Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ClientProxyConnector/sendClientProxyMetadata #481

Open
Holger-Benz opened this issue Apr 9, 2024 · 3 comments
Open

ClientProxyConnector/sendClientProxyMetadata #481

Holger-Benz opened this issue Apr 9, 2024 · 3 comments

Comments

@Holger-Benz
Copy link

Version

2.12.1

Bug description

Hello dear Apache SSHD team,

I would like to have the apache sshd client connect through a SOCKS5 or HTTP Proxy.

Based on the eclipse jgit project we install a ClientProxyConnector that tells the session to divert all messages received to the proxy connector until the proxy protocol is finished.

If the client is to connect to the remote SFTP server, the connection to the proxy is established first. This connection setup is logged in the proxy's log files. The sendClientProxyMetadata method is then called and the proxy protocol data is sent using the method IoSession#writeBuffer().

The problem is that the proxy does not receive this data. A wireshark analysis has confirmed that no data is being sent to the proyy.

Do you have an idea what the problem might be?

Kind regards
Holger Benz

Actual behavior

The ClientProxyConnector#sendClientProxyMetadata method is called and the proxy protocol data is sent via the method IoSession#writeBuffer()

According to the Wireshark analysis, no data is sent to the proxy.

Expected behavior

The data is sent via socket to the proxy

Relevant log output

No response

Other information

No response
@tomaswolf
Copy link
Member

I don't have a setup where I could test this with 2.12.1. But with 2.12.0 the JGit way of doing this works fine in Eclipse.

I used ssh -vvv -D7020 localhost as local SOCKS proxy, and configured the proxy settings in Eclipse (in the preferences) as "manual" with localhost:7020 as SOCKS proxy without authentication. Then I fetched from some remote repository using EGit. SSH printed the forwarding request through the proxy in its debug output, and the fetch worked.

So it seems that the JGit implementation works. Why your version of it doesn't send the proxy protocol message is impossible to answer without seeing the code. I suppose you'll have to debug your code.

@Holger-Benz
Copy link
Author

Holger-Benz commented Apr 10, 2024
edited

I downloaded the JGitSshClient version 2.1.12 and tested the communication via a proxy and the communication worked!

The problem occurs when I configure the IOFactory for the JGitSshClient:

  • client.setIoServiceFactoryFactory(new MinaServiceFactoryFactory());

With the IOFactory (MinaServiceFactoryFactory), the proxy protocol data is not sent.

@tomaswolf
Copy link
Member

Debug time :-)

I've used and tested this only in Eclipse, which uses the NIO2 transport. I have no idea why the MINA transport doesn't do the write.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tomaswolf @Holger-Benz