From 164621289cd93f5876fb54af1ed404eb203ba605 Mon Sep 17 00:00:00 2001
From: Nicola Murino <nicola.murino@gmail.com>
Date: Sat, 7 May 2022 12:50:49 +0200
Subject: [PATCH] awscontainer: add a flag to disable the installation code

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
---
 cmd/awscontainer.go              | 20 ++++++++++++++++++++
 cmd/awscontainer_disabled.go     | 10 ++++++++++
 cmd/root.go                      |  2 ++
 cmd/serve.go                     |  3 ++-
 common/common.go                 |  2 +-
 go.mod                           |  6 +++---
 go.sum                           | 12 ++++++------
 service/awscontainer.go          |  8 +++++---
 service/awscontainer_disabled.go |  2 +-
 service/service.go               |  4 ++--
 service/service_portable.go      |  2 +-
 service/service_windows.go       |  2 +-
 12 files changed, 54 insertions(+), 19 deletions(-)
 create mode 100644 cmd/awscontainer.go
 create mode 100644 cmd/awscontainer_disabled.go

diff --git a/cmd/awscontainer.go b/cmd/awscontainer.go
new file mode 100644
index 00000000..d12e9158
--- /dev/null
+++ b/cmd/awscontainer.go
@@ -0,0 +1,20 @@
+//go:build awscontainer
+// +build awscontainer
+
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+	"github.com/spf13/viper"
+)
+
+func addAWSContainerFlags(cmd *cobra.Command) {
+	viper.SetDefault("disable_aws_installation_code", false)
+	viper.BindEnv("disable_aws_installation_code", "SFTPGO_DISABLE_AWS_INSTALLATION_CODE") //nolint:errcheck
+	cmd.Flags().BoolVar(&disableAWSInstallationCode, "disable-aws-installation-code", viper.GetBool("disable_aws_installation_code"),
+		`Disable installation code for the AWS container.
+This flag can be set using
+SFTPGO_DISABLE_AWS_INSTALLATION_CODE env var too.
+`)
+	viper.BindPFlag("disable_aws_installation_code", cmd.Flags().Lookup("disable-aws-installation-code")) //nolint:errcheck
+}
diff --git a/cmd/awscontainer_disabled.go b/cmd/awscontainer_disabled.go
new file mode 100644
index 00000000..b40fce6b
--- /dev/null
+++ b/cmd/awscontainer_disabled.go
@@ -0,0 +1,10 @@
+//go:build !awscontainer
+// +build !awscontainer
+
+package cmd
+
+import (
+	"github.com/spf13/cobra"
+)
+
+func addAWSContainerFlags(cmd *cobra.Command) {}
diff --git a/cmd/root.go b/cmd/root.go
index 16332557..8ee33c75 100644
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -67,6 +67,8 @@ var (
 	loadDataMode      int
 	loadDataQuotaScan int
 	loadDataClean     bool
+	// used if awscontainer build tag is enabled
+	disableAWSInstallationCode bool
 
