golint cleanup

This commit is contained in:
Russ Magee 2022-09-26 22:09:54 -07:00
parent 3325bb3a4e
commit bd0b48d98f
1 changed files with 85 additions and 83 deletions

View File

@ -16,7 +16,6 @@ import (
"flag" "flag"
"fmt" "fmt"
"io" "io"
"io/ioutil"
"log" "log"
"os" "os"
"os/exec" "os/exec"
@ -47,6 +46,11 @@ var (
Log *logger.Writer Log *logger.Writer
) )
const (
AuthTokenLen = 64
LoginTimeoutSecs = 30
)
func ioctl(fd, request, argp uintptr) error { func ioctl(fd, request, argp uintptr) error {
if _, _, e := syscall.Syscall6(syscall.SYS_IOCTL, fd, request, argp, 0, 0, 0); e != 0 { if _, _, e := syscall.Syscall6(syscall.SYS_IOCTL, fd, request, argp, 0, 0, 0); e != 0 {
return e return e
@ -66,10 +70,10 @@ func ptsName(fd uintptr) (string, error) {
/* -------------------------------------------------------------- */ /* -------------------------------------------------------------- */
// Perform a client->server copy // Perform a client->server copy
func runClientToServerCopyAs(who, ttype string, conn *xsnet.Conn, fpath string, chaffing bool) (exitStatus uint32, err error) { func runClientToServerCopyAs(who, ttype string, conn *xsnet.Conn, fpath string, chaffing bool) (exitStatus uint32, err error) {
u, _ := user.Lookup(who) // nolint: gosec u, _ := user.Lookup(who)
var uid, gid uint32 var uid, gid uint32
fmt.Sscanf(u.Uid, "%d", &uid) // nolint: gosec,errcheck fmt.Sscanf(u.Uid, "%d", &uid)
fmt.Sscanf(u.Gid, "%d", &gid) // nolint: gosec,errcheck fmt.Sscanf(u.Gid, "%d", &gid)
log.Println("uid:", uid, "gid:", gid) log.Println("uid:", uid, "gid:", gid)
// Need to clear server's env and set key vars of the // Need to clear server's env and set key vars of the
@ -80,9 +84,9 @@ func runClientToServerCopyAs(who, ttype string, conn *xsnet.Conn, fpath string,
// of client shell window used to run client. // of client shell window used to run client.
// Investigate -- rlm 2018-01-26) // Investigate -- rlm 2018-01-26)
os.Clearenv() os.Clearenv()
os.Setenv("HOME", u.HomeDir) // nolint: gosec,errcheck os.Setenv("HOME", u.HomeDir)
os.Setenv("TERM", ttype) // nolint: gosec,errcheck os.Setenv("TERM", ttype)
os.Setenv("XS_SESSION", "1") // nolint: gosec,errcheck os.Setenv("XS_SESSION", "1")
var c *exec.Cmd var c *exec.Cmd
cmdName := xs.GetTool("tar") cmdName := xs.GetTool("tar")
@ -101,7 +105,7 @@ func runClientToServerCopyAs(who, ttype string, conn *xsnet.Conn, fpath string,
// (as this isn't input from a shell) (right? -rlm 20180823) // (as this isn't input from a shell) (right? -rlm 20180823)
//cmdArgs := []string{"-x", "-C", destDir, `--xform=s#.*/\(.*\)#\1#`} //cmdArgs := []string{"-x", "-C", destDir, `--xform=s#.*/\(.*\)#\1#`}
fmt.Println(cmdName, cmdArgs) fmt.Println(cmdName, cmdArgs)
c = exec.Command(cmdName, cmdArgs...) // nolint: gosec c = exec.Command(cmdName, cmdArgs...)
c.Dir = destDir c.Dir = destDir
@ -173,8 +177,8 @@ func runServerToClientCopyAs(who, ttype string, conn *xsnet.Conn, srcPath string
return return
} }
var uid, gid uint32 var uid, gid uint32
_, _ = fmt.Sscanf(u.Uid, "%d", &uid) // nolint: gosec _, _ = fmt.Sscanf(u.Uid, "%d", &uid)
_, _ = fmt.Sscanf(u.Gid, "%d", &gid) // nolint: gosec _, _ = fmt.Sscanf(u.Gid, "%d", &gid)
log.Println("uid:", uid, "gid:", gid) log.Println("uid:", uid, "gid:", gid)
// Need to clear server's env and set key vars of the // Need to clear server's env and set key vars of the
@ -185,9 +189,9 @@ func runServerToClientCopyAs(who, ttype string, conn *xsnet.Conn, srcPath string
// of client shell window used to run client. // of client shell window used to run client.
