mirror of
https://github.com/drakkan/sftpgo.git
synced 2024-11-22 23:50:32 +00:00
83 lines
2 KiB
Go
83 lines
2 KiB
Go
|
package plugin
|
||
|
|
||
|
import (
|
||
|
"crypto/sha256"
|
||
|
"fmt"
|
||
|
"os/exec"
|
||
|
|
||
|
"github.com/hashicorp/go-hclog"
|
||
|
"github.com/hashicorp/go-plugin"
|
||
|
"github.com/sftpgo/sdk/plugin/ipfilter"
|
||
|
|
||
|
"github.com/drakkan/sftpgo/v2/logger"
|
||
|
)
|
||
|
|
||
|
type ipFilterPlugin struct {
|
||
|
config Config
|
||
|
filter ipfilter.Filter
|
||
|
client *plugin.Client
|
||
|
}
|
||
|
|
||
|
func newIPFilterPlugin(config Config) (*ipFilterPlugin, error) {
|
||
|
p := &ipFilterPlugin{
|
||
|
config: config,
|
||
|
}
|
||
|
if err := p.initialize(); err != nil {
|
||
|
logger.Warn(logSender, "", "unable to create IP filter plugin: %v, config %+v", err, config)
|
||
|
return nil, err
|
||
|
}
|
||
|
return p, nil
|
||
|
}
|
||
|
|
||
|
func (p *ipFilterPlugin) exited() bool {
|
||
|
return p.client.Exited()
|
||
|
}
|
||
|
|
||
|
func (p *ipFilterPlugin) cleanup() {
|
||
|
p.client.Kill()
|
||
|
}
|
||
|
|
||
|
func (p *ipFilterPlugin) initialize() error {
|
||
|
logger.Debug(logSender, "", "create new IP filter plugin %#v", p.config.Cmd)
|
||
|
killProcess(p.config.Cmd)
|
||
|
var secureConfig *plugin.SecureConfig
|
||
|
if p.config.SHA256Sum != "" {
|
||
|
secureConfig.Checksum = []byte(p.config.SHA256Sum)
|
||
|
secureConfig.Hash = sha256.New()
|
||
|
}
|
||
|
client := plugin.NewClient(&plugin.ClientConfig{
|
||
|
HandshakeConfig: ipfilter.Handshake,
|
||
|
Plugins: ipfilter.PluginMap,
|
||
|
Cmd: exec.Command(p.config.Cmd, p.config.Args...),
|
||
|
AllowedProtocols: []plugin.Protocol{
|
||
|
plugin.ProtocolGRPC,
|
||
|
},
|
||
|
AutoMTLS: p.config.AutoMTLS,
|
||
|
SecureConfig: secureConfig,
|
||
|
Managed: false,
|
||
|
Logger: &logger.HCLogAdapter{
|
||
|
Logger: hclog.New(&hclog.LoggerOptions{
|
||
|
Name: fmt.Sprintf("%v.%v", logSender, ipfilter.PluginName),
|
||
|
Level: pluginsLogLevel,
|
||
|
DisableTime: true,
|
||
|
}),
|
||
|
},
|
||
|
})
|
||
|
rpcClient, err := client.Client()
|
||
|
if err != nil {
|
||
|
logger.Debug(logSender, "", "unable to get rpc client for plugin %#v: %v", p.config.Cmd, err)
|
||
|
return err
|
||
|
}
|
||
|
raw, err := rpcClient.Dispense(ipfilter.PluginName)
|
||
|
if err != nil {
|
||
|
logger.Debug(logSender, "", "unable to get plugin %v from rpc client for command %#v: %v",
|
||
|
ipfilter.PluginName, p.config.Cmd, err)
|
||
|
return err
|
||
|
}
|
||
|
|
||
|
p.client = client
|
||
|
p.filter = raw.(ipfilter.Filter)
|
||
|
|
||
|
return nil
|
||
|
}
|