fix conflict

e405525a · Eric · 7538ac8d · 7d24c9c5 · e405525a · e405525a
Commit e405525a authored May 09, 2019 by Eric
22 changed files
--- a/Gopkg.lock
+++ b/Gopkg.lock
@@ -9,6 +9,15 @@
  pruneopts = "UT"
  revision = "648efa622239a2f6ff949fed78ee37b48d499ba4"

+[[projects]]
+  branch = "dev"
+  digest = "1:35649cbef81554217a919e5214dd33b3ab449ef742284887d583a4e431330bc8"
+  name = "github.com/gliderlabs/ssh"
+  packages = ["."]
+  pruneopts = "UT"
+  revision = "f6ff00ebef0e6e6f324e1199f69bb2b9d8dcf2ed"
+  source = "github.com/ibuler/ssh"
+
 [[projects]]
  digest = "1:6b7e9b1e2f944a0c84f29943f705954d2d8cfbf6477c37a10d0c80acdbc2445f"
  name = "github.com/googollee/go-engine.io"
@@ -45,20 +54,12 @@
  version = "v1.4.0"

 [[projects]]
-  digest = "1:c9aca0b305d2cf7925af6a5b1bdc24b99e5fd901271ba6e0cbb562f4112d01e3"
-  name = "github.com/ibuler/ssh"
-  packages = ["."]
-  pruneopts = "UT"
-  revision = "6e3e06f8bbc854467434a7c66e98566c506c0502"
-  version = "0.1.5"
-
-[[projects]]
-  digest = "1:e77a03f1e4f1e4e035e46dc3cd79b1e33acbf651540aaa5e148caf1296884d18"
+  digest = "1:8cff1b38298ac6c9f02bce11df3a7b9026bba6540c52adcf3fc8b328bf0fc149"
  name = "github.com/jarcoal/httpmock"
  packages = ["."]
  pruneopts = "UT"
-  revision = "e598472b238f5d2a505e1316886da2171f86bfa4"
-  version = "v1.0.3"
+  revision = "ac2099de8d3789d30b99b740d1a9d242097462df"
+  version = "v1.0.4"

 [[projects]]
  digest = "1:31e761d97c76151dde79e9d28964a812c46efc5baee4085b86f68f0c654450de"
@@ -153,7 +154,7 @@

 [[projects]]
  branch = "master"
-  digest = "1:7ba755bbcaaf821fd0c73c96069883c4467d6e261e3ecc81adddb8e0bfc67527"
+  digest = "1:f8fa0c03fa1a9b220cd6e7984cd5ab923a83065f338a5fe2b2f61020d62f0991"
  name = "golang.org/x/crypto"
  packages = [
    "curve25519",
@@ -166,11 +167,12 @@
    "ssh/terminal",
  ]
  pruneopts = "UT"
-  revision = "a29dc8fdc73485234dbef99ebedb95d2eced08de"
+  revision = "40738d426814df40c4d54d5e7017f7af7725da47"
+  source = "github.com/ibuler/crypto"

 [[projects]]
  branch = "master"
-  digest = "1:91f01f15f85f43f18cbed401dfc839879a12678f8254fcfe93daaddd4a3e52e0"
+  digest = "1:7a36766813b41d353a9055448789d5776e583f92dd1f68c79818dc0494b73855"
  name = "golang.org/x/sys"
  packages = [
    "cpu",
@@ -178,7 +180,7 @@
    "windows",
  ]
  pruneopts = "UT"
-  revision = "a129542de9ae0895210abff9c95d67a1f33cb93d"
+  revision = "12bbe5a7a5209180b72cc7e3ed9da40442fe3246"

 [[projects]]
  digest = "1:4d2e5a73dc1500038e504a8d78b986630e3626dc027bc030ba5c75da257cdb96"
@@ -192,8 +194,8 @@
  analyzer-name = "dep"
  analyzer-version = 1
  input-imports = [
+    "github.com/gliderlabs/ssh",
    "github.com/googollee/go-socket.io",
-    "github.com/ibuler/ssh",
    "github.com/jarcoal/httpmock",
    "github.com/kr/pty",
    "github.com/leonelquinteros/gotext",

