forked from blacknon/lssh
/
conf.go
705 lines (552 loc) · 16.6 KB
/
conf.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
// Copyright (c) 2019 Blacknon. All rights reserved.
// Use of this source code is governed by an MIT license
// that can be found in the LICENSE file.
// Package conf is a package used to read configuration file (~/.bssh.toml).
package conf
import (
"crypto/md5" // nolint
"encoding/hex"
"fmt"
"io/ioutil"
"os"
"path/filepath"
"sort"
"strconv"
"strings"
"time"
"github.com/jedib0t/go-pretty/table"
"github.com/bingoohuang/gou/str"
"github.com/bingoohuang/gou/pbe"
"github.com/spf13/viper"
"github.com/BurntSushi/toml"
"github.com/bingoohuang/bssh/common"
)
// Config is Struct that stores the entire configuration file.
type Config struct {
Extra ExtraConfig
Log LogConfig
Shell ShellConfig
Include map[string]IncludeConfig
Includes IncludesConfig
Common ServerConfig
Server map[string]ServerConfig
Proxy map[string]ProxyConfig
SSHConfig map[string]OpenSSHConfig
grouping map[string]map[string]ServerConfig
// DisableAutoEncryptPwd disable auto PBE passwords in config file.
DisableAutoEncryptPwd bool
Passphrase string
Hosts []string
tempHostsFile string
tempHosts map[string]bool
}
// ExtraConfig store extra configs.
type ExtraConfig struct {
// Passphrase used to decrypt {PBE}xxx
Passphrase string
// DisableGrouping disable server names grouping
DisableGrouping bool
// DisableAutoEncryptPwd disable auto PBE passwords in config file.
DisableAutoEncryptPwd bool
}
// LogConfig store the contents about the terminal log.
// The log file name is created in "YYYYmmdd_HHMMSS_servername.log" of the specified directory.
type LogConfig struct {
// Enable terminal logging.
Enable bool
// Add a timestamp at the beginning of the terminal log line.
Timestamp bool
// Specifies the directory for creating terminal logs.
Dir string `toml:"dirpath"`
}
// ShellConfig structure for storing bssh-shell settings.
type ShellConfig struct {
// prompt
Prompt string `toml:"PROMPT"` // bssh shell prompt
OPrompt string `toml:"OPROMPT"` // bssh shell output prompt
// message,title etc...
Title string
// history file
HistoryFile string `toml:"histfile"`
// pre | post command setting
PreCmd string `toml:"pre_cmd"`
PostCmd string `toml:"post_cmd"`
}
// IncludeConfig specify the configuration file to include (ServerConfig only).
type IncludeConfig struct {
Path string
}
// IncludesConfig specify the configuration file to include (ServerConfig only).
// Struct that can specify multiple files in array.
type IncludesConfig struct {
// example:
// path = [
// "~/.bssh.d/home.toml"
// ,"~/.bssh.d/cloud.toml"
// ]
Path []string
}
// ServerConfig structure for holding SSH connection information.
type ServerConfig struct {
// templates, host:port user/pass
Tmpl string
Group []string
// Connect basic Setting
Addr string
Port string
User string
// Connect auth Setting
Pass string
Passes []string
Key string
KeyCommand string `toml:"keycmd"`
KeyCommandPass string `toml:"keycmdpass"`
KeyPass string `toml:"keypass"`
Keys []string `toml:"keys"` // "keypath::passphrase"
Cert string
CertKey string `toml:"certkey"`
CertKeyPass string `toml:"certkeypass"`
CertPKCS11 bool `toml:"certpkcs11"`
AgentAuth bool `toml:"agentauth"`
SSHAgentUse bool `toml:"ssh_agent"`
PKCS11Use bool `toml:"pkcs11"`
// x11 forwarding setting
X11 bool
SSHAgentKeyPath []string `toml:"ssh_agent_key"` // "keypath::passphrase"
PKCS11Provider string `toml:"pkcs11provider"` // PKCS11 Provider PATH
PKCS11PIN string `toml:"pkcs11pin"` // PKCS11 PIN code
// pre | post command setting
PreCmd string `toml:"pre_cmd"`
PostCmd string `toml:"post_cmd"`
// proxy setting
ProxyType string `toml:"proxy_type"`
Proxy string
ProxyCommand string `toml:"proxy_cmd"` // OpenSSH type proxy setting
// local rcfile setting
LocalRcUse string `toml:"local_rc"` // yes|no (default: yes)
LocalRcPath []string `toml:"local_rc_file"`
LocalRcDecodeCmd string `toml:"local_rc_decode_cmd"`
// local/remote port forwarding setting
PortForwardMode string `toml:"port_forward"` // [`L`,`l`,`LOCAL`,`local`]|[`R`,`r`,`REMOTE`,`remote`]
PortForwardLocal string `toml:"port_forward_local"` // port forward (local). "host:port"
PortForwardRemote string `toml:"port_forward_remote"` // port forward (remote). "host:port"
// Dynamic Port Forwarding setting
DynamicPortForward string `toml:"dynamic_port_forward"` // ex.) "11080"
Note string
// Connection Timeout second
ConnectTimeout int `toml:"connect_timeout"`
// Server Alive
ServerAliveCountMax int `toml:"alive_max"`
ServerAliveCountInterval int `toml:"alive_interval"`
}
// ProxyConfig struct that stores Proxy server settings connected via http and socks5.
