mirrors/tailscale
1
0
Fork 0
Code Issues Pull Requests Projects Wiki Activity

tailcfg, ssh/tailssh: make SSHUser value '=' map ssh-user to same local-user

Browse Source 
Updates #3802

Change-Id: Icde60d4150ca15c25d615a4effb3d3c236f020a8
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
This commit is contained in:
Brad Fitzpatrick
2022-03-21 10:39:54 -07:00
committed by Brad Fitzpatrick
parent 21445b56a5
commit f7e976db55
3 changed files with 21 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
ssh/tailssh/tailssh.go
View File

@ -624,10 +624,14 @@ func matchRule(r *tailcfg.SSHRule, ci *sshConnInfo) (a *tailcfg.SSHAction, local
}
func mapLocalUser(ruleSSHUsers map[string]string, reqSSHUser string) (localUser string) {
if v, ok := ruleSSHUsers[reqSSHUser]; ok {
return v
v, ok := ruleSSHUsers[reqSSHUser]
if !ok {
v = ruleSSHUsers["*"]
}
return ruleSSHUsers["*"]
if v == "=" {
return reqSSHUser
}
return v
}
func matchesPrincipal(ps []*tailcfg.SSHPrincipal, ci *sshConnInfo) bool {