--- a/Gopkg.toml
+++ b/Gopkg.toml
@@ -25,20 +25,9 @@
 #   unused-packages = true

 [[constraint]]
-  name = "github.com/googollee/go-engine.io"
-  version = "1.4.1"
-
-[[constraint]]
-  name = "github.com/googollee/go-socket.io"
-  version = "1.4.1"
-
-[[constraint]]
-  name = "github.com/gorilla/websocket"
-  version = "1.4.0"
-
-[[constraint]]
-  name = "github.com/ibuler/ssh"
-  version = "0.1.5"
+  name = "github.com/gliderlabs/ssh"
+  source = "github.com/ibuler/ssh"
+  branch = "dev"

 [[constraint]]
  name = "github.com/jarcoal/httpmock"
@@ -71,6 +60,7 @@
 [[constraint]]
  branch = "master"
  name = "golang.org/x/crypto"
+  source = "github.com/ibuler/crypto"

 [[constraint]]
  name = "gopkg.in/yaml.v2"

--- a/cmd/hello.go
+++ b/cmd/hello.go
-package main
-
-import (
-	"bytes"
-	"fmt"
-	"golang.org/x/crypto/ssh/terminal"
-	"io"
-	"io/ioutil"
-	"os"
-)
-
-var f, _ = os.Create("/tmp/new.txt")
-
-var buf, _ = ioutil.ReadFile("/tmp/cmd.text")
-
-type CmdRwParser struct {
-	content []byte
-}
-
-func (c *CmdRwParser) Read(b []byte) (int, error) {
-	for i, v := range c.content {
-		b[i] = v
-	}
-	fmt.Printf("Read %s\n", b)
-	return len(c.content), io.EOF
-}
-
-func (c *CmdRwParser) Write(b []byte) (int, error) {
-	fmt.Printf("Write %s\n", b)
-	return len(b), nil
-}
-
-func main() {
-	nb := new(bytes.Buffer)
-	term := terminal.NewTerminal(nb, ">")
-	nb.Write(buf)
-	nb.Write([]byte("\r"))
-	fmt.Printf("Buf: %s\n", buf)
-
-	line, _ := term.ReadLine()
-	f.WriteString(line)
-	fmt.Printf("Line: %s\n", []byte(line))
-	fmt.Println(".......................")
-	fmt.Printf(nb.String())
-	f.Close()
-}
--- a/go.mod
+++ b/go.mod
-module cocogo
-
-require (
-	github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 // indirect
-	github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 // indirect
-	github.com/gliderlabs/ssh v0.1.4 // indirect
-	github.com/ibuler/ssh v0.1.5
-	github.com/jarcoal/httpmock v1.0.3
-	github.com/konsorten/go-windows-terminal-sequences v1.0.2 // indirect
-	github.com/kr/fs v0.1.0 // indirect
-	github.com/kr/pty v1.1.4
-	github.com/leonelquinteros/gotext v1.4.0
-	github.com/mattn/go-runewidth v0.0.4 // indirect
-	github.com/olekukonko/tablewriter v0.0.1
-	github.com/pkg/errors v0.8.1 // indirect
-	github.com/pkg/sftp v1.10.0
-	github.com/satori/go.uuid v1.2.0
-	github.com/sirupsen/logrus v1.4.1
-	github.com/xlab/treeprint v0.0.0-20181112141820-a009c3971eca
-	golang.org/x/crypto v0.0.0-20190426145343-a29dc8fdc734
-	gopkg.in/yaml.v2 v2.2.2
-)
--- a/pkg/auth/server.go
+++ b/pkg/auth/server.go
 package auth

 import (
+	"cocogo/pkg/model"
+	"fmt"
 	"strings"

-	"github.com/ibuler/ssh"
+	"github.com/gliderlabs/ssh"
 	gossh "golang.org/x/crypto/ssh"

 	"cocogo/pkg/cctx"
@@ -12,36 +14,45 @@ import (
 	"cocogo/pkg/service"
 )

