feat(ssh): Support authless SSH health check (#956)

* Feature + Test + Documentation: added no-auth ssh health cheack feature, changed documentation to fit new behavior, added ssh test cases. * Refactor: refactored authenticate field to infer from username and password insted of specifying it inside config. * Refactor: removed non used field. * Refactor: changed error, removed spaces. * Refactor: added comments.
2025-01-19 23:22:41 +02:00
parent 0bba77ab2b
commit fa3e5dcc6e
6 changed files with 99 additions and 4 deletions
--- a/client/client.go
+++ b/client/client.go
@ -6,6 +6,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"io"
 	"net"
 	"net/http"
 	"net/smtp"
@ -197,6 +198,34 @@ func CanCreateSSHConnection(address, username, password string, config *Config)
 	return true, cli, nil
 }

+func CheckSSHBanner(address string, cfg *Config) (bool, int, error) {
+	var port string
+	if strings.Contains(address, ":") {
+		addressAndPort := strings.Split(address, ":")
+		if len(addressAndPort) != 2 {
+			return false, 1, errors.New("invalid address for ssh, format must be ssh://host:port")
+		}
+		address = addressAndPort[0]
+		port = addressAndPort[1]
+	} else {
+		port = "22"
+	}
+	dialer := net.Dialer{}
+	connStr := net.JoinHostPort(address, port)
+	conn, err := dialer.Dial("tcp", connStr)
+	if err != nil {
+		return false, 1, err
+	}
+	defer conn.Close()
+	conn.SetReadDeadline(time.Now().Add(time.Second))
+	buf := make([]byte, 256)
+	_, err = io.ReadAtLeast(conn, buf, 1)
+	if err != nil {
+		return false, 1, err
+	}
+	return true, 0, err
+}
+
 // ExecuteSSHCommand executes a command to an address using the SSH protocol.
 func ExecuteSSHCommand(sshClient *ssh.Client, body string, config *Config) (bool, int, error) {
 	type Body struct {
--- a/client/client_test.go
+++ b/client/client_test.go
@ -474,3 +474,38 @@ func TestQueryDNS(t *testing.T) {
 		time.Sleep(10 * time.Millisecond)
 	}
 }
+
+func TestCheckSSHBanner(t *testing.T) {
+	cfg := &Config{Timeout: 3}
+
+	t.Run("no-auth-ssh", func(t *testing.T) {
+		connected, status, err := CheckSSHBanner("tty.sdf.org", cfg)
+
+		if err != nil {
+			t.Errorf("Expected: error != nil, got: %v ", err)
+		}
+
+		if connected == false {
+			t.Errorf("Expected: connected == true, got: %v", connected)
+		}
+		if status != 0 {
+			t.Errorf("Expected: 0, got: %v", status)
+		}
+	})
+
+	t.Run("invalid-address", func(t *testing.T) {
+		connected, status, err := CheckSSHBanner("idontplaytheodds.com", cfg)
+
+		if err == nil {
+			t.Errorf("Expected: error, got: %v ", err)
+		}
+
+		if connected != false {
+			t.Errorf("Expected: connected == false, got: %v", connected)
+		}
+		if status != 1 {
+			t.Errorf("Expected: 1, got: %v", status)
+		}
+	})
+
+}