2020-05-04 13:53:59 +08:00
|
|
|
package ssh
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"net"
|
|
|
|
|
"net/url"
|
2021-02-06 00:26:58 +08:00
|
|
|
"os"
|
2021-12-09 19:22:12 +08:00
|
|
|
"strconv"
|
2021-04-20 20:55:40 +08:00
|
|
|
"sync"
|
2020-05-04 13:53:59 +08:00
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
"golang.org/x/crypto/ssh"
|
|
|
|
|
|
2020-10-01 22:49:14 +08:00
|
|
|
"github.com/nadoo/glider/log"
|
2020-05-04 13:53:59 +08:00
|
|
|
"github.com/nadoo/glider/proxy"
|
|
|
|
|
)
|
|
|
|
|
|
2020-05-06 20:10:18 +08:00
|
|
|
// SSH is a base ssh struct.
|
2020-05-04 13:53:59 +08:00
|
|
|
type SSH struct {
|
|
|
|
|
dialer proxy.Dialer
|
|
|
|
|
proxy proxy.Proxy
|
|
|
|
|
addr string
|
2021-04-20 15:28:52 +08:00
|
|
|
|
2021-12-09 19:22:12 +08:00
|
|
|
mu sync.Mutex
|
|
|
|
|
conn net.Conn
|
|
|
|
|
client *ssh.Client
|
|
|
|
|
config *ssh.ClientConfig
|
2020-05-04 13:53:59 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func init() {
|
|
|
|
|
proxy.RegisterDialer("ssh", NewSSHDialer)
|
|
|
|
|
}
|
|
|
|
|
|
2020-05-06 20:10:18 +08:00
|
|
|
// NewSSH returns a ssh proxy.
|
2020-05-04 13:53:59 +08:00
|
|
|
func NewSSH(s string, d proxy.Dialer, p proxy.Proxy) (*SSH, error) {
|
|
|
|
|
u, err := url.Parse(s)
|
|
|
|
|
if err != nil {
|
2021-12-05 19:03:57 +08:00
|
|
|
log.F("[ssh] parse err: %s", err)
|
2020-05-04 13:53:59 +08:00
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
user := u.User.Username()
|
|
|
|
|
if user == "" {
|
|
|
|
|
user = "root"
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
config := &ssh.ClientConfig{
|
2021-12-09 19:22:12 +08:00
|
|
|
User: user,
|
|
|
|
|
HostKeyCallback: ssh.InsecureIgnoreHostKey(),
|
2020-05-04 13:53:59 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if pass, _ := u.User.Password(); pass != "" {
|
|
|
|
|
config.Auth = []ssh.AuthMethod{ssh.Password(pass)}
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-09 19:22:12 +08:00
|
|
|
query := u.Query()
|
|
|
|
|
if key := query.Get("key"); key != "" {
|
2020-05-04 15:33:26 +08:00
|
|
|
keyAuth, err := privateKeyAuth(key)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.F("[ssh] read key file error: %s", err)
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
config.Auth = append(config.Auth, keyAuth)
|
2020-05-04 13:53:59 +08:00
|
|
|
}
|
|
|
|
|
|
2021-12-09 19:22:12 +08:00
|
|
|
// timeout of ssh handshake and channel operation
|
|
|
|
|
qtimeout := query.Get("timeout")
|
|
|
|
|
if qtimeout == "" {
|
|
|
|
|
qtimeout = "5" // default timeout
|
|
|
|
|
}
|
|
|
|
|
timeout, err := strconv.ParseUint(qtimeout, 10, 32)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.F("[ssh] parse timeout err: %s", err)
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
config.Timeout = time.Second * time.Duration(timeout)
|
|
|
|
|
|
2021-04-20 15:28:52 +08:00
|
|
|
t := &SSH{
|
2020-05-04 13:53:59 +08:00
|
|
|
dialer: d,
|
|
|
|
|
proxy: p,
|
|
|
|
|
addr: u.Host,
|
2021-12-09 19:22:12 +08:00
|
|
|
config: config,
|
2021-04-20 15:28:52 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if _, port, _ := net.SplitHostPort(t.addr); port == "" {
|
|
|
|
|
t.addr = net.JoinHostPort(t.addr, "22")
|
2020-05-04 13:53:59 +08:00
|
|
|
}
|
|
|
|
|
|
2021-12-06 23:53:10 +08:00
|
|
|
return t, nil
|
2020-05-04 13:53:59 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NewSSHDialer returns a ssh proxy dialer.
