Upgrade Gliderlabs SSH to 0.3.3 and add FailedConnectionCallback (#16278)

* Upgrade Gliderlabs SSH to 0.3.3 and add FailedConnectionCallback

Following the merging of https://github.com/gliderlabs/ssh/pull/143 we
can now report connections to the ssh server that have failed before
public key exchange has completed using the standard fail2ban message.

This PR updates Gliderlabs SSH and adds a callback that will provide this
logging.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* move the callback to its own function to make the logging appear little nicer

Signed-off-by: Andrew Thornton <art27@cantab.net>
pull/16284/head
zeripath 3 years ago committed by GitHub
parent 5c80ecc2f7
commit f825f20d49
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 7
      go.mod
  2. 12
      go.sum
  3. 11
      modules/ssh/ssh.go
  4. 6
      vendor/github.com/gliderlabs/ssh/circle.yml
  5. 5
      vendor/github.com/gliderlabs/ssh/context.go
  6. 9
      vendor/github.com/gliderlabs/ssh/go.mod
  7. 13
      vendor/github.com/gliderlabs/ssh/go.sum
  8. 6
      vendor/github.com/gliderlabs/ssh/server.go
  9. 2
      vendor/github.com/gliderlabs/ssh/session.go
  10. 4
      vendor/github.com/gliderlabs/ssh/ssh.go
  11. 1
      vendor/golang.org/x/sys/unix/mkerrors.sh
  12. 33
      vendor/golang.org/x/sys/unix/syscall_darwin.go
  13. 5
      vendor/golang.org/x/sys/unix/zerrors_darwin_amd64.go
  14. 5
      vendor/golang.org/x/sys/unix/zerrors_darwin_arm64.go
  15. 5
      vendor/golang.org/x/sys/unix/zerrors_freebsd_386.go
  16. 5
      vendor/golang.org/x/sys/unix/zerrors_freebsd_amd64.go
  17. 5
      vendor/golang.org/x/sys/unix/zerrors_freebsd_arm.go
  18. 5
      vendor/golang.org/x/sys/unix/zerrors_freebsd_arm64.go
  19. 6
      vendor/golang.org/x/sys/unix/zerrors_linux.go
  20. 104
      vendor/golang.org/x/sys/unix/ztypes_darwin_amd64.go
  21. 104
      vendor/golang.org/x/sys/unix/ztypes_darwin_arm64.go
  22. 3
      vendor/golang.org/x/sys/unix/ztypes_dragonfly_amd64.go
  23. 5
      vendor/golang.org/x/sys/unix/ztypes_freebsd_386.go
  24. 5
      vendor/golang.org/x/sys/unix/ztypes_freebsd_amd64.go
  25. 5
      vendor/golang.org/x/sys/unix/ztypes_freebsd_arm.go
  26. 5
      vendor/golang.org/x/sys/unix/ztypes_freebsd_arm64.go
  27. 4
      vendor/golang.org/x/sys/unix/ztypes_netbsd_386.go
  28. 4
      vendor/golang.org/x/sys/unix/ztypes_netbsd_amd64.go
  29. 4
      vendor/golang.org/x/sys/unix/ztypes_netbsd_arm.go
  30. 4
      vendor/golang.org/x/sys/unix/ztypes_netbsd_arm64.go
  31. 7
      vendor/modules.txt

