sshportal/main.go

package main

import (
	"errors"
	"fmt"
	"log"
	"math/rand"
	"os"
	"path"
	"strings"
	"time"

	"github.com/gliderlabs/ssh"
	"github.com/jinzhu/gorm"
	_ "github.com/jinzhu/gorm/dialects/mysql"
	_ "github.com/jinzhu/gorm/dialects/sqlite"
	"github.com/urfave/cli"
	gossh "golang.org/x/crypto/ssh"
)

var (
	// VERSION should be updated by hand at each release
	VERSION = "1.1.0"
	// GIT_TAG will be overwritten automatically by the build system
	GIT_TAG string
	// GIT_SHA will be overwritten automatically by the build system
	GIT_SHA string
	// GIT_BRANCH will be overwritten automatically by the build system
	GIT_BRANCH string
)

type sshportalContextKey string

var (
	userContextKey    = sshportalContextKey("user")
	messageContextKey = sshportalContextKey("message")
	errorContextKey   = sshportalContextKey("error")
)

func main() {
	rand.Seed(time.Now().UnixNano())

	app := cli.NewApp()
	app.Name = path.Base(os.Args[0])
	app.Author = "Manfred Touron"
	app.Version = VERSION + " (" + GIT_SHA + ")"
	app.Email = "https://github.com/moul/sshportal"
	app.Flags = []cli.Flag{
		cli.StringFlag{
			Name:   "bind-address, b",
			EnvVar: "SSHPORTAL_BIND",
			Value:  ":2222",
			Usage:  "SSH server bind address",
		},
		cli.BoolFlag{
			Name:  "demo",
			Usage: "*unsafe* - demo mode: accept all connections",
		},
		/*cli.StringFlag{
			Name:  "db-driver",
			Value: "sqlite3",
			Usage: "GORM driver (sqlite3)",
		},*/
		cli.StringFlag{
			Name:  "db-conn",
			Value: "./sshportal.db",
			Usage: "GORM connection string",
		},
		cli.BoolFlag{
			Name:  "debug, D",
			Usage: "Display debug information",
		},
		cli.StringFlag{
			Name:  "config-user",
			Usage: "SSH user that spawns a configuration shell",
			Value: "admin",
		},
	}
	app.Action = server
	if err := app.Run(os.Args); err != nil {
		log.Fatalf("error: %v", err)
	}
}

func server(c *cli.Context) error {
	db, err := gorm.Open("sqlite3", c.String("db-conn"))
	if err != nil {
		return err
	}
	defer db.Close()

	if c.Bool("debug") {
		db.LogMode(true)
	}
	if err := dbInit(db); err != nil {
		return err
	}

	ssh.Handle(func(s ssh.Session) {
		currentUser := s.Context().Value(userContextKey).(User)
		log.Printf("New connection: sshUser=%q remote=%q local=%q command=%q dbUser=id:%q,email:%s", s.User(), s.RemoteAddr(), s.LocalAddr(), s.Command(), currentUser.ID, currentUser.Email)

		if err := s.Context().Value(errorContextKey); err != nil {
			fmt.Fprintf(s, "error: %v\n", err)
			return
		}

		if msg := s.Context().Value(messageContextKey); msg != nil {
			fmt.Fprint(s, msg.(string))
		}

		switch username := s.User(); {
		case username == c.String("config-user"):
			if !currentUser.IsAdmin {
				fmt.Fprintf(s, "You are not an administrator, permission denied.\n")
				return
			}
			if err := shell(c, s, s.Command(), db); err != nil {
				fmt.Fprintf(s, "error: %v\n", err)
			}
		case strings.HasPrefix(username, "invite:"):
			return
		default:
			host, err := RemoteHostFromSession(s, db)
			if err != nil {
				fmt.Fprintf(s, "error: %v\n", err)
				// FIXME: print available hosts
				return
			}

