From 98a2d61fd19bfd65b39a0c535543c2793d58be9c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=88=98=E7=A5=A5=E8=B6=85?= <iwind.liu@gmail.com>
Date: Wed, 30 Jun 2021 14:56:36 +0800
Subject: [PATCH] =?UTF-8?q?SSH=E8=AE=A4=E8=AF=81--=E7=A7=81=E9=92=A5?=
 =?UTF-8?q?=E8=AE=A4=E8=AF=81=E6=96=B9=E5=BC=8F=E5=A2=9E=E5=8A=A0=E7=94=A8?=
 =?UTF-8?q?=E6=88=B7=E5=90=8D=E9=80=89=E9=A1=B9?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 go.mod                                      | 2 +-
 go.sum                                      | 4 ++++
 internal/db/models/node_grant_dao.go        | 2 ++
 internal/installers/credentials.go          | 1 +
 internal/installers/installer_base.go       | 9 +++++++--
 internal/installers/queue.go                | 3 +++
 internal/rpc/services/service_node_grant.go | 9 +++++++--
 7 files changed, 25 insertions(+), 5 deletions(-)

diff --git a/go.mod b/go.mod
index 9b84981b..260cc84b 100644
--- a/go.mod
+++ b/go.mod
@@ -14,7 +14,7 @@ require (
 	github.com/go-sql-driver/mysql v1.5.0
 	github.com/go-yaml/yaml v2.1.0+incompatible
 	github.com/golang/protobuf v1.5.2
-	github.com/iwind/TeaGo v0.0.0-20210411134150-ddf57e240c2f
+	github.com/iwind/TeaGo v0.0.0-20210628135026-38575a4ab060
 	github.com/lionsoul2014/ip2region v2.2.0-release+incompatible
 	github.com/mozillazg/go-pinyin v0.18.0
 	github.com/pkg/sftp v1.12.0
diff --git a/go.sum b/go.sum
index 8f0dec2d..98233e15 100644
--- a/go.sum
+++ b/go.sum
@@ -184,6 +184,8 @@ github.com/iij/doapi v0.0.0-20190504054126-0bbf12d6d7df/go.mod h1:QMZY7/J/KSQEhK
 github.com/iwind/TeaGo v0.0.0-20200923021120-f5d76441fe9e/go.mod h1:KU4mS7QNiZ7QWEuDBk1zw0/Q2LrAPZv3tycEFBsuUwc=
 github.com/iwind/TeaGo v0.0.0-20210411134150-ddf57e240c2f h1:r2O8PONj/KiuZjJHVHn7KlCePUIjNtgAmvLfgRafQ8o=
 github.com/iwind/TeaGo v0.0.0-20210411134150-ddf57e240c2f/go.mod h1:KU4mS7QNiZ7QWEuDBk1zw0/Q2LrAPZv3tycEFBsuUwc=
+github.com/iwind/TeaGo v0.0.0-20210628135026-38575a4ab060 h1:qdLtK4PDXxk2vMKkTWl5Fl9xqYuRCukzWAgJbLHdfOo=
+github.com/iwind/TeaGo v0.0.0-20210628135026-38575a4ab060/go.mod h1:KU4mS7QNiZ7QWEuDBk1zw0/Q2LrAPZv3tycEFBsuUwc=
 github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
 github.com/jmespath/go-jmespath v0.3.0 h1:OS12ieG61fsCg5+qLJ+SsW9NicxNkg3b25OyT2yCeUc=
 github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeYCZ7fLUTSywik=
@@ -192,6 +194,8 @@ github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCV
 github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68=
 github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+github.com/json-iterator/go v1.1.11 h1:uVUAXhF2To8cbw/3xN3pxj6kk7TYKs98NIrTqPlMWAQ=
+github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
 github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
 github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
diff --git a/internal/db/models/node_grant_dao.go b/internal/db/models/node_grant_dao.go
index 5d8ec3ed..10d6eda9 100644
--- a/internal/db/models/node_grant_dao.go
+++ b/internal/db/models/node_grant_dao.go
@@ -85,6 +85,7 @@ func (this *NodeGrantDAO) CreateGrant(tx *dbs.Tx, adminId int64, name string, me
 		op.Password = password
 		op.Su = false // TODO 需要做到前端可以配置
 	case "privateKey":
+		op.Username = username
 		op.PrivateKey = privateKey
 	}
 	op.Description = description
@@ -111,6 +112,7 @@ func (this *NodeGrantDAO) UpdateGrant(tx *dbs.Tx, grantId int64, name string, me
 		op.Password = password
 		op.Su = false // TODO 需要做到前端可以配置
 	case "privateKey":
+		op.Username = username
 		op.PrivateKey = privateKey
 	}
 	op.Description = description
diff --git a/internal/installers/credentials.go b/internal/installers/credentials.go
index 231860f5..0b78a242 100644
--- a/internal/installers/credentials.go
+++ b/internal/installers/credentials.go
@@ -6,4 +6,5 @@ type Credentials struct {
 	Username   string
 	Password   string
 	PrivateKey string
+	Method     string
 }
diff --git a/internal/installers/installer_base.go b/internal/installers/installer_base.go
index eb02e5d2..f987c8ba 100644
--- a/internal/installers/installer_base.go
+++ b/internal/installers/installer_base.go
@@ -41,7 +41,7 @@ func (this *BaseInstaller) Login(credentials *Credentials) error {
 