-func checkAuth(ctx ssh.Context, password, publicKey string) (ok bool) {
+func checkAuth(ctx ssh.Context, password, publicKey string) (res ssh.AuthResult) {
 	username := ctx.User()
 	remoteAddr := strings.Split(ctx.RemoteAddr().String(), ":")[0]
-	user := service.Authenticate(username, password, publicKey, remoteAddr, "T")
+	user, err := service.Authenticate(username, password, publicKey, remoteAddr, "T")
 	authMethod := "publickey"
 	action := "Accepted"
+	res = ssh.AuthFailed
 	if password != "" {
 		authMethod = "password"
 	}
-	if user.Id == "" {
+	if err != nil {
 		action = "Failed"
 	} else {
 		ctx.SetValue(cctx.ContextKeyUser, user)
-		ok = true
+		res = ssh.AuthPartiallySuccessful
 	}
 	logger.Infof("%s %s for %s from %s", action, authMethod, username, remoteAddr)
-	return ok
+	return res
 }

-func CheckUserPassword(ctx ssh.Context, password string) bool {
-	ok := checkAuth(ctx, password, "")
-	return ok
+func CheckUserPassword(ctx ssh.Context, password string) ssh.AuthResult {
+	res := checkAuth(ctx, password, "")
+	return res
 }

-func CheckUserPublicKey(ctx ssh.Context, key ssh.PublicKey) bool {
+func CheckUserPublicKey(ctx ssh.Context, key ssh.PublicKey) ssh.AuthResult {
 	b := key.Marshal()
 	publicKey := common.Base64Encode(string(b))
 	return checkAuth(ctx, "", publicKey)
 }

-func CheckMFA(ctx ssh.Context, challenger gossh.KeyboardInteractiveChallenge) bool {
-	return false
+func CheckMFA(ctx ssh.Context, challenger gossh.KeyboardInteractiveChallenge) ssh.AuthResult {
+	answers, err := challenger("admin", "> ", []string{"MFA"}, []bool{true})
+	if err != nil {
+		return ssh.AuthFailed
+	}
+	fmt.Println(answers)
+
+	//ok := checkAuth(ctx, "admin", "")
+	ctx.SetValue(cctx.ContextKeyUser, &model.User{Username: "admin", Name: "admin"})
+	return ssh.AuthSuccessful
 }
--- a/pkg/cctx/context.go
+++ b/pkg/cctx/context.go
@@ -2,7 +2,8 @@ package cctx

 import (
 	"context"
-	"github.com/ibuler/ssh"
+
+	"github.com/gliderlabs/ssh"

 	"cocogo/pkg/model"
 )

--- a/pkg/common/utils.go
+++ b/pkg/common/utils.go
+package common
+
+import "os"
+
+func FileExists(name string) bool {
+	if _, err := os.Stat(name); err != nil {
+		if os.IsNotExist(err) {
+			return false
+		}
+	}
+	return true
+}
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
 package config

 import (
+	"cocogo/pkg/logger"
 	"encoding/json"
-	"fmt"
 	"io/ioutil"
 	"os"
 	"strings"
@@ -73,7 +73,7 @@ func (c *Config) LoadFromJSON(body []byte) error {
 	defer c.mux.Unlock()
 	err := json.Unmarshal(body, c)
 	if err != nil {
-		fmt.Println("Load yaml err")
+		logger.Error("Config load yaml error")
 		os.Exit(1)
 	}
 	return nil
@@ -113,9 +113,9 @@ var Conf = &Config{
 	SSHTimeout:     60,
 	HTTPPort:       5000,
 	AccessKey:      "",
-	AccessKeyFile:  "access_key",
+	AccessKeyFile:  "data/keys/.access_key",
 	LogLevel:       "DEBUG",
-	HostKeyFile:    "host_key",
+	HostKeyFile:    "data/keys/host_key",
 	HostKey:        "",
 	RootPath:       rootPath,
 	Comment:        "Coco",

--- a/pkg/handler/banner.go
+++ b/pkg/handler/banner.go
@@ -6,7 +6,7 @@ import (
 	"io"
 	"text/template"

-	"github.com/ibuler/ssh"
+	"github.com/gliderlabs/ssh"