// Investigate -- rlm 2018-01-26) // Investigate -- rlm 2018-01-26)
os.Clearenv() os.Clearenv()
_ = os.Setenv("HOME", u.HomeDir) // nolint: gosec _ = os.Setenv("HOME", u.HomeDir)
_ = os.Setenv("TERM", ttype) // nolint: gosec _ = os.Setenv("TERM", ttype)
_ = os.Setenv("XS_SESSION", "1") // nolint: gosec _ = os.Setenv("XS_SESSION", "1")
var c *exec.Cmd var c *exec.Cmd
cmdName := xs.GetTool("tar") cmdName := xs.GetTool("tar")
@ -198,7 +202,7 @@ func runServerToClientCopyAs(who, ttype string, conn *xsnet.Conn, srcPath string
srcDir, srcBase := path.Split(srcPath) srcDir, srcBase := path.Split(srcPath)
cmdArgs := []string{"-cz", "-C", srcDir, "-f", "-", srcBase} cmdArgs := []string{"-cz", "-C", srcDir, "-f", "-", srcBase}
c = exec.Command(cmdName, cmdArgs...) // nolint: gosec c = exec.Command(cmdName, cmdArgs...)
//If os.Clearenv() isn't called by server above these will be seen in the //If os.Clearenv() isn't called by server above these will be seen in the
//client's session env. //client's session env.
@ -252,11 +256,10 @@ func runServerToClientCopyAs(who, ttype string, conn *xsnet.Conn, srcPath string
return return
} }
// Run a command (via default shell) as a specific user // Run a command (via default shell) as a specific user. Uses
// // ptys to support commands which expect a terminal. //nolint:gofmt
// Uses ptys to support commands which expect a terminal. func runShellAs(who, hname, ttype, cmd string, interactive bool, //nolint:funlen
// nolint: gocyclo conn *xsnet.Conn, chaffing bool) (exitStatus uint32, err error) {
func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Conn, chaffing bool) (exitStatus uint32, err error) {
var wg sync.WaitGroup var wg sync.WaitGroup
u, err := user.Lookup(who) u, err := user.Lookup(who)
if err != nil { if err != nil {
@ -264,8 +267,8 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Con
return return
} }
var uid, gid uint32 var uid, gid uint32
_, _ = fmt.Sscanf(u.Uid, "%d", &uid) // nolint: gosec _, _ = fmt.Sscanf(u.Uid, "%d", &uid)
_, _ = fmt.Sscanf(u.Gid, "%d", &gid) // nolint: gosec _, _ = fmt.Sscanf(u.Gid, "%d", &gid)
log.Println("uid:", uid, "gid:", gid) log.Println("uid:", uid, "gid:", gid)
// Need to clear server's env and set key vars of the // Need to clear server's env and set key vars of the
@ -276,9 +279,9 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Con
// of client shell window used to run client. // of client shell window used to run client.
// Investigate -- rlm 2018-01-26) // Investigate -- rlm 2018-01-26)
os.Clearenv() os.Clearenv()
_ = os.Setenv("HOME", u.HomeDir) // nolint: gosec _ = os.Setenv("HOME", u.HomeDir)
_ = os.Setenv("TERM", ttype) // nolint: gosec _ = os.Setenv("TERM", ttype)
_ = os.Setenv("XS_SESSION", "1") // nolint: gosec _ = os.Setenv("XS_SESSION", "1")
var c *exec.Cmd var c *exec.Cmd
@ -294,18 +297,18 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Con
// automagically, at the cost of another external tool // automagically, at the cost of another external tool
// dependency. // dependency.
