bdy 1.7.46-dev

package/src/server/sftp.js

@@ -0,0 +1,474 @@
+const logger = require('../logger');
+const Ssh2 = require('ssh2');
+const fs = require('fs/promises');
+const path = require('path');
+
+const { flagsToString, STATUS_CODE } = Ssh2.utils.sftp;
+
+class ServerSftp {
+  constructor(sftp) {
+    logger.debug('Creating sftp server');
+    this.openHandlers = new Map();
+    this.count = 0;
+    this.sftp = sftp;
+    this.sftp.on('OPEN', (reqId, fileName, flags, attrs) => this.open(reqId, fileName, flags, attrs));
+    this.sftp.on('READ', (reqId, handle, offset, length) => this.read(reqId, handle, offset, length));
+    this.sftp.on('WRITE', (reqId, handle, offset, data) => this.write(reqId, handle, offset, data));
+    this.sftp.on('FSTAT', (reqId, handle) => this.fstat(reqId, handle));
+    this.sftp.on('FSETSTAT', (reqId, handle, attrs) => this.fsetstat(reqId, handle, attrs));
+    this.sftp.on('CLOSE', (reqId, handle) => this.close(reqId, handle));
+    this.sftp.on('OPENDIR', (reqId, path) => this.opendir(reqId, path));
+    this.sftp.on('READDIR', (reqId, handle) => this.readdir(reqId, handle));
+    this.sftp.on('LSTAT', (reqId, path) => this.lstat(reqId, path));
+    this.sftp.on('STAT', (reqId, path) => this.stat(reqId, path));
+    this.sftp.on('REMOVE', (reqId, path) => this.remove(reqId, path));
+    this.sftp.on('RMDIR', (reqId, path) => this.rmdir(reqId, path));
+    this.sftp.on('REALPATH', (reqId, path) => this.realpath(reqId, path));
+    this.sftp.on('READLINK', (reqId, path) => this.readlink(reqId, path));
+    this.sftp.on('SETSTAT', (reqId, path, attrs) => this.setstat(reqId, path, attrs));
+    this.sftp.on('MKDIR', (reqId, path, attrs) => this.mkdir(reqId, path, attrs));
+    this.sftp.on('RENAME', (reqId, oldPath, newPath) => this.rename(reqId, oldPath, newPath));
+    this.sftp.on('SYMLINK', (reqId, linkPath, targetPath) => this.symlink(reqId, linkPath, targetPath));
+  }
+
+  async open(reqId, fileName, flags, attrs) {
+    logger.debug(`SFTP want to open file ${fileName}`);
+    try {
+      const flag = flagsToString(flags);
+      if (!flag) {
+        this.sftp.status(reqId, STATUS_CODE.FAILURE);
+        return;
+      }
+      const id = ++this.count;
+      const handle = Buffer.alloc(4);
+      handle.writeUint32BE(id, 0);
+      const fd = await fs.open(fileName, flag);
+      this.openHandlers.set(id, fd);
+      await this._fsetstat(fd, attrs);
+      logger.debug('SFTP open file succeed');
+      this.sftp.handle(reqId, handle);
+    } catch(err) {
+      logger.debug('SFTP open file failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async read(reqId, handle, offset, length) {
+    logger.debug('SFTP want to read file');
+    try {
+      const id = handle.readUInt32BE(0);
+      if (!this.openHandlers.has(id)) {
+        this.sftp.status(reqId, STATUS_CODE.FAILURE);
+        return;
+      }
+      const fd = this.openHandlers.get(id);
+      const buffer = Buffer.alloc(length);
+      const r = await fd.read(buffer, {
+        offset: 0,
+        length,
+        position: offset,
+      });
+      logger.debug('SFTP read file succeed');
+      if (r.bytesRead <= 0) {
+        this.sftp.status(reqId, STATUS_CODE.EOF);
+      } else if (r.bytesRead < length) {
+        // strip buffer
+        const buffer2 = Buffer.alloc(r.bytesRead);
+        buffer.copy(buffer2, 0, 0, r.bytesRead);
+        this.sftp.data(reqId, buffer2);
+      } else {
+        this.sftp.data(reqId, buffer);
+      }
+    } catch (err) {
+      logger.debug('SFTP read file failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async write(reqId, handle, offset, data) {
+    logger.debug('SFTP want to write file');
