From d92047cc303cd7ccd94e8b0aa1f54d06a8a048ca Mon Sep 17 00:00:00 2001 From: Maisem Ali Date: Tue, 21 Mar 2023 16:30:26 -0700 Subject: [PATCH] ssh/tailssh: allow recorders to be configured on the first or final action Currently we only send down recorders in first action, allow the final action to replace them but not to drop them. Updates tailscale/corp#9967 Signed-off-by: Maisem Ali --- ssh/tailssh/tailssh.go | 20 ++++++++++++++++---- 1 file changed, 16 insertions(+), 4 deletions(-) diff --git a/ssh/tailssh/tailssh.go b/ssh/tailssh/tailssh.go index 85ac064cc..b586a2e1d 100644 --- a/ssh/tailssh/tailssh.go +++ b/ssh/tailssh/tailssh.go @@ -1118,11 +1118,22 @@ func (ss *sshSession) run() { return } +// recorders returns the list of recorders to use for this session. +// If the final action has a non-empty list of recorders, that list is +// returned. Otherwise, the list of recorders from the initial action +// is returned. +func (ss *sshSession) recorders() []netip.AddrPort { + if len(ss.conn.finalAction.Recorders) > 0 { + return ss.conn.finalAction.Recorders + } + return ss.conn.action0.Recorders +} + func (ss *sshSession) shouldRecord() bool { // for now only record pty sessions // TODO(bradfitz,maisem): support recording non-pty stuff too. _, _, isPtyReq := ss.Pty() - return isPtyReq && len(ss.conn.finalAction.Recorders) > 0 + return isPtyReq && len(ss.recorders()) > 0 } type sshConnInfo struct { @@ -1306,11 +1317,12 @@ func randBytes(n int) []byte { // startNewRecording starts a new SSH session recording. func (ss *sshSession) startNewRecording() (_ *recording, err error) { - if len(ss.conn.finalAction.Recorders) == 0 { + recorders := ss.recorders() + if len(recorders) == 0 { return nil, errors.New("no recorders configured") } - recorder := ss.conn.finalAction.Recorders[0] - if len(ss.conn.finalAction.Recorders) > 1 { + recorder := recorders[0] + if len(recorders) > 1 { ss.logf("warning: multiple recorders configured, using first one: %v", recorder) }