flux-sftp/src/main.rs

mod sftp;
mod config;

use std::{io::ErrorKind, net::SocketAddr, sync::Arc, time::Duration};
use config::Config;
use russh::{keys::ssh_key::{rand_core::OsRng, PublicKey}, server::{Auth, Handler as SshHandler, Msg, Server, Session}, Channel, ChannelId};
use sftp::SftpSession;
use sqlx::{sqlite::SqlitePoolOptions, Pool, Row, Sqlite};
use tokio::fs;

struct SftpServer {
    pool: Arc<Pool<Sqlite>>
}

impl Server for SftpServer {
    type Handler = SshSession;

    fn new_client(&mut self, _peer_addr: Option<SocketAddr>) -> Self::Handler {
        let session_pool = self.pool.clone();
        SshSession { channel: None, user: None, pool: session_pool }
    }
}

struct SshSession {
    channel: Option<Channel<Msg>>,
    user: Option<String>,
    pool: Arc<Pool<Sqlite>>
}

impl SshHandler for SshSession {
    type Error = russh::Error;

    async fn auth_publickey_offered(
        &mut self,
        user: &str,
        public_key: &PublicKey,
    ) -> Result<Auth, Self::Error> {
        self.user = Some(user.to_string());

        let row_res = sqlx::query("SELECT * FROM users WHERE username = ?")
            .bind(user)
            .fetch_one(&*self.pool).await;
        
        match row_res {
            Ok(row) => {
                let stored_key: String = row.get("public_key");
                let offered_key = public_key.to_string();
                if stored_key == offered_key {
                    Ok(Auth::Accept)
                }
                else {
                    Ok(Auth::reject())
                }
            }
            Err(e) => {
                println!("User Not found: {}", e);
                Ok(Auth::reject())
            }
        }
    }

    async fn auth_publickey(
        &mut self,
        _user: &str,
        _public_key: &PublicKey,
    ) -> Result<Auth, Self::Error> {
        Ok(Auth::Accept)
    }

    async fn channel_open_session(
        &mut self,
        channel: russh::Channel<Msg>,
        _session: &mut Session,
    ) -> Result<bool, Self::Error> {
        self.channel = Some(channel);
        Ok(true)
    }

    async fn channel_eof(
        &mut self,
        channel_id: ChannelId,
        session: &mut Session,
    ) -> Result<(), Self::Error> {
        session.close(channel_id)
    }

    async fn subsystem_request(
        &mut self,
        channel_id: ChannelId,
        name: &str,
        session: &mut Session,
    ) -> Result<(), Self::Error> {
        if name == "sftp" {
            session.channel_success(channel_id)?;
            let jail_dir = format!("/srv/sftp/{}", self.user.as_ref().unwrap());
            let sftp_handler = SftpSession::new(jail_dir);
            russh_sftp::server::run(self.channel.take().ok_or(Self::Error::WrongChannel)?.into_stream(), sftp_handler).await;
        }
        else {
            session.channel_failure(channel_id)?;
        }
        Ok(())
    }
}


#[tokio::main]
async fn main() -> Result<(), sqlx::Error> {

    const CONFIG_PATH: &str = "/etc/flux-sftp/config.toml";
    let config: Config;
    match fs::read_to_string(CONFIG_PATH).await {
        Ok(toml) => {
            match toml::from_str::<Config>(&toml) {
                Ok(c) => config = c,
                Err(e) => {
                    println!("error parsing config file: {}\n please make sure config file is valid", e);
                    return Ok(())
                }
            }

        }
        Err(e) => {
            match e.kind() {
                ErrorKind::NotFound => println!("config file not found, please ensure config file is present at: {}", CONFIG_PATH),
                _ => println!("error occured reading config file: {}", e)
            }
            return Ok(())
        }
    }

