diff options
| author | Dave Cheney <dave@cheney.net> | 2013-10-25 06:29:58 +1100 |
|---|---|---|
| committer | Dave Cheney <dave@cheney.net> | 2013-10-25 06:29:58 +1100 |
| commit | c0d640c88782f757a45d3f7b93eec2ec63b229cb (patch) | |
| tree | f1d2d258b71d469f94760ba35e47716bf7400b85 /ssh/client_auth.go | |
| parent | 105632d35b7181298edeb557a23e66534203796f (diff) | |
| download | go-x-crypto-c0d640c88782f757a45d3f7b93eec2ec63b229cb.tar.xz | |
go.crypto/ssh: ensure {Server,Client}Conn do not expose io.ReadWriter
Transport should not be a ReadWriter. It can only write packets, i.e. no partial reads or writes. Furthermore, you can currently do ClientConn.Write() while the connection is live, which sends raw bytes over the connection. Doing so will confuse the transports because the data is not encrypted.
As a consequence, ClientConn and ServerConn stop being a net.Conn
Finally, ensure that {Server,Client}Conn implement LocalAddr and RemoteAddr methods that previously were exposed by an embedded net.Conn field.
R=hanwen
CC=golang-dev
https://golang.org/cl/16610043
Diffstat (limited to 'ssh/client_auth.go')
| -rw-r--r-- | ssh/client_auth.go | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ssh/client_auth.go b/ssh/client_auth.go index 47443b3..c22d45c 100644 --- a/ssh/client_auth.go +++ b/ssh/client_auth.go @@ -14,10 +14,10 @@ import ( // authenticate authenticates with the remote server. See RFC 4252. func (c *ClientConn) authenticate(session []byte) error { // initiate user auth session - if err := c.writePacket(marshal(msgServiceRequest, serviceRequestMsg{serviceUserAuth})); err != nil { + if err := c.transport.writePacket(marshal(msgServiceRequest, serviceRequestMsg{serviceUserAuth})); err != nil { return err } - packet, err := c.readPacket() + packet, err := c.transport.readPacket() if err != nil { return err } |