 	"cocogo/pkg/config"
 	"cocogo/pkg/i18n"

--- a/pkg/handler/session.go
+++ b/pkg/handler/session.go
@@ -8,7 +8,7 @@ import (
 	"strings"
 	"sync"

-	"github.com/ibuler/ssh"
+	"github.com/gliderlabs/ssh"
 	//"github.com/olekukonko/tablewriter"
 	//"github.com/satori/go.uuid"
 	//"github.com/xlab/treeprint"

--- a/pkg/handler/sftp.go
+++ b/pkg/handler/sftp.go
@@ -4,7 +4,7 @@ import (
 	"io"
 	"io/ioutil"

-	"github.com/ibuler/ssh"
+	"github.com/gliderlabs/ssh"
 	"github.com/pkg/sftp"

 	"cocogo/pkg/logger"

--- a/pkg/handler/test.go
+++ b/pkg/handler/test.go
@@ -8,7 +8,7 @@ import (
 	"syscall"
 	"unsafe"

-	"github.com/ibuler/ssh"
+	"github.com/gliderlabs/ssh"
 	"github.com/kr/pty"
 )


--- a/pkg/proxy/parser.go
+++ b/pkg/proxy/parser.go
@@ -2,7 +2,6 @@ package proxy

 import (
 	"bytes"
-	"cocogo/pkg/recorder"
 	"sync"
 	"time"

@@ -46,8 +45,8 @@ type Parser struct {
 	counter         int

 	cmdFilterRules  []model.SystemUserFilterRule
-	commandRecorder *recorder.CommandRecorder
-	replayRecorder  *recorder.ReplyRecorder
+	commandRecorder *CommandRecorder
+	replayRecorder  *ReplyRecorder
 }

 func (p *Parser) Initial() {
@@ -174,13 +173,13 @@ func (p *Parser) SetCMDFilterRules(rules []model.SystemUserFilterRule) {
 	p.cmdFilterRules = rules
 }

-func (p *Parser) SetReplayRecorder(recorder *recorder.ReplyRecorder) {
+func (p *Parser) SetReplayRecorder(recorder *ReplyRecorder) {
 	p.replayRecorder = recorder

 }

 func (p *Parser) recordCommand() {
-	cmd := &recorder.Command{
+	cmd := &Command{
 		SessionId:  p.session.Id,
 		OrgId:      p.session.Org,
 		Input:      p.command,
@@ -193,7 +192,7 @@ func (p *Parser) recordCommand() {
 	p.commandRecorder.Record(cmd)
 }

-func (p *Parser) SetCommandRecorder(recorder *recorder.CommandRecorder) {
+func (p *Parser) SetCommandRecorder(recorder *CommandRecorder) {
 	p.commandRecorder = recorder
 }


--- a/pkg/proxy/proxy.go
+++ b/pkg/proxy/proxy.go
 package proxy

 import (
-	"cocogo/pkg/recorder"
 	"fmt"
 	"io"
 	"strings"
 	"time"

-	"github.com/ibuler/ssh"
+	"github.com/gliderlabs/ssh"

 	"cocogo/pkg/config"
 	"cocogo/pkg/i18n"
@@ -47,10 +46,11 @@ func (p *ProxyServer) validatePermission() bool {

 func (p *ProxyServer) getServerConn() (srvConn ServerConnection, err error) {
 	srvConn = &ServerSSHConnection{
-		host:     "192.168.244.145",
+		host:     "192.168.244.185",
 		port:     "22",
-		user:     "root",
+		user:     "web",
 		password: "redhat",
+		timeout:  config.Conf.SSHTimeout,
 	}
 	pty, _, ok := p.Session.Pty()
 	if !ok {
@@ -61,7 +61,7 @@ func (p *ProxyServer) getServerConn() (srvConn ServerConnection, err error) {
 	go p.sendConnectingMsg(done)
 	err = srvConn.Connect(pty.Window.Height, pty.Window.Width, pty.Term)
 	_, _ = io.WriteString(p.Session, "\r\n")
-	done <- struct{}{}
+	close(done)
 	return
 }