@ -19,7 +19,6 @@ require (
github.com/alecthomas/chroma v0.9.1 github.com/alecthomas/chroma v0.9.1
github.com/andybalholm/brotli v1.0.3 // indirect github.com/andybalholm/brotli v1.0.3 // indirect
github.com/andybalholm/cascadia v1.2.0 // indirect github.com/andybalholm/cascadia v1.2.0 // indirect
github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be // indirect
github.com/blevesearch/bleve/v2 v2.0.5 github.com/blevesearch/bleve/v2 v2.0.5
github.com/boombuler/barcode v1.0.1 // indirect github.com/boombuler/barcode v1.0.1 // indirect
github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b // indirect github.com/bradfitz/gomemcache v0.0.0-20190913173617-a41fca850d0b // indirect
@ -36,7 +35,7 @@ require (
github.com/editorconfig/editorconfig-core-go/v2 v2.4.2 github.com/editorconfig/editorconfig-core-go/v2 v2.4.2
github.com/emirpasic/gods v1.12.0 github.com/emirpasic/gods v1.12.0
github.com/ethantkoenig/rupture v1.0.0 github.com/ethantkoenig/rupture v1.0.0
github.com/gliderlabs/ssh v0.3.2 github.com/gliderlabs/ssh v0.3.3
github.com/go-asn1-ber/asn1-ber v1.5.3 // indirect github.com/go-asn1-ber/asn1-ber v1.5.3 // indirect
github.com/go-chi/chi v1.5.4 github.com/go-chi/chi v1.5.4
github.com/go-chi/cors v1.2.0 github.com/go-chi/cors v1.2.0
@ -123,10 +122,10 @@ require (
go.jolheiser.com/pwn v0.0.3 go.jolheiser.com/pwn v0.0.3
go.uber.org/multierr v1.7.0 // indirect go.uber.org/multierr v1.7.0 // indirect
go.uber.org/zap v1.17.0 // indirect go.uber.org/zap v1.17.0 // indirect
golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e
golang.org/x/net v0.0.0-20210525063256-abc453219eb5 golang.org/x/net v0.0.0-20210525063256-abc453219eb5
golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c
golang.org/x/sys v0.0.0-20210608053332-aa57babbf139 golang.org/x/sys v0.0.0-20210616094352-59db8d763f22
golang.org/x/text v0.3.6 golang.org/x/text v0.3.6
golang.org/x/time v0.0.0-20210608053304-ed9ce3a009e4 // indirect golang.org/x/time v0.0.0-20210608053304-ed9ce3a009e4 // indirect
golang.org/x/tools v0.1.0 golang.org/x/tools v0.1.0

@ -286,8 +286,8 @@ github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWo
github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
github.com/gliderlabs/ssh v0.3.2 h1:gcfd1Aj/9RQxvygu4l3sak711f/5+VOwBw9C/7+N4EI= github.com/gliderlabs/ssh v0.3.3 h1:mBQ8NiOgDkINJrZtoizkC3nDNYgSaWtxyem6S2XHBtA=
github.com/gliderlabs/ssh v0.3.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0= github.com/gliderlabs/ssh v0.3.3/go.mod h1:ZSS+CUoKHDrqVakTfTWUlKSr9MtMFkC4UvtQKD7O914=
github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= github.com/globalsign/mgo v0.0.0-20180905125535-1ca0a4f7cbcb/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q=
github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q= github.com/globalsign/mgo v0.0.0-20181015135952-eeefdecb41b8/go.mod h1:xkRDCp4j0OGD1HRkm4kmhM+pmpv3AKq5SU7GMg4oO/Q=
github.com/glycerine/go-unsnap-stream v0.0.0-20181221182339-f9677308dec2/go.mod h1:/20jfyN9Y5QPEAprSgKAUr+glWDY39ZiUEAYOEv5dsE= github.com/glycerine/go-unsnap-stream v0.0.0-20181221182339-f9677308dec2/go.mod h1:/20jfyN9Y5QPEAprSgKAUr+glWDY39ZiUEAYOEv5dsE=
@ -1140,8 +1140,9 @@ golang.org/x/crypto v0.0.0-20200709230013-948cd5f35899/go.mod h1:LzIPMQfyMNhhGPh
golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a h1:kr2P4QFmQr29mSLA43kwrOcgcReGTfbE9N577tCTuBc=
golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8= golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e h1:gsTQYXdTw2Gq7RBsWvlQ91b+aEQ6bXFUngBGuR8sPpI=
golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@ -1337,8 +1338,9 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210608053332-aa57babbf139 h1:C+AwYEtBp/VQwoLntUmQ/yx3MS9vmZaKNdw5eOpoQe8= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210608053332-aa57babbf139/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 h1:RqytpXGR1iVNX7psjB3ff8y7sNFinVFvkx1c8SjBkio=
golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=

