diff --git a/cmd/podman/machine/ssh.go b/cmd/podman/machine/ssh.go
index 8534b8efae..1cadce916a 100644
--- a/cmd/podman/machine/ssh.go
+++ b/cmd/podman/machine/ssh.go
@@ -101,7 +101,7 @@ func remoteConnectionUsername() (string, error) {
if err != nil {
return "", err
}
- dest, _, err := cfg.ActiveDestination()
+ dest, _, _, err := cfg.ActiveDestination()
if err != nil {
return "", err
}
diff --git a/cmd/podman/root.go b/cmd/podman/root.go
index 9e3ff48aae..5c65be96d4 100644
--- a/cmd/podman/root.go
+++ b/cmd/podman/root.go
@@ -176,7 +176,7 @@ func persistentPreRunE(cmd *cobra.Command, args []string) error {
setupConnection := func() error {
var err error
- cfg.URI, cfg.Identity, err = cfg.ActiveDestination()
+ cfg.URI, cfg.Identity, cfg.MachineMode, err = cfg.ActiveDestination()
if err != nil {
return fmt.Errorf("failed to resolve active destination: %w", err)
}
@@ -368,10 +368,13 @@ func loggingHook() {
func rootFlags(cmd *cobra.Command, opts *entities.PodmanConfig) {
cfg := opts.Config
- srv, uri, ident := resolveDestination()
+ srv, uri, ident, machine := resolveDestination()
lFlags := cmd.Flags()
+ // non configurable option to help ssh dialing
+ opts.MachineMode = machine
+
sshFlagName := "ssh"
lFlags.StringVar(&opts.SSHMode, sshFlagName, string(ssh.GolangMode), "define the ssh mode")
_ = cmd.RegisterFlagCompletionFunc(sshFlagName, common.AutocompleteSSH)
@@ -513,26 +516,26 @@ func rootFlags(cmd *cobra.Command, opts *entities.PodmanConfig) {
}
}
-func resolveDestination() (string, string, string) {
+func resolveDestination() (string, string, string, bool) {
if uri, found := os.LookupEnv("CONTAINER_HOST"); found {
var ident string
if v, found := os.LookupEnv("CONTAINER_SSHKEY"); found {
ident = v
}
- return "", uri, ident
+ return "", uri, ident, false
}
cfg, err := config.ReadCustomConfig()
if err != nil {
logrus.Warning(fmt.Errorf("unable to read local containers.conf: %w", err))
- return "", registry.DefaultAPIAddress(), ""
+ return "", registry.DefaultAPIAddress(), "", false
}
- uri, ident, err := cfg.ActiveDestination()
+ uri, ident, machine, err := cfg.ActiveDestination()
if err != nil {
- return "", registry.DefaultAPIAddress(), ""
+ return "", registry.DefaultAPIAddress(), "", false
}
- return cfg.Engine.ActiveService, uri, ident
+ return cfg.Engine.ActiveService, uri, ident, machine
}
func formatError(err error) string {
diff --git a/cmd/podman/system/connection/list.go b/cmd/podman/system/connection/list.go
index 190a68d529..3c1a424537 100644
--- a/cmd/podman/system/connection/list.go
+++ b/cmd/podman/system/connection/list.go
@@ -105,8 +105,9 @@ func inspect(cmd *cobra.Command, args []string) error {
r := namedDestination{
Name: k,
Destination: config.Destination{
- Identity: v.Identity,
- URI: v.URI,
+ Identity: v.Identity,
+ URI: v.URI,
+ IsMachine: v.IsMachine,
},
Default: def,
}
diff --git a/go.mod b/go.mod
index 481397791e..7813f3d785 100644
--- a/go.mod
+++ b/go.mod
@@ -12,7 +12,7 @@ require (
github.com/containernetworking/cni v1.1.2
github.com/containernetworking/plugins v1.1.1
github.com/containers/buildah v1.27.1-0.20220921131114-d3064796af36
- github.com/containers/common v0.49.2-0.20220920205255-8062f81c5497
