ctx, sshConfig, port, localUnix, remote, verb, false); err != nil {
+	if err := forwardSSH(ctx, sshConfig, addr, port, localUnix, remote, verb, false); err != nil {
 		return err
 	}
 	plf, err := newPseudoLoopbackForwarder(localPort, localUnix)
 	if err != nil {
-		if cancelErr := forwardSSH(ctx, sshConfig, port, localUnix, remote, verbCancel, false); cancelErr != nil {
+		if cancelErr := forwardSSH(ctx, sshConfig, addr, port, localUnix, remote, verbCancel, false); cancelErr != nil {
 			logrus.WithError(cancelErr).Warnf("failed to cancel forwarding %q to %q", localUnix, remote)
 		}
 		return err
diff --git a/pkg/hostagent/port_others.go b/pkg/hostagent/port_others.go
@@ -8,8 +8,8 @@ import (
 	"github.com/lima-vm/sshocker/pkg/ssh"
 )
 
-func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, remote, verb string) error {
-	return forwardSSH(ctx, sshConfig, port, local, remote, verb, false)
+func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, addr string, port int, local, remote, verb string) error {
+	return forwardSSH(ctx, sshConfig, addr, port, local, remote, verb, false)
 }
 
 func getFreeVSockPort() (int, error) {
diff --git a/pkg/hostagent/port_windows.go b/pkg/hostagent/port_windows.go
@@ -7,8 +7,8 @@ import (
 	"github.com/lima-vm/sshocker/pkg/ssh"
 )
 
-func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, remote, verb string) error {
-	return forwardSSH(ctx, sshConfig, port, local, remote, verb, false)
+func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, addr string, port int, local, remote, verb string) error {
+	return forwardSSH(ctx, sshConfig, addr, port, local, remote, verb, false)
 }
 