			// load up-to-date objects
			// FIXME: cache them or try not to load them
			var tmpUser User
			if err := db.Preload("Groups").Preload("Groups.ACLs").Where("id = ?", currentUser.ID).First(&tmpUser).Error; err != nil {
				fmt.Fprintf(s, "error: %v\n", err)
				return
			}
			var tmpHost Host
			if err := db.Preload("Groups").Preload("Groups.ACLs").Where("id = ?", host.ID).First(&tmpHost).Error; err != nil {
				fmt.Fprintf(s, "error: %v\n", err)
				return
			}

			action, err := CheckACLs(tmpUser, tmpHost)
			if err != nil {
				fmt.Fprintf(s, "error: %v\n", err)
				return
			}

			switch action {
			case "allow":
				if err := proxy(s, host); err != nil {
					fmt.Fprintf(s, "error: %v\n", err)
				}
			case "deny":
				fmt.Fprintf(s, "You don't have permission to that host.\n")
			default:
				fmt.Fprintf(s, "error: %v\n", err)
			}

		}
	})

	opts := []ssh.Option{}
	if c.Bool("demo") {
		if c.Bool("demo") {
			if err := dbDemo(db); err != nil {
				return err
			}
		}
	}

	opts = append(opts, ssh.PublicKeyAuth(func(ctx ssh.Context, key ssh.PublicKey) bool {
		var (
			userKey  UserKey
			user     User
			username = ctx.User()
		)

		// lookup user by key
		db.Where("key = ?", key.Marshal()).First(&userKey)
		if userKey.UserID > 0 {
			db.Where("id = ?", userKey.UserID).First(&user)
			if strings.HasPrefix(username, "invite:") {
				ctx.SetValue(errorContextKey, fmt.Errorf("invites are only supported for ney SSH keys; your ssh key is already associated with the user %q.", user.Email))
			}
			ctx.SetValue(userContextKey, user)
			return true
		}

		// handle invite "links"
		if strings.HasPrefix(username, "invite:") {
			inputToken := strings.Split(username, ":")[1]
			if len(inputToken) == 16 {
				db.Where("invite_token = ?", inputToken).First(&user)
			}
			if user.ID > 0 {
				userKey = UserKey{
					UserID:  user.ID,
					Key:     key.Marshal(),
					Comment: "created by sshportal",
				}
				db.Create(&userKey)

				// token is only usable once
				user.InviteToken = ""
				db.Update(&user)

				ctx.SetValue(messageContextKey, fmt.Sprintf("Welcome %s!\n\nYour key is now associated with the user %q.\n", user.Name, user.Email))
				ctx.SetValue(userContextKey, user)
			} else {
				ctx.SetValue(userContextKey, User{Name: "Anonymous"})
				ctx.SetValue(errorContextKey, errors.New("your token is invalid or expired"))
			}
			return true
		}

		// fallback
		ctx.SetValue(errorContextKey, errors.New("unknown ssh key"))
		ctx.SetValue(userContextKey, User{Name: "Anonymous"})
		return true
	}))

	opts = append(opts, func(srv *ssh.Server) error {
		key, err := FindKeyByIdOrName(db, "host")
		if err != nil {
			return err
		}
		signer, err := gossh.ParsePrivateKey([]byte(key.PrivKey))
		if err != nil {
			return err
		}
		srv.AddHostKey(signer)
		return nil
	})

	log.Printf("SSH Server accepting connections on %s", c.String("bind-address"))
	return ssh.ListenAndServe(c.String("bind-address"), nil, opts...)
}
POC 2017-09-30 19:12:43 +08:00			`package main`

			`import (`
Handle user invites 2017-11-08 02:40:14 +08:00			`"errors"`
POC 2017-09-30 19:12:43 +08:00			`"fmt"`
			`"log"`
Set random seed properly 2017-11-14 08:29:25 +08:00			`"math/rand"`
POC 2017-09-30 19:12:43 +08:00			`"os"`
			`"path"`
Handle user invites 2017-11-08 02:40:14 +08:00			`"strings"`
Set random seed properly 2017-11-14 08:29:25 +08:00			`"time"`
POC 2017-09-30 19:12:43 +08:00
			`"github.com/gliderlabs/ssh"`
Add database 2017-10-30 23:48:14 +08:00			`"github.com/jinzhu/gorm"`
Add --debug options + mysql driver 2017-10-31 00:12:04 +08:00			`_ "github.com/jinzhu/gorm/dialects/mysql"`
Add database 2017-10-30 23:48:14 +08:00			`_ "github.com/jinzhu/gorm/dialects/sqlite"`
POC 2017-09-30 19:12:43 +08:00			`"github.com/urfave/cli"`
Use fixed ssh host key 2017-11-04 05:54:16 +08:00			`gossh "golang.org/x/crypto/ssh"`
POC 2017-09-30 19:12:43 +08:00			`)`