type ProxyConfig struct {
Addr string
Port string
User string
Pass string
Proxy string
ProxyType string `toml:"proxy_type"`
Note string
}
// OpenSSHConfig to read OpenSSH configuration file.
//
// WARN: This struct is not use...
type OpenSSHConfig struct {
Path string // This is preferred
Command string
ServerConfig
}
// ReadConf load configuration file and return Config structure.
func ReadConf(confPath string) (config Config) {
confPath = common.ExpandHomeDir(confPath)
checkConfPath(confPath)
config.Server = map[string]ServerConfig{}
config.SSHConfig = map[string]OpenSSHConfig{}
// Read config file
if _, err := toml.DecodeFile(confPath, &config); err != nil {
fmt.Println(err)
os.Exit(1)
}
config.loadTempHosts(confPath)
viper.Set(pbe.PbePwd, str.EmptyThen(config.Extra.Passphrase, config.Passphrase))
// reduce common setting (in .bssh.toml servers)
config.parseConfigServers(config.Server, config.Common)
for i, server := range config.Hosts {
tmpls := ParseTmpl(server)
for j, tmpl := range tmpls {
sc := ServerConfig{}
tmpl.createServerConfig(&sc)
config.Server[generateKey(len(tmpls), len(config.Hosts), i, j)] = sc
}
}
// Read Openssh configs
if len(config.SSHConfig) == 0 {
if v, err := getOpenSSHConfig("~/.ssh/config", ""); err == nil {
config.parseConfigServers(v, config.Common)
}
} else {
for _, sshConfig := range config.SSHConfig {
setCommon := ServerConfigDeduct(config.Common, sshConfig.ServerConfig)
if v, err := getOpenSSHConfig(sshConfig.Path, sshConfig.Command); err == nil {
config.parseConfigServers(v, setCommon)
}
}
}
config.appendIncludePaths()
config.readIncludeFiles()
// Check Config Parameter
CheckFormatServerConf(config)
config.parseGroups()
return config
}
const initBsshToml = `
hosts = [
"user:pass@192.168.1.1:8022 note=host8022",
]
[log]
enable = true
timestamp = true
dirpath = "~/.bssh.log"
[extra]
Passphrase = "6425B5BD-4C88-4C5D-AF75-E22E357821BC"
DisableGrouping = true
DisableAutoEncryptPwd = true
[server.example1]
addr = "192.168.100.101"
port = "22"
user = "test"
pass = "Password"
note = "Password Auth Server"
#
[server.example2]
addr = "192.168.100.102"
port = "22"
user = "test"
key = "/tmp/key.pem"
note = "Key Auth Server"
[server.demo1]
tmpl = "192.168.1.2:8022 root/123456"
note = "demo1"
[server.demo2]
tmpl="192.168.1.4 root/xxxx note=demo2"
[server.demo3]
tmpl = "192.168.1.(21-23 30 33):8022 app/xxx id=(21-23 30 33) group=demo3"
[server.demoJumper]
tmpl = "192.168.2.3:22 aaa/11111"
[server.demo4]
tmpl = "192.168.2.(7 12) app/na proxy=demoJumper"
`
func checkConfPath(confPath string) {
if common.IsExist(confPath) {
return
}
fmt.Printf("Config file(%s) not found, auto create one, please edit later.\n", confPath)
fmt.Println("or directly run `bssh -H user:pass@192.168.1.30:8022`")
_ = os.MkdirAll(filepath.Dir(confPath), 0755)
_ = ioutil.WriteFile(confPath, []byte(initBsshToml), 0600)
os.Exit(0)
}
func generateKey(tmplsNum, hostsNum, i int, j int) string {
if tmplsNum > 1 {
return fmt.Sprintf("host-%s-%s", pad(i+1, hostsNum), pad(j+1, tmplsNum))
}
return fmt.Sprintf("host-%s", pad(i+1, hostsNum))
}
func pad(i int, size int) string {
return fmt.Sprintf(fmt.Sprintf("%%0%dd", len(strconv.Itoa(size))), i)
}
func (cf *Config) appendIncludePaths() {
// for append includes to include.path
if len(cf.Includes.Path) == 0 {
return
}
if cf.Include == nil {
cf.Include = map[string]IncludeConfig{}
}
for _, includePath := range cf.Includes.Path {
unixTime := time.Now().Unix()
keyString := strings.Join([]string{string(unixTime), includePath}, "_")
hasher := md5.New() // nolint
_, _ = hasher.Write([]byte(keyString))
key := hex.EncodeToString(hasher.Sum(nil))
// append config.Include[key]
