1
1
mirror of https://github.com/wez/wezterm.git synced 2024-12-23 21:32:13 +03:00
wezterm/wezterm-client
Wez Furlong 6b93ee19e7
mux: record client ssh_auth_sock information
This commit expands the set of data that we track for each client to
include the SSH_AUTH_SOCK. This defaults to the value of that env var on
the machine where the ClientId is constructed, which may be remote from
the mux server.

For the proxy scenario, a remote SSH_AUTH_SOCK path is not addressable,
and what we really want is the local SSH_AUTH_SOCK path from that SSH
session, so we introduce awareness of whether the current session is a
proxy session. Proxy sessions register the mux-local-proxy-id during the
setup of the proxy, but we don't apply the identity to the mux. Instead,
we wait for the remote client to send their identity and that is
annotate to show that it has been routed via a proxy and, crucially, has
the SSH_AUTH_SOCK replaced with the mux-local-proxy-id SSH_AUTH_SOCK.

```
; wezterm cli list-clients
USER HOST                          PID CONNECTED     IDLE         WORKSPACE FOCUS SSH_AUTH_SOCK
wez  foo                        336500 86.944834352s 944.834352ms default       3 /home/wez/.1password/agent.sock
wez  foo (via proxy pid 337457) 337314 1.944834352s  944.834352ms               4 /tmp/ssh-XXXXTfGSp7/agent.337456
```

For the SSH_AUTH_SOCK to be populated, ssh agent forwarding also needs
to be enabled for SSH exec() calls; previously it was enabled only for
pty channels.

Since this commit changes the ABI of the mux protocol, the codec
version has been bumped.
2024-05-09 07:45:19 -07:00
..
src mux: record client ssh_auth_sock information 2024-05-09 07:45:19 -07:00
Cargo.toml remove openssl pinning, cargo update 2023-09-04 13:31:03 -07:00