2017-03-03 23:47
浏览 384


TL;DR - What is the proper way to close a session freeing all resources?

My investigation thus far:

The *Session has a Close() function which calls the *Channel Close() function which sends a message (I'm guessing to the remote server) to close, but I don't see anything about closing other resources like the pipe returned from the *Session StdoutPipe() function.

Looking at the *Session Wait() code, I see that the *Session stdinPipeWriter is closed but nothing about the stdoutPipe.

This package feels a lot like the os/exec package which guarantees that using the os/exec Wait() function will clean up all the resources. Doing some light digging there shows some similarities in the Wait() functions. Both use the following construct to report errors on io.Copy calls to their stdout, stderr, stdin readers/writers (well if I'm reading this correctly actually only one error) - crypto package shown:

var copyError error
for _ = range s.copyFuncs {
    if err := <-s.errors; err != nil && copyError == nil {
        copyError = err

But the os/exec Wait() also calls this close descriptor method


which is just calling the close method on a slice of io.Closer interfaces:

func (c *Cmd) closeDescriptors(closers []io.Closer) {
    for _, fd := range closers {

when os/exec creates the pipe, it tracks what needs closing:

func (c *Cmd) StdoutPipe() (io.ReadCloser, error) {
if c.Stdout != nil {
    return nil, errors.New("exec: Stdout already set")
if c.Process != nil {
    return nil, errors.New("exec: StdoutPipe after process started")
pr, pw, err := os.Pipe()
if err != nil {
    return nil, err
c.Stdout = pw
c.closeAfterStart = append(c.closeAfterStart, pw)
c.closeAfterWait = append(c.closeAfterWait, pr)
return pr, nil

During this I noticed that x/cyrpto/ssh *Session StdoutPipe() returns an io.Reader and ox/exec returns an io.ReadCloser. And x/crypto/ssh does not track what to close. I can't find a call to os.Pipe() in the library so maybe the implementation is different and I'm missing something and confused by the Pipe name.

  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 邀请回答

1条回答 默认 最新

  • duan7772 2017-03-03 23:57

    A session is closed by calling Close(). There are no file descriptors involved, nor are there any calls to os.Pipe as the "pipe" returned from Session.StdOutPipe is only a pipe in concept and is of type ssh.Channel. Go channels don't need to be closed, because closing a channel is not a cleanup operation, rather it's simply a type of message sent to the channel. There is only ever one network connection involved in the ssh transport.

    The only resource you need to close is the network connection; there are no other system resources to be freed. Calling Close() on the ssh.Client will call ssh.Conn.Close, and in turn close the net.Conn.

    If you need the handle the network connection, you can always skip the ssh.Dial convenience function and Dial the network connection yourself:

    c, err := net.DialTimeout(network, addr, timeout)
    if err != nil {
        return nil, err
    conn, chans, reqs, err := ssh.NewClientConn(c, addr, config)
    if err != nil {
        return nil, err
    // calling conn.Close will close the underlying net.Conn
    client := ssh.NewClient(c, chans, reqs)
    解决 无用
    打赏 举报

相关推荐 更多相似问题