Conversation
Joerger
changed the title
envs@goteleport.com requests
Joerger
force-pushed
the
joerger/ssh-session-req-data-base
branch
from
9cb1949 to
6d8ac3d
Compare
Joerger
force-pushed
the
joerger/ssh-session-req-data
branch
3 times, most recently
from
8ddc2e8 to
4c30199
Compare
Joerger
changed the base branch from
joerger/ssh-session-req-data-base
to
joerger/ssh-session-client
Joerger
force-pushed
the
joerger/ssh-session-req-data
branch
from
646158b to
9b57f2a
Compare
Joerger
changed the base branch from
joerger/ssh-session-client
to
joerger/fix-connection-session-id
Joerger
changed the base branch from
joerger/fix-connection-session-id
to
joerger/ssh-session-req-data-base
Joerger
force-pushed
the
joerger/ssh-session-req-data
branch
from
9b57f2a to
d7c7798
Compare
Joerger
force-pushed
the
joerger/ssh-session-req-data-base
branch
from
c26b846 to
ce8c7fe
Compare
Joerger
force-pushed
the
joerger/ssh-session-req-data
branch
2 times, most recently
from
8f92ec5 to
7725fa9
Compare
Joerger
changed the base branch from
joerger/ssh-session-req-data-base
to
joerger/ssh-session-client
Joerger
force-pushed
the
joerger/ssh-session-req-data
branch
from
7725fa9 to
2d22b1b
Compare
Joerger
force-pushed
the
joerger/ssh-session-client
branch
from
b9c06c3 to
9816928
Compare
Joerger
force-pushed
the
joerger/ssh-session-req-data
branch
2 times, most recently
from
e55ac1f to
dd9e5b0
Compare
Joerger
added
the
no-changelog
Joerger
force-pushed
the
joerger/ssh-session-client
branch
from
9816928 to
b6d1e16
Compare
Joerger
force-pushed
the
joerger/ssh-session-req-data
branch
2 times, most recently
from
bf71f6b to
6bec451
Compare
rosstimothy
reviewed
Sep 30, 2025
Joerger
force-pushed
the
joerger/ssh-session-req-data
branch
from
ba8a678 to
f7a7568
Compare
Joerger
force-pushed
the
joerger/ssh-session-req-data
branch
from
3f3fcf4 to
aea16c5
Compare
Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com>
19 tasks
Contributor
Author
|
@vapopov Friendly ping to review. |
Joerger
force-pushed
the
joerger/ssh-session-req-data
branch
from
e9c3553 to
09bd801
Compare
vapopov
approved these changes
Oct 3, 2025
rhammonds-teleport
pushed a commit
that referenced
this pull request
Nov 6, 2025
…th synchronous `envs@goteleport.com` requests (#59206) * Client: add session channel request extra data to replace env vars. * Server Changes: - Set session params on server side from request, with env var fallback for backwards compatibility. - Remove CreateOrJoinSession. - Separate JoinSession from OpenSession; Remove session ID from connection context as it is now purely controlled by the session. - Ensure participant mode is always set for joining. * Replace NewSessionWithParams method. * Update comments. * Move session params to server context. * Add ModeratedSessionID to session params to replace TELEPORT_MODERATED_SESSION_ID env var. * Fix nil reference. * Fix tests. * Only send session params to Teleport servers. * Add WebProxyAddr to session params. * Cleanup. * Add tests. * Fix test. * Address comments. * Add NewSessionWithParams. * Fix tests. * Update comment. * Update api/observability/tracing/ssh/client.go Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com> * Fix forwarding server missing Teleport ssh version. --------- Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com>
Joerger
added a commit
that referenced
this pull request
Nov 11, 2025
…th synchronous `envs@goteleport.com` requests (#59206)
Joerger
added a commit
that referenced
this pull request
Nov 17, 2025
…th synchronous `envs@goteleport.com` requests (#59206)
Joerger
added a commit
that referenced
this pull request
Nov 24, 2025
…th synchronous `envs@goteleport.com` requests (#59206)
github-merge-queue bot
pushed a commit
that referenced
this pull request
Dec 3, 2025
* Fix discrepancies between Node and Proxy recording modes. (#58707) * Replace flaky test with more straightforward event metadata test. (#59610) * Make SSH session client provide session params upfront rather than with synchronous `envs@goteleport.com` requests (#59206) * Coordinate session ID with Node in Proxy recording mode (#59850) * Generalize PrepareToReceiveSessionID. * Initialize session ID in the connection context and update it from node current-session-id request. * Add session-id-query-v2@goteleport.com request and ensure new session ID is correctly set in proxy recording mode during the channel request. * Replace PrepareToReceiveSessionID with simpler in-place logic. * Don't emit session events or tracker when proxy forwarding to a Teleport Node. * Fix missing session tracker for outdated Teleport Node. * Remove extra major version grace period. * Update integration test. * Cleanup current session ID handling and fix failing tests. * Fix tests. * Address comments. * Restructure currentSessionID handling. * Set newSessionID in test server context. * Fix integration test. * Fix AuditOn integration test. * Address comment on channel close. * Track session on forwarding node. * Fix web shutdown. * Fix nil pointer dereference in test. * Fix test flake. * Fix nil pointer in test. * Fix test flake. * Update lib/srv/ctx.go Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com> * Forwarding Node accepts client connection after receiving preparing session ID from node. This way, the forwarder can reject client connections if there is an issue preparing the session ID (impossible join sessions). * Remove check for session.data event which may not be emitted in time for the test. * Address comments. --------- Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com> --------- Co-authored-by: rosstimothy <39066650+rosstimothy@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Currently, Teleport SSH session clients provide session params such as the join session ID, participant mode, and invited users via synchronous env var requests. These env var requests can occur anytime between the client's
sessionandshellrequests. As a result, these session params cannot be finalized and used by the server until the shell request.In particular, this makes it difficult to sync the session ID between the the proxy and node in proxy recording mode, resulting in duplicate events.
This change adds session params passed as extra data in the
sessionrequest so that session params can be finalized upfront and used/referenced before theshellrequest. This will be used in a follow up PR to sync the session ID between the proxy and node in proxy recording mode to align the session recording ID with session events, tracker, etc, and avoid emitting duplicate events.Depends on #59294, #59291
Related to #42263