update config
This commit is contained in:
ginuerzh
@ -8,6 +8,7 @@ import (
|
||||
"strconv"
|
||||
"time"
|
||||
|
||||
"github.com/go-gost/gost/pkg/auth"
|
||||
"github.com/go-gost/gost/pkg/bypass"
|
||||
"github.com/go-gost/gost/pkg/chain"
|
||||
"github.com/go-gost/gost/pkg/handler"
|
||||
@ -31,11 +32,12 @@ func init() {
|
||||
}
|
||||
|
||||
type forwardHandler struct {
|
||||
bypass bypass.Bypass
|
||||
config *ssh.ServerConfig
|
||||
router *chain.Router
|
||||
logger logger.Logger
|
||||
md metadata
|
||||
bypass bypass.Bypass
|
||||
config *ssh.ServerConfig
|
||||
router *chain.Router
|
||||
authenticator auth.Authenticator
|
||||
logger logger.Logger
|
||||
md metadata
|
||||
}
|
||||
|
||||
func NewHandler(opts ...handler.Option) handler.Handler {
|
||||
@ -57,13 +59,13 @@ func (h *forwardHandler) Init(md md.Metadata) (err error) {
|
||||
}
|
||||
|
||||
config := &ssh.ServerConfig{
|
||||
PasswordCallback: ssh_util.PasswordCallback(h.md.authenticator),
|
||||
PasswordCallback: ssh_util.PasswordCallback(h.authenticator),
|
||||
PublicKeyCallback: ssh_util.PublicKeyCallback(h.md.authorizedKeys),
|
||||
}
|
||||
|
||||
config.AddHostKey(h.md.signer)
|
||||
|
||||
if h.md.authenticator == nil && len(h.md.authorizedKeys) == 0 {
|
||||
if h.authenticator == nil && len(h.md.authorizedKeys) == 0 {
|
||||
config.NoClientAuth = true
|
||||
}
|
||||
|
||||
|
||||
@ -2,9 +2,7 @@ package ssh
|
||||
|
||||
import (
|
||||
"io/ioutil"
|
||||
"strings"
|
||||
|
||||
"github.com/go-gost/gost/pkg/auth"
|
||||
tls_util "github.com/go-gost/gost/pkg/common/util/tls"
|
||||
ssh_util "github.com/go-gost/gost/pkg/internal/util/ssh"
|
||||
mdata "github.com/go-gost/gost/pkg/metadata"
|
||||
@ -12,32 +10,17 @@ import (
|
||||
)
|
||||
|
||||
type metadata struct {
|
||||
authenticator auth.Authenticator
|
||||
signer ssh.Signer
|
||||
authorizedKeys map[string]bool
|
||||
}
|
||||
|
||||
func (h *forwardHandler) parseMetadata(md mdata.Metadata) (err error) {
|
||||
const (
|
||||
users = "users"
|
||||
authorizedKeys = "authorizedKeys"
|
||||
privateKeyFile = "privateKeyFile"
|
||||
passphrase = "passphrase"
|
||||
)
|
||||
|
||||
if auths := mdata.GetStrings(md, users); len(auths) > 0 {
|
||||
authenticator := auth.NewLocalAuthenticator(nil)
|
||||
for _, auth := range auths {
|
||||
ss := strings.SplitN(auth, ":", 2)
|
||||
if len(ss) == 1 {
|
||||
authenticator.Add(ss[0], "")
|
||||
} else {
|
||||
authenticator.Add(ss[0], ss[1])
|
||||
}
|
||||
}
|
||||
h.md.authenticator = authenticator
|
||||
}
|
||||
|
||||
if key := mdata.GetString(md, privateKeyFile); key != "" {
|
||||
data, err := ioutil.ReadFile(key)
|
||||
if err != nil {
|
||||
|
||||
Reference in New Issue
Block a user