@ -12,6 +12,7 @@ import (
"encoding/pem" "encoding/pem"
"fmt" "fmt"
"io" "io"
"net"
"os" "os"
"os/exec" "os/exec"
"path/filepath" "path/filepath"
@ -239,6 +240,15 @@ func publicKeyHandler(ctx ssh.Context, key ssh.PublicKey) bool {
return true return true
} }
// sshConnectionFailed logs a failed connection
// - this mainly exists to give a nice function name in logging
func sshConnectionFailed(conn net.Conn, err error) {
// Log the underlying error with a specific message
log.Warn("Failed connection from %s with error: %v", conn.RemoteAddr(), err)
// Log with the standard failed authentication from message for simpler fail2ban configuration
log.Warn("Failed authentication attempt from %s", conn.RemoteAddr())
}
// Listen starts a SSH server listens on given port. // Listen starts a SSH server listens on given port.
func Listen(host string, port int, ciphers []string, keyExchanges []string, macs []string) { func Listen(host string, port int, ciphers []string, keyExchanges []string, macs []string) {
srv := ssh.Server{ srv := ssh.Server{
@ -252,6 +262,7 @@ func Listen(host string, port int, ciphers []string, keyExchanges []string, macs
config.Ciphers = ciphers config.Ciphers = ciphers
return config return config
}, },
ConnectionFailedCallback: sshConnectionFailed,
// We need to explicitly disable the PtyCallback so text displays // We need to explicitly disable the PtyCallback so text displays
// properly. // properly.
PtyCallback: func(ctx ssh.Context, pty ssh.Pty) bool { PtyCallback: func(ctx ssh.Context, pty ssh.Pty) bool {

@ -9,9 +9,9 @@ jobs:
- run: go get - run: go get
- run: go test -v -race - run: go test -v -race
build-go-1.9: build-go-1.12:
docker: docker:
- image: golang:1.9 - image: golang:1.12
working_directory: /go/src/github.com/gliderlabs/ssh working_directory: /go/src/github.com/gliderlabs/ssh
steps: steps:
- checkout - checkout
@ -23,4 +23,4 @@ workflows:
build: build:
jobs: jobs:
- build-go-latest - build-go-latest
- build-go-1.9 - build-go-1.12

@ -140,7 +140,10 @@ func (ctx *sshContext) ServerVersion() string {
} }
func (ctx *sshContext) RemoteAddr() net.Addr { func (ctx *sshContext) RemoteAddr() net.Addr {
return ctx.Value(ContextKeyRemoteAddr).(net.Addr) if addr, ok := ctx.Value(ContextKeyRemoteAddr).(net.Addr); ok {
return addr
}
return nil
} }
func (ctx *sshContext) LocalAddr() net.Addr { func (ctx *sshContext) LocalAddr() net.Addr {

@ -0,0 +1,9 @@
module github.com/gliderlabs/ssh
go 1.12
require (
github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be
golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e
golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 // indirect
)

@ -0,0 +1,13 @@
github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be h1:9AeTilPcZAjCFIImctFaOjnTIavg87rW78vTPkQqLI8=
github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be/go.mod h1:ySMOLuWl6zY27l47sB3qLNK6tF2fkHG55UZxx8oIVo4=
golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e h1:gsTQYXdTw2Gq7RBsWvlQ91b+aEQ6bXFUngBGuR8sPpI=
golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 h1:RqytpXGR1iVNX7psjB3ff8y7sNFinVFvkx1c8SjBkio=
golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

@ -48,6 +48,8 @@ type Server struct {
ServerConfigCallback ServerConfigCallback // callback for configuring detailed SSH options ServerConfigCallback ServerConfigCallback // callback for configuring detailed SSH options
SessionRequestCallback SessionRequestCallback // callback for allowing or denying SSH sessions SessionRequestCallback SessionRequestCallback // callback for allowing or denying SSH sessions
ConnectionFailedCallback ConnectionFailedCallback // callback to report connection failures
IdleTimeout time.Duration // connection timeout when no activity, none if empty IdleTimeout time.Duration // connection timeout when no activity, none if empty
MaxTimeout time.Duration // absolute connection timeout, none if empty MaxTimeout time.Duration // absolute connection timeout, none if empty
@ -278,7 +280,9 @@ func (srv *Server) HandleConn(newConn net.Conn) {
defer conn.Close() defer conn.Close()
sshConn, chans, reqs, err := gossh.NewServerConn(conn, srv.config(ctx)) sshConn, chans, reqs, err := gossh.NewServerConn(conn, srv.config(ctx))
if err != nil { if err != nil {
// TODO: trigger event callback if srv.ConnectionFailedCallback != nil {
srv.ConnectionFailedCallback(conn, err)
}
return return
} }

