Permalink
Browse files

Added key_secret command line option for host authentication; addedd …

…shell_command option for host; minor upgrade alert text update
  • Loading branch information...
1 parent 6dc7d58 commit d0f3f37bebc231029e334f5fb92113417827b446 @mitotic committed Sep 12, 2012
Showing with 46 additions and 20 deletions.
  1. +22 −13 graphterm/gtermhost.py
  2. +11 −2 graphterm/gtermserver.py
  3. +9 −4 graphterm/lineterm.py
  4. +3 −0 graphterm/packetserver.py
  5. +1 −1 graphterm/www/graphterm.js
View
@@ -46,7 +46,7 @@
OSHELL_NAME = "osh"
##SHELL_CMD = "bash -l"
-SHELL_CMD = "/bin/bash -l"
+SHELL_CMD = "/bin/bash"
# Short prompt (long prompt with directory metadata fills most of row)
##PROMPT_PREFIX = '<gtprompt/>' # Unique prompt prefix
@@ -125,18 +125,21 @@ def add_blob(self, blob_id, headers, content):
class TerminalClient(packetserver.RPCLink, packetserver.PacketClient):
_all_connections = {}
all_cookies = {}
- def __init__(self, host, port, command=SHELL_CMD, host_secret="", oshell=False, io_loop=None, ssl_options={},
- term_type="", term_encoding="utf-8", widget_port=0, lterm_logfile=""):
+ def __init__(self, host, port, host_secret="", oshell=False, io_loop=None, ssl_options={},
+ command="", term_type="", term_encoding="utf-8", widget_port=0, lterm_logfile="", key_secret=None, key_version=None):
super(TerminalClient, self).__init__(host, port, io_loop=io_loop,
ssl_options=ssl_options, max_packet_buf=3,
- reconnect_sec=RETRY_SEC, server_type="frame")
- self.term_type = term_type
+ reconnect_sec=RETRY_SEC, server_type="frame",
+ key_secret=key_secret, key_version=key_version)
self.host_secret = host_secret
- self.widget_port = widget_port
+ self.oshell = oshell
+
+ self.command = command or SHELL_CMD
+ self.term_type = term_type
self.term_encoding = term_encoding
+ self.widget_port = widget_port
self.lterm_logfile = lterm_logfile
- self.command = command
- self.oshell = oshell
+
self.terms = {}
self.lineterm = None
self.server_url = ("https" if ssl_options else "http") + "://" + host + ":" + str(port+1)
@@ -188,12 +191,12 @@ def remove_term(self, term_name):
else:
self.lineterm.kill_term(term_name)
- def xterm(self, term_name="", height=25, width=80, command=SHELL_CMD):
+ def xterm(self, term_name="", height=25, width=80, command=""):
if not self.lineterm:
version_str = gtermapi.API_VERSION
if gtermapi.API_MIN_VERSION and version_str != gtermapi.API_MIN_VERSION and not version_str.startswith(gtermapi.API_MIN_VERSION+"."):
version_str += "/" + gtermapi.API_MIN_VERSION
- self.lineterm = lineterm.Multiplex(self.screen_callback, command=command,
+ self.lineterm = lineterm.Multiplex(self.screen_callback, command=(command or self.command),
shared_secret=self.host_secret, host=self.connection_id,
server_url=self.server_url, prompt=SHELL_PROMPT, term_type=self.term_type,
api_version=version_str,
@@ -624,7 +627,7 @@ def gterm_shutdown_aux():
pass
Host_connections = {}
-def gterm_connect(host_name, server_addr, server_port=DEFAULT_HOST_PORT, shell_cmd=SHELL_CMD, connect_kw={},
+def gterm_connect(host_name, server_addr, server_port=DEFAULT_HOST_PORT, connect_kw={},
oshell_globals=None, oshell_thread=False, oshell_unsafe=False, oshell_workdir="",
oshell_init="", oshell_db_interface=None, oshell_hold_wrapper=None,
oshell_no_input=True, gterm_callback=None, io_loop=None):
@@ -649,7 +652,7 @@ def gterm_connect(host_name, server_addr, server_port=DEFAULT_HOST_PORT, shell_c
host_secret = "%016x" % random.randrange(0, 2**64)
host_connection = TerminalClient.get_client(host_name,
- connect=(server_addr, server_port, shell_cmd, host_secret, bool(oshell_globals)),
