From 07425ea4170aac40cea87132986ac23c8f18961f Mon Sep 17 00:00:00 2001 From: KirCute <951206789@qq.com> Date: Sat, 28 Dec 2024 20:12:45 +0800 Subject: [PATCH] feat(sftp-server): do not generate host key until first enabled --- cmd/common.go | 1 - internal/conf/var.go | 3 -- server/sftp.go | 6 ++-- server/{ftp => sftp}/const.go | 2 +- .../ssh.go => server/sftp/hostkey.go | 12 ++++--- server/{ftp => sftp}/sftp.go | 33 ++++++++++--------- 6 files changed, 30 insertions(+), 27 deletions(-) rename server/{ftp => sftp}/const.go (94%) rename internal/bootstrap/ssh.go => server/sftp/hostkey.go (94%) rename server/{ftp => sftp}/sftp.go (64%) diff --git a/cmd/common.go b/cmd/common.go index fabc3a90f1b..b4a7081c33f 100644 --- a/cmd/common.go +++ b/cmd/common.go @@ -15,7 +15,6 @@ import ( func Init() { bootstrap.InitConfig() bootstrap.Log() - bootstrap.InitHostKey() bootstrap.InitDB() data.InitData() bootstrap.InitIndex() diff --git a/internal/conf/var.go b/internal/conf/var.go index b7277e4112c..0a8eb16fcd1 100644 --- a/internal/conf/var.go +++ b/internal/conf/var.go @@ -1,7 +1,6 @@ package conf import ( - "golang.org/x/crypto/ssh" "net/url" "regexp" ) @@ -33,5 +32,3 @@ var ( ManageHtml string IndexHtml string ) - -var SSHSigners []ssh.Signer diff --git a/server/sftp.go b/server/sftp.go index d44046a42d7..0455c96230f 100644 --- a/server/sftp.go +++ b/server/sftp.go @@ -9,6 +9,7 @@ import ( "github.com/alist-org/alist/v3/internal/setting" "github.com/alist-org/alist/v3/pkg/utils" "github.com/alist-org/alist/v3/server/ftp" + "github.com/alist-org/alist/v3/server/sftp" "github.com/pkg/errors" "golang.org/x/crypto/ssh" "net/http" @@ -21,6 +22,7 @@ type SftpDriver struct { } func NewSftpDriver() (*SftpDriver, error) { + sftp.InitHostKey() header := &http.Header{} header.Add("User-Agent", setting.GetStr(conf.FTPProxyUserAgent)) return &SftpDriver{ @@ -40,7 +42,7 @@ func (d *SftpDriver) GetConfig() *sftpd.Config { AuthLogCallback: d.AuthLogCallback, BannerCallback: d.GetBanner, } - for _, k := range conf.SSHSigners { + for _, k := range sftp.SSHSigners { serverConfig.AddHostKey(k) } d.config = &sftpd.Config{ @@ -62,7 +64,7 @@ func (d *SftpDriver) GetFileSystem(sc *ssh.ServerConn) (sftpd.FileSystem, error) ctx = context.WithValue(ctx, "meta_pass", "") ctx = context.WithValue(ctx, "client_ip", sc.RemoteAddr().String()) ctx = context.WithValue(ctx, "proxy_header", d.proxyHeader) - return &ftp.SftpDriverAdapter{FtpDriver: ftp.NewAferoAdapter(ctx)}, nil + return &sftp.DriverAdapter{FtpDriver: ftp.NewAferoAdapter(ctx)}, nil } func (d *SftpDriver) Close() { diff --git a/server/ftp/const.go b/server/sftp/const.go similarity index 94% rename from server/ftp/const.go rename to server/sftp/const.go index 1fd14e82d97..58bfe3824ca 100644 --- a/server/ftp/const.go +++ b/server/sftp/const.go @@ -1,4 +1,4 @@ -package ftp +package sftp // From leffss/sftpd const ( diff --git a/internal/bootstrap/ssh.go b/server/sftp/hostkey.go similarity index 94% rename from internal/bootstrap/ssh.go rename to server/sftp/hostkey.go index ec4a07ac6e3..0db103dd6cf 100644 --- a/internal/bootstrap/ssh.go +++ b/server/sftp/hostkey.go @@ -1,4 +1,4 @@ -package bootstrap +package sftp import ( "crypto/rand" @@ -7,14 +7,18 @@ import ( "encoding/pem" "fmt" "github.com/alist-org/alist/v3/cmd/flags" - "github.com/alist-org/alist/v3/internal/conf" "github.com/alist-org/alist/v3/pkg/utils" "golang.org/x/crypto/ssh" "os" "path/filepath" ) +var SSHSigners []ssh.Signer + func InitHostKey() { + if SSHSigners != nil { + return + } sshPath := filepath.Join(flags.DataDir, "ssh") if !utils.Exists(sshPath) { err := utils.CreateNestedDirectory(sshPath) @@ -23,9 +27,9 @@ func InitHostKey() { return } } - conf.SSHSigners = make([]ssh.Signer, 0, 4) + SSHSigners = make([]ssh.Signer, 0, 4) if rsaKey, ok := LoadOrGenerateRSAHostKey(sshPath); ok { - conf.SSHSigners = append(conf.SSHSigners, rsaKey) + SSHSigners = append(SSHSigners, rsaKey) } // TODO Add keys for other encryption algorithms } diff --git a/server/ftp/sftp.go b/server/sftp/sftp.go similarity index 64% rename from server/ftp/sftp.go rename to server/sftp/sftp.go index 0a11ee1862d..1ceb3f59295 100644 --- a/server/ftp/sftp.go +++ b/server/sftp/sftp.go @@ -1,44 +1,45 @@ -package ftp +package sftp import ( "github.com/KirCute/sftpd-alist" "github.com/alist-org/alist/v3/internal/errs" "github.com/alist-org/alist/v3/internal/model" "github.com/alist-org/alist/v3/pkg/utils" + "github.com/alist-org/alist/v3/server/ftp" "os" ) -type SftpDriverAdapter struct { - FtpDriver *AferoAdapter +type DriverAdapter struct { + FtpDriver *ftp.AferoAdapter } -func (s *SftpDriverAdapter) OpenFile(_ string, _ uint32, _ *sftpd.Attr) (sftpd.File, error) { +func (s *DriverAdapter) OpenFile(_ string, _ uint32, _ *sftpd.Attr) (sftpd.File, error) { // See also GetHandle return nil, errs.NotImplement } -func (s *SftpDriverAdapter) OpenDir(_ string) (sftpd.Dir, error) { +func (s *DriverAdapter) OpenDir(_ string) (sftpd.Dir, error) { // See also GetHandle return nil, errs.NotImplement } -func (s *SftpDriverAdapter) Remove(name string) error { +func (s *DriverAdapter) Remove(name string) error { return s.FtpDriver.Remove(name) } -func (s *SftpDriverAdapter) Rename(old, new string, _ uint32) error { +func (s *DriverAdapter) Rename(old, new string, _ uint32) error { return s.FtpDriver.Rename(old, new) } -func (s *SftpDriverAdapter) Mkdir(name string, attr *sftpd.Attr) error { +func (s *DriverAdapter) Mkdir(name string, attr *sftpd.Attr) error { return s.FtpDriver.Mkdir(name, attr.Mode) } -func (s *SftpDriverAdapter) Rmdir(name string) error { +func (s *DriverAdapter) Rmdir(name string) error { return s.Remove(name) } -func (s *SftpDriverAdapter) Stat(name string, _ bool) (*sftpd.Attr, error) { +func (s *DriverAdapter) Stat(name string, _ bool) (*sftpd.Attr, error) { stat, err := s.FtpDriver.Stat(name) if err != nil { return nil, err @@ -46,27 +47,27 @@ func (s *SftpDriverAdapter) Stat(name string, _ bool) (*sftpd.Attr, error) { return fileInfoToSftpAttr(stat), nil } -func (s *SftpDriverAdapter) SetStat(_ string, _ *sftpd.Attr) error { +func (s *DriverAdapter) SetStat(_ string, _ *sftpd.Attr) error { return errs.NotSupport } -func (s *SftpDriverAdapter) ReadLink(_ string) (string, error) { +func (s *DriverAdapter) ReadLink(_ string) (string, error) { return "", errs.NotSupport } -func (s *SftpDriverAdapter) CreateLink(_, _ string, _ uint32) error { +func (s *DriverAdapter) CreateLink(_, _ string, _ uint32) error { return errs.NotSupport } -func (s *SftpDriverAdapter) RealPath(path string) (string, error) { +func (s *DriverAdapter) RealPath(path string) (string, error) { return utils.FixAndCleanPath(path), nil } -func (s *SftpDriverAdapter) GetHandle(name string, flags uint32, _ *sftpd.Attr, offset uint64) (sftpd.FileTransfer, error) { +func (s *DriverAdapter) GetHandle(name string, flags uint32, _ *sftpd.Attr, offset uint64) (sftpd.FileTransfer, error) { return s.FtpDriver.GetHandle(name, sftpFlagToOpenMode(flags), int64(offset)) } -func (s *SftpDriverAdapter) ReadDir(name string) ([]sftpd.NamedAttr, error) { +func (s *DriverAdapter) ReadDir(name string) ([]sftpd.NamedAttr, error) { dir, err := s.FtpDriver.ReadDir(name) if err != nil { return nil, err