@ -14,7 +14,7 @@ import (
// Session provides access to information about an SSH session and methods // Session provides access to information about an SSH session and methods
// to read and write to the SSH channel with an embedded Channel interface from // to read and write to the SSH channel with an embedded Channel interface from
// cypto/ssh. // crypto/ssh.
// //
// When Command() returns an empty slice, the user requested a shell. Otherwise // When Command() returns an empty slice, the user requested a shell. Otherwise
// the user is performing an exec with those command arguments. // the user is performing an exec with those command arguments.

@ -64,6 +64,10 @@ type ReversePortForwardingCallback func(ctx Context, bindHost string, bindPort u
// ServerConfigCallback is a hook for creating custom default server configs // ServerConfigCallback is a hook for creating custom default server configs
type ServerConfigCallback func(ctx Context) *gossh.ServerConfig type ServerConfigCallback func(ctx Context) *gossh.ServerConfig
// ConnectionFailedCallback is a hook for reporting failed connections
// Please note: the net.Conn is likely to be closed at this point
type ConnectionFailedCallback func(conn net.Conn, err error)
// Window represents the size of a PTY window. // Window represents the size of a PTY window.
type Window struct { type Window struct {
Width int Width int

@ -563,6 +563,7 @@ ccflags="$@"
$2 ~ /^KEYCTL_/ || $2 ~ /^KEYCTL_/ ||
$2 ~ /^PERF_/ || $2 ~ /^PERF_/ ||
$2 ~ /^SECCOMP_MODE_/ || $2 ~ /^SECCOMP_MODE_/ ||
$2 ~ /^SEEK_/ ||
$2 ~ /^SPLICE_/ || $2 ~ /^SPLICE_/ ||
$2 ~ /^SYNC_FILE_RANGE_/ || $2 ~ /^SYNC_FILE_RANGE_/ ||
$2 !~ /^AUDIT_RECORD_MAGIC/ && $2 !~ /^AUDIT_RECORD_MAGIC/ &&

@ -13,6 +13,7 @@
package unix package unix
import ( import (
"fmt"
"runtime" "runtime"
"syscall" "syscall"
"unsafe" "unsafe"
@ -398,6 +399,38 @@ func GetsockoptXucred(fd, level, opt int) (*Xucred, error) {
return x, err return x, err
} }
func SysctlKinfoProcSlice(name string) ([]KinfoProc, error) {
mib, err := sysctlmib(name)
if err != nil {
return nil, err
}
// Find size.
n := uintptr(0)
if err := sysctl(mib, nil, &n, nil, 0); err != nil {
return nil, err
}
if n == 0 {
return nil, nil
}
if n%SizeofKinfoProc != 0 {
return nil, fmt.Errorf("sysctl() returned a size of %d, which is not a multiple of %d", n, SizeofKinfoProc)
}
// Read into buffer of that size.
buf := make([]KinfoProc, n/SizeofKinfoProc)
if err := sysctl(mib, (*byte)(unsafe.Pointer(&buf[0])), &n, nil, 0); err != nil {
return nil, err
}
if n%SizeofKinfoProc != 0 {
return nil, fmt.Errorf("sysctl() returned a size of %d, which is not a multiple of %d", n, SizeofKinfoProc)
}
// The actual call may return less than the original reported required
// size so ensure we deal with that.
return buf[:n/SizeofKinfoProc], nil
}
//sys sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error) //sys sendfile(infd int, outfd int, offset int64, len *int64, hdtr unsafe.Pointer, flags int) (err error)
/* /*