// //
c = exec.Command(xs.GetTool("login"), "-f", "-p", who) // nolint: gosec c = exec.Command(xs.GetTool("login"), "-f", "-p", who) //nolint:gosec
} else { } else {
// Using our separate login via local passwd file // Using our separate login via local passwd file
// //
// Note we must drop privs ourselves for the user shell // Note we must drop privs ourselves for the user shell
// //
c = exec.Command(xs.GetTool("bash"), "-i", "-l") // nolint: gosec c = exec.Command(xs.GetTool("bash"), "-i", "-l") //nolint:gosec
c.SysProcAttr = &syscall.SysProcAttr{} c.SysProcAttr = &syscall.SysProcAttr{}
c.SysProcAttr.Credential = &syscall.Credential{Uid: uid, Gid: gid} c.SysProcAttr.Credential = &syscall.Credential{Uid: uid, Gid: gid}
} }
} else { } else {
c = exec.Command(xs.GetTool("bash"), "-c", cmd) // nolint: gosec c = exec.Command(xs.GetTool("bash"), "-c", cmd) //nolint:gosec
c.SysProcAttr = &syscall.SysProcAttr{} c.SysProcAttr = &syscall.SysProcAttr{}
c.SysProcAttr.Credential = &syscall.Credential{Uid: uid, Gid: gid} c.SysProcAttr.Credential = &syscall.Credential{Uid: uid, Gid: gid}
} }
@ -325,7 +328,7 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Con
defer func() { defer func() {
//logger.LogDebug(fmt.Sprintf("[Exited process was %d]", c.Process.Pid)) //logger.LogDebug(fmt.Sprintf("[Exited process was %d]", c.Process.Pid))
_ = ptmx.Close() _ = ptmx.Close()
}() // nolint: gosec }()
// get pty info for system accounting (who, lastlog) // get pty info for system accounting (who, lastlog)
pts, pe := ptsName(ptmx.Fd()) pts, pe := ptsName(ptmx.Fd())
@ -345,7 +348,7 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Con
go func() { go func() {
for sz := range conn.WinCh { for sz := range conn.WinCh {
log.Printf("[Setting term size to: %v %v]\n", sz.Rows, sz.Cols) log.Printf("[Setting term size to: %v %v]\n", sz.Rows, sz.Cols)
pty.Setsize(ptmx, &pty.Winsize{Rows: sz.Rows, Cols: sz.Cols}) // nolint: gosec,errcheck pty.Setsize(ptmx, &pty.Winsize{Rows: sz.Rows, Cols: sz.Cols}) //nolint:errcheck
} }
log.Println("*** WinCh goroutine done ***") log.Println("*** WinCh goroutine done ***")
}() }()
@ -406,7 +409,7 @@ func runShellAs(who, hname, ttype, cmd string, interactive bool, conn *xsnet.Con
} }
conn.SetStatus(xsnet.CSOType(exitStatus)) conn.SetStatus(xsnet.CSOType(exitStatus))
} else { } else {
logger.LogDebug("*** Main proc has exited. ***") logger.LogDebug("*** Main proc has exited. ***") //nolint:errcheck
// Background jobs still may be running; close the // Background jobs still may be running; close the
// pty anyway, so the client can return before // pty anyway, so the client can return before
// wg.Wait() below completes (Issue #18) // wg.Wait() below completes (Issue #18)
@ -428,8 +431,8 @@ func GenAuthToken(who string, connhost string) string {
//} //}
hname := connhost hname := connhost
token := make([]byte, 64) token := make([]byte, AuthTokenLen)
_, _ = rand.Read(token) // nolint: gosec _, _ = rand.Read(token)
return fmt.Sprintf("%s:%s:%s", hname, who, hex.EncodeToString(token)) return fmt.Sprintf("%s:%s:%s", hname, who, hex.EncodeToString(token))
} }
@ -505,7 +508,7 @@ func (a *allowedHMACAlgs) Set(value string) error {
// daemon dies, all clients will be rudely disconnected. // daemon dies, all clients will be rudely disconnected.
// Consider this when planning to restart or upgrade in-place an installation. // Consider this when planning to restart or upgrade in-place an installation.
