Merge branch 'dev' into 'test'

was trying to get the tunnel based on the csrf-token header which is wrong. So... See merge request !82

Merge branch 'dev' into 'test'
was trying to get the tunnel based on the csrf-token header which is wrong. So... See merge request !82
587a257e · Chris Hines · 684ff8a0 · 8a6ac3d4 · 587a257e · 587a257e
Commit 587a257e authored 2 years ago by Chris Hines
--- a/tes/sshwrapper/__init__.py
+++ b/tes/sshwrapper/__init__.py
@@ -193,7 +193,7 @@ class Ssh:
        if sess.socket is None:
            raise SshAgentException("No ssh-agent yet")
        env['SSH_AUTH_SOCK'] = sess.socket
-        Ssh.validate_username(user)
+        #Ssh.validate_username(user)
        Ssh.validate_hostname(host)
        ctrlsocket = Ssh.get_ctrl_master_socket(sess, host, user, sshport)
        sftpcmd = Ssh.SFTPCMDWITHOPTS.copy()
@@ -239,7 +239,7 @@ class Ssh:
        if sess.socket is None:
            raise SshAgentException("No ssh-agent yet")
        env['SSH_AUTH_SOCK'] = sess.socket
-        Ssh.validate_username(user)
+        #Ssh.validate_username(user)
        Ssh.validate_hostname(host)
        ctrlsocket = Ssh.get_ctrl_master_socket(sess, host, user, sshport)
        if (path is None or path == ""):
@@ -297,7 +297,7 @@ class Ssh:
            host,sshport = host.split(':')
        if bastion is not None and ":" in bastion:
            bastion,bastionsshport = bastion.split(':')
-        Ssh.validate_username(user)
+        #Ssh.validate_username(user)
        Ssh.validate_hostname(host)
        Ssh.validate_command(cmd)
        if bastion == None:
@@ -403,7 +403,7 @@ class Ssh:
            host,sshport = host.split(':')
        Ssh.validate_port(port)
        Ssh.validate_hostname(batchhost)
-        Ssh.validate_username(user)
+        #Ssh.validate_username(user)
        Ssh.validate_hostname(host)
        ctrlsocket = Ssh.get_ctrl_master_socket(sess, host, user, sshport)
        localport = Ssh.get_free_port()

--- a/twsproxy/__init__.py
+++ b/twsproxy/__init__.py
@@ -53,6 +53,7 @@ class TWSProxy(threading.Thread):
                keepreading = False

        if port is not None:
+            logger.debug('authenticated connection {}'.format(self.csock))
            self.ssock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
            self.ssock.setblocking(True)
            try:
@@ -106,62 +107,31 @@ class TWSProxy(threading.Thread):
        import re
        import requests
        logger = logging.getLogger()
-        token = b'Authorization: token (?P<authtok>\w+)[\W|$]'
-        m = re.search(token,header)
-        if m:
-            try:
-                authtok = m.groupdict()['authtok'].rstrip()
-                s = requests.Session()
-                url = TES+'tunnelstat/'+authtok.decode()
-                try:
-                    r = s.get(url)
-                    port = r.json()
-                except:
-                    raise Exception('unable to get a port number for the authtok {}'.format(r.text))
-                return port
-            except Exception as e:
-                import traceback
-                logger.error('Exception')
-                logger.error(e)
-                logger.error(traceback.format_exc())
-                raise e
-        token = b'token=(?P<authtok>\w+)[&|\W|$]'
-        m = re.search(token,header)
-        if m:
-            try:
-                authtok = m.groupdict()['authtok'].rstrip()
-                s = requests.Session()
-                url = TES+'tunnelstat/'+authtok.decode()
+        token_formats = [ b'Authorization: token (?P<authtok>\w+)[\W|$]',
+                         b'token=(?P<authtok>\w+)[&|\W|$]',
+                         b'twsproxyauth=(?P<authtok>\w+)[\W|$]']
+
+        for token in token_formats:
+            m = re.search(token,header)
+            if m:
                try:
-                    r = s.get(url)
-                    port = r.json()
-                except:
-                    raise Exception('unable to get a port number for the authtok {}'.format(r.text))
-                return port
-            except Exception as e:
-                import traceback
-                logger.error('Exception')
-                logger.error(e)
-                logger.error(traceback.format_exc())
-                raise e
-        token = b'twsproxyauth=(?P<authtok>\w+)[\W|$]'
-        m = re.search(token,header)
-        if m:
-            authtok = m.groupdict()['authtok']
-            s = requests.Session()
-            url = TES+'tunnelstat/'+authtok.decode()
-            try:
-                r = s.get(url)
-                port = r.json()
-            except:
-                raise Exception('unable to get a port number for the authtok {}'.format(r.text))
-            return port
+                    authtok = m.groupdict()['authtok'].rstrip()
+                    s = requests.Session()
+                    url = TES+'tunnelstat/'+authtok.decode()
+                    try:
+                        r = s.get(url)
+                        port = r.json()
+                    except:
+                        raise Exception('unable to get a port number for the authtok {}'.format(r.text))
+                    if port is not None:
+                        return port
+                except Exception as e:
+                    import traceback
+                    logger.error('Exception')
+                    logger.error(e)
+                    logger.error(traceback.format_exc())
+                    raise e
        return None
-#        if m:
-#            print('match verify!',m.group(0))
-#            return 8888 
-#        else:
-#            return None


    @staticmethod
@@ -214,17 +184,23 @@ def mainserver(port=None):
    import logging
    import sys
    import os
+    to_log=None
    try:
        from logging.handlers import TimedRotatingFileHandler
        logger = logging.getLogger()
        handler = TimedRotatingFileHandler(filename="/var/log/strudel2/tws.log",when='h',interval=24,backupCount=7)
-        formatter = logging.Formater("%(asctime)s %(levelname)s:%(process)s: %(message)s")
+        formatter = logging.Formatter("%(asctime)s %(levelname)s:%(process)s: %(message)s")
        handler.setFormattter(formatter)
        logger.addHandler(handler)
-    except:
+    except Exception as e:
+        import traceback
+        to_log = "{}\n".format(e)
+        to_log = to_log + traceback.format_exc()
        logging.basicConfig(filename=os.path.expanduser("~/.tws.log"),format="%(asctime)s %(levelname)s:%(process)s: %(message)s")
    logger = logging.getLogger()
    logger.setLevel(logging.DEBUG)
+    if to_log is not None:
+        logger.debug(to_log)
    logger.debug("starting TWS proxy")
    if port is None:
        try:

--- a/twsproxy/server/__init__.py
+++ b/twsproxy/server/__init__.py
@@ -34,6 +34,7 @@ class TWSServer:
        while not self.stop.is_set():
            try:
                (clientsocket, address) = serversocket.accept()
+                logger.debug('accepted connection {}'.format(clientsocket))
            except socket.timeout:
                continue
            clientsocket.setblocking(True)