@@ -100,10 +100,8 @@ func (p *ProxyServer) Proxy() {
 		logger.Error("Get system user filter rule error: ", err)
 	}
 	sw.parser.SetCMDFilterRules(cmdRules)
-	replayRecorder := recorder.NewReplyRecord(sw.Id)
+	replayRecorder := NewReplyRecord(sw.Id)
 	sw.parser.SetReplayRecorder(replayRecorder)
-	cmdR
-	sw.parser.SetCommandRecorder()
 	_ = sw.Bridge()
 	_ = srvConn.Close()
 }
--- a/pkg/proxy/srvconn.go
+++ b/pkg/proxy/srvconn.go
@@ -29,7 +29,7 @@ type ServerSSHConnection struct {
 	password       string
 	privateKey     string
 	privateKeyPath string
-	timeout        time.Duration
+	timeout        int
 	Proxy          *ServerSSHConnection

 	client    *gossh.Client
@@ -61,7 +61,7 @@ func (sc *ServerSSHConnection) Port() string {
 }

 func (sc *ServerSSHConnection) Timeout() time.Duration {
-	return sc.timeout
+	return time.Duration(sc.timeout) * time.Second
 }

 func (sc *ServerSSHConnection) String() string {
@@ -93,7 +93,7 @@ func (sc *ServerSSHConnection) Config() (config *gossh.ClientConfig, err error)
 		User:            sc.user,
 		Auth:            authMethods,
 		HostKeyCallback: gossh.InsecureIgnoreHostKey(),
-		Timeout:         sc.timeout,
+		Timeout:         sc.Timeout(),
 	}
 	return config, nil
 }
@@ -158,6 +158,7 @@ func (sc *ServerSSHConnection) invokeShell(h, w int, term string) (err error) {

 func (sc *ServerSSHConnection) Connect(h, w int, term string) (err error) {
 	_, err = sc.connect()
+	fmt.Println("error")
 	if err != nil {
 		return
 	}

--- a/pkg/proxy/switch.go
+++ b/pkg/proxy/switch.go
 package proxy

 import (
-	"cocogo/pkg/logger"
 	"context"
-	"github.com/ibuler/ssh"
-	"github.com/satori/go.uuid"
 	"time"
+
+	"github.com/gliderlabs/ssh"
+	"github.com/satori/go.uuid"
+
+	"cocogo/pkg/logger"
 )

 func NewSwitch(userConn UserConnection, serverConn ServerConnection) (sw *Session) {

--- a/pkg/proxy/userconn.go
+++ b/pkg/proxy/userconn.go
@@ -4,7 +4,7 @@ import (
 	"io"
 	"strings"

-	"github.com/ibuler/ssh"
+	"github.com/gliderlabs/ssh"
 )

 type UserConnection interface {

--- a/pkg/service/accesskey.go
+++ b/pkg/service/accesskey.go
@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"io/ioutil"
 	"os"
+	"path"
 	"strings"

 	"cocogo/pkg/common"
@@ -61,6 +62,13 @@ func (ak *AccessKey) LoadAccessKeyFromFile(keyPath string) error {
 }

 func (ak *AccessKey) SaveToFile() error {
+	keyDir := path.Dir(ak.Path)
+	if !common.FileExists(keyDir) {
+		err := os.MkdirAll(keyDir, os.ModePerm)
+		if err != nil {
+			return err
+		}
+	}
 	f, err := os.Create(ak.Path)
 	defer f.Close()
 	if err != nil {
@@ -74,7 +82,6 @@ func (ak *AccessKey) SaveToFile() error {
 }

 func (ak *AccessKey) Register(times int) error {
-	fmt.Println(config.Conf.Name)
 	name := config.Conf.Name
 	token := config.Conf.BootstrapToken
 	comment := "Coco"

--- a/pkg/service/users.go
+++ b/pkg/service/users.go
@@ -7,7 +7,7 @@ import (
 	"cocogo/pkg/model"
 )