// TODO: reduce gocyclo // TODO: reduce gocyclo
func main() { func main() { //nolint:funlen,gocyclo
var vopt bool var vopt bool
var chaffEnabled bool var chaffEnabled bool
var chaffFreqMin uint var chaffFreqMin uint
@ -518,16 +521,15 @@ func main() {
flag.BoolVar(&vopt, "v", false, "show version") flag.BoolVar(&vopt, "v", false, "show version")
flag.StringVar(&laddr, "l", ":2000", "interface[:port] to listen") flag.StringVar(&laddr, "l", ":2000", "interface[:port] to listen")
flag.StringVar(&kcpMode, "K", "unused", `set to one of ["KCP_NONE","KCP_AES", "KCP_BLOWFISH", "KCP_CAST5", "KCP_SM4", "KCP_SALSA20", "KCP_SIMPLEXOR", "KCP_TEA", "KCP_3DES", "KCP_TWOFISH", "KCP_XTEA"] to use KCP (github.com/xtaci/kcp-go) reliable UDP instead of TCP`) flag.StringVar(&kcpMode, "K", "unused", `set to one of ["KCP_NONE","KCP_AES", "KCP_BLOWFISH", "KCP_CAST5", "KCP_SM4", "KCP_SALSA20", "KCP_SIMPLEXOR", "KCP_TEA", "KCP_3DES", "KCP_TWOFISH", "KCP_XTEA"] to use KCP (github.com/xtaci/kcp-go) reliable UDP instead of TCP`) //nolint:lll
flag.BoolVar(&useSysLogin, "L", false, "use system login") flag.BoolVar(&useSysLogin, "L", false, "use system login")
flag.BoolVar(&chaffEnabled, "e", true, "enable chaff pkts") flag.BoolVar(&chaffEnabled, "e", true, "enable chaff pkts")
flag.UintVar(&chaffFreqMin, "f", 100, "chaff pkt freq min (msecs)") flag.UintVar(&chaffFreqMin, "f", 100, "chaff pkt freq min (msecs)") //nolint:gomnd
flag.UintVar(&chaffFreqMax, "F", 5000, "chaff pkt freq max (msecs)") flag.UintVar(&chaffFreqMax, "F", 5000, "chaff pkt freq max (msecs)") //nolint:gomnd
flag.UintVar(&chaffBytesMax, "B", 64, "chaff pkt size max (bytes)") flag.UintVar(&chaffBytesMax, "B", 64, "chaff pkt size max (bytes)") //nolint:gomnd
flag.BoolVar(&useSystemPasswd, "s", true, "use system shadow passwds") flag.BoolVar(&useSystemPasswd, "s", true, "use system shadow passwds")
flag.BoolVar(&dbg, "d", false, "debug logging") flag.BoolVar(&dbg, "d", false, "debug logging")
flag.Var(&aKEXAlgs, "aK", "Allowed KEX `alg`s (eg. '-aK KEXAlgA -aK KEXAlgB ...')"+`
flag.Var(&aKEXAlgs, "aK", "Allowed KEX `alg`s (eg. '-aK KEXAlgA -aK KEXAlgB ...')" + `
KEX_all KEX_all
KEX_HERRADURA256 KEX_HERRADURA256
KEX_HERRADURA512 KEX_HERRADURA512
@ -542,7 +544,7 @@ func main() {
KEX_FRODOKEM_1344SHAKE KEX_FRODOKEM_1344SHAKE
KEX_FRODOKEM_976AES KEX_FRODOKEM_976AES
KEX_FRODOKEM_976SHAKE`) KEX_FRODOKEM_976SHAKE`)
flag.Var(&aCipherAlgs, "aC", "Allowed `cipher`s (eg. '-aC CAlgA -aC CAlgB ...')" + ` flag.Var(&aCipherAlgs, "aC", "Allowed `cipher`s (eg. '-aC CAlgA -aC CAlgB ...')"+`
C_all C_all
C_AES_256 C_AES_256
C_TWOFISH_128 C_TWOFISH_128
@ -550,7 +552,7 @@ func main() {
C_CRYPTMT1 C_CRYPTMT1
C_HOPSCOTCH C_HOPSCOTCH
C_CHACHA20_12`) C_CHACHA20_12`)
flag.Var(&aHMACAlgs, "aH", "Allowed `HMAC`s (eg. '-aH HMACAlgA -aH HMACAlgB ...')" + ` flag.Var(&aHMACAlgs, "aH", "Allowed `HMAC`s (eg. '-aH HMACAlgA -aH HMACAlgB ...')"+`
H_all H_all
H_SHA256 H_SHA256
H_SHA512`) H_SHA512`)
@ -570,7 +572,7 @@ func main() {
} }
// Enforce some sane min/max vals on chaff flags // Enforce some sane min/max vals on chaff flags
if chaffFreqMin < 2 { if chaffFreqMin < 2 { //nolint:gomnd
chaffFreqMin = 2 chaffFreqMin = 2
} }
if chaffFreqMax == 0 { if chaffFreqMax == 0 {
@ -580,49 +582,49 @@ func main() {
chaffBytesMax = 64 chaffBytesMax = 64
} }
Log, _ = logger.New(logger.LOG_DAEMON|logger.LOG_DEBUG|logger.LOG_NOTICE|logger.LOG_ERR, "xsd") // nolint: gosec Log, _ = logger.New(logger.LOG_DAEMON|logger.LOG_DEBUG|logger.LOG_NOTICE|logger.LOG_ERR, "xsd")
