-
Notifications
You must be signed in to change notification settings - Fork 15
/
tunnel.ts
126 lines (107 loc) · 3.47 KB
/
tunnel.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
import net from 'net';
import { Client } from 'ssh2';
import type { ConnectConfig } from 'ssh2';
import { readFile } from './utils';
import createLogger from './logger';
import type { ServerConfig } from './server';
const logger = createLogger('db:tunnel');
interface TunnelConfig extends ConnectConfig {
srcHost: string;
srcPort: number;
dstHost: string;
dstPort: number;
sshPort: number;
}
export default function (serverInfo: ServerConfig): Promise<net.Server> {
return new Promise((resolve, reject) => {
logger().debug('configuring tunnel');
configTunnel(serverInfo)
.then((config): void => {
const connections: (net.Socket | Client)[] = [];
logger().debug('creating ssh tunnel server');
const server = net.createServer((conn) => {
conn.on('error', (err) => server.emit('error', err));
logger().debug('creating ssh tunnel client');
const client = new Client();
connections.push(conn);
client.on('error', (err) => server.emit('error', err));
client.on('ready', () => {
logger().debug('connected ssh tunnel client');
connections.push(client);
logger().debug('forwarding ssh tunnel client output');
client.forwardOut(
config.srcHost,
config.srcPort,
config.dstHost,
config.dstPort,
(err, sshStream) => {
if (err) {
logger().error('error ssh connection %j', err);
server.close();
server.emit('error', err);
return;
}
server.emit('success');
conn.pipe(sshStream).pipe(conn);
},
);
});
try {
logger().debug('connecting ssh tunnel client');
client.connect(config);
} catch (err) {
server.emit('error', err);
}
});
server.once('close', () => {
logger().debug('close ssh tunnel server');
connections.forEach((conn) => conn.end());
});
logger().debug('connecting ssh tunnel server');
// Grab an arbitrary unused port
server
.listen(0, 'localhost', () => {
logger().debug('connected ssh tunnel server');
resolve(server);
})
.on('error', (err) => {
reject(err);
});
})
.catch((err) => {
reject(err);
});
});
}
async function configTunnel(serverInfo: ServerConfig) {
if (!serverInfo.port || !serverInfo.host) {
throw new Error('Host and port not specified for tunnel');
}
if (!serverInfo.ssh) {
throw new Error('SSH information not specified');
}
const config: TunnelConfig = {
username: serverInfo.ssh.user,
port: serverInfo.ssh.port,
host: serverInfo.ssh.host,
dstPort: serverInfo.port,
dstHost: serverInfo.host,
sshPort: 22,
srcPort: 0,
srcHost: 'localhost',
};
if (serverInfo.ssh.passphrase) {
config.passphrase = serverInfo.ssh.passphrase;
}
if (serverInfo.ssh.useAgent) {
if (!process.env.SSH_AUTH_SOCK) {
throw new Error('not set SSH_AUTH_SOCK env variable');
}
config.agent = process.env.SSH_AUTH_SOCK;
} else if (serverInfo.ssh.privateKey) {
config.privateKey = await readFile(serverInfo.ssh.privateKey);
} else if (serverInfo.ssh.password) {
config.password = serverInfo.ssh.password;
}
return config;
}