msy 0.4.2

Modern musl rsync alternative - Fast, parallel file synchronization
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162

use super::config::SshConfig;
use crate::error::{Result, SyncError};
use ssh2::Session;
use std::io::ErrorKind;
use std::net::TcpStream;
use std::time::Duration;

/// SSH connection timeout (default 30 seconds)
const DEFAULT_TIMEOUT: Duration = Duration::from_secs(30);

/// Establish an SSH connection using the provided configuration
///
/// This function:
/// 1. Establishes a TCP connection to the SSH server
/// 2. Creates an SSH session
/// 3. Performs SSH handshake
/// 4. Authenticates using available methods (keys, agent, password)
pub async fn connect(config: &SshConfig) -> Result<Session> {
    // Establish TCP connection
    let tcp = connect_tcp(&config.hostname, config.port).await?;

    // Clone config data needed for authentication
    let username = config.user.clone();
    let identity_files = config.identity_file.clone();

    // Wrap all sync operations (session creation, handshake, auth) in spawn_blocking
    let session = tokio::task::spawn_blocking(move || {
        // Create SSH session
        let mut session = Session::new().map_err(|e| {
            SyncError::Io(std::io::Error::other(format!(
                "Failed to create SSH session: {}",
                e
            )))
        })?;

        // Keep session blocking for handshake and authentication
        // (we're already in spawn_blocking context)
        session.set_timeout(DEFAULT_TIMEOUT.as_millis() as u32);

        // Set TCP stream
        session.set_tcp_stream(tcp);

        // Perform SSH handshake
        session.handshake().map_err(|e| {
            SyncError::Io(std::io::Error::other(format!(
                "SSH handshake failed: {}",
                e
            )))
        })?;

        // Configure keepalive to prevent connection drops during long transfers
        // Send keepalive every 60 seconds, disconnect after 3 missed responses
        session.set_keepalive(true, 60);

        // Try authentication methods in order of preference:
        // 1. SSH agent (if available)
        // 2. Identity files (keys)
        // 3. Default keys

        // Try SSH agent first
        if let Ok(mut agent) = session.agent()
            && agent.connect().is_ok() && agent.list_identities().is_ok()
                && let Ok(identities) = agent.identities() {
                    for identity in identities {
                        if agent.userauth(&username, &identity).is_ok() {
                            tracing::debug!("Authenticated using SSH agent");
                            return Ok(session);
                        }
                    }
                }

        // Try each identity file
        for identity_file in &identity_files {
            if session
                .userauth_pubkey_file(&username, None, identity_file, None)
                .is_ok()
            {
                tracing::debug!("Authenticated using key: {}", identity_file.display());
                return Ok(session);
            }
        }

        // Try default keys if no identity files specified
        if identity_files.is_empty()
            && let Some(home) = dirs::home_dir() {
                let default_keys = [
                    home.join(".ssh/id_rsa"),
                    home.join(".ssh/id_ed25519"),
                    home.join(".ssh/id_ecdsa"),
                ];

                for key_path in &default_keys {
                    if key_path.exists()
                        && session
                            .userauth_pubkey_file(&username, None, key_path, None)
                            .is_ok()
                    {
                        tracing::debug!("Authenticated using key: {}", key_path.display());
                        return Ok(session);
                    }
                }
            }

        Err(SyncError::Io(std::io::Error::new(
            ErrorKind::PermissionDenied,
            format!("SSH authentication failed for user {}", username),
        )))
    })
    .await
    .map_err(|e| SyncError::Io(std::io::Error::other(e.to_string())))??;

    Ok(session)
}

/// Establish TCP connection to SSH server
async fn connect_tcp(hostname: &str, port: u16) -> Result<TcpStream> {
    let addr = format!("{}:{}", hostname, port);

    tokio::time::timeout(DEFAULT_TIMEOUT, async {
        TcpStream::connect(&addr).map_err(|e| {
            SyncError::Io(std::io::Error::new(
                ErrorKind::ConnectionRefused,
                format!("Failed to connect to {}: {}", addr, e),
            ))
        })
    })
    .await
    .map_err(|_| {
        SyncError::Io(std::io::Error::new(
            ErrorKind::TimedOut,
            format!("Connection to {} timed out", addr),
        ))
    })?
}

#[cfg(test)]
mod tests {
    use super::*;
    use std::path::PathBuf;

    #[test]
    fn test_ssh_config_basic() {
        let config = SshConfig {
            hostname: "localhost".to_string(),
            port: 22,
            user: "testuser".to_string(),
            identity_file: vec![PathBuf::from("~/.ssh/id_rsa")],
            proxy_jump: None,
            control_master: false,
            control_path: None,
            control_persist: None,
            compression: false,
        };

        assert_eq!(config.hostname, "localhost");
        assert_eq!(config.port, 22);
        assert_eq!(config.user, "testuser");
    }

    // Note: Actual connection tests require a running SSH server
    // These would be integration tests, not unit tests
}