+ github.com/containers/common v0.49.2-0.20220926195839-590004b80685
github.com/containers/conmon v2.0.20+incompatible
github.com/containers/image/v5 v5.22.1-0.20220919112403-fe51f7ffca50
github.com/containers/ocicrypt v1.1.5
diff --git a/go.sum b/go.sum
index 60355bc0c2..aeb0b5ac23 100644
--- a/go.sum
+++ b/go.sum
@@ -419,8 +419,9 @@ github.com/containernetworking/plugins v1.1.1 h1:+AGfFigZ5TiQH00vhR8qPeSatj53eNG
github.com/containernetworking/plugins v1.1.1/go.mod h1:Sr5TH/eBsGLXK/h71HeLfX19sZPp3ry5uHSkI4LPxV8=
github.com/containers/buildah v1.27.1-0.20220921131114-d3064796af36 h1:LTSEbPUbs0slJSJ+IH6atAjYDe0IDzA0sPgBLjT1yAo=
github.com/containers/buildah v1.27.1-0.20220921131114-d3064796af36/go.mod h1:cY3pGPyMmrNp/sEDK8ESoBOf4hoNovptZSI0oyo8eQM=
-github.com/containers/common v0.49.2-0.20220920205255-8062f81c5497 h1:LB9SxcAglqSAHiiHGacN1Abi0ZL9haJpQ1numVlqtxM=
github.com/containers/common v0.49.2-0.20220920205255-8062f81c5497/go.mod h1:ZnhOPR/07UOkfIg5bezUpBilGjxEUdaeoUpu7gRBGc0=
+github.com/containers/common v0.49.2-0.20220926195839-590004b80685 h1:rutCgIKcew85mTUO0JTnh7XDXQfaTz/qQ3HyQHb0jZE=
+github.com/containers/common v0.49.2-0.20220926195839-590004b80685/go.mod h1:ZnhOPR/07UOkfIg5bezUpBilGjxEUdaeoUpu7gRBGc0=
github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg=
github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I=
github.com/containers/image/v5 v5.22.1-0.20220907162003-651744379993/go.mod h1:/Ruurd87C6Ap45t1PWNOD8+SGwiZbk79XCgs1iUTvYA=
diff --git a/pkg/bindings/connection.go b/pkg/bindings/connection.go
index 6d7b052b72..a3677d3932 100644
--- a/pkg/bindings/connection.go
+++ b/pkg/bindings/connection.go
@@ -59,7 +59,7 @@ func JoinURL(elements ...string) string {
// NewConnection creates a new service connection without an identity
func NewConnection(ctx context.Context, uri string) (context.Context, error) {
- return NewConnectionWithIdentity(ctx, uri, "")
+ return NewConnectionWithIdentity(ctx, uri, "", false)
}
// NewConnectionWithIdentity takes a URI as a string and returns a context with the
@@ -70,7 +70,7 @@ func NewConnection(ctx context.Context, uri string) (context.Context, error) {
// For example tcp://localhost:<port>
// or unix:///run/podman/podman.sock
// or ssh://<user>@<host>[:port]/run/podman/podman.sock?secure=True
-func NewConnectionWithIdentity(ctx context.Context, uri string, identity string) (context.Context, error) {
+func NewConnectionWithIdentity(ctx context.Context, uri string, identity string, machine bool) (context.Context, error) {
var (
err error
)
@@ -96,10 +96,11 @@ func NewConnectionWithIdentity(ctx context.Context, uri string, identity string)
return nil, err
}
conn, err := ssh.Dial(&ssh.ConnectionDialOptions{
- Host: uri,
- Identity: identity,
- User: _url.User,
- Port: port,
+ Host: uri,
+ Identity: identity,
+ User: _url.User,
+ Port: port,
+ InsecureIsMachineConnection: machine,
}, "golang")
if err != nil {
return nil, err
diff --git a/pkg/domain/entities/engine.go b/pkg/domain/entities/engine.go
index a69cf51116..d0d439a1b7 100644
--- a/pkg/domain/entities/engine.go
+++ b/pkg/domain/entities/engine.go
@@ -54,4 +54,5 @@ type PodmanConfig struct {
StorageDriver string
StorageOpts []string
