From 89c30f4029ad39564548b1d88515deb0b29b0413 Mon Sep 17 00:00:00 2001 From: Kumbirai Tanekha Date: Thu, 16 Dec 2021 19:24:59 +0000 Subject: [PATCH] Fix: ssh connector closes failed connections --- internal/plugin/connectors/ssh/proxy_service.go | 2 ++ internal/plugin/connectors/ssh/service_connector.go | 5 +++++ 2 files changed, 7 insertions(+) diff --git a/internal/plugin/connectors/ssh/proxy_service.go b/internal/plugin/connectors/ssh/proxy_service.go index 817e43594..22d6a39ba 100644 --- a/internal/plugin/connectors/ssh/proxy_service.go +++ b/internal/plugin/connectors/ssh/proxy_service.go @@ -130,6 +130,7 @@ func (proxy *proxyService) Start() error { // https://godoc.org/golang.org/x/crypto/ssh#NewServerConn conn, chans, reqs, err := ssh.NewServerConn(nConn, serverConfig) if err != nil { + nConn.Close() logger.Debugf("Failed to handshake: %s", err) continue } @@ -149,6 +150,7 @@ func (proxy *proxyService) Start() error { go func() { if err := proxy.handleConnections(chans); err != nil { logger.Errorf("Failed on handle connection: %s", err) + nConn.Close() return } diff --git a/internal/plugin/connectors/ssh/service_connector.go b/internal/plugin/connectors/ssh/service_connector.go index 20d38619a..dea704264 100644 --- a/internal/plugin/connectors/ssh/service_connector.go +++ b/internal/plugin/connectors/ssh/service_connector.go @@ -98,6 +98,11 @@ func (h *ServiceConnector) Connect( } if server, err = ssh.Dial(serverConfig.Network, serverConfig.Address, &serverConfig.ClientConfig); err != nil { + for newChannel := range h.channels { + if err := newChannel.Reject(ssh.ConnectionFailed, "secretless unable to dial upstream"); err != nil { + h.logger.Errorf("Failed to send new channel rejection : %s", err) + } + } return fmt.Errorf("failed to dial SSH backend '%s': %s", serverConfig.Address, err) }