TheCloud/ssh-chat
1
0
Fork 0
mirror of https://github.com/shazow/ssh-chat.git synced 2025-08-05 10:47:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

(hopefully) final changes

Browse Source
This commit is contained in:
mik2k2 2021-05-28 16:55:19 +02:00
parent 2e203b3238
commit cc1de0d960
4 changed files with 9 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
auth.go
View File

@ -113,7 +113,7 @@ func (a *Auth) CheckBans(addr net.Addr, key ssh.PublicKey, clientVersion string)
}
// CheckPubkey determines if a pubkey fingerprint is permitted.
func (a *Auth) CheckPubkey(key ssh.PublicKey) error {
func (a *Auth) CheckPublicKey(key ssh.PublicKey) error {
authkey := newAuthKey(key)
whitelisted := a.whitelist.In(authkey)
if a.AllowAnonymous() || whitelisted {

6
auth_test.go
View File

@ -28,7 +28,7 @@ func TestAuthWhitelist(t *testing.T) {
}
auth := NewAuth()
err = auth.CheckPubkey(key)
err = auth.CheckPublicKey(key)
if err != nil {
t.Error("Failed to permit in default state:", err)
}
@ -44,7 +44,7 @@ func TestAuthWhitelist(t *testing.T) {
t.Error("Clone key does not match.")
}
err = auth.CheckPubkey(keyClone)
err = auth.CheckPublicKey(keyClone)
if err != nil {
t.Error("Failed to permit whitelisted:", err)
}
@ -54,7 +54,7 @@ func TestAuthWhitelist(t *testing.T) {
t.Fatal(err)
}
err = auth.CheckPubkey(key2)
err = auth.CheckPublicKey(key2)
if err == nil {
t.Error("Failed to restrict not whitelisted:", err)
}

9
sshd/auth.go
View File

@ -20,7 +20,7 @@ type Auth interface {
// Given address and public key and client agent string, returns nil if the connection is not banned.
CheckBans(net.Addr, ssh.PublicKey, string) error
// Given a public key, returns nil if the connection should be allowed.
CheckPubkey(ssh.PublicKey) error
CheckPublicKey(ssh.PublicKey) error
// Given a passphrase, returns nil if the connection should be allowed.
CheckPassphrase(string) error
// BanAddr bans an IP address for the specified amount of time.
@ -38,7 +38,7 @@ func MakeAuth(auth Auth) *ssh.ServerConfig {
if err != nil {
return nil, err
}
err = auth.CheckPubkey(key)
err = auth.CheckPublicKey(key)
if err != nil {
return nil, err
}
@ -65,12 +65,11 @@ func MakeAuth(auth Auth) *ssh.ServerConfig {
} else {
err = auth.CheckPassphrase(answers[0])
if err != nil {
// TODO: make rate-limiting configurable
auth.BanAddr(conn.RemoteAddr(), time.Minute * 1)
auth.BanAddr(conn.RemoteAddr(), time.Second*2)
}
}
}
} else if !auth.AllowAnonymous(){
} else if !auth.AllowAnonymous() {
err = errors.New("public key authentication required")
}
return nil, err

2
sshd/client_test.go
View File

@ -22,7 +22,7 @@ func (a RejectAuth) AcceptPassphrase() bool {
func (a RejectAuth) CheckBans(addr net.Addr, key ssh.PublicKey, clientVersion string) error {
return errRejectAuth
}
func (a RejectAuth) CheckPubkey(ssh.PublicKey) error {
func (a RejectAuth) CheckPublicKey(ssh.PublicKey) error {
return errRejectAuth
}
func (a RejectAuth) CheckPassphrase(string) error {