github
/
teleport
mirror of https://github.com/tp4a/teleport
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

1. 调整rdp日志输出;2. 优化当SSH连接时会话ID无效的处理;3. 部分代码格式化;

feature/assist-websocket
Apex Liu 2022-05-25 01:19:27 +08:00
parent 21c2432f29
commit 3409a2fd57
16 changed files with 765 additions and 755 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
server/tp_core/core/main.cpp
View File

@ -86,7 +86,8 @@ static bool process_cmd_line_(int argc, wchar_t** argv)
g_run_type = RUN_CORE;
continue;
}
else if (0 == wcscmp(argv[i], L"stop")) {
else if (0 == wcscmp(argv[i], L"stop"))
{
g_run_type = RUN_STOP;
continue;
}
@ -160,7 +161,8 @@ int app_main_(int argc, wchar_t** argv)
return 1;
}
if (g_run_type == RUN_STOP) {
if (g_run_type == RUN_STOP)
{
char url[1024] = {0};
ex_strformat(url, 1023, R"(http://%s:%d/rpc?{"method":"exit"})", g_env.rpc_bind_ip.c_str(), g_env.rpc_bind_port);
ex_astr body;
@ -186,7 +188,6 @@ int app_main_(int argc, wchar_t** argv)
}
#ifdef EX_OS_WIN32
#ifdef EX_DEBUG

49
server/tp_core/core/tp_tpp_mgr.cpp
View File

@ -6,7 +6,8 @@ TppManager g_tpp_mgr;
extern ExLogger g_ex_logger;
bool TppManager::load_tpp(const ex_wstr& libname) {
bool TppManager::load_tpp(const ex_wstr& libname)
{
ex_wstr filename;
#ifdef EX_OS_WIN32
filename = libname + L".dll";
@ -27,7 +28,8 @@ bool TppManager::load_tpp(const ex_wstr& libname) {
auto lib = new TPP_LIB;
lib->dylib = ex_dlopen(lib_file.c_str());
if (nullptr == lib->dylib) {
if (nullptr == lib->dylib)
{
EXLOGE(L"[core] load dylib `%ls` failed.\n", lib_file.c_str());
delete lib;
return false;
@ -40,11 +42,11 @@ bool TppManager::load_tpp(const ex_wstr& libname) {
lib->timer = (TPP_TIMER_FUNC)GetProcAddress(lib->dylib, "tpp_timer");
lib->command = (TPP_COMMAND_FUNC)GetProcAddress(lib->dylib, "tpp_command");
#else
lib->init = (TPP_INIT_FUNC) dlsym(lib->dylib, "tpp_init");
lib->start = (TPP_START_FUNC) dlsym(lib->dylib, "tpp_start");
lib->stop = (TPP_STOP_FUNC) dlsym(lib->dylib, "tpp_stop");
lib->timer = (TPP_TIMER_FUNC) dlsym(lib->dylib, "tpp_timer");
lib->command = (TPP_COMMAND_FUNC) dlsym(lib->dylib, "tpp_command");
lib->init = (TPP_INIT_FUNC)dlsym(lib->dylib, "tpp_init");
lib->start = (TPP_START_FUNC)dlsym(lib->dylib, "tpp_start");
lib->stop = (TPP_STOP_FUNC)dlsym(lib->dylib, "tpp_stop");
lib->timer = (TPP_TIMER_FUNC)dlsym(lib->dylib, "tpp_timer");
lib->command = (TPP_COMMAND_FUNC)dlsym(lib->dylib, "tpp_command");
#endif
if (
@ -53,7 +55,8 @@ bool TppManager::load_tpp(const ex_wstr& libname) {
|| lib->stop == nullptr
|| lib->timer == nullptr
|| lib->command == nullptr
) {
)
{
EXLOGE(L"[core] load dylib `%ls` failed, can not locate all functions.\n", lib_file.c_str());
delete lib;
return false;
@ -71,12 +74,14 @@ bool TppManager::load_tpp(const ex_wstr& libname) {
init_args.func_session_update = tpp_session_update;
init_args.func_session_end = tpp_session_end;
if (EXRV_OK != lib->init(&init_args)) {
if (EXRV_OK != lib->init(&init_args))
{
EXLOGE(L"[core] failed to init protocol `%ls`.\n", libname.c_str());
delete lib;
return false;
}
if (EXRV_OK != lib->start()) {
if (EXRV_OK != lib->start())
{
EXLOGE(L"[core] failed to start protocol `%ls`.\n", libname.c_str());
delete lib;
return false;
@ -86,14 +91,18 @@ bool TppManager::load_tpp(const ex_wstr& libname) {
return true;
}
void TppManager::stop_all() {
for (auto& lib : m_libs) {
void TppManager::stop_all()
{
for (auto& lib: m_libs)
{
lib->stop();
}
}
void TppManager::timer() {
for (auto& lib : m_libs) {
void TppManager::timer()
{
for (auto& lib: m_libs)
{
lib->timer();
}
}
@ -110,14 +119,18 @@ void TppManager::timer() {
// }
// }
void TppManager::set_runtime_config(const ex_astr& sp) {
for (auto& lib : m_libs) {
void TppManager::set_runtime_config(const ex_astr& sp)
{
for (auto& lib: m_libs)
{
lib->command(TPP_CMD_SET_RUNTIME_CFG, sp.c_str());
}
}
void TppManager::kill_sessions(const ex_astr& sp) {
for (auto& lib : m_libs) {
void TppManager::kill_sessions(const ex_astr& sp)
{
for (auto& lib: m_libs)
{
lib->command(TPP_CMD_KILL_SESSIONS, sp.c_str());
}
}

