diff options
| author | Paul Buetow <paul@buetow.org> | 2026-03-03 10:10:19 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2026-03-03 10:10:19 +0200 |
| commit | 7d3685a5ed4bfac85673793f8ae6d9c5a6cff962 (patch) | |
| tree | 27bc845ef5758aa43662d0ce238436461d1893e7 /internal/server/handlers/serverhandler.go | |
| parent | f4898f746d03ff5dcf57d3967c594d98a9da7fe0 (diff) | |
feat(server): add AUTHKEY command handling
Diffstat (limited to 'internal/server/handlers/serverhandler.go')
| -rw-r--r-- | internal/server/handlers/serverhandler.go | 47 |
1 files changed, 42 insertions, 5 deletions
diff --git a/internal/server/handlers/serverhandler.go b/internal/server/handlers/serverhandler.go index f9aa499..53ab4e3 100644 --- a/internal/server/handlers/serverhandler.go +++ b/internal/server/handlers/serverhandler.go @@ -2,6 +2,7 @@ package handlers import ( "context" + "encoding/base64" "strings" "sync/atomic" @@ -11,7 +12,10 @@ import ( "github.com/mimecast/dtail/internal/io/line" "github.com/mimecast/dtail/internal/lcontext" "github.com/mimecast/dtail/internal/omode" + sshserver "github.com/mimecast/dtail/internal/ssh/server" user "github.com/mimecast/dtail/internal/user/server" + + gossh "golang.org/x/crypto/ssh" ) // ServerHandler implements the Reader and Writer interfaces to handle @@ -100,11 +104,13 @@ func (h *ServerHandler) handleUserCommand(ctx context.Context, ltx lcontext.LCon func (h *ServerHandler) newCommandRegistry() map[string]commandHandler { return map[string]commandHandler{ - "grep": h.makeReadCommandHandler(omode.GrepClient, 1), - "cat": h.makeReadCommandHandler(omode.CatClient, 1), - "tail": h.makeReadCommandHandler(omode.TailClient, 10), - "map": h.handleMapCommand, - ".ack": h.handleAckUserCommand, + "grep": h.makeReadCommandHandler(omode.GrepClient, 1), + "cat": h.makeReadCommandHandler(omode.CatClient, 1), + "tail": h.makeReadCommandHandler(omode.TailClient, 10), + "map": h.handleMapCommand, + ".ack": h.handleAckUserCommand, + "AUTHKEY": h.handleAuthKeyCommand, + "authkey": h.handleAuthKeyCommand, } } @@ -139,3 +145,34 @@ func (h *ServerHandler) handleAckUserCommand(_ context.Context, _ lcontext.LCont h.handleAckCommand(argc, args) commandFinished() } + +func (h *ServerHandler) handleAuthKeyCommand(_ context.Context, _ lcontext.LContext, + argc int, args []string, commandFinished func()) { + + defer commandFinished() + + if !h.serverCfg.AuthKeyEnabled { + h.sendln(h.serverMessages, "AUTHKEY ERR feature disabled") + return + } + + if argc < 2 || strings.TrimSpace(args[1]) == "" { + h.sendln(h.serverMessages, "AUTHKEY ERR missing public key") + return + } + + decodedPubKey, err := base64.StdEncoding.DecodeString(args[1]) + if err != nil { + h.sendln(h.serverMessages, "AUTHKEY ERR invalid base64") + return + } + + pubKey, err := gossh.ParsePublicKey(decodedPubKey) + if err != nil { + h.sendln(h.serverMessages, "AUTHKEY ERR invalid public key") + return + } + + sshserver.ServerAuthKeyStore().Add(h.user.Name, pubKey) + h.sendln(h.serverMessages, "AUTHKEY OK") +} |