Merge branch 'develop' into v2
This commit is contained in:
Matthew Penner
@@ -142,12 +142,12 @@ func (h *Handler) Filecmd(request *sftp.Request) error {
|
||||
}
|
||||
mode := request.Attributes().FileMode().Perm()
|
||||
// If the client passes an invalid FileMode just use the default 0644.
|
||||
if mode == 0000 {
|
||||
mode = os.FileMode(0644)
|
||||
if mode == 0o000 {
|
||||
mode = os.FileMode(0o644)
|
||||
}
|
||||
// Force directories to be 0755.
|
||||
if request.Attributes().FileMode().IsDir() {
|
||||
mode = 0755
|
||||
mode = 0o755
|
||||
}
|
||||
if err := h.fs.Chmod(request.Filepath, mode); err != nil {
|
||||
if errors.Is(err, os.ErrNotExist) {
|
||||
@@ -260,7 +260,6 @@ func (h *Handler) Filelist(request *sftp.Request) (sftp.ListerAt, error) {
|
||||
files, err := ioutil.ReadDir(p)
|
||||
if err != nil {
|
||||
h.logger.WithField("source", request.Filepath).WithField("error", err).Error("error while listing directory")
|
||||
|
||||
return nil, sftp.ErrSSHFxFailure
|
||||
}
|
||||
return ListerAt(files), nil
|
||||
|
||||
@@ -52,7 +52,9 @@ func New(m *server.Manager) *SFTPServer {
|
||||
}
|
||||
}
|
||||
|
||||
// Starts the SFTP server and add a persistent listener to handle inbound SFTP connections.
|
||||
// Run starts the SFTP server and add a persistent listener to handle inbound
|
||||
// SFTP connections. This will automatically generate an ED25519 key if one does
|
||||
// not already exist on the system for host key verification purposes.
|
||||
func (c *SFTPServer) Run() error {
|
||||
keys, err := c.loadPrivateKeys()
|
||||
if err != nil {
|
||||
@@ -214,10 +216,10 @@ func (c *SFTPServer) generateRSAPrivateKey() error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if err := os.MkdirAll(path.Join(c.BasePath, ".sftp"), 0755); err != nil {
|
||||
if err := os.MkdirAll(path.Dir(c.PrivateKeyPath("rsa")), 0o755); err != nil {
|
||||
return errors.Wrap(err, "sftp/server: could not create .sftp directory")
|
||||
}
|
||||
o, err := os.OpenFile(path.Join(c.BasePath, ".sftp/id_rsa"), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
|
||||
o, err := os.OpenFile(c.PrivateKeyPath("rsa"), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0o600)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -238,10 +240,10 @@ func (c *SFTPServer) generateECDSAPrivateKey() error {
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if err := os.MkdirAll(path.Join(c.BasePath, ".sftp"), 0755); err != nil {
|
||||
if err := os.MkdirAll(path.Dir(c.PrivateKeyPath("ecdsa")), 0o755); err != nil {
|
||||
return errors.Wrap(err, "sftp/server: could not create .sftp directory")
|
||||
}
|
||||
o, err := os.OpenFile(path.Join(c.BasePath, ".sftp/id_ecdsa"), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
|
||||
o, err := os.OpenFile(c.PrivateKeyPath("ecdsa"), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0o600)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -261,16 +263,16 @@ func (c *SFTPServer) generateECDSAPrivateKey() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// generateEd25519PrivateKey generates a ed25519 private key that will be used by the SFTP server.
|
||||
// generateEd25519PrivateKey generates an ed25519 private key that will be used by the SFTP server.
|
||||
func (c *SFTPServer) generateEd25519PrivateKey() error {
|
||||
_, key, err := ed25519.GenerateKey(rand.Reader)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if err := os.MkdirAll(path.Join(c.BasePath, ".sftp"), 0755); err != nil {
|
||||
if err := os.MkdirAll(path.Dir(c.PrivateKeyPath("ed25519")), 0o755); err != nil {
|
||||
return errors.Wrap(err, "sftp/server: could not create .sftp directory")
|
||||
}
|
||||
o, err := os.OpenFile(path.Join(c.BasePath, ".sftp/id_ed25519"), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0600)
|
||||
o, err := os.OpenFile(c.PrivateKeyPath("ed25519"), os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0o600)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -290,6 +292,11 @@ func (c *SFTPServer) generateEd25519PrivateKey() error {
|
||||
return nil
|
||||
}
|
||||
|
||||
// PrivateKeyPath returns the path the host private key for this server instance.
|
||||
func (c *SFTPServer) PrivateKeyPath(name string) string {
|
||||
return path.Join(c.BasePath, ".sftp", "id_"+name)
|
||||
}
|
||||
|
||||
// A function capable of validating user credentials with the Panel API.
|
||||
func (c *SFTPServer) passwordCallback(conn ssh.ConnMetadata, pass []byte) (*ssh.Permissions, error) {
|
||||
request := remote.SftpAuthRequest{
|
||||
|
||||
@@ -6,15 +6,15 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
// Extends the default SFTP server to return a quota exceeded error to the client.
|
||||
// ErrSSHQuotaExceeded extends the default SFTP server to return a quota exceeded error to the client.
|
||||
//
|
||||
// @see https://tools.ietf.org/id/draft-ietf-secsh-filexfer-13.txt
|
||||
ErrSSHQuotaExceeded = fxerr(15)
|
||||
ErrSSHQuotaExceeded = fxErr(15)
|
||||
)
|
||||
|
||||
type ListerAt []os.FileInfo
|
||||
|
||||
// Returns the number of entries copied and an io.EOF error if we made it to the end of the file list.
|
||||
// ListAt returns the number of entries copied and an io.EOF error if we made it to the end of the file list.
|
||||
// Take a look at the pkg/sftp godoc for more information about how this function should work.
|
||||
func (l ListerAt) ListAt(f []os.FileInfo, offset int64) (int, error) {
|
||||
if offset >= int64(len(l)) {
|
||||
@@ -28,9 +28,9 @@ func (l ListerAt) ListAt(f []os.FileInfo, offset int64) (int, error) {
|
||||
}
|
||||
}
|
||||
|
||||
type fxerr uint32
|
||||
type fxErr uint32
|
||||
|
||||
func (e fxerr) Error() string {
|
||||
func (e fxErr) Error() string {
|
||||
switch e {
|
||||
case ErrSSHQuotaExceeded:
|
||||
return "Quota Exceeded"
|
||||
|
||||
Reference in New Issue
Block a user