server: Change SSHPort type to string and show as encrypted data

cloud-barista · Sep 24, 2024 · 5e0ddec · 5e0ddec
1 parent d87eef3
commit 5e0ddec
Show file tree

Hide file tree

Showing 8 changed files with 33 additions and 25 deletions.
diff --git a/server/dao/connectionInfo.go b/server/dao/connectionInfo.go
@@ -53,8 +53,9 @@ func ConnectionInfoGetList(connectionInfo *model.ConnectionInfo, page int, row i
 			filtered = filtered.Where("ip_address LIKE ?", "%"+connectionInfo.IPAddress+"%")
 		}
 
-		if connectionInfo.SSHPort >= 1 && connectionInfo.SSHPort <= 65535 {
-			filtered = filtered.Where("ssh_port = ?", "%"+strconv.Itoa(connectionInfo.SSHPort)+"%")
+		sshPort, _ := strconv.Atoi(connectionInfo.SSHPort)
+		if sshPort >= 1 && sshPort <= 65535 {
+			filtered = filtered.Where("ssh_port = ?", "%"+connectionInfo.SSHPort+"%")
 		}
 
 		if len(connectionInfo.User) != 0 {

diff --git a/server/lib/ssh/ssh.go b/server/lib/ssh/ssh.go
@@ -6,7 +6,6 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"strconv"
 	"strings"
 	"time"
 
@@ -62,7 +61,7 @@ func DefaultSSHOptions() Options {
 }
 
 func (o *SSH) NewClientConn(connectionInfo model.ConnectionInfo) error {
-	addr := fmt.Sprintf("%s:%d", connectionInfo.IPAddress, connectionInfo.SSHPort)
+	addr := fmt.Sprintf("%s:%s", connectionInfo.IPAddress, connectionInfo.SSHPort)
 
 	sshConfig := &ssh.ClientConfig{
 		User:            connectionInfo.User,
@@ -76,7 +75,7 @@ func (o *SSH) NewClientConn(connectionInfo model.ConnectionInfo) error {
 		return err
 	}
 	logger.Println(logger.INFO, false, "SSH Connection Success. (IP: "+connectionInfo.IPAddress+
-		" Port: "+strconv.Itoa(connectionInfo.SSHPort)+", User: "+connectionInfo.User+")")
+		" Port: "+connectionInfo.SSHPort+", User: "+connectionInfo.User+")")
 
 	o.ConnectionInfo = &connectionInfo
 	o.Options.client = client

diff --git a/server/pkg/api/rest/controller/connectionInfo.go b/server/pkg/api/rest/controller/connectionInfo.go
@@ -28,15 +28,25 @@ func checkIPAddress(ipAddress string) error {
 	return nil
 }
 
-func checkPort(port int) error {
-	if port < 1 || port > 65535 {
+func checkPort(port string) error {
+	portInt, err := strconv.Atoi(port)
+	if err != nil || portInt < 1 || portInt > 65535 {
 		return errors.New("port value is invalid")
 	}
 
 	return nil
 }
 
-func encryptPasswordAndPrivateKey(connectionInfo *model.ConnectionInfo) (*model.ConnectionInfo, error) {
+func encryptSecrets(connectionInfo *model.ConnectionInfo) (*model.ConnectionInfo, error) {
+	rsaEncryptedSSHPort, err := rsautil.EncryptWithPublicKey([]byte(connectionInfo.SSHPort), serverCommon.PubKey)
+	if err != nil {
+		errMsg := "error occurred while encrypting the password (" + err.Error() + ")"
+		logger.Println(logger.ERROR, true, errMsg)
+		return nil, errors.New(errMsg)
+	}
+	base64EncodedEncryptedSSHPort := base64.StdEncoding.EncodeToString(rsaEncryptedSSHPort)
+	connectionInfo.SSHPort = base64EncodedEncryptedSSHPort
+
 	rsaEncryptedPasswordBytes, err := rsautil.EncryptWithPublicKey([]byte(connectionInfo.Password), serverCommon.PubKey)
 	if err != nil {
 		errMsg := "error occurred while encrypting the password (" + err.Error() + ")"
@@ -130,7 +140,7 @@ func CreateConnectionInfo(c echo.Context) error {
 		return common.ReturnErrorMsg(c, err.Error())
 	}
 
-	connectionInfo, err = encryptPasswordAndPrivateKey(connectionInfo)
+	connectionInfo, err = encryptSecrets(connectionInfo)
 	if err != nil {
 		return common.ReturnErrorMsg(c, err.Error())
 	}
@@ -173,7 +183,7 @@ func GetConnectionInfo(c echo.Context) error {
 		return common.ReturnErrorMsg(c, err.Error())
 	}
 
-	connectionInfo, err = encryptPasswordAndPrivateKey(connectionInfo)
+	connectionInfo, err = encryptSecrets(connectionInfo)
 	if err != nil {
 		return common.ReturnErrorMsg(c, err.Error())
 	}
@@ -205,7 +215,7 @@ func GetConnectionInfoDirectly(c echo.Context) error {
 		return common.ReturnErrorMsg(c, err.Error())
 	}
 
-	connectionInfo, err = encryptPasswordAndPrivateKey(connectionInfo)
+	connectionInfo, err = encryptSecrets(connectionInfo)
 	if err != nil {
 		return common.ReturnErrorMsg(c, err.Error())
 	}
@@ -249,14 +259,12 @@ func ListConnectionInfo(c echo.Context) error {
 		return common.ReturnErrorMsg(c, err.Error())
 	}
 