Use dynamic version 2017-11-14 07:38:23 +08:00			`var (`
			`// VERSION should be updated by hand at each release`
v1.1.0 2017-11-14 08:29:59 +08:00			`VERSION = "1.1.0"`
Use dynamic version 2017-11-14 07:38:23 +08:00			`// GIT_TAG will be overwritten automatically by the build system`
Add better versionning 2017-11-14 08:13:51 +08:00			`GIT_TAG string`
Use dynamic version 2017-11-14 07:38:23 +08:00			`// GIT_SHA will be overwritten automatically by the build system`
Add better versionning 2017-11-14 08:13:51 +08:00			`GIT_SHA string`
Use dynamic version 2017-11-14 07:38:23 +08:00			`// GIT_BRANCH will be overwritten automatically by the build system`
Add better versionning 2017-11-14 08:13:51 +08:00			`GIT_BRANCH string`
Use dynamic version 2017-11-14 07:38:23 +08:00			`)`
Add 'version' command 2017-11-02 05:09:08 +08:00
Add SSH key check + auto register of the admin account 2017-11-03 08:46:55 +08:00			`type sshportalContextKey string`

Handle user invites 2017-11-08 02:40:14 +08:00			`var (`
			`userContextKey = sshportalContextKey("user")`
			`messageContextKey = sshportalContextKey("message")`
			`errorContextKey = sshportalContextKey("error")`
			`)`
Add SSH key check + auto register of the admin account 2017-11-03 08:46:55 +08:00
POC 2017-09-30 19:12:43 +08:00			`func main() {`
Set random seed properly 2017-11-14 08:29:25 +08:00			`rand.Seed(time.Now().UnixNano())`

POC 2017-09-30 19:12:43 +08:00			`app := cli.NewApp()`
			`app.Name = path.Base(os.Args[0])`
			`app.Author = "Manfred Touron"`
Add better versionning 2017-11-14 08:13:51 +08:00			`app.Version = VERSION + " (" + GIT_SHA + ")"`
POC 2017-09-30 19:12:43 +08:00			`app.Email = "https://github.com/moul/sshportal"`
			`app.Flags = []cli.Flag{`
			`cli.StringFlag{`
			`Name: "bind-address, b",`
			`EnvVar: "SSHPORTAL_BIND",`
			`Value: ":2222",`
			`Usage: "SSH server bind address",`
			`},`
			`cli.BoolFlag{`
			`Name: "demo",`
			`Usage: "unsafe - demo mode: accept all connections",`
			`},`
Disable mysql support 2017-11-14 08:28:18 +08:00			`/*cli.StringFlag{`
Add database 2017-10-30 23:48:14 +08:00			`Name: "db-driver",`
			`Value: "sqlite3",`
Disable mysql support 2017-11-14 08:28:18 +08:00			`Usage: "GORM driver (sqlite3)",`
			`},*/`
Add database 2017-10-30 23:48:14 +08:00			`cli.StringFlag{`
			`Name: "db-conn",`
			`Value: "./sshportal.db",`
Add --debug options + mysql driver 2017-10-31 00:12:04 +08:00			`Usage: "GORM connection string",`
			`},`
			`cli.BoolFlag{`
			`Name: "debug, D",`
			`Usage: "Display debug information",`
Add database 2017-10-30 23:48:14 +08:00			`},`
make the config-user configureable 2017-11-02 05:11:46 +08:00			`cli.StringFlag{`
			`Name: "config-user",`
			`Usage: "SSH user that spawns a configuration shell",`
			`Value: "admin",`
			`},`
POC 2017-09-30 19:12:43 +08:00			`}`
			`app.Action = server`
Return a better message when running without the demo mode 2017-11-02 17:32:35 +08:00			`if err := app.Run(os.Args); err != nil {`
			`log.Fatalf("error: %v", err)`
			`}`
POC 2017-09-30 19:12:43 +08:00			`}`