21
server/tp_core/core/tp_tpp_mgr.h
View File

@ -5,17 +5,20 @@
#include <ex.h>
typedef struct TPP_LIB {
typedef struct TPP_LIB
{
TPP_LIB() :
dylib(nullptr),
init(nullptr),
start(nullptr),
stop(nullptr),
timer(nullptr),
command(nullptr) {
command(nullptr)
{
}
~TPP_LIB() {
~TPP_LIB()
{
if (nullptr != dylib)
ex_dlclose(dylib);
dylib = nullptr;
@ -31,12 +34,15 @@ typedef struct TPP_LIB {
typedef std::list<TPP_LIB*> tpp_libs;
class TppManager {
class TppManager
{
public:
TppManager() = default;
~TppManager() {
for (auto lib : m_libs) {
~TppManager()
{
for (auto lib: m_libs)
{
delete lib;
}
m_libs.clear();
@ -48,7 +54,8 @@ public:
void timer(); // 大约1秒调用一次
int count() {
size_t count()
{
return m_libs.size();
}

4
server/tp_core/core/ts_crypto.cpp
View File

@ -87,7 +87,7 @@ bool ts_db_field_encrypt(const ex_bin& bin_dec, ex_astr& str_enc)
}
// ¼ÓÃÜ
unsigned char iv[16] = { 0 };
unsigned char iv[16] = {0};
memset(iv, 0, 16);
if (0 != mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_ENCRYPT, enc_size, iv, &bin_be_enc[0], &bin_enc[0]))
{
@ -148,7 +148,7 @@ bool ts_db_field_decrypt(const ex_astr& str_enc, ex_bin& bin_dec)
}
// ½âÃÜ
unsigned char iv[16] = { 0 };
unsigned char iv[16] = {0};
memset(iv, 0, 16);
if (0 != mbedtls_aes_crypt_cbc(&ctx, MBEDTLS_AES_DECRYPT, enc_size, iv, &bin_enc[0], &bin_tmp[0]))
{

2
server/tp_core/core/ts_crypto.h
View File

@ -5,9 +5,11 @@
// 用于数据库字段的加密/解密使用内置密钥加密结果为base64编码的字符串
bool ts_db_field_encrypt(const ex_bin& bin_dec, ex_astr& str_enc);
bool ts_db_field_decrypt(const ex_astr& str_enc, ex_bin& bin_dec);
bool ts_db_field_encrypt(const ex_astr& str_dec, ex_astr& str_enc);
bool ts_db_field_decrypt(const ex_astr& str_enc, ex_astr& str_dec);

