Shikong/Clash.Meta
1
0
Fork 0
mirror of https://gitclone.com/github.com/MetaCubeX/Clash.Meta synced 2025-05-21 17:38:16 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: ssh outbound add private-key-passphrase,host-key,host-key-algorithms

Browse Source 
rename `privateKey` to `private-key` and support direct write private key value in config file
This commit is contained in:
wwqgtxx 2024-03-13 08:30:41 +08:00
parent 81c832ef9e
commit 5fdfde6a07
1 changed files with 55 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

75
adapter/outbound/ssh.go
View File

@ -1,11 +1,15 @@
package outbound package outbound
import ( import (
"bytes"
"context" "context"
"encoding/base64"
"fmt"
"net" "net"
"os" "os"
"runtime" "runtime"
"strconv" "strconv"
"strings"
"sync" "sync"
N "github.com/metacubex/mihomo/common/net" N "github.com/metacubex/mihomo/common/net"
@ -26,12 +30,15 @@ type Ssh struct {
type SshOption struct { type SshOption struct {
BasicOption BasicOption
Name string `proxy:"name"` Name string `proxy:"name"`
Server string `proxy:"server"` Server string `proxy:"server"`
Port int `proxy:"port"` Port int `proxy:"port"`
UserName string `proxy:"username"` UserName string `proxy:"username"`
Password string `proxy:"password,omitempty"` Password string `proxy:"password,omitempty"`
PrivateKey string `proxy:"privateKey,omitempty"` PrivateKey string `proxy:"private-key,omitempty"`
PrivateKeyPassphrase string `proxy:"private-key-passphrase,omitempty"`
HostKey []string `proxy:"host-key,omitempty"`
HostKeyAlgorithms []string `proxy:"host-key-algorithms,omitempty"`
} }
func (s *Ssh) DialContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (_ C.Conn, err error) { func (s *Ssh) DialContext(ctx context.Context, metadata *C.Metadata, opts ...dialer.Option) (_ C.Conn, err error) {
@ -119,28 +126,56 @@ func NewSsh(option SshOption) (*Ssh, error) {
addr := net.JoinHostPort(option.Server, strconv.Itoa(option.Port)) addr := net.JoinHostPort(option.Server, strconv.Itoa(option.Port))
config := ssh.ClientConfig{ config := ssh.ClientConfig{
User: option.UserName, User: option.UserName,
HostKeyCallback: func(hostname string, remote net.Addr, key ssh.PublicKey) error { HostKeyCallback: ssh.InsecureIgnoreHostKey(),
return nil HostKeyAlgorithms: option.HostKeyAlgorithms,
},
} }
if option.Password == "" { if option.PrivateKey != "" {
b, err := os.ReadFile(option.PrivateKey) var b []byte
if err != nil { var err error
return nil, err if strings.Contains(option.PrivateKey, "PRIVATE KEY") {
b = []byte(option.PrivateKey)
} else {
b, err = os.ReadFile(C.Path.Resolve(option.PrivateKey))
if err != nil {
return nil, err
}
}
var pKey ssh.Signer
if option.PrivateKeyPassphrase != "" {
pKey, err = ssh.ParsePrivateKeyWithPassphrase(b, []byte(option.PrivateKeyPassphrase))
} else {
pKey, err = ssh.ParsePrivateKey(b)
} }
pKey, err := ssh.ParsePrivateKey(b)
if err != nil { if err != nil {
return nil, err return nil, err
} }
config.Auth = []ssh.AuthMethod{ config.Auth = append(config.Auth, ssh.PublicKeys(pKey))
ssh.PublicKeys(pKey), }
if option.Password != "" {
config.Auth = append(config.Auth, ssh.Password(option.Password))
}
if len(option.HostKey) != 0 {
keys := make([]ssh.PublicKey, len(option.HostKey))
for i, hostKey := range option.HostKey {
key, _, _, _, err := ssh.ParseAuthorizedKey([]byte(hostKey))
if err != nil {
return nil, fmt.Errorf("parse host key :%s", key)
}
keys[i] = key
} }
} else { config.HostKeyCallback = func(hostname string, remote net.Addr, key ssh.PublicKey) error {
config.Auth = []ssh.AuthMethod{ serverKey := key.Marshal()
ssh.Password(option.Password), for _, hostKey := range keys {
if bytes.Equal(serverKey, hostKey.Marshal()) {
return nil
}
}
return fmt.Errorf("host key mismatch, server send :%s %s", key.Type(), base64.StdEncoding.EncodeToString(serverKey))
} }
} }