sendnrw/netbird
2
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2026-04-18 00:06:38 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove unused code

Browse Source
This commit is contained in:
Viktor Liu
2025-10-08 18:39:41 +02:00
parent 610c880ec9
commit 4d89d0f115
3 changed files with 7 additions and 28 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
client/ssh/server/command_execution.go
View File

@@ -13,7 +13,7 @@ import (
)
// handleCommand executes an SSH command with privilege validation
func (s *Server) handleCommand(logger *log.Entry, session ssh.Session, privilegeResult PrivilegeCheckResult, ptyReq ssh.Pty, winCh <-chan ssh.Window) {
func (s *Server) handleCommand(logger *log.Entry, session ssh.Session, privilegeResult PrivilegeCheckResult, winCh <-chan ssh.Window) {
localUser := privilegeResult.User
hasPty := winCh != nil

29
client/ssh/server/executor_windows.go
View File

@@ -80,7 +80,7 @@ func (pd *PrivilegeDropper) CreateWindowsExecutorCommand(ctx context.Context, co
log.Tracef("creating Windows direct shell command: %s %v", shellArgs[0], shellArgs)
cmd, err := pd.CreateWindowsProcessAsUserWithArgs(
cmd, err := pd.CreateWindowsProcessAsUser(
ctx, shellArgs[0], shellArgs, config.Username, config.Domain, config.WorkingDir)
if err != nil {
return nil, fmt.Errorf("create Windows process as user: %w", err)
@@ -454,14 +454,13 @@ func (pd *PrivilegeDropper) authenticateDomainUser(username, domain, fullUsernam
return token, nil
}
// CreateWindowsProcessAsUserWithArgs creates a process as user with safe argument passing (for SFTP and executables)
func (pd *PrivilegeDropper) CreateWindowsProcessAsUserWithArgs(ctx context.Context, executablePath string, args []string, username, domain, workingDir string) (*exec.Cmd, error) {
// CreateWindowsProcessAsUser creates a process as user with safe argument passing (for SFTP and executables)
func (pd *PrivilegeDropper) CreateWindowsProcessAsUser(ctx context.Context, executablePath string, args []string, username, domain, workingDir string) (*exec.Cmd, error) {
fullUsername := buildUserCpn(username, domain)
token, err := pd.createToken(username, domain)
if err != nil {
log.Debugf("S4U authentication failed for user %s: %v", fullUsername, err)
return nil, fmt.Errorf("user authentication failed: %w", err)
return nil, fmt.Errorf("user authentication: %w", err)
}
log.Debugf("using S4U authentication for user %s", fullUsername)
@@ -474,26 +473,6 @@ func (pd *PrivilegeDropper) CreateWindowsProcessAsUserWithArgs(ctx context.Conte
return pd.createProcessWithToken(ctx, windows.Token(token), executablePath, args, workingDir)
}
// CreateWindowsShellAsUser creates a shell process as user (for SSH commands/sessions)
func (pd *PrivilegeDropper) CreateWindowsShellAsUser(ctx context.Context, shell, command string, username, domain, workingDir string) (*exec.Cmd, error) {
fullUsername := buildUserCpn(username, domain)
token, err := pd.createToken(username, domain)
if err != nil {
return nil, fmt.Errorf("user authentication failed: %w", err)
}
log.Debugf("using S4U authentication for user %s", fullUsername)
defer func() {
if err := windows.CloseHandle(token); err != nil {
log.Debugf(closeTokenErrorMsg, err)
}
}()
shellArgs := buildShellArgs(shell, command)
return pd.createProcessWithToken(ctx, windows.Token(token), shell, shellArgs, workingDir)
}
// createProcessWithToken creates process with the specified token and executable path
func (pd *PrivilegeDropper) createProcessWithToken(ctx context.Context, sourceToken windows.Token, executablePath string, args []string, workingDir string) (*exec.Cmd, error) {
cmd := exec.CommandContext(ctx, executablePath, args[1:]...)

4
client/ssh/server/session_handlers.go
View File

@@ -44,13 +44,13 @@ func (s *Server) sessionHandler(session ssh.Session) {
switch {
case isPty && hasCommand:
// ssh -t <host> <cmd> - Pty command execution
s.handleCommand(logger, session, privilegeResult, ptyReq, winCh)
s.handleCommand(logger, session, privilegeResult, winCh)
case isPty:
// ssh <host> - Pty interactive session (login)
s.handlePty(logger, session, privilegeResult, ptyReq, winCh)
case hasCommand:
// ssh <host> <cmd> - non-Pty command execution
s.handleCommand(logger, session, privilegeResult, ssh.Pty{}, nil)
s.handleCommand(logger, session, privilegeResult, nil)
default:
s.rejectInvalidSession(logger, session)
}