			`func server(c *cli.Context) error {`
Disable mysql support 2017-11-14 08:28:18 +08:00			`db, err := gorm.Open("sqlite3", c.String("db-conn"))`
Add database 2017-10-30 23:48:14 +08:00			`if err != nil {`
			`return err`
			`}`
			`defer db.Close()`
Add basic ACL support 2017-11-13 17:13:17 +08:00
Add --debug options + mysql driver 2017-10-31 00:12:04 +08:00			`if c.Bool("debug") {`
			`db.LogMode(true)`
			`}`
Add database 2017-10-30 23:48:14 +08:00			`if err := dbInit(db); err != nil {`
			`return err`
			`}`

POC 2017-09-30 19:12:43 +08:00			`ssh.Handle(func(s ssh.Session) {`
Use contexted user to check for permissions 2017-11-04 04:47:54 +08:00			`currentUser := s.Context().Value(userContextKey).(User)`
			`log.Printf("New connection: sshUser=%q remote=%q local=%q command=%q dbUser=id:%q,email:%s", s.User(), s.RemoteAddr(), s.LocalAddr(), s.Command(), currentUser.ID, currentUser.Email)`

Handle user invites 2017-11-08 02:40:14 +08:00			`if err := s.Context().Value(errorContextKey); err != nil {`
			`fmt.Fprintf(s, "error: %v\n", err)`
Use contexted user to check for permissions 2017-11-04 04:47:54 +08:00			`return`
			`}`
POC 2017-09-30 19:12:43 +08:00
Handle user invites 2017-11-08 02:40:14 +08:00			`if msg := s.Context().Value(messageContextKey); msg != nil {`
			`fmt.Fprint(s, msg.(string))`
			`}`

			`switch username := s.User(); {`
			`case username == c.String("config-user"):`
Use contexted user to check for permissions 2017-11-04 04:47:54 +08:00			`if !currentUser.IsAdmin {`
Handle user invites 2017-11-08 02:40:14 +08:00			`fmt.Fprintf(s, "You are not an administrator, permission denied.\n")`
Use contexted user to check for permissions 2017-11-04 04:47:54 +08:00			`return`
			`}`
Add 'info' command 2017-11-02 00:00:34 +08:00			`if err := shell(c, s, s.Command(), db); err != nil {`
Use contexted user to check for permissions 2017-11-04 04:47:54 +08:00			`fmt.Fprintf(s, "error: %v\n", err)`
Add shell boilerplate 2017-10-31 17:17:06 +08:00			`}`
Handle user invites 2017-11-08 02:40:14 +08:00			`case strings.HasPrefix(username, "invite:"):`
			`return`
POC 2017-09-30 19:12:43 +08:00			`default:`
Small refactor 2017-10-31 16:24:18 +08:00			`host, err := RemoteHostFromSession(s, db)`
POC 2017-09-30 19:12:43 +08:00			`if err != nil {`
Use contexted user to check for permissions 2017-11-04 04:47:54 +08:00			`fmt.Fprintf(s, "error: %v\n", err)`
Small refactor 2017-10-31 16:24:18 +08:00			`// FIXME: print available hosts`
POC 2017-09-30 19:12:43 +08:00			`return`
			`}`
Add basic ACL support 2017-11-13 17:13:17 +08:00
			`// load up-to-date objects`
			`// FIXME: cache them or try not to load them`
			`var tmpUser User`
			`if err := db.Preload("Groups").Preload("Groups.ACLs").Where("id = ?", currentUser.ID).First(&tmpUser).Error; err != nil {`
			`fmt.Fprintf(s, "error: %v\n", err)`
			`return`
			`}`
			`var tmpHost Host`
			`if err := db.Preload("Groups").Preload("Groups.ACLs").Where("id = ?", host.ID).First(&tmpHost).Error; err != nil {`
Use contexted user to check for permissions 2017-11-04 04:47:54 +08:00			`fmt.Fprintf(s, "error: %v\n", err)`
Add basic ACL support 2017-11-13 17:13:17 +08:00			`return`
POC 2017-09-30 19:12:43 +08:00			`}`
Add basic ACL support 2017-11-13 17:13:17 +08:00
			`action, err := CheckACLs(tmpUser, tmpHost)`
			`if err != nil {`
			`fmt.Fprintf(s, "error: %v\n", err)`
			`return`
			`}`