SSHMode string
+ MachineMode bool
}
diff --git a/pkg/domain/infra/runtime_abi.go b/pkg/domain/infra/runtime_abi.go
index 7b5198d2fb..94565c59e8 100644
--- a/pkg/domain/infra/runtime_abi.go
+++ b/pkg/domain/infra/runtime_abi.go
@@ -21,7 +21,7 @@ func NewContainerEngine(facts *entities.PodmanConfig) (entities.ContainerEngine,
r, err := NewLibpodRuntime(facts.FlagSet, facts)
return r, err
case entities.TunnelMode:
- ctx, err := bindings.NewConnectionWithIdentity(context.Background(), facts.URI, facts.Identity)
+ ctx, err := bindings.NewConnectionWithIdentity(context.Background(), facts.URI, facts.Identity, facts.MachineMode)
return &tunnel.ContainerEngine{ClientCtx: ctx}, err
}
return nil, fmt.Errorf("runtime mode '%v' is not supported", facts.EngineMode)
@@ -35,7 +35,7 @@ func NewImageEngine(facts *entities.PodmanConfig) (entities.ImageEngine, error)
return r, err
case entities.TunnelMode:
// TODO: look at me!
- ctx, err := bindings.NewConnectionWithIdentity(context.Background(), facts.URI, facts.Identity)
+ ctx, err := bindings.NewConnectionWithIdentity(context.Background(), facts.URI, facts.Identity, facts.MachineMode)
return &tunnel.ImageEngine{ClientCtx: ctx}, err
}
return nil, fmt.Errorf("runtime mode '%v' is not supported", facts.EngineMode)
diff --git a/pkg/domain/infra/runtime_tunnel.go b/pkg/domain/infra/runtime_tunnel.go
index 8a4de032f8..48e6a67732 100644
--- a/pkg/domain/infra/runtime_tunnel.go
+++ b/pkg/domain/infra/runtime_tunnel.go
@@ -18,12 +18,12 @@ var (
connection *context.Context
)
-func newConnection(uri string, identity string) (context.Context, error) {
+func newConnection(uri string, identity string, machine bool) (context.Context, error) {
connectionMutex.Lock()
defer connectionMutex.Unlock()
if connection == nil {
- ctx, err := bindings.NewConnectionWithIdentity(context.Background(), uri, identity)
+ ctx, err := bindings.NewConnectionWithIdentity(context.Background(), uri, identity, machine)
if err != nil {
return ctx, err
}
@@ -37,7 +37,7 @@ func NewContainerEngine(facts *entities.PodmanConfig) (entities.ContainerEngine,
case entities.ABIMode:
return nil, fmt.Errorf("direct runtime not supported")
case entities.TunnelMode:
- ctx, err := newConnection(facts.URI, facts.Identity)
+ ctx, err := newConnection(facts.URI, facts.Identity, facts.MachineMode)
return &tunnel.ContainerEngine{ClientCtx: ctx}, err
}
return nil, fmt.Errorf("runtime mode '%v' is not supported", facts.EngineMode)
@@ -49,7 +49,7 @@ func NewImageEngine(facts *entities.PodmanConfig) (entities.ImageEngine, error)
case entities.ABIMode:
return nil, fmt.Errorf("direct image runtime not supported")
case entities.TunnelMode:
- ctx, err := newConnection(facts.URI, facts.Identity)
+ ctx, err := newConnection(facts.URI, facts.Identity, facts.MachineMode)
return &tunnel.ImageEngine{ClientCtx: ctx}, err
}
return nil, fmt.Errorf("runtime mode '%v' is not supported", facts.EngineMode)
diff --git a/pkg/machine/connection.go b/pkg/machine/connection.go
index 6ff761a924..93c638cc7d 100644
--- a/pkg/machine/connection.go
+++ b/pkg/machine/connection.go
@@ -25,7 +25,8 @@ func AddConnection(uri fmt.Stringer, name, identity string, isDefault bool) erro
cfg.Engine.ActiveService = name