17
server/tp_core/core/ts_env.cpp
View File

@ -3,11 +3,9 @@
TsEnv g_env;
TsEnv::TsEnv()
{}
TsEnv::TsEnv() {}
TsEnv::~TsEnv()
{}
TsEnv::~TsEnv() {}
bool TsEnv::init(bool load_config)
{
@ -18,7 +16,7 @@ bool TsEnv::init(bool load_config)
m_exec_path = m_exec_file;
ex_dirname(m_exec_path);
if(!load_config)
if (!load_config)
return true;
// check development flag file, if exists, run in development mode for trace and debug.
@ -68,7 +66,7 @@ bool TsEnv::init(bool load_config)
}
ExIniSection* ps = m_ini.GetSection(L"common");
if(NULL == ps)
if (NULL == ps)
ps = m_ini.GetDumySection();
ex_wstr replay_path;
@ -89,7 +87,7 @@ bool TsEnv::init(bool load_config)
ex_remove_white_space(log_file);
if (log_file[0] == L'"' || log_file[0] == L'\'')
log_file.erase(0, 1);
if (log_file[ log_file.length() - 1 ] == L'"' || log_file[log_file.length() - 1] == L'\'')
if (log_file[log_file.length() - 1] == L'"' || log_file[log_file.length() - 1] == L'\'')
log_file.erase(log_file.length() - 1, 1);
log_path = log_file;
@ -106,7 +104,8 @@ bool TsEnv::init(bool load_config)
int debug_mode = 0;
ps->GetInt(L"debug-mode", debug_mode, 0);
if (debug_mode == 1) {
if (debug_mode == 1)
{
EXLOG_LEVEL(EX_LOG_LEVEL_DEBUG);
EXLOG_DEBUG(true);
}
@ -139,7 +138,7 @@ bool TsEnv::init(bool load_config)
rpc_bind_port = TS_HTTP_RPC_PORT;
}
char port_str[20] = { 0 };
char port_str[20] = {0};
ex_strformat(port_str, 20, "%d", rpc_bind_port);
core_server_rpc = "http://" + rpc_bind_ip + ":" + port_str + "/rpc";

1
server/tp_core/core/ts_env.h
View File

@ -7,6 +7,7 @@ class TsEnv
{
public:
TsEnv();
~TsEnv();
bool init(bool load_config);

87
server/tp_core/core/ts_http_client.cpp
View File

@ -3,10 +3,10 @@
#include <ex/ex_str.h>
void ts_url_encode(const char *src, ex_astr& out)
void ts_url_encode(const char* src, ex_astr& out)
{
static const char *dont_escape = "._-$,;~()/";
static const char *hex = "0123456789abcdef";
static const char* dont_escape = "._-$,;~()/";
static const char* hex = "0123456789abcdef";
size_t s_len = strlen(src);
size_t dst_len = s_len * 3 + 1;
@ -15,56 +15,60 @@ void ts_url_encode(const char *src, ex_astr& out)
size_t i = 0, j = 0;
for (i = j = 0; dst_len > 0 && i < s_len && j + 2 < dst_len - 1; i++, j++) {
if (isalnum(*(const unsigned char *)(src + i)) ||
strchr(dont_escape, *(const unsigned char *)(src + i)) != NULL) {
for (i = j = 0; dst_len > 0 && i < s_len && j + 2 < dst_len - 1; i++, j++)
{
if (isalnum(*(const unsigned char*)(src + i)) ||
strchr(dont_escape, *(const unsigned char*)(src + i)) != nullptr)
{
dst[j] = src[i];
}
else if (j + 3 < dst_len) {
else if (j + 3 < dst_len)
{
dst[j] = '%';
dst[j + 1] = hex[(*(const unsigned char *)(src + i)) >> 4];
dst[j + 2] = hex[(*(const unsigned char *)(src + i)) & 0xf];
dst[j + 1] = hex[(*(const unsigned char*)(src + i)) >> 4];
dst[j + 2] = hex[(*(const unsigned char*)(src + i)) & 0xf];
j += 2;
}
}
dst[j] = '\0';
out = dst;
delete []dst;
delete[]dst;
}
typedef struct HTTP_DATA {
typedef struct HTTP_DATA
{
bool exit_flag;
bool have_error;
ex_astr body;
}HTTP_DATA;
} HTTP_DATA;
static void ev_handler(struct mg_connection *nc, int ev, void *ev_data)
static void ev_handler(struct mg_connection* nc, int ev, void* ev_data)
{
HTTP_DATA* hdata = (HTTP_DATA*)nc->user_data;
struct http_message *hm = (struct http_message *) ev_data;
auto* p_http_data = (HTTP_DATA*)nc->user_data;
auto* hm = (struct http_message*)ev_data;
switch (ev) {
switch (ev)
{
case MG_EV_CONNECT:
if (*(int *)ev_data != 0) {
hdata->exit_flag = true;
hdata->have_error = true;
if (*(int*)ev_data != 0)
{
p_http_data->exit_flag = true;
p_http_data->have_error = true;
}
break;
case MG_EV_HTTP_REPLY:
nc->flags |= MG_F_CLOSE_IMMEDIATELY;
//hdata->exit_flag = true;
hdata->body.assign(hm->body.p, hm->body.len);
case MG_EV_HTTP_REPLY: nc->flags |= MG_F_CLOSE_IMMEDIATELY;
//p_http_data->exit_flag = true;
p_http_data->body.assign(hm->body.p, hm->body.len);
break;
case MG_EV_CLOSE:
// if (s_exit_flag == 0) {
// printf("Server closed connection\n");
// s_exit_flag = 1;
// }
hdata->exit_flag = true;
break;
default:
// if (s_exit_flag == 0) {
// printf("Server closed connection\n");
// s_exit_flag = 1;
// }
p_http_data->exit_flag = true;
break;
default: break;
}
}
@ -139,29 +143,30 @@ bool ts_http_get(const ex_astr& url, ex_astr& body)
bool ts_http_get(const ex_astr& url, ex_astr& body)
{
struct mg_mgr _mgr;
mg_mgr_init(&_mgr, NULL);
struct mg_mgr _mgr{};
mg_mgr_init(&_mgr, nullptr);
mg_connection* nc = mg_connect_http(&_mgr, ev_handler, url.c_str(), NULL, NULL);
if (nc == nullptr) {
mg_connection* nc = mg_connect_http(&_mgr, ev_handler, url.c_str(), nullptr, nullptr);
if (nc == nullptr)
{
mg_mgr_free(&_mgr);
return false;
}
HTTP_DATA hdata;
hdata.exit_flag = false;
hdata.have_error = false;
HTTP_DATA http_data;
http_data.exit_flag = false;
http_data.have_error = false;
nc->user_data = (void*)&hdata;
nc->user_data = (void*)&http_data;
while (!hdata.exit_flag)
while (!http_data.exit_flag)
{
mg_mgr_poll(&_mgr, 100);
}
bool ret = !hdata.have_error;
bool ret = !http_data.have_error;
if (ret)
body = hdata.body;
body = http_data.body;
mg_mgr_free(&_mgr);
return ret;