			`switch action {`
			`case "allow":`
			`if err := proxy(s, host); err != nil {`
			`fmt.Fprintf(s, "error: %v\n", err)`
			`}`
			`case "deny":`
			`fmt.Fprintf(s, "You don't have permission to that host.\n")`
			`default:`
			`fmt.Fprintf(s, "error: %v\n", err)`
			`}`

POC 2017-09-30 19:12:43 +08:00			`}`
			`})`

			`opts := []ssh.Option{}`
Use fixed ssh host key 2017-11-04 05:54:16 +08:00			`if c.Bool("demo") {`
			`if c.Bool("demo") {`
			`if err := dbDemo(db); err != nil {`
			`return err`
			`}`
			`}`
POC 2017-09-30 19:12:43 +08:00			`}`

Add SSH key check + auto register of the admin account 2017-11-03 08:46:55 +08:00			`opts = append(opts, ssh.PublicKeyAuth(func(ctx ssh.Context, key ssh.PublicKey) bool {`
			`var (`
Handle user invites 2017-11-08 02:40:14 +08:00			`userKey UserKey`
			`user User`
			`username = ctx.User()`
Add SSH key check + auto register of the admin account 2017-11-03 08:46:55 +08:00			`)`

			`// lookup user by key`
			`db.Where("key = ?", key.Marshal()).First(&userKey)`
			`if userKey.UserID > 0 {`
			`db.Where("id = ?", userKey.UserID).First(&user)`
Handle user invites 2017-11-08 02:40:14 +08:00			`if strings.HasPrefix(username, "invite:") {`
			`ctx.SetValue(errorContextKey, fmt.Errorf("invites are only supported for ney SSH keys; your ssh key is already associated with the user %q.", user.Email))`
			`}`
Add SSH key check + auto register of the admin account 2017-11-03 08:46:55 +08:00			`ctx.SetValue(userContextKey, user)`
			`return true`
			`}`

Handle user invites 2017-11-08 02:40:14 +08:00			`// handle invite "links"`
			`if strings.HasPrefix(username, "invite:") {`
			`inputToken := strings.Split(username, ":")[1]`
			`if len(inputToken) == 16 {`
			`db.Where("invite_token = ?", inputToken).First(&user)`
Add SSH key check + auto register of the admin account 2017-11-03 08:46:55 +08:00			`}`
Handle user invites 2017-11-08 02:40:14 +08:00			`if user.ID > 0 {`
			`userKey = UserKey{`
			`UserID: user.ID,`
			`Key: key.Marshal(),`
			`Comment: "created by sshportal",`
			`}`
			`db.Create(&userKey)`

			`// token is only usable once`
			`user.InviteToken = ""`
			`db.Update(&user)`

			`ctx.SetValue(messageContextKey, fmt.Sprintf("Welcome %s!\n\nYour key is now associated with the user %q.\n", user.Name, user.Email))`
			`ctx.SetValue(userContextKey, user)`
			`} else {`
			`ctx.SetValue(userContextKey, User{Name: "Anonymous"})`
			`ctx.SetValue(errorContextKey, errors.New("your token is invalid or expired"))`
Add SSH key check + auto register of the admin account 2017-11-03 08:46:55 +08:00			`}`
			`return true`
			`}`

Handle user invites 2017-11-08 02:40:14 +08:00			`// fallback`
			`ctx.SetValue(errorContextKey, errors.New("unknown ssh key"))`
			`ctx.SetValue(userContextKey, User{Name: "Anonymous"})`
Use contexted user to check for permissions 2017-11-04 04:47:54 +08:00			`return true`
Add SSH key check + auto register of the admin account 2017-11-03 08:46:55 +08:00			`}))`

Use fixed ssh host key 2017-11-04 05:54:16 +08:00			`opts = append(opts, func(srv *ssh.Server) error {`
			`key, err := FindKeyByIdOrName(db, "host")`
			`if err != nil {`
			`return err`
			`}`
			`signer, err := gossh.ParsePrivateKey([]byte(key.PrivKey))`
			`if err != nil {`
			`return err`
			`}`
			`srv.AddHostKey(signer)`
			`return nil`
			`})`

POC 2017-09-30 19:12:43 +08:00			`log.Printf("SSH Server accepting connections on %s", c.String("bind-address"))`
			`return ssh.ListenAndServe(c.String("bind-address"), nil, opts...)`
			`}`