+    try {
+      const id = handle.readUInt32BE(0);
+      if (!this.openHandlers.has(id)) {
+        this.sftp.status(reqId, STATUS_CODE.FAILURE);
+        return;
+      }
+      const fd = this.openHandlers.get(id);
+      await fd.write(data, 0, data.length, offset);
+      logger.debug('SFTP write file succeed');
+      this.sftp.status(reqId, STATUS_CODE.OK);
+    } catch(err) {
+      logger.debug('SFTP write file failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async close(reqId, handle) {
+    logger.debug('SFTP want to close handler');
+    try {
+      const id = handle.readUInt32BE(0);
+      if (!this.openHandlers.has(id)) {
+        this.sftp.status(reqId, STATUS_CODE.FAILURE);
+        return;
+      }
+      const fd = this.openHandlers.get(id);
+      await fd.close();
+      this.openHandlers.delete(id);
+      logger.debug('SFTP closed handler succeed');
+      this.sftp.status(reqId, STATUS_CODE.OK);
+    } catch(err) {
+      logger.debug('SFTP close handler failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async fstat(reqId, handle) {
+    logger.debug('SFTP want to stat file');
+    try {
+      const id = handle.readUInt32BE(0);
+      if (!this.openHandlers.has(id)) {
+        this.sftp.status(reqId, STATUS_CODE.FAILURE);
+        return;
+      }
+      const fd = this.openHandlers.get(id);
+      const attrs = await fd.stat();
+      logger.debug('SFTP stat file succeed');
+      this.sftp.attrs(reqId, attrs);
+    } catch(err) {
+      logger.debug('SFTP stat file failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async _fsetstat(fd, attrs) {
+    if (Number.isInteger(attrs.uid) && Number.isInteger(attrs.gid)) {
+      try {
+        logger.debug(`SFTP want to chown with uid: ${attrs.uid}, gid: ${attrs.gid}`);
+        await fd.chown(attrs.uid, attrs.gid);
+        logger.debug('SFTP chown succeed');
+      } catch (err) {
+        logger.debug('SFTP chown failed');
+        logger.debug(err);
+      }
+    }
+    if (attrs.mode) {
+      try {
+        logger.debug(`SFTP want to chmod with mode: ${attrs.mode}`);
+        await fd.chmod(attrs.mode);
+        logger.debug('SFTP chmod succeed');
+      } catch (err) {
+        logger.debug('SFTP chmod failed');
+        logger.debug(err);
+      }
+    }
+    if (attrs.atime && attrs.mtime) {
+      try {
+        logger.debug(`SFTP want to utimes with atime: ${attrs.atime}, mtime: ${attrs.mtime}`);
+        await fd.utimes(attrs.atime, attrs.mtime);
+        logger.debug('SFTP utimes succeed');
+      } catch (err) {
+        logger.debug('SFTP utimes failed');
+        logger.debug(err);
+      }
+    }
+  }
+
+  async fsetstat(reqId, handle, attrs) {
+    logger.debug('SFTP want to set attrs of file');
+    try {
+      const id = handle.readUInt32BE(0);
+      if (!this.openHandlers.has(id)) {
+        this.sftp.status(reqId, STATUS_CODE.FAILURE);
+        return;
+      }
+      const fd = this.openHandlers.get(id);
+      await this._fsetstat(fd, attrs);
+      logger.debug('SFTP set attrs of file succeed');
+      this.sftp.status(reqId, STATUS_CODE.OK);
+    } catch(err) {
+      logger.debug('SFTP set attrs of file failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async opendir(reqId, path) {
+    logger.debug(`SFTP want to open directory ${path}`);
+    try {
+      const id = ++this.count;
+      const handle = Buffer.alloc(4);
+      handle.writeUint32BE(id, 0);
+      const fd = await fs.opendir(path);
+      this.openHandlers.set(id, fd);
+      logger.debug('SFTP open directory succeed');
+      this.sftp.handle(reqId, handle);
+    } catch(err) {
