diff options
| author | Paul Buetow <paul@buetow.org> | 2026-03-10 19:37:21 +0200 |
|---|---|---|
| committer | Paul Buetow <paul@buetow.org> | 2026-03-10 19:37:21 +0200 |
| commit | f6e23930da2900c43a5389a2e7d1e38d8221a76f (patch) | |
| tree | 3352cc0d8c0819d5cc58fdf987ed39f87a30a34b /internal/ssh | |
| parent | 1fc24f9affed5128702e4de80572cac8c82d399e (diff) | |
Refactor server-side config singleton reads
Diffstat (limited to 'internal/ssh')
| -rw-r--r-- | internal/ssh/server/hostkey.go | 16 | ||||
| -rw-r--r-- | internal/ssh/server/publickeycallback.go | 15 |
2 files changed, 14 insertions, 17 deletions
diff --git a/internal/ssh/server/hostkey.go b/internal/ssh/server/hostkey.go index b2d4569..809a870 100644 --- a/internal/ssh/server/hostkey.go +++ b/internal/ssh/server/hostkey.go @@ -8,9 +8,19 @@ import ( "github.com/mimecast/dtail/internal/ssh" ) +const ( + defaultHostKeyBits = 4096 + defaultHostKeyFile = "./cache/ssh_host_key" +) + // PrivateHostKey retrieves the private server RSA host key. -func PrivateHostKey() []byte { - hostKeyFile := config.Server.HostKeyFile +func PrivateHostKey(hostKeyFile string, hostKeyBits int) []byte { + if hostKeyFile == "" { + hostKeyFile = defaultHostKeyFile + } + if hostKeyBits <= 0 { + hostKeyBits = defaultHostKeyBits + } if config.Env("DTAIL_INTEGRATION_TEST_RUN_MODE") { hostKeyFile = "./ssh_host_key" } @@ -18,7 +28,7 @@ func PrivateHostKey() []byte { if os.IsNotExist(err) { dlog.Server.Info("Generating private server RSA host key") - privateKey, err := ssh.GeneratePrivateRSAKey(config.Server.HostKeyBits) + privateKey, err := ssh.GeneratePrivateRSAKey(hostKeyBits) if err != nil { dlog.Server.FatalPanic("Failed to generate private server RSA host key", err) diff --git a/internal/ssh/server/publickeycallback.go b/internal/ssh/server/publickeycallback.go index ccf9111..d4e328b 100644 --- a/internal/ssh/server/publickeycallback.go +++ b/internal/ssh/server/publickeycallback.go @@ -12,19 +12,6 @@ import ( gossh "golang.org/x/crypto/ssh" ) -// PublicKeyCallback is for the server to check whether a public SSH key is -// authorized ot not. -func PublicKeyCallback(c gossh.ConnMetadata, - offeredPubKey gossh.PublicKey) (*gossh.Permissions, error) { - - authKeyEnabled := config.Server != nil && config.Server.AuthKeyEnabled - cacheDir := "" - if config.Common != nil { - cacheDir = config.Common.CacheDir - } - return publicKeyCallback(c, offeredPubKey, authKeyEnabled, cacheDir, authKeyStore) -} - // NewPublicKeyCallback creates an instance-scoped SSH public key callback. // It avoids relying on package-level mutable configuration/state. func NewPublicKeyCallback(authKeyEnabled bool, cacheDir string, @@ -41,7 +28,7 @@ func NewPublicKeyCallback(authKeyEnabled bool, cacheDir string, func publicKeyCallback(c gossh.ConnMetadata, offeredPubKey gossh.PublicKey, authKeyEnabled bool, cacheDir string, keyStore *AuthKeyStore) (*gossh.Permissions, error) { - user, err := user.New(c.User(), c.RemoteAddr().String()) + user, err := user.New(c.User(), c.RemoteAddr().String(), nil) if err != nil { return nil, err } |