@ -1262,6 +1262,11 @@ const (
SCM_RIGHTS = 0x1 SCM_RIGHTS = 0x1
SCM_TIMESTAMP = 0x2 SCM_TIMESTAMP = 0x2
SCM_TIMESTAMP_MONOTONIC = 0x4 SCM_TIMESTAMP_MONOTONIC = 0x4
SEEK_CUR = 0x1
SEEK_DATA = 0x4
SEEK_END = 0x2
SEEK_HOLE = 0x3
SEEK_SET = 0x0
SHUT_RD = 0x0 SHUT_RD = 0x0
SHUT_RDWR = 0x2 SHUT_RDWR = 0x2
SHUT_WR = 0x1 SHUT_WR = 0x1

@ -1262,6 +1262,11 @@ const (
SCM_RIGHTS = 0x1 SCM_RIGHTS = 0x1
SCM_TIMESTAMP = 0x2 SCM_TIMESTAMP = 0x2
SCM_TIMESTAMP_MONOTONIC = 0x4 SCM_TIMESTAMP_MONOTONIC = 0x4
SEEK_CUR = 0x1
SEEK_DATA = 0x4
SEEK_END = 0x2
SEEK_HOLE = 0x3
SEEK_SET = 0x0
SHUT_RD = 0x0 SHUT_RD = 0x0
SHUT_RDWR = 0x2 SHUT_RDWR = 0x2
SHUT_WR = 0x1 SHUT_WR = 0x1

@ -1297,6 +1297,11 @@ const (
SCM_RIGHTS = 0x1 SCM_RIGHTS = 0x1
SCM_TIMESTAMP = 0x2 SCM_TIMESTAMP = 0x2
SCM_TIME_INFO = 0x7 SCM_TIME_INFO = 0x7
SEEK_CUR = 0x1
SEEK_DATA = 0x3
SEEK_END = 0x2
SEEK_HOLE = 0x4
SEEK_SET = 0x0
SHUT_RD = 0x0 SHUT_RD = 0x0
SHUT_RDWR = 0x2 SHUT_RDWR = 0x2
SHUT_WR = 0x1 SHUT_WR = 0x1

@ -1298,6 +1298,11 @@ const (
SCM_RIGHTS = 0x1 SCM_RIGHTS = 0x1
SCM_TIMESTAMP = 0x2 SCM_TIMESTAMP = 0x2
SCM_TIME_INFO = 0x7 SCM_TIME_INFO = 0x7
SEEK_CUR = 0x1
SEEK_DATA = 0x3
SEEK_END = 0x2
SEEK_HOLE = 0x4
SEEK_SET = 0x0
SHUT_RD = 0x0 SHUT_RD = 0x0
SHUT_RDWR = 0x2 SHUT_RDWR = 0x2
SHUT_WR = 0x1 SHUT_WR = 0x1

@ -1276,6 +1276,11 @@ const (
SCM_CREDS = 0x3 SCM_CREDS = 0x3
SCM_RIGHTS = 0x1 SCM_RIGHTS = 0x1
SCM_TIMESTAMP = 0x2 SCM_TIMESTAMP = 0x2
SEEK_CUR = 0x1
SEEK_DATA = 0x3
SEEK_END = 0x2
SEEK_HOLE = 0x4
SEEK_SET = 0x0
SHUT_RD = 0x0 SHUT_RD = 0x0
SHUT_RDWR = 0x2 SHUT_RDWR = 0x2
SHUT_WR = 0x1 SHUT_WR = 0x1

@ -1298,6 +1298,11 @@ const (
SCM_RIGHTS = 0x1 SCM_RIGHTS = 0x1
SCM_TIMESTAMP = 0x2 SCM_TIMESTAMP = 0x2
SCM_TIME_INFO = 0x7 SCM_TIME_INFO = 0x7
SEEK_CUR = 0x1
SEEK_DATA = 0x3
SEEK_END = 0x2
SEEK_HOLE = 0x4
SEEK_SET = 0x0
SHUT_RD = 0x0 SHUT_RD = 0x0
SHUT_RDWR = 0x2 SHUT_RDWR = 0x2
SHUT_WR = 0x1 SHUT_WR = 0x1