+      logger.debug('SFTP open directory failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+
+  formatMode(mode) {
+    const types = ['---', '--x', '-w-', '-wx', 'r--', 'r-x', 'rw-', 'rwx'];
+    return [types[mode >> 6 & 7], types[mode >> 3 & 7], types[mode & 7]].join('');
+  }
+
+
+  async longname(fullPath, name, stats) {
+    // -rw-r--r--  1 Michal  staff  160543 Jul 29 09:31 cli.log
+    const isDir = stats.isDirectory();
+    const isLink = stats.isSymbolicLink();
+    let displayName = name;
+    if (isLink) {
+      const link = await fs.readlink(fullPath);
+      displayName = `${name} -> ${link}`;
+    }
+    return [
+      isDir ? 'd' : (isLink ? 'l' : '-'),
+      this.formatMode(stats.mode),
+      ' ',
+      (stats.nlink || 1).toString().padEnd(4),
+      ' ',
+      stats.uid.toString().padEnd(4),
+      ' ',
+      stats.gid.toString().padEnd(4),
+      ' ',
+      stats.size.toString().padStart(10),
+      ' ',
+      stats.mtime.toISOString().slice(0, 19).replace('T', ' '),
+      ' ',
+      displayName
+    ].join('');
+  }
+
+  async readdir(reqId, handle) {
+    logger.debug('SFTP want to read directory');
+    try {
+      const id = handle.readUInt32BE(0);
+      if (!this.openHandlers.has(id)) {
+        this.sftp.status(reqId, STATUS_CODE.FAILURE);
+        return;
+      }
+      const fd = this.openHandlers.get(id);
+      const dir = await fd.read();
+      if (!dir) {
+        logger.debug('SFTP read directory ended');
+        this.sftp.status(reqId, STATUS_CODE.EOF);
+      } else {
+        const name = dir.name;
+        const fullPath = path.join(fd.path, name);
+        const stat = await fs.lstat(fullPath);
+        const longname = await this.longname(fullPath, name, stat);
+        logger.debug('SFTP read directory succeed');
+        this.sftp.name(reqId, {
+          filename: name,
+          longname,
+          attrs: stat
+        });
+      }
+    } catch(err) {
+      logger.debug('SFTP read directory failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async stat(reqId, path) {
+    logger.debug(`SFTP want to stat ${path}`);
+    try {
+      const attrs = await fs.stat(path);
+      logger.debug('SFTP stat path succeed');
+      this.sftp.attrs(reqId, attrs);
+    } catch(err) {
+      logger.debug('SFTP stat path failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async remove(reqId, path) {
+    logger.debug(`SFTP want to remove file ${path}`);
+    try {
+      await fs.rm(path);
+      logger.debug('SFTP removed file succeed');
+      this.sftp.status(reqId, STATUS_CODE.OK);
+    } catch(err) {
+      logger.debug('SFTP remove file failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async rmdir(reqId, path) {
+    logger.debug(`SFTP want to remove directory ${path}`);
+    try {
+      await fs.rmdir(path, {
+        recursive: true
+      });
+      logger.debug('SFTP remove directory succeed');
+      this.sftp.status(reqId, STATUS_CODE.OK);
+    } catch(err) {
+      logger.debug('SFTP remove directory failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async realpath(reqId, path) {
+    logger.debug(`SFTP want realpath ${path}`);
+    try {
+      const realPath = await fs.realpath(path);
+      logger.debug('SFTP realpath succeed');
+      this.sftp.name(reqId, [{
+        filename: realPath,
+      }]);
+    } catch(err) {
+      logger.debug('SFTP realpath failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async readlink(reqId, path) {
+    logger.debug(`SFTP want readlink ${path}`);
+    try {
+      const realPath = await fs.readlink(path);
+      logger.debug('SFTP readlink succeed');
+      this.sftp.name(reqId, [{
+        filename: realPath,
+      }]);
+    } catch(err) {