    // let url = match &config.database {
    //     DBConfig::Sqlite { path } => format!("sqlite:{}", path),
    //     DBConfig::Postgres { host, port, user, password, dbname }  => format!("postgres://{}:{}@{}:{}/{}", user, password, host, port, dbname),
    //     DBConfig::Mysql { host, port, user, password, dbname } => format!("mysql://{}:{}@{}:{}/{}", user, password, host, port, dbname),
    // };

    
    let pool = SqlitePoolOptions::new()
        .max_connections(3)
        .connect("sqlite:/home/rafayahmad/Stuff/Coding/Rust/flux-sftp/auth.db").await?;
    let mut server = SftpServer { pool: Arc::new(pool) };

    let russh_config = russh::server::Config {
        auth_rejection_time: Duration::from_secs(3),
        auth_rejection_time_initial: Some(Duration::from_secs(0)),
        keys: vec![
            russh::keys::PrivateKey::random(&mut OsRng, russh::keys::Algorithm::Ed25519).unwrap(),
        ],
        ..Default::default()
    };

    server.run_on_address(Arc::new(russh_config), (config.general.listen_address, config.general.port)).await.unwrap();
    Ok(())
}
new file and progress 2025-07-05 20:09:01 +05:00			`mod sftp;`
added config, make config be used in general next step make config be used in database as well 2025-07-08 09:40:46 +05:00			`mod config;`

			`use std::{io::ErrorKind, net::SocketAddr, sync::Arc, time::Duration};`
			`use config::Config;`
new file and progress 2025-07-05 20:09:01 +05:00			`use russh::{keys::ssh_key::{rand_core::OsRng, PublicKey}, server::{Auth, Handler as SshHandler, Msg, Server, Session}, Channel, ChannelId};`
			`use sftp::SftpSession;`
simple auth using sqlite 2025-07-07 07:46:50 +05:00			`use sqlx::{sqlite::SqlitePoolOptions, Pool, Row, Sqlite};`
added config, make config be used in general next step make config be used in database as well 2025-07-08 09:40:46 +05:00			`use tokio::fs;`
initial code 2025-07-02 06:39:31 +05:00
simple auth using sqlite 2025-07-07 07:46:50 +05:00			`struct SftpServer {`
			`pool: Arc<Pool<Sqlite>>`
			`}`
initial code 2025-07-02 06:39:31 +05:00
			`impl Server for SftpServer {`
			`type Handler = SshSession;`

			`fn new_client(&mut self, _peer_addr: Option<SocketAddr>) -> Self::Handler {`
simple auth using sqlite 2025-07-07 07:46:50 +05:00			`let session_pool = self.pool.clone();`
			`SshSession { channel: None, user: None, pool: session_pool }`
initial code 2025-07-02 06:39:31 +05:00			`}`
			`}`

			`struct SshSession {`
added some fns 2025-07-04 12:02:10 +05:00			`channel: Option<Channel<Msg>>,`
simple auth using sqlite 2025-07-07 07:46:50 +05:00			`user: Option<String>,`
			`pool: Arc<Pool<Sqlite>>`
initial code 2025-07-02 06:39:31 +05:00			`}`

			`impl SshHandler for SshSession {`
new file and progress 2025-07-05 20:09:01 +05:00			`type Error = russh::Error;`
initial code 2025-07-02 06:39:31 +05:00
			`async fn auth_publickey_offered(`
added some fns 2025-07-04 12:02:10 +05:00			`&mut self,`
			`user: &str,`
			`public_key: &PublicKey,`
			`) -> Result<Auth, Self::Error> {`
			`self.user = Some(user.to_string());`
simple auth using sqlite 2025-07-07 07:46:50 +05:00
			`let row_res = sqlx::query("SELECT * FROM users WHERE username = ?")`
			`.bind(user)`
			`.fetch_one(&*self.pool).await;`

			`match row_res {`
			`Ok(row) => {`
			`let stored_key: String = row.get("public_key");`
			`let offered_key = public_key.to_string();`
			`if stored_key == offered_key {`
			`Ok(Auth::Accept)`
			`}`
			`else {`
			`Ok(Auth::reject())`
			`}`
			`}`
			`Err(e) => {`
			`println!("User Not found: {}", e);`
			`Ok(Auth::reject())`
			`}`
			`}`
initial code 2025-07-02 06:39:31 +05:00			`}`

			`async fn auth_publickey(`
added some fns 2025-07-04 12:02:10 +05:00			`&mut self,`
simple auth using sqlite 2025-07-07 07:46:50 +05:00			`_user: &str,`
			`_public_key: &PublicKey,`
added some fns 2025-07-04 12:02:10 +05:00			`) -> Result<Auth, Self::Error> {`
initial code 2025-07-02 06:39:31 +05:00			`Ok(Auth::Accept)`
			`}`

			`async fn channel_open_session(`
added some fns 2025-07-04 12:02:10 +05:00			`&mut self,`
			`channel: russh::Channel<Msg>,`
			`_session: &mut Session,`
			`) -> Result<bool, Self::Error> {`
initial code 2025-07-02 06:39:31 +05:00			`self.channel = Some(channel);`
			`Ok(true)`
			`}`