 	// 认证
 	methods := []ssh.AuthMethod{}
-	if len(credentials.Password) > 0 {
+	if credentials.Method == "user" {
 		{
 			authMethod := ssh.Password(credentials.Password)
 			methods = append(methods, authMethod)
@@ -56,16 +56,21 @@ func (this *BaseInstaller) Login(credentials *Credentials) error {
 			})
 			methods = append(methods, authMethod)
 		}
-	} else {
+	} else if credentials.Method == "privateKey" {
 		signer, err := ssh.ParsePrivateKey([]byte(credentials.PrivateKey))
 		if err != nil {
 			return errors.New("parse private key: " + err.Error())
 		}
 		authMethod := ssh.PublicKeys(signer)
 		methods = append(methods, authMethod)
+	} else {
+		return errors.New("invalid method '" + credentials.Method + "'")
 	}
 
 	// SSH客户端
+	if len(credentials.Username) == 0 {
+		credentials.Username = "root"
+	}
 	config := &ssh.ClientConfig{
 		User:            credentials.Username,
 		Auth:            methods,
diff --git a/internal/installers/queue.go b/internal/installers/queue.go
index 25f6f054..272b8322 100644
--- a/internal/installers/queue.go
+++ b/internal/installers/queue.go
@@ -184,6 +184,7 @@ func (this *Queue) InstallNode(nodeId int64, installStatus *models.NodeInstallSt
 		Username:   grant.Username,
 		Password:   grant.Password,
 		PrivateKey: grant.PrivateKey,
+		Method:     grant.Method,
 	})
 	if err != nil {
 		installStatus.ErrorCode = "SSH_LOGIN_FAILED"
@@ -272,6 +273,7 @@ func (this *Queue) StartNode(nodeId int64) error {
 		Username:   grant.Username,
 		Password:   grant.Password,
 		PrivateKey: grant.PrivateKey,
+		Method:     grant.Method,
 	})
 	if err != nil {
 		return err
@@ -376,6 +378,7 @@ func (this *Queue) StopNode(nodeId int64) error {
 		Username:   grant.Username,
 		Password:   grant.Password,
 		PrivateKey: grant.PrivateKey,
+		Method:     grant.Method,
 	})
 	if err != nil {
 		return err
diff --git a/internal/rpc/services/service_node_grant.go b/internal/rpc/services/service_node_grant.go
index de6bbd54..bcfe4f5f 100644
--- a/internal/rpc/services/service_node_grant.go
+++ b/internal/rpc/services/service_node_grant.go
@@ -214,7 +214,7 @@ func (this *NodeGrantService) TestNodeGrant(ctx context.Context, req *pb.TestNod
 
 	// 认证
 	methods := []ssh.AuthMethod{}
-	if len(grant.Password) > 0 {
+	if grant.Method == "user" {
 		{
 			authMethod := ssh.Password(grant.Password)
 			methods = append(methods, authMethod)
@@ -229,7 +229,7 @@ func (this *NodeGrantService) TestNodeGrant(ctx context.Context, req *pb.TestNod
 			})
 			methods = append(methods, authMethod)
 		}
-	} else {
+	} else if grant.Method == "privateKey" {
 		signer, err := ssh.ParsePrivateKey([]byte(grant.PrivateKey))
 		if err != nil {
 			resp.Error = "parse private key: " + err.Error()
@@ -237,9 +237,14 @@ func (this *NodeGrantService) TestNodeGrant(ctx context.Context, req *pb.TestNod
 		}
 		authMethod := ssh.PublicKeys(signer)
 		methods = append(methods, authMethod)
+	} else {
+		return nil, errors.New("invalid method '" + grant.Method + "'")
 	}
 
 	// SSH客户端
+	if len(grant.Username) == 0 {
+		grant.Username = "root"
+	}
 	config := &ssh.ClientConfig{
 		User:            grant.Username,
 		Auth:            methods,