aboutsummaryrefslogtreecommitdiff
path: root/forged/internal/incoming/ssh/ssh.go
blob: 77812d12689997223f2750757b34bf5ebee25a1d (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82



package ssh

import (
	"context"
	"errors"
	"fmt"
	"os"

	gliderssh "github.com/gliderlabs/ssh"
	"go.lindenii.runxiyu.org/forge/forged/internal/common/misc"
	gossh "golang.org/x/crypto/ssh"
)

type Config struct {
	Net  string `scfg:"net"`
	Addr string `scfg:"addr"`
	Key  string `scfg:"key"`
	Root string `scfg:"root"`
}

type Server struct {
	gliderServer *gliderssh.Server
	privkey      gossh.Signer
	pubkeyString string
	pubkeyFP     string
	net          string
	addr         string
	root         string
}

func New(config Config) (server *Server, err error) {
	server = &Server{
		net:  config.Net,
		addr: config.Addr,
		root: config.Root,
	}

	var privkeyBytes []byte
	if privkeyBytes, err = os.ReadFile(config.Key); err != nil {
		return server, fmt.Errorf("read SSH private key: %w", err)
	}
	if server.privkey, err = gossh.ParsePrivateKey(privkeyBytes); err != nil {
		return server, fmt.Errorf("parse SSH private key: %w", err)
	}
	server.pubkeyString = misc.BytesToString(gossh.MarshalAuthorizedKey(server.privkey.PublicKey()))
	server.pubkeyFP = gossh.FingerprintSHA256(server.privkey.PublicKey())

	server.gliderServer = &gliderssh.Server{
		Handler:                    handle,
		PublicKeyHandler:           func(ctx gliderssh.Context, key gliderssh.PublicKey) bool { return true },
		KeyboardInteractiveHandler: func(ctx gliderssh.Context, challenge gossh.KeyboardInteractiveChallenge) bool { return true },
	}
	server.gliderServer.AddHostKey(server.privkey)

	return
}

func (server *Server) Run(ctx context.Context) (err error) {
	listener, err := misc.Listen(server.net, server.addr)
	defer func() {
		_ = listener.Close()
	}()

	go func() {
		<-ctx.Done()
		_ = server.gliderServer.Close()
		_ = listener.Close() // unnecessary?
		// TODO: Log the error
	}()

	if err = server.gliderServer.Serve(listener); err != nil {
		if errors.Is(err, gliderssh.ErrServerClosed) {
			return nil
		}
		return fmt.Errorf("serve SSH: %w", err)
	}
	panic("unreachable")
}

func handle(session gliderssh.Session) {
	panic("SSH server handler not implemented yet")
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-19 03:18:02 +0000