@ -2284,6 +2284,12 @@ const (
SECCOMP_MODE_FILTER = 0x2 SECCOMP_MODE_FILTER = 0x2
SECCOMP_MODE_STRICT = 0x1 SECCOMP_MODE_STRICT = 0x1
SECURITYFS_MAGIC = 0x73636673 SECURITYFS_MAGIC = 0x73636673
SEEK_CUR = 0x1
SEEK_DATA = 0x3
SEEK_END = 0x2
SEEK_HOLE = 0x4
SEEK_MAX = 0x4
SEEK_SET = 0x0
SELINUX_MAGIC = 0xf97cff8c SELINUX_MAGIC = 0xf97cff8c
SHUT_RD = 0x0 SHUT_RD = 0x0
SHUT_RDWR = 0x2 SHUT_RDWR = 0x2

@ -535,3 +535,107 @@ type CtlInfo struct {
Id uint32 Id uint32
Name [96]byte Name [96]byte
} }
const SizeofKinfoProc = 0x288
type Eproc struct {
Paddr uintptr
Sess uintptr
Pcred Pcred
Ucred Ucred
Vm Vmspace
Ppid int32
Pgid int32
Jobc int16
Tdev int32
Tpgid int32
Tsess uintptr
Wmesg [8]int8
Xsize int32
Xrssize int16
Xccount int16
Xswrss int16
Flag int32
Login [12]int8
Spare [4]int32
_ [4]byte
}
type ExternProc struct {
P_starttime Timeval
P_vmspace *Vmspace
P_sigacts uintptr
P_flag int32
P_stat int8
P_pid int32
P_oppid int32
P_dupfd int32
User_stack *int8
Exit_thread *byte
P_debugger int32
Sigwait int32
P_estcpu uint32
P_cpticks int32
P_pctcpu uint32
P_wchan *byte
P_wmesg *int8
P_swtime uint32
P_slptime uint32
P_realtimer Itimerval
P_rtime Timeval
P_uticks uint64
P_sticks uint64
P_iticks uint64
P_traceflag int32
P_tracep uintptr
P_siglist int32
P_textvp uintptr
P_holdcnt int32
P_sigmask uint32
P_sigignore uint32
P_sigcatch uint32
P_priority uint8
P_usrpri uint8
P_nice int8
P_comm [17]int8
P_pgrp uintptr
P_addr uintptr
P_xstat uint16
P_acflag uint16
P_ru *Rusage
}
type Itimerval struct {
Interval Timeval
Value Timeval
}
type KinfoProc struct {
Proc ExternProc
Eproc Eproc
}
type Vmspace struct {
Dummy int32
Dummy2 *int8
Dummy3 [5]int32
Dummy4 [3]*int8
}
type Pcred struct {
Pc_lock [72]int8
Pc_ucred uintptr
P_ruid uint32
P_svuid uint32
P_rgid uint32
P_svgid uint32
P_refcnt int32
_ [4]byte
}
type Ucred struct {
Ref int32
Uid uint32
Ngroups int16
Groups [16]uint32
}