			`async fn channel_eof(`
added some fns 2025-07-04 12:02:10 +05:00			`&mut self,`
			`channel_id: ChannelId,`
			`session: &mut Session,`
			`) -> Result<(), Self::Error> {`
initial code 2025-07-02 06:39:31 +05:00			`session.close(channel_id)`
			`}`

			`async fn subsystem_request(`
added some fns 2025-07-04 12:02:10 +05:00			`&mut self,`
			`channel_id: ChannelId,`
			`name: &str,`
			`session: &mut Session,`
			`) -> Result<(), Self::Error> {`
initial code 2025-07-02 06:39:31 +05:00			`if name == "sftp" {`
			`session.channel_success(channel_id)?;`
stats opening and reading file, very poggers 2025-07-06 06:33:59 +05:00			`let jail_dir = format!("/srv/sftp/{}", self.user.as_ref().unwrap());`
new file and progress 2025-07-05 20:09:01 +05:00			`let sftp_handler = SftpSession::new(jail_dir);`
initial code 2025-07-02 06:39:31 +05:00			`russh_sftp::server::run(self.channel.take().ok_or(Self::Error::WrongChannel)?.into_stream(), sftp_handler).await;`
			`}`
			`else {`
			`session.channel_failure(channel_id)?;`
			`}`
			`Ok(())`
			`}`
			`}`


added config, make config be used in general next step make config be used in database as well 2025-07-08 09:40:46 +05:00
initial code 2025-07-02 06:39:31 +05:00			`#[tokio::main]`
simple auth using sqlite 2025-07-07 07:46:50 +05:00			`async fn main() -> Result<(), sqlx::Error> {`
added config, make config be used in general next step make config be used in database as well 2025-07-08 09:40:46 +05:00
			`const CONFIG_PATH: &str = "/etc/flux-sftp/config.toml";`
			`let config: Config;`
			`match fs::read_to_string(CONFIG_PATH).await {`
			`Ok(toml) => {`
			`match toml::from_str::<Config>(&toml) {`
			`Ok(c) => config = c,`
			`Err(e) => {`
			`println!("error parsing config file: {}\n please make sure config file is valid", e);`
			`return Ok(())`
			`}`
			`}`

			`}`
			`Err(e) => {`
			`match e.kind() {`
			`ErrorKind::NotFound => println!("config file not found, please ensure config file is present at: {}", CONFIG_PATH),`
			`_ => println!("error occured reading config file: {}", e)`
			`}`
			`return Ok(())`
			`}`
			`}`

			`// let url = match &config.database {`
			`// DBConfig::Sqlite { path } => format!("sqlite:{}", path),`
			`// DBConfig::Postgres { host, port, user, password, dbname } => format!("postgres://{}:{}@{}:{}/{}", user, password, host, port, dbname),`
			`// DBConfig::Mysql { host, port, user, password, dbname } => format!("mysql://{}:{}@{}:{}/{}", user, password, host, port, dbname),`
			`// };`

simple auth using sqlite 2025-07-07 07:46:50 +05:00
			`let pool = SqlitePoolOptions::new()`
			`.max_connections(3)`
			`.connect("sqlite:/home/rafayahmad/Stuff/Coding/Rust/flux-sftp/auth.db").await?;`
			`let mut server = SftpServer { pool: Arc::new(pool) };`
initial code 2025-07-02 06:39:31 +05:00
added config, make config be used in general next step make config be used in database as well 2025-07-08 09:40:46 +05:00			`let russh_config = russh::server::Config {`
initial code 2025-07-02 06:39:31 +05:00			`auth_rejection_time: Duration::from_secs(3),`
			`auth_rejection_time_initial: Some(Duration::from_secs(0)),`
			`keys: vec![`
			`russh::keys::PrivateKey::random(&mut OsRng, russh::keys::Algorithm::Ed25519).unwrap(),`
			`],`
			`..Default::default()`
			`};`

added config, make config be used in general next step make config be used in database as well 2025-07-08 09:40:46 +05:00			`server.run_on_address(Arc::new(russh_config), (config.general.listen_address, config.general.port)).await.unwrap();`
simple auth using sqlite 2025-07-07 07:46:50 +05:00			`Ok(())`
initial code 2025-07-02 06:39:31 +05:00			`}`