cf.Include[key] = IncludeConfig{common.ExpandHomeDir(includePath)}
}
}
func (cf *Config) readIncludeFiles() {
if len(cf.Include) == 0 {
return
}
for _, v := range cf.Include {
var includeConf Config
// user path
path := common.ExpandHomeDir(v.Path)
// Read include config file
_, err := toml.DecodeFile(path, &includeConf)
if err != nil {
panic(err)
}
// reduce common setting
setCommon := ServerConfigDeduct(cf.Common, includeConf.Common)
// map init
if len(cf.Server) == 0 {
cf.Server = map[string]ServerConfig{}
}
// add include file serverconf
cf.parseConfigServers(includeConf.Server, setCommon)
}
}
func (cf *Config) parseConfigServers(configServers map[string]ServerConfig, setCommon ServerConfig) {
tmplConfigs := make([]tmplConfig, 0)
for key, value := range configServers {
setValue := ServerConfigDeduct(setCommon, value)
cf.Server[key] = setValue
if value.Tmpl != "" {
delete(cf.Server, key)
tmplConfigs = append(tmplConfigs, tmplConfig{
k: key, c: setValue, t: ParseTmpl(setValue.Tmpl)})
}
}
cf.tmplServers(tmplConfigs)
}
// CheckFormatServerConf checkes format of server config.
//
// Note: Checking Addr, User and authentications
// having a value. No checking a validity of each fields.
//
// See also: checkFormatServerConfAuth function.
func CheckFormatServerConf(c Config) (isFormat bool) {
isFormat = true
for k, v := range c.Server {
// Address Set Check
if v.Addr == "" {
fmt.Printf("%s: 'addr' is not set.\n", k)
isFormat = false
}
// User Set Check
if v.User == "" {
fmt.Printf("%s: 'user' is not set.\n", k)
isFormat = false
}
if !CheckFormatServerConfAuth(v) {
fmt.Printf("%s: Authentication information is not set.\n", k)
isFormat = false
}
}
return
}
// CheckFormatServerConfAuth checkes format of server config authentication.
//
// Note: Checking Pass, Key, Cert, AgentAuth, PKCS11Use, PKCS11Provider, Keys or
// Passes having a value. No checking a validity of each fields.
func CheckFormatServerConfAuth(c ServerConfig) (isFormat bool) {
isFormat = false
if c.Pass != "" || c.Key != "" || c.Cert != "" {
isFormat = true
}
if c.AgentAuth {
isFormat = true
}
if c.PKCS11Use {
_, err := os.Stat(c.PKCS11Provider)
if err == nil {
isFormat = true
}
}
if len(c.Keys) > 0 || len(c.Passes) > 0 {
isFormat = true
}
return
}
// ServerConfigDeduct returns a new server config that set perConfig field to
// childConfig empty filed.
func ServerConfigDeduct(perConfig, childConfig ServerConfig) ServerConfig {
result := ServerConfig{}
// struct to map
perConfigMap, _ := common.StructToMap(&perConfig)
childConfigMap, _ := common.StructToMap(&childConfig)
resultMap := common.MapReduce(perConfigMap, childConfigMap)
_ = common.MapToStruct(resultMap, &result)
return result
}
// GetNameList return a list of server names from the Config structure.
func (cf *Config) GetNameList() (nameList []string) {
for k := range cf.Server {
nameList = append(nameList, k)
}
sort.Strings(nameList)
return nameList
}
// IsDirectServer tells that the server is a direct server address like user:pass@host:port.
func IsDirectServer(server string) bool {
return strings.Index(server, "@") > 0
}
// ParseDirectServer parses a direct server address.
func ParseDirectServer(server string) (ServerConfig, bool) {
// LastIndex of "@" will allow that password contains "@"
atPos := strings.LastIndex(server, "@")
sc := ServerConfig{}
if atPos < 0 {
return sc, false
}
left := server[:atPos]
right := server[atPos+1:]
sc.User, sc.Pass = splitBySep(left, []string{":", "/"})
commaPos := strings.Index(right, ":")
if commaPos == -1 {
sc.Addr = right
sc.Port = "22"
} else {
sc.Addr = right[:commaPos]
sc.Port = right[commaPos+1:]
}
return sc, true
}
// EnsureSearchHost searches the host name by glob pattern.