+ connect=(server_addr, server_port, host_secret, bool(oshell_globals)),
connect_kw=connect_kw)
Host_connections[host_secret] = host_connection
@@ -687,8 +690,10 @@ def run_host(options, args):
Gterm_host, Host_secret, Trace_shell = gterm_connect(host_name, options.server_addr,
server_port=options.server_port,
- connect_kw={"term_type": options.term_type,
+ connect_kw={"command": options.shell_command,
+ "term_type": options.term_type,
"term_encoding": options.term_encoding,
+ "key_secret": options.server_secret or None,
"widget_port":
(DEFAULT_HTTP_PORT-2 if options.widgets else 0)},
oshell_globals=oshell_globals,
@@ -732,7 +737,11 @@ def main():
help="Server hostname (or IP address) (default: localhost)")
parser.add_option("", "--server_port", dest="server_port", default=DEFAULT_HOST_PORT,
help="Server port (default: %d)" % DEFAULT_HOST_PORT, type="int")
+ parser.add_option("", "--server_secret", dest="server_secret", default="",
+ help="Server secret (for host authentication)")
+ parser.add_option("", "--shell_command", dest="shell_command", default=SHELL_CMD,
+ help="Shell command (default: %s) % SHELL_CMD")
parser.add_option("", "--oshell", dest="oshell", action="store_true",
help="Activate otrace/oshell")
parser.add_option("", "--oshell_input", dest="oshell_input", action="store_true",
View
@@ -600,8 +600,9 @@ def get_matching_paths(cls, regexp):
matchpaths.append(path)
return matchpaths
- def __init__(self, stream, address, server_address, ssl_options={}):
+ def __init__(self, stream, address, server_address, key_secret=None, key_version=None, ssl_options={}):
super(TerminalConnection, self).__init__(stream, address, server_address, server_type="frame",
+ key_secret=key_secret, key_version=key_version,
ssl_options=ssl_options, max_packet_buf=2)
self.term_set = set()
self.term_count = 0
@@ -1002,7 +1003,8 @@ def get(self):
internal_server_ssl = {"certfile": certfile, "keyfile": keyfile} if options.internal_https else None
internal_client_ssl = {"cert_reqs": ssl.CERT_REQUIRED, "ca_certs": certfile} if options.internal_https else None
- TerminalConnection.start_tcp_server(internal_host, internal_port, io_loop=IO_loop, ssl_options=internal_server_ssl)
+ TerminalConnection.start_tcp_server(internal_host, internal_port, io_loop=IO_loop,
+ key_secret=(options.server_secret or None), ssl_options=internal_server_ssl)
if options.internal_https or options.nolocal:
# Internal https causes tornado to loop (client fails to connect to server)
@@ -1014,8 +1016,10 @@ def get(self):
Local_client, Host_secret, Trace_shell = gtermhost.gterm_connect(LOCAL_HOST, internal_host,
server_port=internal_port,
connect_kw={"ssl_options": internal_client_ssl,
+ "command": options.shell_command,
"term_type": options.term_type,
"term_encoding": options.term_encoding,
+ "key_secret": options.server_secret or None,
"lterm_logfile": options.lterm_logfile,
"widget_port":
(gtermhost.DEFAULT_HTTP_PORT-2 if options.widgets else 0)},
@@ -1093,6 +1097,8 @@ def main():
help="Hostname (or IP address) (default: localhost)")
parser.add_option("", "--port", dest="port", default=gtermhost.DEFAULT_HTTP_PORT,
help="IP port (default: %d)" % gtermhost.DEFAULT_HTTP_PORT, type="int")
+ parser.add_option("", "--server_secret", dest="server_secret", default="",
+ help="Server secret (for host authentication)")
parser.add_option("", "--terminal", dest="terminal", action="store_true",
help="Open new terminal window")
@@ -1103,6 +1109,9 @@ def main():
parser.add_option("", "--nolocal", dest="nolocal", action="store_true",
help="Disable connection to localhost")
+
+ parser.add_option("", "--shell_command", dest="shell_command", default="",