-func Authenticate(username, password, publicKey, remoteAddr, loginType string) (user *model.User) {
+func Authenticate(username, password, publicKey, remoteAddr, loginType string) (user *model.User, err error) {
 	data := map[string]string{
 		"username":    username,
 		"password":    password,
@@ -20,11 +20,13 @@ func Authenticate(username, password, publicKey, remoteAddr, loginType string) (
 		User  *model.User `json:"user"`
 	}
 	Url := client.ParseUrlQuery(UserAuthURL, nil)
-	err := client.Post(Url, data, &resp)
+	err = client.Post(Url, data, &resp)
 	if err != nil {
 		logger.Error(err)
+		return
 	}
-	return resp.User
+	user = resp.User
+	return
 }

 func GetUserProfile(userId string) (user *model.User) {

--- a/pkg/sshd/hostkey.go
+++ b/pkg/sshd/hostkey.go
@@ -3,6 +3,7 @@ package sshd
 import (
 	"io/ioutil"
 	"os"
+	"path"

 	"golang.org/x/crypto/ssh"

@@ -37,6 +38,13 @@ func (hk *HostKey) Gen() (signer ssh.Signer, err error) {
 		return
 	}
 	keyBytes := common.EncodePrivateKeyToPEM(key)
+	keyDir := path.Dir(hk.Path)
+	if !common.FileExists(keyDir) {
+		err := os.MkdirAll(keyDir, os.ModePerm)
+		if err != nil {
+			return signer, err
+		}
+	}
 	err = common.WriteKeyToFile(keyBytes, hk.Path)
 	if err != nil {
 		return

--- a/pkg/sshd/server.go
+++ b/pkg/sshd/server.go
 package sshd

 import (
+	"fmt"
 	"strconv"
+	"time"

-	"github.com/ibuler/ssh"
+	"github.com/gliderlabs/ssh"
+	gossh "golang.org/x/crypto/ssh"

 	"cocogo/pkg/auth"
 	"cocogo/pkg/config"
@@ -11,27 +14,43 @@ import (
 	"cocogo/pkg/logger"
 )

-const version = "coco-v1.4"
+const version = "v1.4.0"
+
+func defaultConfig(ctx ssh.Context) (conf *gossh.ServerConfig) {
+	conf = new(gossh.ServerConfig)
+	conf.NextAuthMethodsCallback = func(conn gossh.ConnMetadata) (methods []string) {
+		fmt.Println("Username: ", conn.User())
+		if conn.User() == "ibuler" {
+			return []string{"keyboard-interactive"}
+		}
+		return
+	}
+	return conf
+}

 var (
 	conf = config.Conf
 )

 func StartServer() {
-	logger.Debug("Load host access key")
+	logger.Debug("Load host key")
 	hostKey := HostKey{Value: conf.HostKey, Path: conf.HostKeyFile}
 	signer, err := hostKey.Load()
 	if err != nil {
-		logger.Fatal("Load access key error: %s", err)
+		logger.Fatal("Load host key error: ", err)
 	}
+	fmt.Println(time.Now().Format("2006-01-02 15:04:05"))
+	fmt.Printf("Coco version %s, more see https://www.jumpserver.org\n", version)
+	fmt.Printf("Start ssh server at %s:%d\n", conf.BindHost, conf.SSHPort)
+	fmt.Println("Quit the server with CONTROL-C.")

 	srv := ssh.Server{
 		Addr:                        conf.BindHost + ":" + strconv.Itoa(conf.SSHPort),
 		PasswordHandler:             auth.CheckUserPassword,
 		PublicKeyHandler:            auth.CheckUserPublicKey,
 		KeyboardInteractiveHandler:  auth.CheckMFA,
+		DefaultServerConfigCallback: defaultConfig,
 		HostSigners:                 []ssh.Signer{signer},
-		Version:                    version,
 		Handler:                     handler.SessionHandler,
 		SubsystemHandlers:           map[string]ssh.SubsystemHandler{},
 	}

--- a/pkg/webssh/client.go
+++ b/pkg/webssh/client.go
@@ -3,8 +3,8 @@ package webssh
 import (
 	"io"

+	"github.com/gliderlabs/ssh"
 	socketio "github.com/googollee/go-socket.io"
-	"github.com/ibuler/ssh"

 	"cocogo/pkg/model"
 )