From 50602c0cc28c1ebc003e26a05b13ce7ddad477c4 Mon Sep 17 00:00:00 2001 From: Sergei Parshev <8136445+sparshev@users.noreply.github.com> Date: Wed, 22 Dec 2021 02:57:15 -0800 Subject: [PATCH] Makes builder to respect ssh_proxy_* configuration (#62) --- builder/vmware/common/ssh.go | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/builder/vmware/common/ssh.go b/builder/vmware/common/ssh.go index 6deac751..69ad2d42 100644 --- a/builder/vmware/common/ssh.go +++ b/builder/vmware/common/ssh.go @@ -7,6 +7,8 @@ import ( "net" "github.com/hashicorp/packer-plugin-sdk/multistep" + "github.com/hashicorp/packer-plugin-sdk/sdk-internals/communicator/ssh" + "golang.org/x/net/proxy" ) func CommHost(config *SSHConfig) func(multistep.StateBag) (string, error) { @@ -36,12 +38,31 @@ func CommHost(config *SSHConfig) func(multistep.StateBag) (string, error) { return "", errors.New("IP is blank") } + var pAddr string + var pAuth *proxy.Auth + if config.Comm.SSH.SSHProxyHost != "" { + pAddr = fmt.Sprintf("%s:%d", config.Comm.SSH.SSHProxyHost, config.Comm.SSH.SSHProxyPort) + if config.Comm.SSH.SSHProxyUsername != "" { + pAuth = new(proxy.Auth) + pAuth.User = config.Comm.SSH.SSHProxyUsername + pAuth.Password = config.Comm.SSH.SSHProxyPassword + } + } + // Iterate through our list of addresses and dial up each one similar to // a really inefficient port-scan. This way we can determine which of // the leases that we've parsed was the correct one and actually has our // target ssh/winrm service bound to a tcp port. + var connFunc func() (net.Conn, error) for index, host := range hosts { - conn, err := net.Dial("tcp", fmt.Sprintf("%s:%d", host, port)) + if pAddr != "" { + // Connect via SOCKS5 proxy + connFunc = ssh.ProxyConnectFunc(pAddr, pAuth, "tcp", fmt.Sprintf("%s:%d", host, port)) + } else { + // No bastion host, connect directly + connFunc = ssh.ConnectFunc("tcp", fmt.Sprintf("%s:%d", host, port)) + } + conn, err := connFunc() // If we got a connection, then we should be good to go. Return the // address to the caller and pray that things work out.