3
server/tp_core/core/ts_http_client.h
View File

@ -3,7 +3,8 @@
#include <ex.h>
void ts_url_encode(const char *src, ex_astr& out);
void ts_url_encode(const char* src, ex_astr& out);
bool ts_http_get(const ex_astr& url, ex_astr& body);
#endif // __TS_HTTP_CLIENT_H__

92
server/tp_core/core/ts_http_rpc.cpp
View File

@ -9,53 +9,9 @@
#include <teleport_const.h>
#include <sstream>
#if 0
#define HEXTOI(x) (isdigit(x) ? (x) - '0' : (x) - 'W')
int ts_url_decode(const char* src, int src_len, char* dst, int dst_len, int is_form_url_encoded)
TsHttpRpc::TsHttpRpc() : ExThreadBase("http-rpc-thread")
{
int i, j, a, b;
if(src_len == 0 || dst == nullptr || dst_len == 0)
return 0;
for (i = j = 0; i < src_len && j < dst_len - 1; i++, j++)
{
if (src[i] == '%')
{
if (i < src_len - 2 && isxdigit(*(const unsigned char*)(src + i + 1)) &&
isxdigit(*(const unsigned char*)(src + i + 2)))
{
a = tolower(*(const unsigned char*)(src + i + 1));
b = tolower(*(const unsigned char*)(src + i + 2));
dst[j] = (char)((HEXTOI(a) << 4) | HEXTOI(b));
i += 2;
}
else
{
return -1;
}
}
else if (is_form_url_encoded && src[i] == '+')
{
dst[j] = ' ';
}
else
{
dst[j] = src[i];
}
}
dst[j] = '\0'; /* Null-terminate the destination */
return i >= src_len ? j : -1;
}
#endif
TsHttpRpc::TsHttpRpc() :
ExThreadBase("http-rpc-thread")
{
mg_mgr_init(&m_mg_mgr, NULL);
mg_mgr_init(&m_mg_mgr, nullptr);
}
TsHttpRpc::~TsHttpRpc()
@ -63,7 +19,7 @@ TsHttpRpc::~TsHttpRpc()
mg_mgr_free(&m_mg_mgr);
}
void TsHttpRpc::_thread_loop(void)
void TsHttpRpc::_thread_loop()
{
EXLOGI("[core] TeleportServer-RPC ready on %s:%d\n", m_host_ip.c_str(), m_host_port);
@ -76,25 +32,19 @@ void TsHttpRpc::_thread_loop(void)
}
bool TsHttpRpc::init(void)
bool TsHttpRpc::init()
{
struct mg_connection* nc = NULL;
m_host_ip = g_env.rpc_bind_ip;
m_host_port = g_env.rpc_bind_port;
char addr[128] = {0};
// if (0 == strcmp(m_host_ip.c_str(), "127.0.0.1") || 0 == strcmp(m_host_ip.c_str(), "localhost"))
// ex_strformat(addr, 128, ":%d", m_host_port);
// else
// ex_strformat(addr, 128, "%s:%d", m_host_ip.c_str(), m_host_port);
if (0 == strcmp(m_host_ip.c_str(), "0.0.0.0"))
ex_strformat(addr, 128, ":%d", m_host_port);
else
ex_strformat(addr, 128, "%s:%d", m_host_ip.c_str(), m_host_port);
nc = mg_bind(&m_mg_mgr, addr, _mg_event_handler);
if (NULL == nc)
auto* nc = mg_bind(&m_mg_mgr, addr, _mg_event_handler);
if (nc == nullptr)
{
EXLOGE("[core] rpc listener failed to bind at %s.\n", addr);
return false;
@ -115,10 +65,10 @@ bool TsHttpRpc::init(void)
void TsHttpRpc::_mg_event_handler(struct mg_connection* nc, int ev, void* ev_data)
{
struct http_message* hm = (struct http_message*)ev_data;
auto* hm = (struct http_message*)ev_data;
TsHttpRpc* _this = (TsHttpRpc*)nc->user_data;
if (NULL == _this)
auto* _this = (TsHttpRpc*)nc->user_data;
