Backup_Repos/filestash
1
0
Fork 0
mirror of https://github.com/mickael-kerjean/filestash synced 2025-12-06 16:32:31 +01:00
Code Issues Projects Releases Wiki Activity

fix (sftp): use password type for sftp password and passphrase field (#324)

Browse source
This commit is contained in:
thielepaul 2020-10-23 08:54:54 +02:00 committed by GitHub
parent 78c1c6b7b3
commit 0fda2ececc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 23 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
server/model/backend/sftp.go
View file

@ -55,12 +55,13 @@ func (s Sftp) Init(params map[string]string, app *App) (IBackend, error) {
addr := p.hostname + ":" + p.port addr := p.hostname + ":" + p.port
var auth []ssh.AuthMethod var auth []ssh.AuthMethod
isPrivateKey := func(pass string) bool {
p := strings.TrimSpace(pass)
keyStartMatcher := regexp.MustCompile(`^-----BEGIN [A-Z\ ]+-----`) keyStartMatcher := regexp.MustCompile(`^-----BEGIN [A-Z\ ]+-----`)
keyEndMatcher := regexp.MustCompile(`-----END [A-Z\ ]+-----$`) keyEndMatcher := regexp.MustCompile(`-----END [A-Z\ ]+-----$`)
keyContentMatcher := regexp.MustCompile(`^[a-zA-Z0-9\+\/\=\n]+$`) keyContentMatcher := regexp.MustCompile(`^[a-zA-Z0-9\+\/\=\n]+$`)
isPrivateKey := func(pass string) bool {
p := strings.TrimSpace(pass)
// match private key beginning // match private key beginning
if keyStartMatcher.FindStringIndex(p) == nil { if keyStartMatcher.FindStringIndex(p) == nil {
return false return false
@ -71,6 +72,7 @@ func (s Sftp) Init(params map[string]string, app *App) (IBackend, error) {
return false return false
} }
p = keyEndMatcher.ReplaceAllString(p, "") p = keyEndMatcher.ReplaceAllString(p, "")
p = strings.Replace(p, " ", "", -1)
// match private key content // match private key content
if keyContentMatcher.FindStringIndex(p) == nil { if keyContentMatcher.FindStringIndex(p) == nil {
return false return false
@ -78,12 +80,26 @@ func (s Sftp) Init(params map[string]string, app *App) (IBackend, error) {
return true return true
} }
restorePrivateKeyLineBreaks := func(pass string) string {
p := strings.TrimSpace(pass)
keyStartString := keyStartMatcher.FindString(p)
p = keyStartMatcher.ReplaceAllString(p, "")
keyEndString := keyEndMatcher.FindString(p)
p = keyEndMatcher.ReplaceAllString(p, "")
p = strings.Replace(p, " ", "", -1)
keyContentString := keyContentMatcher.FindString(p)
return keyStartString + "\n" + keyContentString + "\n" + keyEndString
}
if isPrivateKey(p.password) { if isPrivateKey(p.password) {
privateKey := restorePrivateKeyLineBreaks(p.password)
signer, err := func() (ssh.Signer, error) { signer, err := func() (ssh.Signer, error) {
if p.passphrase == "" { if p.passphrase == "" {
return ssh.ParsePrivateKey([]byte(p.password)) return ssh.ParsePrivateKey([]byte(privateKey))
} }
return ssh.ParsePrivateKeyWithPassphrase([]byte(p.password), []byte(p.passphrase)) return ssh.ParsePrivateKeyWithPassphrase([]byte(privateKey), []byte(p.passphrase))
}() }()
if err != nil { if err != nil {
return nil, err return nil, err
@ -143,7 +159,7 @@ func (b Sftp) LoginForm() Form {
}, },
FormElement{ FormElement{
Name: "password", Name: "password",
Type: "long_password", Type: "password",
Placeholder: "Password", Placeholder: "Password",
}, },
FormElement{ FormElement{
@ -168,7 +184,7 @@ func (b Sftp) LoginForm() Form {
FormElement{ FormElement{
Id: "sftp_passphrase", Id: "sftp_passphrase",
Name: "passphrase", Name: "passphrase",
Type: "text", Type: "password",
Placeholder: "Passphrase", Placeholder: "Passphrase",
}, },
FormElement{ FormElement{