|
|
|
|
|
func NewSSHDialer(s string, d proxy.Dialer) (proxy.Dialer, error) {
|
|
|
|
|
return NewSSH(s, d, nil)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Addr returns forwarder's address.
|
|
|
|
|
func (s *SSH) Addr() string {
|
|
|
|
|
if s.addr == "" {
|
|
|
|
|
return s.dialer.Addr()
|
|
|
|
|
}
|
|
|
|
|
return s.addr
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-09 19:22:12 +08:00
|
|
|
// Dial connects to the address addr on the network net via the proxy.
|
|
|
|
|
func (s *SSH) Dial(network, addr string) (net.Conn, error) {
|
|
|
|
|
s.mu.Lock()
|
|
|
|
|
defer s.mu.Unlock()
|
|
|
|
|
|
|
|
|
|
if s.client != nil {
|
|
|
|
|
if c, err := s.dial(network, addr); err == nil {
|
|
|
|
|
return c, nil
|
|
|
|
|
}
|
|
|
|
|
s.conn.Close()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := s.initConn(); err != nil {
|
|
|
|
|
return nil, err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return s.dial(network, addr)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (s *SSH) dial(network, addr string) (net.Conn, error) {
|
|
|
|
|
s.conn.SetDeadline(time.Now().Add(s.config.Timeout))
|
|
|
|
|
c, err := s.client.Dial(network, addr)
|
|
|
|
|
s.conn.SetDeadline(time.Time{})
|
|
|
|
|
return c, err
|
|
|
|
|
}
|
|
|
|
|
|
2021-04-20 15:28:52 +08:00
|
|
|
func (s *SSH) initConn() error {
|
|
|
|
|
c, err := s.dialer.Dial("tcp", s.addr)
|
2020-05-04 13:53:59 +08:00
|
|
|
if err != nil {
|
|
|
|
|
log.F("[ssh]: dial to %s error: %s", s.addr, err)
|
2021-04-20 15:28:52 +08:00
|
|
|
return err
|
2020-05-04 13:53:59 +08:00
|
|
|
}
|
|
|
|
|
|
2021-12-09 19:22:12 +08:00
|
|
|
c.SetDeadline(time.Now().Add(s.config.Timeout))
|
|
|
|
|
sshConn, sshChan, sshReq, err := ssh.NewClientConn(c, s.addr, s.config)
|
2020-05-04 13:53:59 +08:00
|
|
|
if err != nil {
|
|
|
|
|
log.F("[ssh]: initial connection to %s error: %s", s.addr, err)
|
2021-12-09 19:22:12 +08:00
|
|
|
c.Close()
|
2021-04-20 15:28:52 +08:00
|
|
|
return err
|
2020-05-04 13:53:59 +08:00
|
|
|
}
|
2021-12-09 19:22:12 +08:00
|
|
|
c.SetDeadline(time.Time{})
|
2021-12-05 19:03:57 +08:00
|
|
|
|
2021-12-09 19:22:12 +08:00
|
|
|
s.conn = c
|
|
|
|
|
s.client = ssh.NewClient(sshConn, sshChan, sshReq)
|
|
|
|
|
return nil
|
2020-05-04 13:53:59 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// DialUDP connects to the given address via the proxy.
|
|
|
|
|
func (s *SSH) DialUDP(network, addr string) (pc net.PacketConn, writeTo net.Addr, err error) {
|
2020-12-02 19:00:39 +08:00
|
|
|
return nil, nil, proxy.ErrNotSupported
|
2020-05-04 13:53:59 +08:00
|
|
|
}
|
|
|
|
|
|
2020-05-04 15:33:26 +08:00
|
|
|
func privateKeyAuth(file string) (ssh.AuthMethod, error) {
|
2021-02-06 00:26:58 +08:00
|
|
|
buffer, err := os.ReadFile(file)
|
2020-05-04 13:53:59 +08:00
|
|
|
if err != nil {
|
2020-05-04 15:33:26 +08:00
|
|
|
return nil, err
|
2020-05-04 13:53:59 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
key, err := ssh.ParsePrivateKey(buffer)
|
|
|
|
|
if err != nil {
|
2020-05-04 15:33:26 +08:00
|
|
|
return nil, err
|
2020-05-04 13:53:59 +08:00
|
|
|
}
|
|
|
|
|
|
2020-05-04 15:33:26 +08:00
|
|
|
return ssh.PublicKeys(key), nil
|
2020-05-04 13:53:59 +08:00
|
|
|
}
|