 	rootCmd = &cobra.Command{
 		Use:   "sftpgo",
diff --git a/cmd/serve.go b/cmd/serve.go
index b6e4517f..ce5a862f 100644
--- a/cmd/serve.go
+++ b/cmd/serve.go
@@ -36,7 +36,7 @@ Please take a look at the usage below to customize the startup options`,
 				LoadDataClean:     loadDataClean,
 				Shutdown:          make(chan bool),
 			}
-			if err := service.Start(); err == nil {
+			if err := service.Start(disableAWSInstallationCode); err == nil {
 				service.Wait()
 				if service.Error == nil {
 					os.Exit(0)
@@ -50,4 +50,5 @@ Please take a look at the usage below to customize the startup options`,
 func init() {
 	rootCmd.AddCommand(serveCmd)
 	addServeFlags(serveCmd)
+	addAWSContainerFlags(serveCmd)
 }
diff --git a/common/common.go b/common/common.go
index 40e54655..5556907b 100644
--- a/common/common.go
+++ b/common/common.go
@@ -543,7 +543,7 @@ func (c *Configuration) GetProxyListener(listener net.Listener) (*proxyproto.Lis
 		return &proxyproto.Listener{
 			Listener:          listener,
 			Policy:            policyFunc,
-			ReadHeaderTimeout: 5 * time.Second,
+			ReadHeaderTimeout: 10 * time.Second,
 		}, nil
 	}
 	return nil, errors.New("proxy protocol not configured")
diff --git a/go.mod b/go.mod
index 250e4779..3121edf4 100644
--- a/go.mod
+++ b/go.mod
@@ -12,9 +12,9 @@ require (
 	github.com/aws/aws-sdk-go-v2/config v1.15.4
 	github.com/aws/aws-sdk-go-v2/credentials v1.12.0
 	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.4
-	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.8
+	github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.9
 	github.com/aws/aws-sdk-go-v2/service/marketplacemetering v1.13.4
-	github.com/aws/aws-sdk-go-v2/service/s3 v1.26.8
+	github.com/aws/aws-sdk-go-v2/service/s3 v1.26.9
 	github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.15.6
 	github.com/aws/aws-sdk-go-v2/service/sts v1.16.4
 	github.com/cockroachdb/cockroach-go/v2 v2.2.8
@@ -34,7 +34,7 @@ require (
 	github.com/hashicorp/go-plugin v1.4.4
 	github.com/hashicorp/go-retryablehttp v0.7.1
 	github.com/jlaffaye/ftp v0.0.0-20201112195030-9aae4d151126
-	github.com/klauspost/compress v1.15.2
+	github.com/klauspost/compress v1.15.3
 	github.com/lestrrat-go/jwx v1.2.24
 	github.com/lib/pq v1.10.5
 	github.com/lithammer/shortuuid/v3 v3.0.7
diff --git a/go.sum b/go.sum
index df885b29..07ae38fe 100644
--- a/go.sum
+++ b/go.sum
@@ -150,8 +150,8 @@ github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.3/go.mod h1:uk1vhHHERfSVCUnq
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.4 h1:FP8gquGeGHHdfY6G5llaMQDF+HAf20VKc8opRwmjf04=
 github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.12.4/go.mod h1:u/s5/Z+ohUQOPXl00m2yJVyioWDECsbpXTQlaqSlufc=
 github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.3/go.mod h1:0dHuD2HZZSiwfJSy1FO5bX1hQ1TxVV1QXXjpn3XUE44=
-github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.8 h1:DrnslKj0yz31roe7+tmMblGhbr6OV7VQUJo5ylBU9YQ=
-github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.8/go.mod h1:PCN2NuDpHRYLcO2Gl9yVToeahcRBkf+87inUVGwtM+Q=
+github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.9 h1:YLaNNJWkBsmo2ksMDiGrTUlGNMn6HZ/PP8CcXjRFZVE=
+github.com/aws/aws-sdk-go-v2/feature/s3/manager v1.11.9/go.mod h1:1ca7t9uEmhcv9srUhdsjT3V4wJOcqabbgP1+1i3X8Vs=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.9/go.mod h1:AnVH5pvai0pAF4lXRq0bmhbes1u9R8wTE+g+183bZNM=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.10 h1:uFWgo6mGJI1n17nbcvSc6fxVuR3xLNqvXt12JCnEcT8=
 github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.10/go.mod h1:F+EZtuIwjlv35kRJPyBGcsA4f7bnSoz15zOQ2lJq1Z4=
@@ -178,8 +178,8 @@ github.com/aws/aws-sdk-go-v2/service/kms v1.16.3/go.mod h1:QuiHPBqlOFCi4LqdSskYY
 github.com/aws/aws-sdk-go-v2/service/marketplacemetering v1.13.4 h1:qmHavnjRtgdH54nyG4iEk6ZCde9m2S++32INurhaNTk=
 github.com/aws/aws-sdk-go-v2/service/marketplacemetering v1.13.4/go.mod h1:CloMDruFIVZJ8qv2OsY5ENIqzg5c0eeTciVVW3KHdvE=
 github.com/aws/aws-sdk-go-v2/service/s3 v1.26.3/go.mod h1:g1qvDuRsJY+XghsV6zg00Z4KJ7DtFFCx8fJD2a491Ak=
-github.com/aws/aws-sdk-go-v2/service/s3 v1.26.8 h1:XInp7WokGrNBYC+5rm9npWC0vrF2xtfNfM/qozGI6U0=
-github.com/aws/aws-sdk-go-v2/service/s3 v1.26.8/go.mod h1:iMYipLPXlWpBJ0KFX7QJHZ84rBydHBY8as2aQICTPWk=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.26.9 h1:LCQKnopq2t4oQS3VKivlYTzAHCTJZZoQICM9fny7KHY=
+github.com/aws/aws-sdk-go-v2/service/s3 v1.26.9/go.mod h1:iMYipLPXlWpBJ0KFX7QJHZ84rBydHBY8as2aQICTPWk=
 github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.15.4/go.mod h1:PJc8s+lxyU8rrre0/4a0pn2wgwiDvOEzoOjcJUBr67o=
 github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.15.6 h1:m+mxqLIrGq7GJo5qw4rHn8BbUqHrvxvwFx54N1Pglvw=
 github.com/aws/aws-sdk-go-v2/service/secretsmanager v1.15.6/go.mod h1:Z+i6uqZgCOBXhNoEGoRm/ZaLsaJA9rGUAmkVKM/3+g4=
@@ -537,8 +537,8 @@ github.com/julienschmidt/httprouter v1.3.0/go.mod h1:JR6WtHb+2LUe8TCKY3cZOxFyyO8
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
 github.com/klauspost/compress v1.10.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs=
 github.com/klauspost/compress v1.15.1/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
-github.com/klauspost/compress v1.15.2 h1:3WH+AG7s2+T8o3nrM/8u2rdqUEcQhmga7smjrT41nAw=
-github.com/klauspost/compress v1.15.2/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU=
+github.com/klauspost/compress v1.15.3 h1:wmfu2iqj9q22SyMINp1uQ8C2/V4M1phJdmH9fG4nba0=
+github.com/klauspost/compress v1.15.3/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU=
 github.com/klauspost/cpuid/v2 v2.0.4/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/klauspost/cpuid/v2 v2.0.12 h1:p9dKCg8i4gmOxtv35DvrYoWqYzQrvEVdjQ762Y0OqZE=
 github.com/klauspost/cpuid/v2 v2.0.12/go.mod h1:g2LTdtYhdyuGPqyWyv7qRAmj1WBqxuObKfj5c0PQa7c=
diff --git a/service/awscontainer.go b/service/awscontainer.go
index c2ed61a2..240404cd 100644
--- a/service/awscontainer.go
+++ b/service/awscontainer.go
@@ -31,7 +31,7 @@ var (
 	awsProductCode = ""
 )
 