-	sshPort, _ := strconv.Atoi(c.QueryParam("ssh_port"))
-
 	connectionInfo := &model.ConnectionInfo{
 		Name:          c.QueryParam("name"),
 		Description:   c.QueryParam("description"),
 		SourceGroupID: sourceGroup.ID,
 		IPAddress:     c.QueryParam("ip_address"),
-		SSHPort:       sshPort,
+		SSHPort:       c.QueryParam("ssh_port"),
 		User:          c.QueryParam("user"),
 	}
 
@@ -267,7 +275,7 @@ func ListConnectionInfo(c echo.Context) error {
 
 	var encryptedConnectionInfos []model.ConnectionInfo
 	for _, ci := range *connectionInfos {
-		encryptedConnectionInfo, err := encryptPasswordAndPrivateKey(&ci)
+		encryptedConnectionInfo, err := encryptSecrets(&ci)
 		if err != nil {
 			return common.ReturnErrorMsg(c, err.Error())
 		}
@@ -346,7 +354,7 @@ func UpdateConnectionInfo(c echo.Context) error {
 		return common.ReturnErrorMsg(c, err.Error())
 	}
 
-	connectionInfo, err := encryptPasswordAndPrivateKey(oldConnectionInfo)
+	connectionInfo, err := encryptSecrets(oldConnectionInfo)
 	if err != nil {
 		return common.ReturnErrorMsg(c, err.Error())
 	}

diff --git a/server/pkg/api/rest/controller/sourceGroup.go b/server/pkg/api/rest/controller/sourceGroup.go
@@ -319,7 +319,7 @@ func CheckConnectionSourceGroup(c echo.Context) error {
 
 	var encryptedConnectionInfos []model.ConnectionInfo
 	for _, ci := range *connectionInfoList {
-		encryptedConnectionInfo, err := encryptPasswordAndPrivateKey(&ci)
+		encryptedConnectionInfo, err := encryptSecrets(&ci)
 		if err != nil {
 			return common.ReturnErrorMsg(c, err.Error())
 		}

diff --git a/server/pkg/api/rest/docs/docs.go b/server/pkg/api/rest/docs/docs.go
@@ -1712,7 +1712,7 @@ const docTemplate = `{
                     "type": "string"
                 },
                 "ssh_port": {
-                    "type": "integer"
+                    "type": "string"
                 },
                 "status": {
                     "type": "string"
@@ -1747,7 +1747,7 @@ const docTemplate = `{
                     "type": "string"
                 },
                 "ssh_port": {
-                    "type": "integer"
+                    "type": "string"
                 },
                 "user": {
                     "type": "string"

diff --git a/server/pkg/api/rest/docs/swagger.json b/server/pkg/api/rest/docs/swagger.json
@@ -1705,7 +1705,7 @@
                     "type": "string"
                 },
                 "ssh_port": {
-                    "type": "integer"
+                    "type": "string"
                 },
                 "status": {
                     "type": "string"
@@ -1740,7 +1740,7 @@
                     "type": "string"
                 },
                 "ssh_port": {
-                    "type": "integer"
+                    "type": "string"
                 },
                 "user": {
                     "type": "string"

diff --git a/server/pkg/api/rest/docs/swagger.yaml b/server/pkg/api/rest/docs/swagger.yaml
@@ -54,7 +54,7 @@ definitions:
       source_group_id:
         type: string
       ssh_port:
-        type: integer
+        type: string
       status:
         type: string
       user:
@@ -80,7 +80,7 @@ definitions:
       private_key:
         type: string
       ssh_port:
-        type: integer
+        type: string
       user:
         type: string
     required:

diff --git a/server/pkg/api/rest/model/connectionInfo.go b/server/pkg/api/rest/model/connectionInfo.go
@@ -6,7 +6,7 @@ type ConnectionInfo struct {
 	Description   string `gorm:"column:description" json:"description"`
 	SourceGroupID string `gorm:"column:source_group_id" json:"source_group_id" validate:"required"`
 	IPAddress     string `gorm:"column:ip_address" json:"ip_address" validate:"required"`
-	SSHPort       int    `gorm:"column:ssh_port" json:"ssh_port" validate:"required"`
+	SSHPort       string `gorm:"column:ssh_port" json:"ssh_port" validate:"required"`
 	User          string `gorm:"column:user" json:"user" validate:"required"`
 	Password      string `gorm:"column:password" json:"password"`
 	PrivateKey    string `gorm:"column:private_key" json:"private_key"`
@@ -19,7 +19,7 @@ type CreateConnectionInfoReq struct {
 	Name        string `gorm:"index:,column:name,unique;type:text collate nocase" json:"name" mapstructure:"name" validate:"required"`
 	Description string `gorm:"column:description" json:"description"`
 	IPAddress   string `gorm:"column:ip_address" json:"ip_address" validate:"required"`
-	SSHPort     int    `gorm:"column:ssh_port" json:"ssh_port" validate:"required"`
+	SSHPort     string `gorm:"column:ssh_port" json:"ssh_port" validate:"required"`
 	User        string `gorm:"column:user" json:"user" validate:"required"`
 	Password    string `gorm:"column:password" json:"password"`
 	PrivateKey  string `gorm:"column:private_key" json:"private_key"`