2020-09-01 03:14:04 +00:00
|
|
|
package sftp
|
|
|
|
|
|
|
|
|
|
import (
|
2021-01-08 23:14:56 +00:00
|
|
|
"time"
|
|
|
|
|
|
2020-12-16 05:56:53 +00:00
|
|
|
"emperror.dev/errors"
|
2020-09-01 03:14:04 +00:00
|
|
|
"github.com/apex/log"
|
2021-01-08 23:14:56 +00:00
|
|
|
"github.com/patrickmn/go-cache"
|
2020-09-01 03:14:04 +00:00
|
|
|
"github.com/pterodactyl/wings/api"
|
|
|
|
|
"github.com/pterodactyl/wings/config"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
var noMatchingServerError = errors.New("no matching server with that UUID was found")
|
|
|
|
|
|
|
|
|
|
func Initialize(config config.SystemConfiguration) error {
|
|
|
|
|
s := &Server{
|
2020-09-05 19:08:40 +00:00
|
|
|
User: User{
|
2020-09-01 03:14:04 +00:00
|
|
|
Uid: config.User.Uid,
|
|
|
|
|
Gid: config.User.Gid,
|
|
|
|
|
},
|
|
|
|
|
Settings: Settings{
|
|
|
|
|
BasePath: config.Data,
|
|
|
|
|
ReadOnly: config.Sftp.ReadOnly,
|
|
|
|
|
BindAddress: config.Sftp.Address,
|
|
|
|
|
BindPort: config.Sftp.Port,
|
|
|
|
|
},
|
2021-01-08 23:14:56 +00:00
|
|
|
cache: cache.New(5*time.Minute, 10*time.Minute),
|
2020-09-01 03:14:04 +00:00
|
|
|
}
|
2021-01-08 23:14:56 +00:00
|
|
|
s.CredentialValidator = s.validateCredentials
|
|
|
|
|
s.PathValidator = s.validatePath
|
|
|
|
|
s.DiskSpaceValidator = s.validateDiskSpace
|
2020-09-01 03:14:04 +00:00
|
|
|
|
|
|
|
|
// Initialize the SFTP server in a background thread since this is
|
|
|
|
|
// a long running operation.
|
|
|
|
|
go func(s *Server) {
|
|
|
|
|
if err := s.Initialize(); err != nil {
|
2020-11-28 23:57:10 +00:00
|
|
|
log.WithField("subsystem", "sftp").WithField("error", err).Error("failed to initialize SFTP subsystem")
|
2020-09-01 03:14:04 +00:00
|
|
|
}
|
|
|
|
|
}(s)
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-08 23:14:56 +00:00
|
|
|
func (s *Server) validatePath(fs FileSystem, p string) (string, error) {
|
|
|
|
|
srv := s.serverManager.Get(fs.UUID)
|
|
|
|
|
if srv == nil {
|
2020-09-01 03:14:04 +00:00
|
|
|
return "", noMatchingServerError
|
|
|
|
|
}
|
2021-01-08 23:14:56 +00:00
|
|
|
return srv.Filesystem().SafePath(p)
|
2020-09-01 03:14:04 +00:00
|
|
|
}
|
|
|
|
|
|
2021-01-08 23:14:56 +00:00
|
|
|
func (s *Server) validateDiskSpace(fs FileSystem) bool {
|
|
|
|
|
srv := s.serverManager.Get(fs.UUID)
|
|
|
|
|
if srv == nil {
|
2020-09-01 03:14:04 +00:00
|
|
|
return false
|
|
|
|
|
}
|
2021-01-08 23:14:56 +00:00
|
|
|
return srv.Filesystem().HasSpaceAvailable(true)
|
2020-09-01 03:14:04 +00:00
|
|
|
}
|
|
|
|
|
|
2020-09-05 19:08:40 +00:00
|
|
|
// Validates a set of credentials for a SFTP login against Pterodactyl Panel and returns
|
2020-09-01 03:14:04 +00:00
|
|
|
// the server's UUID if the credentials were valid.
|
2021-01-08 23:14:56 +00:00
|
|
|
func (s *Server) validateCredentials(c api.SftpAuthRequest) (*api.SftpAuthResponse, error) {
|
2020-09-01 03:14:04 +00:00
|
|
|
f := log.Fields{"subsystem": "sftp", "username": c.User, "ip": c.IP}
|
|
|
|
|
|
|
|
|
|
log.WithFields(f).Debug("validating credentials for SFTP connection")
|
2020-10-31 17:04:20 +00:00
|
|
|
resp, err := api.New().ValidateSftpCredentials(c)
|
2020-09-01 03:14:04 +00:00
|
|
|
if err != nil {
|
|
|
|
|
if api.IsInvalidCredentialsError(err) {
|
|
|
|
|
log.WithFields(f).Warn("failed to validate user credentials (invalid username or password)")
|
|
|
|
|
} else {
|
|
|
|
|
log.WithFields(f).Error("encountered an error while trying to validate user credentials")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return resp, err
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-08 23:14:56 +00:00
|
|
|
srv := s.serverManager.Get(resp.Server)
|
|
|
|
|
if srv == nil {
|
2020-09-01 03:14:04 +00:00
|
|
|
return resp, noMatchingServerError
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-08 23:14:56 +00:00
|
|
|
srv.Log().WithFields(f).Debug("credentials successfully validated and matched user to server instance")
|
2020-09-01 03:14:04 +00:00
|
|
|
|
|
|
|
|
return resp, err
|
|
|
|
|
}
|