xsnet.Init(dbg, "xsd", logger.LOG_DAEMON|logger.LOG_DEBUG|logger.LOG_NOTICE|logger.LOG_ERR) xsnet.Init(dbg, "xsd", logger.LOG_DAEMON|logger.LOG_DEBUG|logger.LOG_NOTICE|logger.LOG_ERR)
if dbg { if dbg {
log.SetOutput(Log) log.SetOutput(Log)
} else { } else {
log.SetOutput(ioutil.Discard) log.SetOutput(io.Discard)
} }
// Set up allowed algs, if specified (default allow all) // Set up allowed algs, if specified (default allow all)
if len(aKEXAlgs) == 0 { if len(aKEXAlgs) == 0 {
aKEXAlgs = []string{"none"} aKEXAlgs = []string{"none"}
} }
logger.LogNotice(fmt.Sprintf("Allowed KEXAlgs: %v\n", aKEXAlgs)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("Allowed KEXAlgs: %v\n", aKEXAlgs)) //nolint:errcheck
if len(aCipherAlgs) == 0 { if len(aCipherAlgs) == 0 {
aCipherAlgs = []string{"none"} aCipherAlgs = []string{"none"}
} }
logger.LogNotice(fmt.Sprintf("Allowed CipherAlgs: %v\n", aCipherAlgs)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("Allowed CipherAlgs: %v\n", aCipherAlgs)) //nolint:errcheck
if len(aHMACAlgs) == 0 { if len(aHMACAlgs) == 0 {
aHMACAlgs = []string{"none"} aHMACAlgs = []string{"none"}
} }
logger.LogNotice(fmt.Sprintf("Allowed HMACAlgs: %v\n", aHMACAlgs)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("Allowed HMACAlgs: %v\n", aHMACAlgs)) //nolint:errcheck
// Set up handler for daemon signalling // Set up handler for daemon signalling
exitCh := make(chan os.Signal, 1) exitCh := make(chan os.Signal, 1)
signal.Notify(exitCh, os.Signal(syscall.SIGTERM), os.Signal(syscall.SIGINT), os.Signal(syscall.SIGHUP), os.Signal(syscall.SIGUSR1), os.Signal(syscall.SIGUSR2)) signal.Notify(exitCh, os.Signal(syscall.SIGTERM), os.Signal(syscall.SIGINT), os.Signal(syscall.SIGHUP), os.Signal(syscall.SIGUSR1), os.Signal(syscall.SIGUSR2)) //nolint:lll
go func() { go func() {
for { for {
sig := <-exitCh sig := <-exitCh
switch sig.String() { switch sig.String() {
case "terminated": case "terminated":
logger.LogNotice(fmt.Sprintf("[Got signal: %s]", sig)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("[Got signal: %s]", sig)) //nolint:errcheck
signal.Reset() signal.Reset()
syscall.Kill(0, syscall.SIGTERM) // nolint: gosec,errcheck syscall.Kill(0, syscall.SIGTERM) //nolint:errcheck
case "interrupt": case "interrupt":
logger.LogNotice(fmt.Sprintf("[Got signal: %s]", sig)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("[Got signal: %s]", sig)) //nolint:errcheck
signal.Reset() signal.Reset()
syscall.Kill(0, syscall.SIGINT) // nolint: gosec,errcheck syscall.Kill(0, syscall.SIGINT) //nolint:errcheck
case "hangup": case "hangup":
logger.LogNotice(fmt.Sprintf("[Got signal: %s - nop]", sig)) // nolint:gosec,errcheck logger.LogNotice(fmt.Sprintf("[Got signal: %s - nop]", sig)) //nolint:errcheck
default: default:
logger.LogNotice(fmt.Sprintf("[Got signal: %s - ignored]", sig)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("[Got signal: %s - ignored]", sig)) //nolint:errcheck
} }
} }
}() }()
@ -635,7 +637,7 @@ func main() {
if err != nil { if err != nil {
log.Fatal(err) log.Fatal(err)
} }
defer l.Close() // nolint: errcheck defer l.Close()
log.Println("Serving on", laddr) log.Println("Serving on", laddr)
for { for {
@ -669,12 +671,12 @@ func main() {
// The loop then returns to accepting, so that // The loop then returns to accepting, so that
// multiple connections may be served concurrently. // multiple connections may be served concurrently.