if (_this == nullptr)
{
EXLOGE("[core] rpc invalid http request.\n");
return;
@ -168,7 +118,7 @@ void TsHttpRpc::_mg_event_handler(struct mg_connection* nc, int ev, void* ev_dat
ex_rv TsHttpRpc::_parse_request(struct http_message* req, ex_astr& func_cmd, Json::Value& json_param)
{
if (NULL == req)
if (req == nullptr)
return TPE_PARAM;
bool is_get = true;
@ -203,14 +153,14 @@ ex_rv TsHttpRpc::_parse_request(struct http_message* req, ex_astr& func_cmd, Jso
ex_chars sztmp;
sztmp.resize(len);
memset(&sztmp[0], 0, len);
if (-1 == ex_url_decode(json_str.c_str(), json_str.length(), &sztmp[0], len, 0))
memset(sztmp.data(), 0, len);
if (-1 == ex_url_decode(json_str.c_str(), json_str.length(), sztmp.data(), len, 0))
return TPE_HTTP_URL_ENCODE;
json_str = &sztmp[0];
json_str = sztmp.data();
}
if (0 == json_str.length())
if (json_str.empty())
return TPE_PARAM;
//Json::Reader jreader;
@ -339,8 +289,7 @@ void TsHttpRpc::_rpc_func_get_config(const Json::Value& json_param, ex_astr& buf
ExIniFile& ini = g_env.get_ini();
ex_ini_sections& secs = ini.GetAllSections();
ex_ini_sections::iterator it = secs.begin();
for (; it != secs.end(); ++it)
for (auto it = secs.begin(); it != secs.end(); ++it)
{
if (it->first.length() > 9 && 0 == wcsncmp(it->first.c_str(), L"protocol-", 9))
{
@ -374,7 +323,6 @@ void TsHttpRpc::_rpc_func_request_session(const Json::Value& json_param, ex_astr
{
// https://github.com/tp4a/teleport/wiki/TELEPORT-CORE-JSON-RPC#request_session
int conn_id = 0;
ex_rv rv = TPE_OK;
if (json_param["conn_id"].isNull())
@ -388,14 +336,14 @@ void TsHttpRpc::_rpc_func_request_session(const Json::Value& json_param, ex_astr
return;
}
conn_id = json_param["conn_id"].asInt();
int conn_id = json_param["conn_id"].asInt();
if (0 == conn_id)
{
_create_json_ret(buf, TPE_PARAM);
return;
}
TS_CONNECT_INFO* info = new TS_CONNECT_INFO;
auto* info = new TS_CONNECT_INFO;
if ((rv = ts_web_rpc_get_conn_info(conn_id, *info)) != TPE_OK)
{
_create_json_ret(buf, rv);
@ -444,7 +392,7 @@ void TsHttpRpc::_rpc_func_kill_sessions(const Json::Value& json_param, ex_astr&
}
Json::Value s = json_param["sessions"];
int cnt = s.size();
int cnt = (int)s.size();
for (int i = 0; i < cnt; ++i)
{
if (!s[i].isString())
@ -452,7 +400,7 @@ void TsHttpRpc::_rpc_func_kill_sessions(const Json::Value& json_param, ex_astr&
_create_json_ret(buf, TPE_PARAM);
return;
}
}
};
EXLOGV("[core] try to kill %d sessions.\n", cnt);
ex_astr sp = s.toStyledString();
@ -542,7 +490,7 @@ void TsHttpRpc::_rpc_func_set_config(const Json::Value& json_param, ex_astr& buf
return;
}
int noop_timeout = json_param["noop_timeout"].asUInt();
int noop_timeout = json_param["noop_timeout"].asInt();
EXLOGV("[core] set run-time config:\n");
EXLOGV("[core] noop_timeout = %dm\n", noop_timeout);