func (cf *Config) EnsureSearchHost(host string) (string, []string) {
if IsDirectServer(host) {
return host, nil
}
matches1 := cf.globMatch(host)
if len(matches1) == 1 {
return matches1[0], nil
}
matches2 := cf.containsMatch(host)
if len(matches2) == 1 {
return matches2[0], nil
}
matches := make([]string, 0, len(matches1)+len(matches2))
matches = append(matches, matches1...)
matches = append(matches, matches2...)
if len(matches) == 0 {
_, _ = fmt.Fprintf(os.Stderr, "host %s not found from list.\n", host)
return "", cf.GetNameSortedList()
}
_, _ = fmt.Fprintf(os.Stderr, "host %s found multiple hosts.\n", host)
return "", matches
}
func (cf *Config) containsMatch(host string) []string {
result1 := cf.matchesFn(host, func(host, serverName string, _ ServerConfig) bool {
return strings.Contains(serverName, host)
})
if len(result1) == 1 {
return result1
}
result2 := cf.matchesFn(host, func(host, _ string, v ServerConfig) bool {
return strings.Contains(v.User+"@"+v.Addr+":"+v.Port, host)
})
if len(result2) == 1 {
return result2
}
result3 := cf.matchesFn(host, func(host, _ string, v ServerConfig) bool {
return strings.Contains(v.Note, host)
})
if len(result3) == 1 {
return result3
}
matches := make([]string, 0, len(result1)+len(result2)+len(result3))
matches = append(matches, result1...)
matches = append(matches, result2...)
matches = append(matches, result3...)
return matches
}
func (cf *Config) globMatch(host string) []string {
result1 := cf.matchesFn(host, func(host, serverName string, _ ServerConfig) bool {
ok, _ := filepath.Match(host, serverName)
return ok
})
if len(result1) == 1 {
return result1
}
result2 := cf.matchesFn(host, func(host, _ string, v ServerConfig) bool {
ok, _ := filepath.Match(host, v.User+"@"+v.Addr+":"+v.Port)
return ok
})
if len(result2) == 1 {
return result2
}
result3 := cf.matchesFn(host, func(host, _ string, v ServerConfig) bool {
ok, _ := filepath.Match(host, v.Note)
return ok
})
if len(result3) == 1 {
return result3
}
matches := make([]string, 0)
matches = append(matches, result1...)
matches = append(matches, result2...)
matches = append(matches, result3...)
return matches
}
func (cf *Config) matchesFn(host string, f func(host, serverName string, _ ServerConfig) bool) []string {
matches := make([]string, 0)
for k, v := range cf.Server {
if f(host, k, v) {
matches = append(matches, k)
}
}
return matches
}
// GetNameSortedList return a list of server names from the Config structure.
func (cf *Config) GetNameSortedList() (nameList []string) {
nameList = cf.GetNameList()
sort.Strings(nameList)
return nameList
}
func (cf *Config) IsDisableAutoEncryptPwd() bool {
return cf.Extra.DisableAutoEncryptPwd || cf.DisableAutoEncryptPwd
}
func (cf *Config) loadTempHosts(confPath string) {
tempHostsFile := confPath + ".temphosts"
cf.tempHostsFile = tempHostsFile
cf.tempHosts = make(map[string]bool)
if !common.IsExist(tempHostsFile) {
return
}
file, _ := ioutil.ReadFile(tempHostsFile)
for _, line := range strings.Split(string(file), "\n") {
hostLine := strings.TrimSpace(line)
if hostLine != "" && !strings.HasPrefix(hostLine, "#") {
cf.tempHosts[hostLine] = true
}
}
for k := range cf.tempHosts {
cf.Hosts = append(cf.Hosts, k)
}
}
// WriteTempHosts writes a new host to temporary file.
func (cf *Config) WriteTempHosts(tempHost string) {
if _, ok := cf.tempHosts[tempHost]; ok {
return
}
cf.tempHosts[tempHost] = true
if err := AppendFile(cf.tempHostsFile, tempHost); err != nil {
fmt.Println(err)
}
}
// PrintServerList prints server list which has names.
func (cf *Config) PrintServerList(names []string, printTitle bool) {
if printTitle {
_, _ = fmt.Fprintf(os.Stdout, "bssh Server List:\n")
}
t := table.NewWriter()
t.SetOutputMirror(os.Stdout)
t.AppendHeader(table.Row{"#", "Server Name", "Connect Info", "Note"})
for i, name := range names {
v := cf.Server[name]
t.AppendRow(table.Row{i + 1, name, v.User + "@" + v.Addr + ":" + v.Port, v.Note})
}
t.Render()
}
func AppendFile(file, line string) error {
f, err := os.OpenFile(file, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
if err != nil {
return err
}
defer f.Close()
if _, err := f.WriteString(line + "\n"); err != nil {
return err
}
return nil
}