}
dst := config.Destination{
- URI: uri.String(),
+ URI: uri.String(),
+ IsMachine: true,
}
dst.Identity = identity
if cfg.Engine.ServiceDestinations == nil {
diff --git a/pkg/machine/e2e/basic_test.go b/pkg/machine/e2e/basic_test.go
index fa1728770d..b7a11c7d98 100644
--- a/pkg/machine/e2e/basic_test.go
+++ b/pkg/machine/e2e/basic_test.go
@@ -1,8 +1,6 @@
package e2e_test
import (
- "os"
-
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
. "github.com/onsi/gomega/gexec"
@@ -24,10 +22,6 @@ var _ = Describe("run basic podman commands", func() {
It("Basic ops", func() {
// golangci-lint has trouble with actually skipping tests marked Skip
// so skip it on cirrus envs and where CIRRUS_CI isn't set.
- if os.Getenv("CIRRUS_CI") != "false" {
- Skip("FIXME: #15347 - ssh know hosts broken - fails on PR runs and on x86_64")
- }
-
name := randomString()
i := new(initMachine)
session, err := mb.setName(name).setCmd(i.withImagePath(mb.imagePath).withNow()).run()
diff --git a/pkg/machine/qemu/machine.go b/pkg/machine/qemu/machine.go
index fab25aa356..a6907c0dfb 100644
--- a/pkg/machine/qemu/machine.go
+++ b/pkg/machine/qemu/machine.go
@@ -405,6 +405,7 @@ func (v *MachineVM) Init(opts machine.InitOptions) (bool, error) {
WritePath: v.getIgnitionFile(),
UID: v.UID,
}
+
err = machine.NewIgnitionFile(ign)
return err == nil, err
}
@@ -1033,7 +1034,7 @@ func (v *MachineVM) SSH(_ string, opts machine.SSHOptions) error {
sshDestination := username + "@localhost"
port := strconv.Itoa(v.Port)
- args := []string{"-i", v.IdentityPath, "-p", port, sshDestination, "-o", "UserKnownHostsFile=/dev/null",
+ args := []string{"-i", v.IdentityPath, "-p", port, sshDestination,
"-o", "StrictHostKeyChecking=no", "-o", "LogLevel=ERROR", "-o", "SetEnv=LC_ALL="}
if len(opts.Args) > 0 {
args = append(args, opts.Args...)
diff --git a/vendor/github.com/containers/common/libimage/platform.go b/vendor/github.com/containers/common/libimage/platform.go
index 736a193f6f..274b2aa069 100644
--- a/vendor/github.com/containers/common/libimage/platform.go
+++ b/vendor/github.com/containers/common/libimage/platform.go
@@ -63,6 +63,9 @@ func toPlatformString(os, arch, variant string) string {
// * 2) a bool indicating whether architecture, os or variant were set (some callers need that to decide whether they need to throw an error)
// * 3) a fatal error that occurred prior to check for matches (e.g., storage errors etc.)
func (i *Image) matchesPlatform(ctx context.Context, os, arch, variant string) (error, bool, error) {
+ if err := i.isCorrupted(""); err != nil {
+ return err, false, nil
+ }
inspectInfo, err := i.inspectInfo(ctx)
if err != nil {
return nil, false, fmt.Errorf("inspecting image: %w", err)
diff --git a/vendor/github.com/containers/common/pkg/config/config.go b/vendor/github.com/containers/common/pkg/config/config.go
index 858f961b68..cde7cec538 100644
--- a/vendor/github.com/containers/common/pkg/config/config.go
+++ b/vendor/github.com/containers/common/pkg/config/config.go
@@ -613,6 +613,9 @@ type Destination struct {
// Identity file with ssh key, optional
Identity string `toml:"identity,omitempty"`
+
+ // isMachine describes if the remote destination is a machine.