-func registerAWSContainer() error {
+func registerAWSContainer(disableAWSInstallationCode bool) error {
 	if awsProductCode == "" {
 		return errors.New("product code not set")
 	}
@@ -42,8 +42,10 @@ func registerAWSContainer() error {
 	if err != nil {
 		return fmt.Errorf("unable to get config to register AWS container: %w", err)
 	}
-	if err := setInstallationCode(cfg); err != nil {
-		return err
+	if !disableAWSInstallationCode {
+		if err := setInstallationCode(cfg); err != nil {
+			return err
+		}
 	}
 	requestNonce, err := uuid.NewRandom()
 	if err != nil {
diff --git a/service/awscontainer_disabled.go b/service/awscontainer_disabled.go
index 86ed62d7..0bd48d34 100644
--- a/service/awscontainer_disabled.go
+++ b/service/awscontainer_disabled.go
@@ -3,6 +3,6 @@
 
 package service
 
-func registerAWSContainer() error {
+func registerAWSContainer(disableAWSInstallationCode bool) error {
 	return nil
 }
diff --git a/service/service.go b/service/service.go
index b51ea221..22d648b1 100644
--- a/service/service.go
+++ b/service/service.go
@@ -66,7 +66,7 @@ func (s *Service) initLogger() {
 }
 
 // Start initializes the service
-func (s *Service) Start() error {
+func (s *Service) Start(disableAWSInstallationCode bool) error {
 	s.initLogger()
 	logger.Info(logSender, "", "starting SFTPGo %v, config dir: %v, config file: %v, log max size: %v log max backups: %v "+
 		"log max age: %v log verbose: %v, log compress: %v, log utc time: %v, load data from: %#v", version.GetAsString(), s.ConfigDir, s.ConfigFile,
@@ -135,7 +135,7 @@ func (s *Service) Start() error {
 		}
 	}
 
-	if err := registerAWSContainer(); err != nil {
+	if err := registerAWSContainer(disableAWSInstallationCode); err != nil {
 		logger.Error(logSender, "", "error registering AWS container: %v", err)
 		logger.ErrorToConsole("error registering AWS container: %v", err)
 		return err
diff --git a/service/service_portable.go b/service/service_portable.go
index 98787a8f..d87c0fee 100644
--- a/service/service_portable.go
+++ b/service/service_portable.go
@@ -104,7 +104,7 @@ func (s *Service) StartPortableMode(sftpdPort, ftpPort, webdavPort int, enabledS
 		config.SetWebDAVDConfig(webDavConf)
 	}
 
-	err = s.Start()
+	err = s.Start(true)
 	if err != nil {
 		return err
 	}
diff --git a/service/service_windows.go b/service/service_windows.go
index 16e2fe6f..0d00be73 100644
--- a/service/service_windows.go
+++ b/service/service_windows.go
@@ -93,7 +93,7 @@ func (s *WindowsService) handleExit(wasStopped chan bool) {
 func (s *WindowsService) Execute(args []string, r <-chan svc.ChangeRequest, changes chan<- svc.Status) (ssec bool, errno uint32) {
 	const cmdsAccepted = svc.AcceptStop | svc.AcceptShutdown | svc.AcceptParamChange | acceptRotateLog
 	changes <- svc.Status{State: svc.StartPending}
-	if err := s.Service.Start(); err != nil {
+	if err := s.Service.Start(false); err != nil {
 		return true, 1
 	}