18
server/tp_core/core/ts_http_rpc.h
View File

@ -13,36 +13,44 @@ class TsHttpRpc : public ExThreadBase
{
public:
TsHttpRpc();
~TsHttpRpc();
bool init(void);
bool init();
protected:
void _thread_loop(void);
void _thread_loop();
private:
ex_rv _parse_request(struct http_message* req, ex_astr& func_cmd, Json::Value& json_param);
void _process_request(const ex_astr& func_cmd, const Json::Value& json_param, ex_astr& buf);
//void _create_json_ret(ex_astr& buf, Json::Value& jr_root);
void _create_json_ret(ex_astr& buf, int errcode, const Json::Value& jr_data);
void _create_json_ret(ex_astr& buf, int errcode);
static void _create_json_ret(ex_astr& buf, int errcode);
void _create_json_ret(ex_astr& buf, int errcode, const char* message);
// 获取core服务的配置信息主要是支持的各个协议是否启用以及其端口号等
void _rpc_func_get_config(const Json::Value& json_param, ex_astr& buf);
// set run-time configuration, like no-op-timeout.
void _rpc_func_set_config(const Json::Value& json_param, ex_astr& buf);
// 请求一个会话ID
void _rpc_func_request_session(const Json::Value& json_param, ex_astr& buf);
// 强行终止会话
void _rpc_func_kill_sessions(const Json::Value& json_param, ex_astr& buf);
// 加密一个字符串返回的是密文的BASE64编码
void _rpc_func_enc(const Json::Value& json_param, ex_astr& buf);
// 要求整个核心服务退出
void _rpc_func_exit(const Json::Value& json_param, ex_astr& buf);
static void _mg_event_handler(struct mg_connection *nc, int ev, void *ev_data);
static void _mg_event_handler(struct mg_connection* nc, int ev, void* ev_data);
private:
ex_astr m_host_ip;

9
server/tp_core/core/ts_main.cpp
View File

@ -3,6 +3,7 @@
#include "ts_http_rpc.h"
#include "ts_web_rpc.h"
#include "ts_env.h"
#include "ts_ver.h"
#include "tp_tpp_mgr.h"
#include <mbedtls/platform.h>
@ -103,10 +104,10 @@ bool tpp_session_end(const char* sid, int db_id, int ret) {
int ts_main() {
ExIniFile& ini = g_env.get_ini();
EXLOGI("\n");
EXLOGI("###############################################################\n");
EXLOGI(L"Load config file: %ls.\n", ini.get_filename().c_str());
EXLOGI("Teleport Core Server starting ...\n");
EXLOGW("\n");
EXLOGW("###############################################################\n");
EXLOGW(L"Teleport Core Server v%ls starting ...\n", TP_SERVER_VER);
EXLOGW(L"Load config file: %ls.\n", ini.get_filename().c_str());
ex_ini_sections& secs = ini.GetAllSections();
TsHttpRpc rpc;