@ -535,3 +535,107 @@ type CtlInfo struct {
Id uint32 Id uint32
Name [96]byte Name [96]byte
} }
const SizeofKinfoProc = 0x288
type Eproc struct {
Paddr uintptr
Sess uintptr
Pcred Pcred
Ucred Ucred
Vm Vmspace
Ppid int32
Pgid int32
Jobc int16
Tdev int32
Tpgid int32
Tsess uintptr
Wmesg [8]int8
Xsize int32
Xrssize int16
Xccount int16
Xswrss int16
Flag int32
Login [12]int8
Spare [4]int32
_ [4]byte
}
type ExternProc struct {
P_starttime Timeval
P_vmspace *Vmspace
P_sigacts uintptr
P_flag int32
P_stat int8
P_pid int32
P_oppid int32
P_dupfd int32
User_stack *int8
Exit_thread *byte
P_debugger int32
Sigwait int32
P_estcpu uint32
P_cpticks int32
P_pctcpu uint32
P_wchan *byte
P_wmesg *int8
P_swtime uint32
P_slptime uint32
P_realtimer Itimerval
P_rtime Timeval
P_uticks uint64
P_sticks uint64
P_iticks uint64
P_traceflag int32
P_tracep uintptr
P_siglist int32
P_textvp uintptr
P_holdcnt int32
P_sigmask uint32
P_sigignore uint32
P_sigcatch uint32
P_priority uint8
P_usrpri uint8
P_nice int8
P_comm [17]int8
P_pgrp uintptr
P_addr uintptr
P_xstat uint16
P_acflag uint16
P_ru *Rusage
}
type Itimerval struct {
Interval Timeval
Value Timeval
}
type KinfoProc struct {
Proc ExternProc
Eproc Eproc
}
type Vmspace struct {
Dummy int32
Dummy2 *int8
Dummy3 [5]int32
Dummy4 [3]*int8
}
type Pcred struct {
Pc_lock [72]int8
Pc_ucred uintptr
P_ruid uint32
P_svuid uint32
P_rgid uint32
P_svgid uint32
P_refcnt int32
_ [4]byte
}
type Ucred struct {
Ref int32
Uid uint32
Ngroups int16
Groups [16]uint32
}

@ -431,6 +431,9 @@ type Winsize struct {
const ( const (
AT_FDCWD = 0xfffafdcd AT_FDCWD = 0xfffafdcd
AT_SYMLINK_NOFOLLOW = 0x1 AT_SYMLINK_NOFOLLOW = 0x1
AT_REMOVEDIR = 0x2
AT_EACCESS = 0x4
AT_SYMLINK_FOLLOW = 0x8
) )
type PollFd struct { type PollFd struct {

@ -672,9 +672,10 @@ type Winsize struct {
const ( const (
AT_FDCWD = -0x64 AT_FDCWD = -0x64
AT_REMOVEDIR = 0x800 AT_EACCESS = 0x100
AT_SYMLINK_FOLLOW = 0x400
AT_SYMLINK_NOFOLLOW = 0x200 AT_SYMLINK_NOFOLLOW = 0x200
AT_SYMLINK_FOLLOW = 0x400
AT_REMOVEDIR = 0x800
) )
type PollFd struct { type PollFd struct {

@ -675,9 +675,10 @@ type Winsize struct {
const ( const (
AT_FDCWD = -0x64 AT_FDCWD = -0x64
AT_REMOVEDIR = 0x800 AT_EACCESS = 0x100
AT_SYMLINK_FOLLOW = 0x400
AT_SYMLINK_NOFOLLOW = 0x200 AT_SYMLINK_NOFOLLOW = 0x200
AT_SYMLINK_FOLLOW = 0x400
AT_REMOVEDIR = 0x800
) )
type PollFd struct { type PollFd struct {

@ -656,9 +656,10 @@ type Winsize struct {
const ( const (
AT_FDCWD = -0x64 AT_FDCWD = -0x64
AT_REMOVEDIR = 0x800 AT_EACCESS = 0x100
AT_SYMLINK_FOLLOW = 0x400
AT_SYMLINK_NOFOLLOW = 0x200 AT_SYMLINK_NOFOLLOW = 0x200
AT_SYMLINK_FOLLOW = 0x400
AT_REMOVEDIR = 0x800
) )
type PollFd struct { type PollFd struct {

@ -653,9 +653,10 @@ type Winsize struct {
const ( const (
AT_FDCWD = -0x64 AT_FDCWD = -0x64
AT_REMOVEDIR = 0x800 AT_EACCESS = 0x100
AT_SYMLINK_FOLLOW = 0x400
AT_SYMLINK_NOFOLLOW = 0x200 AT_SYMLINK_NOFOLLOW = 0x200
AT_SYMLINK_FOLLOW = 0x400
AT_REMOVEDIR = 0x800
) )
type PollFd struct { type PollFd struct {

@ -445,8 +445,10 @@ type Ptmget struct {
const ( const (
AT_FDCWD = -0x64 AT_FDCWD = -0x64
AT_SYMLINK_FOLLOW = 0x400 AT_EACCESS = 0x100
AT_SYMLINK_NOFOLLOW = 0x200 AT_SYMLINK_NOFOLLOW = 0x200
AT_SYMLINK_FOLLOW = 0x400
AT_REMOVEDIR = 0x800
) )
type PollFd struct { type PollFd struct {

