fallback to default keys

2025-07-17 21:44:35 +00:00 · 2025-06-20 21:12:44 +02:00
parent 47567f4dac
commit d976005959
7 changed files with 50 additions and 11 deletions
--- a/client/keys.go
+++ b/client/keys.go
@ -2,10 +2,40 @@ package main

 import (
 	"os"
+	"path/filepath"

 	"golang.org/x/crypto/ssh"
 )

+var DefaultKeyNames = []string{
+	"id_ed25519",
+	"id_ecdsa",
+	"id_rsa",
+}
+
+func FindPrivateKey() (string, error) {
+	home, err := os.UserHomeDir()
+	if err != nil {
+		return "", err
+	}
+
+	for _, name := range DefaultKeyNames {
+		path := filepath.Join(home, ".ssh", name)
+
+		if _, err := os.Stat(path); err != nil {
+			if os.IsNotExist(err) {
+				continue
+			}
+
+			return "", err
+		}
+
+		return path, nil
+	}
+
+	return "", nil
+}
+
 func LoadPrivateKey(path string) (ssh.Signer, error) {
 	key, err := os.ReadFile(path)
 	if err != nil {
--- a/client/main.go
+++ b/client/main.go
@ -85,8 +85,15 @@ func run(_ context.Context, cmd *cli.Command) error {
 		port = hostArg[index+1:]
 	}

-	if found, _ := cfg.Get(hostname, "IdentityFile"); found != "" {
-		identity = found
+	if identity == "" {
+		if found, _ := cfg.Get(hostname, "IdentityFile"); found != "" {
+			identity = found
+		} else {
+			identity, err = FindPrivateKey()
+			if err != nil {
+				return err
+			}
+		}
 	}

 	if found, _ := cfg.Get(hostname, "HostName"); found != "" {
--- a/client/progress.go
+++ b/client/progress.go
@ -25,7 +25,7 @@ func (pr *ProgressReader) Read(p []byte) (int, error) {
 	pr.read += int64(n)

 	percentage := float64(pr.read) / float64(pr.total) * 100
-	log.Printf("\r%s: %.1f%%", pr.label, percentage)
+	log.Printf("\r%s: %.1f%%  ", pr.label, percentage)

 	return n, err
 }
--- a/example.key
+++ b/example.key
@ -1,5 +0,0 @@
-----BEGIN EC PRIVATE KEY-----
-MHgCAQEEIQDg6JmpMO1i5nVHdHHfdJuOgDMMRqx4BynOWt68YidBjKAKBggqhkjO
-PQMBB6FEA0IABI0rYdm3nt2/etmeJFS6+nyJAB9egNpFBClppW0nNjQ5nfok0J16
-GBOJDHoF/XpFv6z9BnXOlkcLgCPuMdXhFbI=
-----END EC PRIVATE KEY-----
--- a/server/protocol.go
+++ b/server/protocol.go
@ -39,7 +39,9 @@ func HandleChallengeRequest(w http.ResponseWriter, r *http.Request, authorized m

 	var request internal.AuthRequest

-	if err := msgpack.NewDecoder(r.Body).Decode(&request); err != nil {
+	reader := io.LimitReader(r.Body, 4096)
+
+	if err := msgpack.NewDecoder(reader).Decode(&request); err != nil {
 		w.WriteHeader(http.StatusBadRequest)

 		log.Warning("request: failed to decode request payload")
@ -88,7 +90,9 @@ func HandleCompleteRequest(w http.ResponseWriter, r *http.Request, authorized ma

 	var response internal.AuthResponse

-	if err := msgpack.NewDecoder(r.Body).Decode(&response); err != nil {
+	reader := io.LimitReader(r.Body, 4096)
+
+	if err := msgpack.NewDecoder(reader).Decode(&response); err != nil {
 		w.WriteHeader(http.StatusBadRequest)

 		log.Warning("complete: failed to decode response payload")
--- a/test.cmd
+++ b/test.cmd
@ -1,3 +1,3 @@
@echo off

-go run .\client test.bin localhost:7966 --identity example.key
+go run .\client test.bin localhost:7966
--- a/test.sh
+++ b/test.sh
@ -0,0 +1,3 @@
+#!/bin/bash
+
+go run ./client example.webp localhost:7966