69
server/tp_core/core/ts_session.cpp
View File

@ -7,20 +7,25 @@
TsSessionManager g_session_mgr;
TsSessionManager::TsSessionManager() :
ExThreadBase("sid-mgr-thread") {
ExThreadBase("sid-mgr-thread")
{
}
TsSessionManager::~TsSessionManager() {
TsSessionManager::~TsSessionManager()
{
auto it_conn = m_connections.begin();
for (; it_conn != m_connections.end(); ++it_conn) {
for (; it_conn != m_connections.end(); ++it_conn)
{
EXLOGD("[core] m_connections not clean: %s, %s\n", it_conn->first.c_str(), it_conn->second->acc_username.c_str());
delete it_conn->second;
}
m_connections.clear();
}
void TsSessionManager::_thread_loop() {
for (;;) {
void TsSessionManager::_thread_loop()
{
for (;;)
{
ex_sleep_ms(1000);
if (m_need_stop)
return;
@ -28,28 +33,33 @@ void TsSessionManager::_thread_loop() {
}
}
void TsSessionManager::_remove_expired_connect_info() {
void TsSessionManager::_remove_expired_connect_info()
{
// 超过15秒未进行连接的connect-info会被移除
ExThreadSmartLock locker(m_lock);
ex_u64 _now = ex_get_tick_count();
auto it = m_connections.begin();
for (; it != m_connections.end();) {
for (; it != m_connections.end();)
{
//EXLOGD("[core] check expired connect info: [%s] %d, %d %d %d\n", it->first.c_str(), it->second->ref_count, int(_now), int(it->second->ticket_start), int(_now - it->second->ticket_start));
if (it->second->ref_count == 0 && _now - 15000 > it->second->ticket_start) {
if (it->second->ref_count == 0 && _now - 15000 > it->second->ticket_start)
{
EXLOGD("[core] remove connection info, because timeout: %s\n", it->first.c_str());
delete it->second;
m_connections.erase(it++);
EXLOGD("[core] there are %d connection info exists.\n", m_connections.size());
}
else {
else
{
++it;
}
}
}
bool TsSessionManager::get_connect_info(const ex_astr& sid, TS_CONNECT_INFO& info) {
bool TsSessionManager::get_connect_info(const ex_astr& sid, TS_CONNECT_INFO& info)
{
ExThreadSmartLock locker(m_lock);
auto it = m_connections.find(sid);
@ -80,7 +90,8 @@ bool TsSessionManager::get_connect_info(const ex_astr& sid, TS_CONNECT_INFO& inf
return true;
}
bool TsSessionManager::free_connect_info(const ex_astr& sid) {
bool TsSessionManager::free_connect_info(const ex_astr& sid)
{
ExThreadSmartLock locker(m_lock);
auto it = m_connections.find(sid);
@ -91,15 +102,18 @@ bool TsSessionManager::free_connect_info(const ex_astr& sid) {
// 对于RDP来说此时不要移除连接信息系统自带RDP客户端在第一次连接时进行协议协商然后马上会断开之后立即重新连接一次第二次连接之前可能会提示证书信息如果用户长时间不操作可能会导致超时
// 因此,我们将其引用计数减低,并更新一下最后访问时间,让定时器来移除它。
if (it->second->protocol_type != TP_PROTOCOL_TYPE_RDP) {
if (it->second->ref_count <= 0) {
if (it->second->protocol_type != TP_PROTOCOL_TYPE_RDP)
{
if (it->second->ref_count <= 0)
{
EXLOGD("[core] remove connection info, because all connections closed: %s\n", it->first.c_str());
delete it->second;
m_connections.erase(it);
EXLOGD("[core] there are %d connection info exists.\n", m_connections.size());
}
}
else {
else
{
if (it->second->ref_count == 1)
it->second->ref_count = 0;
it->second->ticket_start = ex_get_tick_count() + 45000; // 我们将时间向后移动45秒这样如果没有发生RDP的第二次连接这个连接信息就会在一分钟后被清除。
@ -109,7 +123,8 @@ bool TsSessionManager::free_connect_info(const ex_astr& sid) {
return true;
}
bool TsSessionManager::request_session(ex_astr& sid, TS_CONNECT_INFO* info) {
bool TsSessionManager::request_session(ex_astr& sid, TS_CONNECT_INFO* info)
{
ExThreadSmartLock locker(m_lock);
EXLOGD(
@ -121,7 +136,8 @@ bool TsSessionManager::request_session(ex_astr& sid, TS_CONNECT_INFO* info) {
ex_astr _sid;
int retried = 0;
ts_connections::iterator it;
for (;;) {
for (;;)
{
_gen_session_id(_sid, info, 6);
it = m_connections.find(_sid);
if (it == m_connections.end())
@ -138,17 +154,19 @@ bool TsSessionManager::request_session(ex_astr& sid, TS_CONNECT_INFO* info) {
m_connections.insert(std::make_pair(_sid, info));
sid = _sid;
if (info->protocol_type == TP_PROTOCOL_TYPE_RDP) {
if (info->protocol_type == TP_PROTOCOL_TYPE_RDP)
{
info->ref_count = 1; // 因为RDP连接之前可能会有很长时间用于确认是否连接、是否信任证书所以很容易超时我们认为将引用计数+1防止因超时被清除。
char szTmp[8] = {0};
snprintf(szTmp, 8, "%02X", (unsigned char) (info->acc_username.length() + info->acc_secret.length()));
snprintf(szTmp, 8, "%02X", (unsigned char)(info->acc_username.length() + info->acc_secret.length()));
sid += szTmp;
}
return true;
}
void TsSessionManager::_gen_session_id(ex_astr& sid, const TS_CONNECT_INFO* info, int len) {
void TsSessionManager::_gen_session_id(ex_astr& sid, const TS_CONNECT_INFO* info, int len)
{
mbedtls_sha1_context sha;
ex_u8 sha_digist[20] = {0};
@ -157,11 +175,11 @@ void TsSessionManager::_gen_session_id(ex_astr& sid, const TS_CONNECT_INFO* info
mbedtls_sha1_init(&sha);
mbedtls_sha1_starts(&sha);
mbedtls_sha1_update(&sha, (const unsigned char*) &_tick, sizeof(ex_u64));
mbedtls_sha1_update(&sha, (const unsigned char*) &_tid, sizeof(ex_u64));
mbedtls_sha1_update(&sha, (const unsigned char*) info->conn_ip.c_str(), info->conn_ip.length());
mbedtls_sha1_update(&sha, (const unsigned char*) info->client_ip.c_str(), info->client_ip.length());
mbedtls_sha1_update(&sha, (const unsigned char*) info->acc_username.c_str(), info->acc_username.length());
mbedtls_sha1_update(&sha, (const unsigned char*)&_tick, sizeof(ex_u64));
mbedtls_sha1_update(&sha, (const unsigned char*)&_tid, sizeof(ex_u64));
mbedtls_sha1_update(&sha, (const unsigned char*)info->conn_ip.c_str(), info->conn_ip.length());
mbedtls_sha1_update(&sha, (const unsigned char*)info->client_ip.c_str(), info->client_ip.length());
mbedtls_sha1_update(&sha, (const unsigned char*)info->acc_username.c_str(), info->acc_username.length());
mbedtls_sha1_finish(&sha, sha_digist);
mbedtls_sha1_free(&sha);
@ -169,7 +187,8 @@ void TsSessionManager::_gen_session_id(ex_astr& sid, const TS_CONNECT_INFO* info
int _len = len / 2 + 1;
int i = 0;
int offset = 0;
for (i = 0; i < _len; ++i) {
for (i = 0; i < _len; ++i)
{
snprintf(szTmp + offset, 64 - offset, "%02X", sha_digist[i]);
offset += 2;
}