+ IsMachine bool `toml:"is_machine,omitempty"`
}
// NewConfig creates a new Config. It starts with an empty config and, if
@@ -1235,32 +1238,32 @@ func Reload() (*Config, error) {
return defConfig()
}
-func (c *Config) ActiveDestination() (uri, identity string, err error) {
+func (c *Config) ActiveDestination() (uri, identity string, machine bool, err error) {
if uri, found := os.LookupEnv("CONTAINER_HOST"); found {
if v, found := os.LookupEnv("CONTAINER_SSHKEY"); found {
identity = v
}
- return uri, identity, nil
+ return uri, identity, false, nil
}
connEnv := os.Getenv("CONTAINER_CONNECTION")
switch {
case connEnv != "":
d, found := c.Engine.ServiceDestinations[connEnv]
if !found {
- return "", "", fmt.Errorf("environment variable CONTAINER_CONNECTION=%q service destination not found", connEnv)
+ return "", "", false, fmt.Errorf("environment variable CONTAINER_CONNECTION=%q service destination not found", connEnv)
}
- return d.URI, d.Identity, nil
+ return d.URI, d.Identity, d.IsMachine, nil
case c.Engine.ActiveService != "":
d, found := c.Engine.ServiceDestinations[c.Engine.ActiveService]
if !found {
- return "", "", fmt.Errorf("%q service destination not found", c.Engine.ActiveService)
+ return "", "", false, fmt.Errorf("%q service destination not found", c.Engine.ActiveService)
}
- return d.URI, d.Identity, nil
+ return d.URI, d.Identity, d.IsMachine, nil
case c.Engine.RemoteURI != "":
- return c.Engine.RemoteURI, c.Engine.RemoteIdentity, nil
+ return c.Engine.RemoteURI, c.Engine.RemoteIdentity, false, nil
}
- return "", "", errors.New("no service destination configured")
+ return "", "", false, errors.New("no service destination configured")
}
var (
diff --git a/vendor/github.com/containers/common/pkg/ssh/connection_golang.go b/vendor/github.com/containers/common/pkg/ssh/connection_golang.go
index a5c1be89c5..8ec3c45edf 100644
--- a/vendor/github.com/containers/common/pkg/ssh/connection_golang.go
+++ b/vendor/github.com/containers/common/pkg/ssh/connection_golang.go
@@ -3,6 +3,7 @@ package ssh
import (
"bytes"
"encoding/json"
+ "errors"
"fmt"
"io"
"net"
@@ -70,7 +71,7 @@ func golangConnectionDial(options ConnectionDialOptions) (*ConnectionDialReport,
if err != nil {
return nil, err
}
- cfg, err := ValidateAndConfigure(uri, options.Identity)
+ cfg, err := ValidateAndConfigure(uri, options.Identity, options.InsecureIsMachineConnection)
if err != nil {
return nil, err
}
@@ -84,12 +85,15 @@ func golangConnectionDial(options ConnectionDialOptions) (*ConnectionDialReport,
}
func golangConnectionExec(options ConnectionExecOptions) (*ConnectionExecReport, error) {
+ if !strings.HasPrefix(options.Host, "ssh://") {
+ options.Host = "ssh://" + options.Host
+ }
_, uri, err := Validate(options.User, options.Host, options.Port, options.Identity)
if err != nil {
return nil, err
}
- cfg, err := ValidateAndConfigure(uri, options.Identity)
+ cfg, err := ValidateAndConfigure(uri, options.Identity, false)
if err != nil {
return nil, err
}
@@ -111,11 +115,15 @@ func golangConnectionScp(options ConnectionScpOptions) (*ConnectionScpReport, er
return nil, err
}
+ // removed for parsing
+ if !strings.HasPrefix(host, "ssh://") {
+ host = "ssh://" + host
+ }
_, uri, err := Validate(options.User, host, options.Port, options.Identity)
if err != nil {
return nil, err
}
- cfg, err := ValidateAndConfigure(uri, options.Identity)
+ cfg, err := ValidateAndConfigure(uri, options.Identity, false)
if err != nil {
return nil, err
}
@@ -209,7 +217,7 @@ func GetUserInfo(uri *url.URL) (*url.Userinfo, error) {
// ValidateAndConfigure will take a ssh url and an identity key (rsa and the like) and ensure the information given is valid
// iden iden can be blank to mean no identity key
// once the function validates the information it creates and returns an ssh.ClientConfig.