 func getFreeVSockPort() (int, error) {

Original file line number	Diff line number	Diff line change
`@@ -12,16 +12,18 @@ import (`
`12`	`12`
`13`	`13`	`type portForwarder struct {`
`14`	`14`	`sshConfig *ssh.SSHConfig`
	`15`	`+ sshHostAddr string`
`15`	`16`	`sshHostPort int`
`16`	`17`	`rules []limayaml.PortForward`
`17`	`18`	`vmType limayaml.VMType`
`18`	`19`	`}`
`19`	`20`
`20`	`21`	`const sshGuestPort = 22`
`21`	`22`
`22`		`-func newPortForwarder(sshConfig ssh.SSHConfig, sshHostPort int, rules []limayaml.PortForward, vmType limayaml.VMType) portForwarder {`
	`23`	`+func newPortForwarder(sshConfig ssh.SSHConfig, sshHostAddr string, sshHostPort int, rules []limayaml.PortForward, vmType limayaml.VMType) portForwarder {`
`23`	`24`	`return &portForwarder{`
`24`	`25`	`sshConfig: sshConfig,`
	`26`	`+ sshHostAddr: sshHostAddr,`
`25`	`27`	`sshHostPort: sshHostPort,`
`26`	`28`	`rules: rules,`
`27`	`29`	`vmType: vmType,`
`@@ -88,7 +90,7 @@ func (pf *portForwarder) OnEvent(ctx context.Context, ev api.Event, instSSHAddre`
`88`	`90`	`continue`
`89`	`91`	`}`
`90`	`92`	`logrus.Infof("Stopping forwarding TCP from %s to %s", remote, local)`
`91`		`- if err := forwardTCP(ctx, pf.sshConfig, pf.sshHostPort, local, remote, verbCancel); err != nil {`
	`93`	`+ if err := forwardTCP(ctx, pf.sshConfig, pf.sshHostAddr, pf.sshHostPort, local, remote, verbCancel); err != nil {`
`92`	`94`	`logrus.WithError(err).Warnf("failed to stop forwarding tcp port %d", f.Port)`
`93`	`95`	`}`
`94`	`96`	`}`
`@@ -99,7 +101,7 @@ func (pf *portForwarder) OnEvent(ctx context.Context, ev api.Event, instSSHAddre`
`99`	`101`	`continue`
`100`	`102`	`}`
`101`	`103`	`logrus.Infof("Forwarding TCP from %s to %s", remote, local)`
`102`		`- if err := forwardTCP(ctx, pf.sshConfig, pf.sshHostPort, local, remote, verbForward); err != nil {`
	`104`	`+ if err := forwardTCP(ctx, pf.sshConfig, pf.sshHostAddr, pf.sshHostPort, local, remote, verbForward); err != nil {`
`103`	`105`	`logrus.WithError(err).Warnf("failed to set up forwarding tcp port %d (negligible if already forwarded)", f.Port)`
`104`	`106`	`}`
`105`	`107`	`}`
Original file line number	Diff line number	Diff line change
`@@ -16,9 +16,9 @@ import (`
`16`	`16`	`)`
`17`	`17`
`18`	`18`	`// forwardTCP is not thread-safe`
`19`		`-func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, remote, verb string) error {`
	`19`	`+func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, addr string, port int, local, remote, verb string) error {`
`20`	`20`	`if strings.HasPrefix(local, "/") {`
`21`		`- return forwardSSH(ctx, sshConfig, port, local, remote, verb, false)`
	`21`	`+ return forwardSSH(ctx, sshConfig, addr, port, local, remote, verb, false)`
`22`	`22`	`}`
`23`	`23`	`localIPStr, localPortStr, err := net.SplitHostPort(local)`
`24`	`24`	`if err != nil {`
`@@ -31,7 +31,7 @@ func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local,`
`31`	`31`	`}`
`32`	`32`
`33`	`33`	`if !localIP.Equal(api.IPv4loopback1) \|\| localPort >= 1024 {`
`34`		`- return forwardSSH(ctx, sshConfig, port, local, remote, verb, false)`
	`34`	`+ return forwardSSH(ctx, sshConfig, addr, port, local, remote, verb, false)`
`35`	`35`	`}`
`36`	`36`
`37`	`37`	`// on macOS, listening on 127.0.0.1:80 requires root while 0.0.0.0:80 does not require root.`
`@@ -46,7 +46,7 @@ func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local,`
`46`	`46`	`localUnix := plf.unixAddr.Name`
`47`	`47`	`_ = plf.Close()`
`48`	`48`	`delete(pseudoLoopbackForwarders, local)`
`49`		`- if err := forwardSSH(ctx, sshConfig, port, localUnix, remote, verb, false); err != nil {`
	`49`	`+ if err := forwardSSH(ctx, sshConfig, addr, port, localUnix, remote, verb, false); err != nil {`
`50`	`50`	`return err`
`51`	`51`	`}`
`52`	`52`	`} else {`
`@@ -61,12 +61,12 @@ func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local,`
`61`	`61`	`}`
`62`	`62`	`localUnix := filepath.Join(localUnixDir, "sock")`
`63`	`63`	`logrus.Debugf("forwarding %q to %q", localUnix, remote)`
`64`		`- if err := forwardSSH(ctx, sshConfig, port, localUnix, remote, verb, false); err != nil {`
	`64`	`+ if err := forwardSSH(ctx, sshConfig, addr, port, localUnix, remote, verb, false); err != nil {`
`65`	`65`	`return err`
`66`	`66`	`}`
`67`	`67`	`plf, err := newPseudoLoopbackForwarder(localPort, localUnix)`
`68`	`68`	`if err != nil {`
`69`		`- if cancelErr := forwardSSH(ctx, sshConfig, port, localUnix, remote, verbCancel, false); cancelErr != nil {`
	`69`	`+ if cancelErr := forwardSSH(ctx, sshConfig, addr, port, localUnix, remote, verbCancel, false); cancelErr != nil {`
`70`	`70`	`logrus.WithError(cancelErr).Warnf("failed to cancel forwarding %q to %q", localUnix, remote)`
`71`	`71`	`}`
`72`	`72`	`return err`
Original file line number	Diff line number	Diff line change
`@@ -8,8 +8,8 @@ import (`
`8`	`8`	`"github.com/lima-vm/sshocker/pkg/ssh"`
`9`	`9`	`)`
`10`	`10`
`11`		`-func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, remote, verb string) error {`
`12`		`- return forwardSSH(ctx, sshConfig, port, local, remote, verb, false)`
	`11`	`+func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, addr string, port int, local, remote, verb string) error {`
	`12`	`+ return forwardSSH(ctx, sshConfig, addr, port, local, remote, verb, false)`
`13`	`13`	`}`
`14`	`14`
`15`	`15`	`func getFreeVSockPort() (int, error) {`
Original file line number	Diff line number	Diff line change
`@@ -7,8 +7,8 @@ import (`
`7`	`7`	`"github.com/lima-vm/sshocker/pkg/ssh"`
`8`	`8`	`)`
`9`	`9`
`10`		`-func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, port int, local, remote, verb string) error {`
`11`		`- return forwardSSH(ctx, sshConfig, port, local, remote, verb, false)`
	`10`	`+func forwardTCP(ctx context.Context, sshConfig *ssh.SSHConfig, addr string, port int, local, remote, verb string) error {`
	`11`	`+ return forwardSSH(ctx, sshConfig, addr, port, local, remote, verb, false)`
`12`	`12`	`}`
`13`	`13`
`14`	`14`	`func getFreeVSockPort() (int, error) {`