2
server/tp_core/core/ts_web_rpc.cpp
View File

@ -3,8 +3,6 @@
#include "ts_crypto.h"
#include "ts_http_client.h"
#include "../common/ts_const.h"
#include <ex/ex_str.h>
#include <teleport_const.h>

2
server/tp_core/protocol/ssh/ssh_proxy.cpp
View File

@ -162,7 +162,7 @@ void SshProxy::_thread_loop() {
uint32_t dbg_id = m_dbg_id++;
auto session = new SshSession(this, rs_tp2cli, dbg_id, ip, addr->sin_port);
EXLOGW("[ssh] ------ NEW SSH SESSION [%s from %s:%d] ------\n", session->dbg_name().c_str(), ip, addr->sin_port);
EXLOGW("[ssh] ------ NEW SSH SESSION [%s from %s] ------\n", session->dbg_name().c_str(), session->dbg_client().c_str());
{
ExThreadSmartLock locker(m_lock);

7
server/tp_core/protocol/ssh/ssh_session.cpp
View File

@ -604,6 +604,13 @@ int SshSession::_do_auth(const char* user, const char* secret)
}
else
{
// 如果第一次认证时没有确定目标远程主机IP和端口例如session-id无效则不再继续后面的操作
if(m_conn_ip.empty() || m_conn_port == 0)
{
EXLOGE("[%s] second auth, user: %s, no remote host info, can not connect.\n", m_dbg_name.c_str(), user);
return SSH_AUTH_DENIED;
}
// 允许用户自行输入密码的情况下第二次认证参数secret就是用户自己输入的密码了。
m_acc_secret = secret;
}