-func ValidateAndConfigure(uri *url.URL, iden string) (*ssh.ClientConfig, error) {
+func ValidateAndConfigure(uri *url.URL, iden string, insecureIsMachineConnection bool) (*ssh.ClientConfig, error) {
var signers []ssh.Signer
passwd, passwdSet := uri.User.Password()
if iden != "" { // iden might be blank if coming from image scp or if no validation is needed
@@ -272,23 +280,61 @@ func ValidateAndConfigure(uri *url.URL, iden string) (*ssh.ClientConfig, error)
if err != nil {
return nil, err
}
- keyFilePath := filepath.Join(homedir.Get(), ".ssh", "known_hosts")
- known, err := knownhosts.New(keyFilePath)
- if err != nil {
- return nil, fmt.Errorf("creating host key callback function for %s: %w", keyFilePath, err)
+
+ var callback ssh.HostKeyCallback
+ if insecureIsMachineConnection {
+ callback = ssh.InsecureIgnoreHostKey()
+ } else {
+ callback = ssh.HostKeyCallback(func(host string, remote net.Addr, pubKey ssh.PublicKey) error {
+ keyFilePath := filepath.Join(homedir.Get(), ".ssh", "known_hosts")
+ known, err := knownhosts.New(keyFilePath)
+ if err != nil {
+ if errors.Is(err, os.ErrNotExist) {
+ logrus.Warn("please create a known_hosts file. The next time this host is connected to, podman will add it to known_hosts")
+ return nil
+ }
+ return err
+ }
+ // we need to check if there is an error from reading known hosts for this public key and if there is an error, what is it, and why is it happening?
+ // if it is a key mismatch we want to error since we know the host using another key
+ // however, if it is a general error not because of a known key, we want to add our key to the known_hosts file
+ hErr := known(host, remote, pubKey)
+ var keyErr *knownhosts.KeyError
+ // if keyErr.Want is not empty, we are receiving a different key meaning the host is known but we are using the wrong key
+ as := errors.As(hErr, &keyErr)
+ switch {
+ case as && len(keyErr.Want) > 0:
+ logrus.Warnf("ssh host key mismatch for host %s, got key %s of type %s", host, ssh.FingerprintSHA256(pubKey), pubKey.Type())
+ return keyErr
+ // if keyErr.Want is empty that just means we do not know this host yet, add it.
+ case as && len(keyErr.Want) == 0:
+ // write to known_hosts
+ err := addKnownHostsEntry(host, pubKey)
+ if err != nil {
+ if os.IsNotExist(err) {
+ logrus.Warn("podman will soon require a known_hosts file to function properly.")