go func(hc *xsnet.Conn) (e error) { go func(hc *xsnet.Conn) (e error) {
defer hc.Close() // nolint: errcheck defer hc.Close()
// Start login timeout here and disconnect if user/pass phase stalls // Start login timeout here and disconnect if user/pass phase stalls
loginTimeout := time.AfterFunc(30*time.Second, func() { loginTimeout := time.AfterFunc(LoginTimeoutSecs*time.Second, func() {
logger.LogNotice(fmt.Sprintln("Login timed out")) // nolint: errcheck,gosec logger.LogNotice(fmt.Sprintln("Login timed out")) //nolint:errcheck
hc.Write([]byte{0}) // nolint: gosec,errcheck hc.Write([]byte{0}) //nolint:errcheck
hc.Close() hc.Close()
}) })
@ -763,10 +765,10 @@ func main() {
// Tell client if auth was valid // Tell client if auth was valid
if valid { if valid {
hc.Write([]byte{1}) // nolint: gosec,errcheck hc.Write([]byte{1}) //nolint:errcheck
} else { } else {
logger.LogNotice(fmt.Sprintln("Invalid user", string(rec.Who()))) // nolint: errcheck,gosec logger.LogNotice(fmt.Sprintln("Invalid user", string(rec.Who()))) //nolint:errcheck
hc.Write([]byte{0}) // nolint: gosec,errcheck hc.Write([]byte{0}) //nolint:errcheck
return return
} }
@ -776,15 +778,15 @@ func main() {
// Generate automated login token // Generate automated login token
addr := hc.RemoteAddr() addr := hc.RemoteAddr()
hname := goutmp.GetHost(addr.String()) hname := goutmp.GetHost(addr.String())
logger.LogNotice(fmt.Sprintf("[Generating autologin token for [%s@%s]]\n", rec.Who(), hname)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("[Generating autologin token for [%s@%s]]\n", rec.Who(), hname)) //nolint:errcheck
token := GenAuthToken(string(rec.Who()), string(rec.ConnHost())) token := GenAuthToken(string(rec.Who()), string(rec.ConnHost()))
tokenCmd := fmt.Sprintf("echo \"%s\" | tee -a ~/.xs_id", token) tokenCmd := fmt.Sprintf("echo %q | tee -a ~/.xs_id", token)
cmdStatus, runErr := runShellAs(string(rec.Who()), hname, string(rec.TermType()), tokenCmd, false, hc, chaffEnabled) cmdStatus, runErr := runShellAs(string(rec.Who()), hname, string(rec.TermType()), tokenCmd, false, hc, chaffEnabled)
// Returned hopefully via an EOF or exit/logout; // Returned hopefully via an EOF or exit/logout;
// Clear current op so user can enter next, or EOF // Clear current op so user can enter next, or EOF
rec.SetOp([]byte{0}) rec.SetOp([]byte{0})
if runErr != nil { if runErr != nil {
logger.LogErr(fmt.Sprintf("[Error generating autologin token for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck logger.LogErr(fmt.Sprintf("[Error generating autologin token for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
} else { } else {
log.Printf("[Autologin token generation completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus) log.Printf("[Autologin token generation completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)
hc.SetStatus(xsnet.CSOType(cmdStatus)) hc.SetStatus(xsnet.CSOType(cmdStatus))
@ -793,31 +795,31 @@ func main() {
// Non-interactive command // Non-interactive command
addr := hc.RemoteAddr() addr := hc.RemoteAddr()
hname := goutmp.GetHost(addr.String()) hname := goutmp.GetHost(addr.String())
logger.LogNotice(fmt.Sprintf("[Running command for [%s@%s]]\n", rec.Who(), hname)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("[Running command for [%s@%s]]\n", rec.Who(), hname)) //nolint:errcheck
cmdStatus, runErr := runShellAs(string(rec.Who()), hname, string(rec.TermType()), string(rec.Cmd()), false, hc, chaffEnabled) cmdStatus, runErr := runShellAs(string(rec.Who()), hname, string(rec.TermType()), string(rec.Cmd()), false, hc, chaffEnabled)
// Returned hopefully via an EOF or exit/logout; // Returned hopefully via an EOF or exit/logout;
// Clear current op so user can enter next, or EOF // Clear current op so user can enter next, or EOF
