Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: consistent logs #286

Open
billchurch opened this issue May 18, 2022 · 5 comments
Open

feat: consistent logs #286

billchurch opened this issue May 18, 2022 · 5 comments
Labels
enhancement help wanted
Milestone
0.5.0

Comments

@billchurch
Copy link
Owner

logging is somewhat inconsistent throughout the code, working to make things more consistent
@billchurch
Copy link
Owner Author

log messages to be prefixed with:

WebSSH2 (<express session id>/<socket.io session id>) (<type>): <message>

Example:

WebSSH2 (48C6PpHh4efNC2nK9S8BhM8xA8tGLTq8/ZN5nZc2gsZEBQTVFAAAF) AUDIT: LOGIN user=root from=127.0.0.1 host=192.168.0.1:22

@billchurch
Copy link
Owner Author

billchurch commented May 18, 2022
edited

Debug messages planned to follow similar format

  WebSSH2 (DUN2aRdg2k7zLWMrQfPR3iWs3sNOVWZI/dAnsjbLTgOakVC2UAAAB) SOCKET DISCONNECTING: server namespace disconnect +0ms
  WebSSH2 (DUN2aRdg2k7zLWMrQfPR3iWs3sNOVWZI/dAnsjbLTgOakVC2UAAAB) CONN END BY HOST +0ms
  WebSSH2 (DUN2aRdg2k7zLWMrQfPR3iWs3sNOVWZI/dAnsjbLTgOakVC2UAAAB) CONN CLOSE +0ms

@billchurch
Copy link
Owner Author

billchurch commented May 19, 2022
edited

reworked client js to generate reauth control message to signify termination in order to support a "LOGOUT" log event.

Client:

webssh2/app/client/src/js/index.ts

Lines 63 to 68 in 50cfcb9

function reauthSession () { // eslint-disable-line
debug('re-authenticating');
socket.emit('control', 'reauth');
window.location.href = '/ssh/reauth';
return false;
}

Server:

webssh2/app/server/socket.js

Lines 172 to 184 in 50cfcb9

socket.on('control', (controlData) => {
if (controlData === 'replayCredentials' && socket.request.session.ssh.allowreplay) {
stream.write(`${socket.request.session.userpassword}\n`);
}
if (controlData === 'reauth' && socket.request.session.username && login === true) {
auditLog(
socket,
`LOGOUT user=${socket.request.session.username} from=${socket.handshake.address} host=${socket.request.session.ssh.host}:${socket.request.session.ssh.port}`
);
login = false;
conn.end();
socket.disconnect(true);
}

billchurch added a commit that referenced this issue May 19, 2022
@billchurch
feat!: consistent logging messages see #286
50cfcb9
@billchurch
Copy link
Owner Author

billchurch commented May 19, 2022
edited

Addition of login variable to track the state of the users login. Mostly to prevent multiple LOGOUT log entries as a "logout" can come from different events depending on how the session is terminated.

webssh2/app/server/socket.js

Line 77 in 78dafeb

let login = false;

webssh2/app/server/socket.js

Lines 84 to 92 in 78dafeb

socket.once('disconnecting', (reason) => {
webssh2debug(socket, `SOCKET DISCONNECTING: ${reason}`);
if (login === true) {
auditLog(
socket,
`LOGOUT user=${socket.request.session.username} from=${socket.handshake.address} host=${socket.request.session.ssh.host}:${socket.request.session.ssh.port}`
);
login = false;
}

webssh2/app/server/socket.js

Lines 116 to 125 in 78dafeb

conn.on('ready', () => {
webssh2debug(
socket,
`CONN READY: LOGIN: user=${socket.request.session.username} from=${socket.handshake.address} host=${socket.request.session.ssh.host} port=${socket.request.session.ssh.port} allowreplay=${socket.request.session.ssh.allowreplay} term=${socket.request.session.ssh.term}`
);
auditLog(
socket,
`LOGIN user=${socket.request.session.username} from=${socket.handshake.address} host=${socket.request.session.ssh.host}:${socket.request.session.ssh.port}`
);
login = true;

webssh2/app/server/socket.js

Lines 169 to 177 in 78dafeb

if (controlData === 'reauth' && socket.request.session.username && login === true) {
auditLog(
socket,
`LOGOUT user=${socket.request.session.username} from=${socket.handshake.address} host=${socket.request.session.ssh.host}:${socket.request.session.ssh.port}`
);
login = false;
conn.end();
socket.disconnect(true);
}

webssh2/app/server/socket.js

Lines 190 to 203 in 78dafeb

stream.on('close', (code, signal) => {
webssh2debug(socket, `STREAM CLOSE: ${util.inspect([code, signal])}`);
if (socket.request.session?.username && login === true) {
auditLog(
socket,
`LOGOUT user=${socket.request.session.username} from=${socket.handshake.address} host=${socket.request.session.ssh.host}:${socket.request.session.ssh.port}`
);
login = false;
}
if (code !== 0 && typeof code !== 'undefined')
logError(socket, 'STREAM CLOSE', util.inspect({ message: [code, signal] }));
socket.disconnect(true);
conn.end();
});

@billchurch billchurch reopened this May 20, 2022
@billchurch
Copy link
Owner Author

While, I have the logging "consistent" for the messages that are output. It's maybe not industry standard of any sort.

Feedback welcome for the format... For reference: https://www.graylog.org/post/log-formats-a-complete-guide

@billchurch billchurch added this to the 0.5.0 milestone Jul 31, 2022
@github-actions github-actions bot mentioned this issue Aug 2, 2022
Closed
@billchurch billchurch mentioned this issue Aug 2, 2022
Merged
This was referenced Aug 2, 2022
Closed
Merged
Merged
Merged
@billchurch billchurch mentioned this issue Aug 22, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement help wanted
Projects
None yet
Milestone
0.5.0
Development

No branches or pull requests
1 participant
@billchurch