104 lines
2.3 KiB
Go
104 lines
2.3 KiB
Go
package server
|
|
|
|
import (
|
|
"context"
|
|
"fmt"
|
|
"log"
|
|
"net"
|
|
"tunnel_pls/internal/config"
|
|
"tunnel_pls/internal/grpc/client"
|
|
"tunnel_pls/session"
|
|
|
|
"golang.org/x/crypto/ssh"
|
|
)
|
|
|
|
type Server struct {
|
|
conn *net.Listener
|
|
config *ssh.ServerConfig
|
|
sessionRegistry session.Registry
|
|
grpcClient *client.Client
|
|
}
|
|
|
|
func NewServer(sshConfig *ssh.ServerConfig, sessionRegistry session.Registry, grpcClient *client.Client) (*Server, error) {
|
|
listener, err := net.Listen("tcp", fmt.Sprintf(":%s", config.Getenv("PORT", "2200")))
|
|
if err != nil {
|
|
log.Fatalf("failed to listen on port 2200: %v", err)
|
|
return nil, err
|
|
}
|
|
|
|
HttpServer := NewHTTPServer(sessionRegistry)
|
|
err = HttpServer.ListenAndServe()
|
|
if err != nil {
|
|
log.Fatalf("failed to start http server: %v", err)
|
|
return nil, err
|
|
}
|
|
|
|
if config.Getenv("TLS_ENABLED", "false") == "true" {
|
|
err = HttpServer.ListenAndServeTLS()
|
|
if err != nil {
|
|
log.Fatalf("failed to start https server: %v", err)
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
return &Server{
|
|
conn: &listener,
|
|
config: sshConfig,
|
|
sessionRegistry: sessionRegistry,
|
|
grpcClient: grpcClient,
|
|
}, nil
|
|
}
|
|
|
|
func (s *Server) Start() {
|
|
log.Println("SSH server is starting on port 2200...")
|
|
for {
|
|
conn, err := (*s.conn).Accept()
|
|
if err != nil {
|
|
log.Printf("failed to accept connection: %v", err)
|
|
continue
|
|
}
|
|
|
|
go s.handleConnection(conn)
|
|
}
|
|
}
|
|
|
|
func (s *Server) handleConnection(conn net.Conn) {
|
|
sshConn, chans, forwardingReqs, err := ssh.NewServerConn(conn, s.config)
|
|
defer func(sshConn *ssh.ServerConn) {
|
|
err = sshConn.Close()
|
|
if err != nil {
|
|
log.Printf("failed to close SSH server: %v", err)
|
|
}
|
|
}(sshConn)
|
|
|
|
if err != nil {
|
|
log.Printf("failed to establish SSH connection: %v", err)
|
|
err := conn.Close()
|
|
if err != nil {
|
|
log.Printf("failed to close SSH connection: %v", err)
|
|
return
|
|
}
|
|
return
|
|
}
|
|
ctx := context.Background()
|
|
log.Println("SSH connection established:", sshConn.User())
|
|
|
|
//Fallback: kalau auth gagal userID di set UNAUTHORIZED
|
|
authorized, _ := s.grpcClient.AuthorizeConn(ctx, sshConn.User())
|
|
|
|
var userID string
|
|
if authorized {
|
|
userID = sshConn.User()
|
|
} else {
|
|
userID = "UNAUTHORIZED"
|
|
}
|
|
|
|
sshSession := session.New(sshConn, forwardingReqs, chans, s.sessionRegistry, userID)
|
|
err = sshSession.Start()
|
|
if err != nil {
|
|
log.Printf("SSH session ended with error: %v", err)
|
|
return
|
|
}
|
|
return
|
|
}
|