+ help="Shell command")
parser.add_option("", "--oshell", dest="oshell", action="store_true",
help="Activate otrace/oshell")
parser.add_option("", "--oshell_input", dest="oshell_input", action="store_true",
View
@@ -60,7 +60,8 @@
MAX_LOG_CHARS = 8
BINDIR = "bin"
-Exec_path = os.path.join(os.path.dirname(__file__), BINDIR)
+File_dir = os.path.dirname(__file__)
+Exec_path = os.path.join(File_dir, BINDIR)
Gls_path = os.path.join(Exec_path, "gls")
Exec_errmsg = False
@@ -1613,19 +1614,23 @@ def term_env(self, term_name, cookie, export=False):
env.append( ("PROMPT_COMMAND", cmd_fmt % (GRAPHTERM_SCREEN_CODES[0], GRAPHTERM_SCREEN_CODES[0]) ) )
- if export:
- env.append( ("GRAPHTERM_EXPORT", socket.getfqdn() or "unknown") )
+ env.append( ("GRAPHTERM_DIR", File_dir) )
return env
def export_environment(self, term_name):
term = self.proc.get(term_name)
if term:
+ term.pty_write('[ "$GRAPHTERM_COOKIE" ] || export GRAPHTERM_EXPORT="%s"\n' % (socket.getfqdn() or "unknown",))
for name, value in self.term_env(term_name, term.cookie, export=True):
try:
- term.pty_write("export %s='%s'\n" % (name, value))
+ if name in ("GRAPHTERM_DIR",):
+ term.pty_write( ('[ "$%s" ] || ' % name) + ("export %s='%s'\n" % (name, value)) )
+ else:
+ term.pty_write( "export %s='%s'\n" % (name, value) ) # Keep inner single quotes to handle PROMPT_COMMAND
except Exception:
print >> sys.stderr, "lineterm: Error exporting environment to %s" % term_name
break
+ term.pty_write('[[ "$PATH" != */graphterm/* ]] && [ -d "$GRAPHTERM_DIR" ] && export PATH="$GRAPHTERM_DIR/%s:$PATH"\n' % BINDIR)
def set_size(self, term_name, height, width):
# python bug http://python.org/sf/1112949 on amd64
@@ -623,6 +623,7 @@ def rpc_connect(self, connection_id, key_version, nonce, token):
if token != server_token:
self.send_json([0, ["shutdown", ["Invalid server token"]] ], nobuffer=True)
self.shutdown()
+ logging.warning("RPCLink.rpc_connect: Invalid server token")
return
self.rpc_client_token = client_token
self.send_json([0, ["validate", [self.rpc_client_token, self.received_id], self.rpc_state]], nobuffer=True)
@@ -633,6 +634,7 @@ def rpc_connect(self, connection_id, key_version, nonce, token):
self.send_json([0, ["shutdown", ["Invalid key version: %s" % key_version]] ],
nobuffer=True)
self.shutdown()
+ logging.warning("RPCLink.rpc_connect: Invalid key version: %s", key_version)
return
self.rpc_unvalidated_id = connection_id
@@ -645,6 +647,7 @@ def rpc_server_validate(self, token):
if token != self.rpc_client_token:
self.send_json([0, ["shutdown", ["Invalid client token"]] ], nobuffer=True)
self.shutdown()
+ logging.warning("RPCLink.rpc_server_validate: Invalid client token")
return False
self.new_connection(self.rpc_unvalidated_id)
self.send_json([0, ["validate", [None, self.received_id], self.rpc_state]], nobuffer=True)
@@ -1961,7 +1961,7 @@ function CheckUpdates() {
if (gParams.about_version == data.info.version) {
GTPopAlert('GraphTerm is up-to-date (version: '+gParams.about_version+').');
} else {
- GTPopAlert('A new release of GraphTerm ('+data.info.version+') is available!<p>Use <b>easy_install --upgrade graphterm</b><br> or download from the <a href="'+PYPI_URL+'" target="_blank">Python Package Index</a>', true);
+ GTPopAlert('A new release of GraphTerm ('+data.info.version+') is available!<p>Upgrade using <b>sudo easy_install --upgrade graphterm</b><br>Followed by <b>sudo gterm_setup</b><br> OR download from the <a href="'+PYPI_URL+'" target="_blank">Python Package Index</a>', true);
}
});
gWebSocket.write([["check_updates"]]);

0 comments on commit d0f3f37

Please sign in to comment.