mirror of
https://github.com/drakkan/sftpgo.git
synced 2024-11-22 07:30:25 +00:00
sftpfs: simplify client creation
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
parent
0a8a0ee771
commit
dd9b0b151f
1 changed files with 20 additions and 29 deletions
|
@ -67,27 +67,6 @@ type SFTPFsConfig struct {
|
||||||
PrivateKey *kms.Secret `json:"private_key,omitempty"`
|
PrivateKey *kms.Secret `json:"private_key,omitempty"`
|
||||||
KeyPassphrase *kms.Secret `json:"key_passphrase,omitempty"`
|
KeyPassphrase *kms.Secret `json:"key_passphrase,omitempty"`
|
||||||
forbiddenSelfUsernames []string `json:"-"`
|
forbiddenSelfUsernames []string `json:"-"`
|
||||||
signer ssh.Signer
|
|
||||||
}
|
|
||||||
|
|
||||||
func (c *SFTPFsConfig) populateSigner() error {
|
|
||||||
if c.PrivateKey.GetPayload() != "" {
|
|
||||||
signer, err := c.getSigner()
|
|
||||||
if err != nil {
|
|
||||||
return fmt.Errorf("sftpfs: unable to parse the private key: %w", err)
|
|
||||||
}
|
|
||||||
c.signer = signer
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
return nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (c *SFTPFsConfig) getSigner() (ssh.Signer, error) {
|
|
||||||
if c.KeyPassphrase.GetPayload() != "" {
|
|
||||||
return ssh.ParsePrivateKeyWithPassphrase([]byte(c.PrivateKey.GetPayload()),
|
|
||||||
[]byte(c.KeyPassphrase.GetPayload()))
|
|
||||||
}
|
|
||||||
return ssh.ParsePrivateKey([]byte(c.PrivateKey.GetPayload()))
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// HideConfidentialData hides confidential data
|
// HideConfidentialData hides confidential data
|
||||||
|
@ -352,9 +331,6 @@ func NewSFTPFs(connectionID, mountPath, localTempDir string, forbiddenSelfUserna
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if err := config.populateSigner(); err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
config.forbiddenSelfUsernames = forbiddenSelfUsernames
|
config.forbiddenSelfUsernames = forbiddenSelfUsernames
|
||||||
sftpFs := &SFTPFs{
|
sftpFs := &SFTPFs{
|
||||||
connectionID: connectionID,
|
connectionID: connectionID,
|
||||||
|
@ -955,6 +931,17 @@ func (c *sftpConnection) OpenConnection() error {
|
||||||
return c.openConnNoLock()
|
return c.openConnNoLock()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (c *sftpConnection) getKeySigner() (ssh.Signer, error) {
|
||||||
|
privPayload := c.config.PrivateKey.GetPayload()
|
||||||
|
if privPayload == "" {
|
||||||
|
return nil, nil
|
||||||
|
}
|
||||||
|
if key := c.config.KeyPassphrase.GetPayload(); key != "" {
|
||||||
|
return ssh.ParsePrivateKeyWithPassphrase([]byte(privPayload), []byte(key))
|
||||||
|
}
|
||||||
|
return ssh.ParsePrivateKey([]byte(privPayload))
|
||||||
|
}
|
||||||
|
|
||||||
func (c *sftpConnection) openConnNoLock() error {
|
func (c *sftpConnection) openConnNoLock() error {
|
||||||
if c.isConnected {
|
if c.isConnected {
|
||||||
logger.Debug(c.logSender, "", "reusing connection")
|
logger.Debug(c.logSender, "", "reusing connection")
|
||||||
|
@ -989,14 +976,18 @@ func (c *sftpConnection) openConnNoLock() error {
|
||||||
logger.Log(logger.LevelWarn, c.logSender, "", "login without host key validation, please provide at least a fingerprint!")
|
logger.Log(logger.LevelWarn, c.logSender, "", "login without host key validation, please provide at least a fingerprint!")
|
||||||
return nil
|
return nil
|
||||||
},
|
},
|
||||||
Timeout: 10 * time.Second,
|
Timeout: 15 * time.Second,
|
||||||
ClientVersion: fmt.Sprintf("SSH-2.0-SFTPGo_%v", version.Get().Version),
|
ClientVersion: fmt.Sprintf("SSH-2.0-SFTPGo_%v", version.Get().Version),
|
||||||
}
|
}
|
||||||
if c.config.signer != nil {
|
signer, err := c.getKeySigner()
|
||||||
clientConfig.Auth = append(clientConfig.Auth, ssh.PublicKeys(c.config.signer))
|
if err != nil {
|
||||||
|
return fmt.Errorf("sftpfs: unable to parse the private key: %w", err)
|
||||||
}
|
}
|
||||||
if c.config.Password.GetPayload() != "" {
|
if signer != nil {
|
||||||
clientConfig.Auth = append(clientConfig.Auth, ssh.Password(c.config.Password.GetPayload()))
|
clientConfig.Auth = append(clientConfig.Auth, ssh.PublicKeys(signer))
|
||||||
|
}
|
||||||
|
if pwd := c.config.Password.GetPayload(); pwd != "" {
|
||||||
|
clientConfig.Auth = append(clientConfig.Auth, ssh.Password(pwd))
|
||||||
}
|
}
|
||||||
supportedAlgos := ssh.SupportedAlgorithms()
|
supportedAlgos := ssh.SupportedAlgorithms()
|
||||||
insecureAlgos := ssh.InsecureAlgorithms()
|
insecureAlgos := ssh.InsecureAlgorithms()
|
||||||
|
|
Loading…
Reference in a new issue