perf: 重置用户 ssh 认证客户端请求

jumpserver · Feb 4, 2024 · 37f4996 · 37f4996
1 parent 20fe65b
commit 37f4996
Showing 1 changed file with 19 additions and 18 deletions.
diff --git a/pkg/auth/ssh.go b/pkg/auth/ssh.go
@@ -18,6 +18,10 @@ type SSHAuthFunc func(ctx ssh.Context, password, publicKey string) (res ssh.Auth
 
 func SSHPasswordAndPublicKeyAuth(jmsService *service.JMService) SSHAuthFunc {
 	return func(ctx ssh.Context, password, publicKey string) (res ssh.AuthResult) {
+		if password == "" && publicKey == "" {
+			logger.Errorf("SSH conn[%s] no password and publickey", ctx.SessionID())
+			return ssh.AuthFailed
+		}
 		remoteAddr, _, _ := net.SplitHostPort(ctx.RemoteAddr().String())
 		username := ctx.User()
 		if req, ok := parseDirectLoginReq(jmsService, ctx); ok {
@@ -35,25 +39,22 @@ func SSHPasswordAndPublicKeyAuth(jmsService *service.JMService) SSHAuthFunc {
 		if password != "" {
 			authMethod = "password"
 		}
-		userAuthClient, ok := ctx.Value(ContextKeyClient).(*UserAuthClient)
-		if !ok {
-			newClient := jmsService.CloneClient()
-			var accessKey model.AccessKey
-			conf := config.GetConf()
-			_ = accessKey.LoadFromFile(conf.AccessKeyFilePath)
-			userClient := service.NewUserClient(
-				service.UserClientUsername(username),
-				service.UserClientRemoteAddr(remoteAddr),
-				service.UserClientLoginType("T"),
-				service.UserClientHttpClient(&newClient),
-				service.UserClientSvcSignKey(accessKey),
-			)
-			userAuthClient = &UserAuthClient{
-				UserClient:  userClient,
-				authOptions: make(map[string]authOptions),
-			}
-			ctx.SetValue(ContextKeyClient, userAuthClient)
+		newClient := jmsService.CloneClient()
+		var accessKey model.AccessKey
+		conf := config.GetConf()
+		_ = accessKey.LoadFromFile(conf.AccessKeyFilePath)
+		userClient := service.NewUserClient(
+			service.UserClientUsername(username),
+			service.UserClientRemoteAddr(remoteAddr),
+			service.UserClientLoginType("T"),
+			service.UserClientHttpClient(&newClient),
+			service.UserClientSvcSignKey(accessKey),
+		)
+		userAuthClient := &UserAuthClient{
+			UserClient:  userClient,
+			authOptions: make(map[string]authOptions),
 		}
+		ctx.SetValue(ContextKeyClient, userAuthClient)
 		userAuthClient.SetOption(service.UserClientPassword(password),
 			service.UserClientPublicKey(publicKey))
 		logger.Infof("SSH conn[%s] authenticating user %s %s", ctx.SessionID(), username, authMethod)