+      logger.debug('SFTP readlink failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async _setstat(path, attrs) {
+    if (Number.isInteger(attrs.uid) && Number.isInteger(attrs.gid)) {
+      try {
+        logger.debug(`SFTP want chown with uid: ${attrs.uid}, gid: ${attrs.gid}`);
+        await fs.chown(path, attrs.uid, attrs.gid);
+        logger.debug('SFTP chown succeed');
+      } catch (err) {
+        logger.debug('SFTP chown failed');
+        logger.debug(err);
+      }
+    }
+    if (attrs.mode) {
+      try {
+        logger.debug(`SFTP want to chmod with mode: ${attrs.mode}`);
+        await fs.chmod(path, attrs.mode);
+        logger.debug('SFTP chmod succeed');
+      } catch (err) {
+        logger.debug('SFTP chmod failed');
+        logger.debug(err);
+      }
+    }
+    if (attrs.atime && attrs.mtime) {
+      try {
+        logger.debug(`SFTP want to utimes with atime: ${attrs.atime}, mtime: ${attrs.mtime}`);
+        await fs.utimes(path, attrs.atime, attrs.mtime);
+        logger.debug('SFTP utimes succeed');
+      } catch (err) {
+        logger.debug('SFTP utimes failed');
+        logger.debug(err);
+      }
+    }
+  }
+
+  async setstat(reqId, path, attrs) {
+    logger.debug(`SFTP want to set attrs ${path}`);
+    try {
+      await this._setstat(path, attrs);
+      logger.debug('SFTP set attrs succeed');
+      this.sftp.status(reqId, STATUS_CODE.OK);
+    } catch (err) {
+      logger.debug('SFTP set attrs failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async mkdir(reqId, path, attrs) {
+    logger.debug(`SFTP want to create directory ${path}`);
+    try {
+      await fs.mkdir(path);
+      await this._setstat(path, attrs);
+      logger.debug('SFTP create directory succeed');
+      this.sftp.status(reqId, STATUS_CODE.OK);
+    } catch (err) {
+      logger.debug('SFTP create directory failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async rename(reqId, oldPath, newPath) {
+    logger.debug(`SFTP want to rename path ${oldPath} to ${newPath}`);
+    try {
+      await fs.rename(oldPath, newPath);
+      logger.debug('SFTP rename path succeed');
+      this.sftp.status(reqId, STATUS_CODE.OK);
+    } catch (err) {
+      logger.debug('SFTP rename path failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async symlink(reqId, linkPath, targetPath) {
+    logger.debug(`SFTP want to symlink ${targetPath} at ${linkPath}`);
+    try {
+      await fs.symlink(targetPath, linkPath);
+      logger.debug('SFTP symlink succeed');
+      this.sftp.status(reqId, STATUS_CODE.OK);
+    } catch (err) {
+      logger.debug('SFTP symlink failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  async lstat(reqId, path) {
+    logger.debug(`SFTP want to lstat ${path}`);
+    try {
+      const attrs = await fs.lstat(path);
+      logger.debug('SFTP lstat path succeed');
+      this.sftp.attrs(reqId, attrs);
+    } catch (err) {
+      logger.debug('SFTP lstat path failed');
+      logger.debug(err);
+      this.sftp.status(reqId, STATUS_CODE.FAILURE);
+    }
+  }
+
+  destroy() {
+    if (this.sftp) {
+      this.sftp.removeAllListeners();
+      this.sftp.end();
+      this.sftp = null;
+    }
+    if (this.openHandlers) {
+      this.openHandlers.forEach((fd) => {
+        try {
+          fd.close();
+        } catch {
+          // do nothing
+        }
+        fd = null;
+      });
+      this.openHandlers = null;
+    }
+    this.count = 0;
+  }
+}
+
+module.exports = ServerSftp;

package/src/server/ssh.js

@@ -0,0 +1,107 @@
+const EventEmitter = require('events');
+const Ssh2 = require('ssh2');
+const logger = require('../logger.js');
+const { exec } = require('child_process');