rec.SetOp([]byte{0}) rec.SetOp([]byte{0})
if runErr != nil { if runErr != nil {
logger.LogErr(fmt.Sprintf("[Error spawning cmd for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck logger.LogErr(fmt.Sprintf("[Error spawning cmd for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
} else { } else {
logger.LogNotice(fmt.Sprintf("[Command completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("[Command completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) //nolint:errcheck
hc.SetStatus(xsnet.CSOType(cmdStatus)) hc.SetStatus(xsnet.CSOType(cmdStatus))
} }
} else if rec.Op()[0] == 's' { } else if rec.Op()[0] == 's' {
// Interactive session // Interactive session
addr := hc.RemoteAddr() addr := hc.RemoteAddr()
hname := goutmp.GetHost(addr.String()) hname := goutmp.GetHost(addr.String())
logger.LogNotice(fmt.Sprintf("[Running shell for [%s@%s]]\n", rec.Who(), hname)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("[Running shell for [%s@%s]]\n", rec.Who(), hname)) //nolint:errcheck
cmdStatus, runErr := runShellAs(string(rec.Who()), hname, string(rec.TermType()), string(rec.Cmd()), true, hc, chaffEnabled) cmdStatus, runErr := runShellAs(string(rec.Who()), hname, string(rec.TermType()), string(rec.Cmd()), true, hc, chaffEnabled)
// Returned hopefully via an EOF or exit/logout; // Returned hopefully via an EOF or exit/logout;
// Clear current op so user can enter next, or EOF // Clear current op so user can enter next, or EOF
rec.SetOp([]byte{0}) rec.SetOp([]byte{0})
if runErr != nil { if runErr != nil {
Log.Err(fmt.Sprintf("[Error spawning shell for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck Log.Err(fmt.Sprintf("[Error spawning shell for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
} else { } else {
logger.LogNotice(fmt.Sprintf("[Shell completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("[Shell completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) //nolint:errcheck
hc.SetStatus(xsnet.CSOType(cmdStatus)) hc.SetStatus(xsnet.CSOType(cmdStatus))
} }
} else if rec.Op()[0] == 'D' { } else if rec.Op()[0] == 'D' {
@ -825,41 +827,41 @@ func main() {
log.Printf("[Client->Server copy]\n") log.Printf("[Client->Server copy]\n")
addr := hc.RemoteAddr() addr := hc.RemoteAddr()
hname := goutmp.GetHost(addr.String()) hname := goutmp.GetHost(addr.String())
logger.LogNotice(fmt.Sprintf("[c->s copy for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("[c->s copy for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
cmdStatus, runErr := runClientToServerCopyAs(string(rec.Who()), string(rec.TermType()), hc, string(rec.Cmd()), chaffEnabled) cmdStatus, runErr := runClientToServerCopyAs(string(rec.Who()), string(rec.TermType()), hc, string(rec.Cmd()), chaffEnabled)
// Returned hopefully via an EOF or exit/logout; // Returned hopefully via an EOF or exit/logout;
// Clear current op so user can enter next, or EOF // Clear current op so user can enter next, or EOF
rec.SetOp([]byte{0}) rec.SetOp([]byte{0})
if runErr != nil { if runErr != nil {
logger.LogErr(fmt.Sprintf("[c->s copy error for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck logger.LogErr(fmt.Sprintf("[c->s copy error for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
} else { } else {
logger.LogNotice(fmt.Sprintf("[c->s copy completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("[c->s copy completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) //nolint:errcheck
} }
// TODO: Test this with huge files.. see Bug #22 - do we need to // TODO: Test this with huge files.. see Bug #22 - do we need to
// sync w/sender (client) that we've gotten all data? // sync w/sender (client) that we've gotten all data?