@ -453,8 +453,10 @@ type Ptmget struct {
const ( const (
AT_FDCWD = -0x64 AT_FDCWD = -0x64
AT_SYMLINK_FOLLOW = 0x400 AT_EACCESS = 0x100
AT_SYMLINK_NOFOLLOW = 0x200 AT_SYMLINK_NOFOLLOW = 0x200
AT_SYMLINK_FOLLOW = 0x400
AT_REMOVEDIR = 0x800
) )
type PollFd struct { type PollFd struct {

@ -450,8 +450,10 @@ type Ptmget struct {
const ( const (
AT_FDCWD = -0x64 AT_FDCWD = -0x64
AT_SYMLINK_FOLLOW = 0x400 AT_EACCESS = 0x100
AT_SYMLINK_NOFOLLOW = 0x200 AT_SYMLINK_NOFOLLOW = 0x200
AT_SYMLINK_FOLLOW = 0x400
AT_REMOVEDIR = 0x800
) )
type PollFd struct { type PollFd struct {

@ -453,8 +453,10 @@ type Ptmget struct {
const ( const (
AT_FDCWD = -0x64 AT_FDCWD = -0x64
AT_SYMLINK_FOLLOW = 0x400 AT_EACCESS = 0x100
AT_SYMLINK_NOFOLLOW = 0x200 AT_SYMLINK_NOFOLLOW = 0x200
AT_SYMLINK_FOLLOW = 0x400
AT_REMOVEDIR = 0x800
) )
type PollFd struct { type PollFd struct {

@ -108,7 +108,6 @@ github.com/andybalholm/brotli
## explicit ## explicit
github.com/andybalholm/cascadia github.com/andybalholm/cascadia
# github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be # github.com/anmitsu/go-shlex v0.0.0-20200514113438-38f4b401e2be
## explicit
github.com/anmitsu/go-shlex github.com/anmitsu/go-shlex
# github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d # github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d
github.com/asaskevich/govalidator github.com/asaskevich/govalidator
@ -270,7 +269,7 @@ github.com/ethantkoenig/rupture
github.com/felixge/httpsnoop github.com/felixge/httpsnoop
# github.com/fsnotify/fsnotify v1.4.9 # github.com/fsnotify/fsnotify v1.4.9
github.com/fsnotify/fsnotify github.com/fsnotify/fsnotify
# github.com/gliderlabs/ssh v0.3.2 # github.com/gliderlabs/ssh v0.3.3
## explicit ## explicit
github.com/gliderlabs/ssh github.com/gliderlabs/ssh
# github.com/go-asn1-ber/asn1-ber v1.5.3 # github.com/go-asn1-ber/asn1-ber v1.5.3
@ -857,7 +856,7 @@ go.uber.org/zap/internal/bufferpool
go.uber.org/zap/internal/color go.uber.org/zap/internal/color
go.uber.org/zap/internal/exit go.uber.org/zap/internal/exit
go.uber.org/zap/zapcore go.uber.org/zap/zapcore
# golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a # golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e
## explicit ## explicit
golang.org/x/crypto/argon2 golang.org/x/crypto/argon2
golang.org/x/crypto/bcrypt golang.org/x/crypto/bcrypt
@ -914,7 +913,7 @@ golang.org/x/oauth2/google/internal/externalaccount
golang.org/x/oauth2/internal golang.org/x/oauth2/internal
golang.org/x/oauth2/jws golang.org/x/oauth2/jws
golang.org/x/oauth2/jwt golang.org/x/oauth2/jwt
# golang.org/x/sys v0.0.0-20210608053332-aa57babbf139 # golang.org/x/sys v0.0.0-20210616094352-59db8d763f22
## explicit ## explicit
golang.org/x/sys/cpu golang.org/x/sys/cpu
golang.org/x/sys/execabs golang.org/x/sys/execabs

Loading…
Cancel
Save