+const ServerSftp = require('./sftp');
+
+class ServerSsh extends EventEmitter {
+  constructor(login, password, hostKey) {
+    super();
+    this.login = login;
+    this.password = password;
+    this.server = new Ssh2.Server({
+      keepAlive: true,
+      hostKeys: [hostKey],
+      ident: 'ssh2 server'
+    }, (client) => this.processClient(client));
+    this.server.listen();
+  }
+
+  stop() {
+    this.server.close();
+    this.server.removeAllListeners();
+    this.server = null;
+  }
+
+  handleSshTunnel(stream) {
+    this.server.injectSocket(stream);
+  }
+
+  processClient(client) {
+    client.setNoDelay();
+    client.on('authentication', async (ctx) => {
+      if (ctx.method !== 'password') {
+        // only password
+        ctx.reject();
+        return;
+      }
+      if (ctx.username !== this.login) {
+        ctx.reject();
+        return;
+      }
+      if (ctx.password !== this.password) {
+        ctx.reject();
+        return;
+      }
+      ctx.accept();
+    });
+    client.on('close', () => {
+      client.removeAllListeners();
+      client = null;
+    });
+    client.on('error', (err) => {
+      logger.debug('Error on ssh server client');
+      logger.debug(err);
+      client.end();
+    });
+    client.on('session', (accept) => {
+      let session = accept();
+      session.env = {};
+      const closeSession = () => {
+        session.removeAllListeners();
+        if (session.sftp) {
+          session.sftp.destroy();
+          session.sftp = null;
+        }
+        session = null;
+        if (client) client.end();
+      };
+      session.on('close', closeSession);
+      session.on('end', closeSession);
+      session.on('exec', (accept, reject, info) => {
+        if (!info.command) {
+          if (reject) reject();
+          return;
+        }
+        let stream;
+        if (accept) stream = accept();
+        exec(info.command, {
+          env: session.env
+        }, (err, stdout, stderr) => {
+          if (stream) {
+            stream.stderr.write(stderr);
+            stream.write(stdout);
+            stream.exit(!err ? 0 : 1);
+            stream.end();
+            stream = null;
+          }
+        });
+      });
+      session.on('env', (accept, reject, info) => {
+        Object.keys(info || {}).forEach((key) => {
+          session.env[key] = info[key];
+        });
+        if (accept) accept();
+      });
+      session.on('sftp', (accept, reject) => {
+        if (!session.sftp) {
+          session.sftp = new ServerSftp(accept());
+        } else if (reject) {
+          reject();
+        }
+      });
+    });
+  }
+}
+
+module.exports = ServerSsh;

package/src/server/tls.js

@@ -0,0 +1,41 @@
+const EventEmitter = require('events');
+const tls = require('tls');
+const ServerCert = require('./cert.js');
+const { TLS_SOCKET } = require('../utils');
+
+class ServerTls extends EventEmitter {
+  constructor(key, cert, ca) {
+    super();
+    this.key = key;
+    this.cert = cert;
+    this.ca = ca;
+    if (!this.key || !this.cert) {
+      const c = new ServerCert();
+      this.key = c.key;
+      this.cert = c.cert;
+    }
+    this.server = tls.createServer({
+      handshakeTimeout: 60000,
+      key: this.key,
+      cert: this.cert,
+      ca: this.ca,
+      rejectUnauthorized: !!this.ca,
+      requestCert: !!this.ca
+    }, (socket) => this.processSocket(socket));
+  }
+
+  async processSocket(socket) {
+    this.emit(TLS_SOCKET, socket);
+  }
+
+  handleSshTunnel(channel) {
+    this.server.emit('connection', channel);
+  }
+
+  stop() {
+    this.server.removeAllListeners();
+    this.server = null;
+  }
+}
+
+module.exports = ServerTls;