mirror of
https://github.com/tailscale/tailscale.git
synced 2024-12-01 22:15:51 +00:00
5a44f9f5b5
While we rearrange/upstream things.
gliderlabs/ssh is forked into tempfork from our prior fork
at be8b7add40
x/crypto/ssh OTOH is forked at
https://github.com/tailscale/golang-x-crypto because it was gnarlier
to vendor with various internal packages, etc.
Its git history shows where it starts (2c7772ba30643b7a2026cbea938420dce7c6384d).
Updates #3802
Change-Id: I546e5cdf831cfc030a6c42557c0ad2c58766c65f
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
85 lines
1.8 KiB
Go
85 lines
1.8 KiB
Go
package ssh
|
|
|
|
import (
|
|
"io/ioutil"
|
|
|
|
gossh "github.com/tailscale/golang-x-crypto/ssh"
|
|
)
|
|
|
|
// PasswordAuth returns a functional option that sets PasswordHandler on the server.
|
|
func PasswordAuth(fn PasswordHandler) Option {
|
|
return func(srv *Server) error {
|
|
srv.PasswordHandler = fn
|
|
return nil
|
|
}
|
|
}
|
|
|
|
// PublicKeyAuth returns a functional option that sets PublicKeyHandler on the server.
|
|
func PublicKeyAuth(fn PublicKeyHandler) Option {
|
|
return func(srv *Server) error {
|
|
srv.PublicKeyHandler = fn
|
|
return nil
|
|
}
|
|
}
|
|
|
|
// HostKeyFile returns a functional option that adds HostSigners to the server
|
|
// from a PEM file at filepath.
|
|
func HostKeyFile(filepath string) Option {
|
|
return func(srv *Server) error {
|
|
pemBytes, err := ioutil.ReadFile(filepath)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
signer, err := gossh.ParsePrivateKey(pemBytes)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
srv.AddHostKey(signer)
|
|
|
|
return nil
|
|
}
|
|
}
|
|
|
|
func KeyboardInteractiveAuth(fn KeyboardInteractiveHandler) Option {
|
|
return func(srv *Server) error {
|
|
srv.KeyboardInteractiveHandler = fn
|
|
return nil
|
|
}
|
|
}
|
|
|
|
// HostKeyPEM returns a functional option that adds HostSigners to the server
|
|
// from a PEM file as bytes.
|
|
func HostKeyPEM(bytes []byte) Option {
|
|
return func(srv *Server) error {
|
|
signer, err := gossh.ParsePrivateKey(bytes)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
srv.AddHostKey(signer)
|
|
|
|
return nil
|
|
}
|
|
}
|
|
|
|
// NoPty returns a functional option that sets PtyCallback to return false,
|
|
// denying PTY requests.
|
|
func NoPty() Option {
|
|
return func(srv *Server) error {
|
|
srv.PtyCallback = func(ctx Context, pty Pty) bool {
|
|
return false
|
|
}
|
|
return nil
|
|
}
|
|
}
|
|
|
|
// WrapConn returns a functional option that sets ConnCallback on the server.
|
|
func WrapConn(fn ConnCallback) Option {
|
|
return func(srv *Server) error {
|
|
srv.ConnCallback = fn
|
|
return nil
|
|
}
|
|
}
|