allow selecting ssh ciphers (fixes #645)

This commit is contained in:
Eugene Pankov 2019-02-09 18:52:09 +01:00
parent a2c636fdbf
commit 168e6f17dc
8 changed files with 81 additions and 373 deletions

View File

@ -20,6 +20,10 @@
flex-direction: row; flex-direction: row;
align-items: center; align-items: center;
.off {
color: rgba(0, 0, 0, .5);
}
.icon { .icon {
position: relative; position: relative;
flex: none; flex: none;

View File

@ -40,6 +40,7 @@
"xkeychain": "^0.0.6" "xkeychain": "^0.0.6"
}, },
"dependencies": { "dependencies": {
"ssh2": "^0.8.2" "ssh2": "^0.8.2",
"ssh2-streams": "^0.4.2"
} }
} }

View File

@ -7,6 +7,13 @@ export interface LoginScript {
optional?: boolean optional?: boolean
} }
export enum SSHAlgorithmType {
HMAC = 'hmac',
KEX = 'kex',
CIPHER = 'cipher',
HOSTKEY = 'serverHostKey'
}
export interface SSHConnection { export interface SSHConnection {
name?: string name?: string
host: string host: string
@ -19,6 +26,8 @@ export interface SSHConnection {
keepaliveInterval?: number keepaliveInterval?: number
keepaliveCountMax?: number keepaliveCountMax?: number
readyTimeout?: number readyTimeout?: number
algorithms?: {[t: string]: string[]}
} }
export class SSHSession extends BaseSession { export class SSHSession extends BaseSession {

View File

@ -86,6 +86,27 @@
[(ngModel)]='connection.readyTimeout', [(ngModel)]='connection.readyTimeout',
) )
.form-group
label Ciphers
div(*ngFor='let alg of supportedAlgorithms.cipher')
checkbox([text]='alg', [(ngModel)]='algorithms.cipher[alg]')
.form-group
label Key exchange
div(*ngFor='let alg of supportedAlgorithms.kex')
checkbox([text]='alg', [(ngModel)]='algorithms.kex[alg]')
.form-group
label HMAC
div(*ngFor='let alg of supportedAlgorithms.hmac')
checkbox([text]='alg', [(ngModel)]='algorithms.hmac[alg]')
.form-group
label Host key
div(*ngFor='let alg of supportedAlgorithms.serverHostKey')
checkbox([text]='alg', [(ngModel)]='algorithms.serverHostKey[alg]')
ngb-tab(id='scripts') ngb-tab(id='scripts')
ng-template(ngbTabTitle) ng-template(ngbTabTitle)
| Login Scripts | Login Scripts

View File

@ -2,7 +2,8 @@ import { Component } from '@angular/core'
import { NgbActiveModal } from '@ng-bootstrap/ng-bootstrap' import { NgbActiveModal } from '@ng-bootstrap/ng-bootstrap'
import { ElectronService, HostAppService } from 'terminus-core' import { ElectronService, HostAppService } from 'terminus-core'
import { PasswordStorageService } from '../services/passwordStorage.service' import { PasswordStorageService } from '../services/passwordStorage.service'
import { SSHConnection, LoginScript } from '../api' import { SSHConnection, LoginScript, SSHAlgorithmType } from '../api'
import { ALGORITHMS } from 'ssh2-streams/lib/constants'
@Component({ @Component({
template: require('./editConnectionModal.component.pug'), template: require('./editConnectionModal.component.pug'),
@ -12,6 +13,10 @@ export class EditConnectionModalComponent {
newScript: LoginScript newScript: LoginScript
hasSavedPassword: boolean hasSavedPassword: boolean
supportedAlgorithms: {[id: string]: string[]} = {}
defaultAlgorithms: {[id: string]: string[]} = {}
algorithms: {[id: string]: {[a: string]: boolean}} = {}
constructor ( constructor (
private modalInstance: NgbActiveModal, private modalInstance: NgbActiveModal,
private electron: ElectronService, private electron: ElectronService,
@ -19,10 +24,41 @@ export class EditConnectionModalComponent {
private passwordStorage: PasswordStorageService, private passwordStorage: PasswordStorageService,
) { ) {
this.newScript = { expect: '', send: '' } this.newScript = { expect: '', send: '' }
for (let k of Object.values(SSHAlgorithmType)) {
this.supportedAlgorithms[k] = ALGORITHMS[
{
[SSHAlgorithmType.KEX]: 'SUPPORTED_KEX',
[SSHAlgorithmType.HOSTKEY]: 'SUPPORTED_SERVER_HOST_KEY',
[SSHAlgorithmType.CIPHER]: 'SUPPORTED_CIPHER',
[SSHAlgorithmType.HMAC]: 'SUPPORTED_HMAC',
}[k]
]
this.defaultAlgorithms[k] = ALGORITHMS[
{
[SSHAlgorithmType.KEX]: 'KEX',
[SSHAlgorithmType.HOSTKEY]: 'SERVER_HOST_KEY',
[SSHAlgorithmType.CIPHER]: 'CIPHER',
[SSHAlgorithmType.HMAC]: 'HMAC',
}[k]
]
}
console.log(this)
} }
async ngOnInit () { async ngOnInit () {
this.hasSavedPassword = !!(await this.passwordStorage.loadPassword(this.connection)) this.hasSavedPassword = !!(await this.passwordStorage.loadPassword(this.connection))
this.connection.algorithms = this.connection.algorithms || {}
for (let k of Object.values(SSHAlgorithmType)) {
if (!this.connection.algorithms[k]) {
this.connection.algorithms[k] = this.defaultAlgorithms[k]
}
this.algorithms[k] = {}
for (let alg of this.connection.algorithms[k]) {
this.algorithms[k][alg] = true
}
}
} }
clearSavedPassword () { clearSavedPassword () {
@ -43,6 +79,11 @@ export class EditConnectionModalComponent {
} }
save () { save () {
for (let k of Object.values(SSHAlgorithmType)) {
this.connection.algorithms[k] = Object.entries(this.algorithms[k])
.filter(([k, v]) => !!v)
.map(([k, v]) => k)
}
this.modalInstance.close(this.connection) this.modalInstance.close(this.connection)
} }

View File

@ -164,6 +164,7 @@ export class SSHService {
return true return true
}, },
hostHash: 'sha256' as any, hostHash: 'sha256' as any,
algorithms: session.connection.algorithms,
}) })
} catch (e) { } catch (e) {
this.toastr.error(e.message) this.toastr.error(e.message)

View File

@ -44,6 +44,7 @@ module.exports = {
externals: [ externals: [
'fs', 'fs',
'node-ssh', 'node-ssh',
'ssh2-streams',
'xkeychain', 'xkeychain',
'wincredmgr', 'wincredmgr',
'path', 'path',

File diff suppressed because it is too large Load Diff