hc.SetStatus(xsnet.CSOType(cmdStatus)) hc.SetStatus(xsnet.CSOType(cmdStatus))
// Send CSOExitStatus *before* client closes channel // Send CSOExitStatus *before* client closes channel
s := make([]byte, 4) s := make([]byte, 4) //nolint:gomnd
binary.BigEndian.PutUint32(s, cmdStatus) binary.BigEndian.PutUint32(s, cmdStatus)
log.Printf("** cp writing closeStat %d at Close()\n", cmdStatus) log.Printf("** cp writing closeStat %d at Close()\n", cmdStatus)
hc.WritePacket(s, xsnet.CSOExitStatus) // nolint: gosec,errcheck hc.WritePacket(s, xsnet.CSOExitStatus) //nolint:errcheck
} else if rec.Op()[0] == 'S' { } else if rec.Op()[0] == 'S' {
// File copy (src) operation - server copy to client // File copy (src) operation - server copy to client
log.Printf("[Server->Client copy]\n") log.Printf("[Server->Client copy]\n")
addr := hc.RemoteAddr() addr := hc.RemoteAddr()
hname := goutmp.GetHost(addr.String()) hname := goutmp.GetHost(addr.String())
logger.LogNotice(fmt.Sprintf("[s->c copy for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("[s->c copy for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
cmdStatus, runErr := runServerToClientCopyAs(string(rec.Who()), string(rec.TermType()), hc, string(rec.Cmd()), chaffEnabled) cmdStatus, runErr := runServerToClientCopyAs(string(rec.Who()), string(rec.TermType()), hc, string(rec.Cmd()), chaffEnabled)
if runErr != nil { if runErr != nil {
logger.LogErr(fmt.Sprintf("[s->c copy error for %s@%s]\n", rec.Who(), hname)) // nolint: gosec,errcheck logger.LogErr(fmt.Sprintf("[s->c copy error for %s@%s]\n", rec.Who(), hname)) //nolint:errcheck
} else { } else {
// Returned hopefully via an EOF or exit/logout; // Returned hopefully via an EOF or exit/logout;
logger.LogNotice(fmt.Sprintf("[s->c copy completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) // nolint: gosec,errcheck logger.LogNotice(fmt.Sprintf("[s->c copy completed for %s@%s, status %d]\n", rec.Who(), hname, cmdStatus)) //nolint:errcheck
} }
// HACK: Bug #22: (xc) Need to wait for rcvr to get final data // HACK: Bug #22: (xc) Need to wait for rcvr to get final data
// TODO: Await specific msg from client to inform they have gotten all data from the tarpipe // TODO: Await specific msg from client to inform they have gotten all data from the tarpipe
time.Sleep(time.Duration(900 * time.Millisecond)) // Let rcvr set this on setup? time.Sleep(900 * time.Millisecond) //nolint:gomnd // Let rcvr set this on setup?
// Clear current op so user can enter next, or EOF // Clear current op so user can enter next, or EOF
rec.SetOp([]byte{0}) rec.SetOp([]byte{0})
@ -868,12 +870,12 @@ func main() {
//_, _ = hc.Read(nil /*ackByte*/) //_, _ = hc.Read(nil /*ackByte*/)
//fmt.Println("Got remote end ack.") //fmt.Println("Got remote end ack.")
} else { } else {
logger.LogErr(fmt.Sprintln("[Bad xs.Session]")) // nolint: gosec,errcheck logger.LogErr(fmt.Sprintln("[Bad xs.Session]")) //nolint:errcheck
} }
return return
}(&conn) // nolint: errcheck }(&conn) //nolint:errcheck
} // algs valid and not blacklisted } // algs valid and not blacklisted
} // Accept() success } // Accept() success
} //endfor } //endfor
//logger.LogNotice(fmt.Sprintln("[Exiting]")) // nolint: gosec,errcheck //logger.LogNotice(fmt.Sprintln("[Exiting]")) //nolint:errcheck
} }