+ return nil
+ }
+ return err
+ }
+ case hErr != nil:
+ return hErr
+ }
+ return nil
+ })
}
cfg := &ssh.ClientConfig{
User: uri.User.Username(),
Auth: authMethods,
- HostKeyCallback: known,
+ HostKeyCallback: callback,
Timeout: tick,
}
return cfg, nil
}
func getUDS(uri *url.URL, iden string) (string, error) {
- cfg, err := ValidateAndConfigure(uri, iden)
+ cfg, err := ValidateAndConfigure(uri, iden, false)
if err != nil {
return "", fmt.Errorf("failed to validate: %w", err)
}
@@ -324,3 +370,20 @@ func getUDS(uri *url.URL, iden string) (string, error) {
}
return info.Host.RemoteSocket.Path, nil
}
+
+// addKnownHostsEntry adds (host, pubKey) to user’s known_hosts.
+func addKnownHostsEntry(host string, pubKey ssh.PublicKey) error {
+ hd := homedir.Get()
+ known := filepath.Join(hd, ".ssh", "known_hosts")
+ f, err := os.OpenFile(known, os.O_APPEND|os.O_WRONLY, 0o600)
+ if err != nil {
+ return err
+ }
+ defer f.Close()
+ l := knownhosts.Line([]string{host}, pubKey)
+ if _, err = f.WriteString("\n" + l + "\n"); err != nil {
+ return err
+ }
+ logrus.Infof("key %s added to %s", ssh.FingerprintSHA256(pubKey), known)
+ return nil
+}
diff --git a/vendor/github.com/containers/common/pkg/ssh/types.go b/vendor/github.com/containers/common/pkg/ssh/types.go
index f22b5fba9c..16512c43f1 100644
--- a/vendor/github.com/containers/common/pkg/ssh/types.go
+++ b/vendor/github.com/containers/common/pkg/ssh/types.go
@@ -27,12 +27,13 @@ type ConnectionCreateOptions struct {
}
type ConnectionDialOptions struct {
- Host string
- Identity string
- User *url.Userinfo
- Port int
- Auth []string
- Timeout time.Duration
+ Host string
+ Identity string
+ User *url.Userinfo
+ Port int
+ Auth []string
+ Timeout time.Duration
+ InsecureIsMachineConnection bool
}
type ConnectionDialReport struct {
diff --git a/vendor/github.com/containers/common/pkg/ssh/utils.go b/vendor/github.com/containers/common/pkg/ssh/utils.go
index c157450153..b05105d9c5 100644
--- a/vendor/github.com/containers/common/pkg/ssh/utils.go
+++ b/vendor/github.com/containers/common/pkg/ssh/utils.go
@@ -21,6 +21,7 @@ func Validate(user *url.Userinfo, path string, port int, identity string) (*conf
if strings.Contains(path, "/run") {
sock = strings.Split(path, "/run")[1]
}
+ // url.Parse NEEDS ssh://, if this ever fails or returns some nonsense, that is why.
uri, err := url.Parse(path)
if err != nil {
return nil, nil, err
@@ -33,9 +34,9 @@ func Validate(user *url.Userinfo, path string, port int, identity string) (*conf
if uri.Port() == "" {
if port != 0 {
- uri.Host = net.JoinHostPort(uri.Hostname(), strconv.Itoa(port))
+ uri.Host = net.JoinHostPort(uri.Host, strconv.Itoa(port))
} else {
- uri.Host = net.JoinHostPort(uri.Hostname(), "22")
+ uri.Host = net.JoinHostPort(uri.Host, "22")
}
}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 17e889387f..222b70cd31 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -120,7 +120,7 @@ github.com/containers/buildah/pkg/rusage
github.com/containers/buildah/pkg/sshagent
github.com/containers/buildah/pkg/util
github.com/containers/buildah/util
-# github.com/containers/common v0.49.2-0.20220920205255-8062f81c5497
+# github.com/containers/common v0.49.2-0.20220926195839-590004b80685
## explicit; go 1.17
github.com/containers/common/libimage
github.com/containers/common/libimage/define