From b43fbc43825b44bc435cbd59d00adb4c3af1b12a Mon Sep 17 00:00:00 2001 From: Apex Liu Date: Thu, 7 Sep 2017 02:47:08 +0800 Subject: [PATCH] =?UTF-8?q?=E9=85=8D=E5=90=88WEB=E7=95=8C=E9=9D=A2?= =?UTF-8?q?=E8=B0=83=E6=95=B4=E4=B8=80=E4=BA=9B=E4=BC=9A=E8=AF=9D=E5=8F=82?= =?UTF-8?q?=E6=95=B0=E3=80=82?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- common/teleport/teleport_const.h | 2 +- server/tp_core/common/base_record.h | 10 +-- server/tp_core/common/protocol_interface.h | 17 ++-- server/tp_core/core/ts_main.cpp | 50 +++++------ server/tp_core/core/ts_session.cpp | 24 ++--- server/tp_core/core/ts_session.h | 17 ++-- server/tp_core/core/ts_web_rpc.cpp | 95 ++++++++++---------- server/tp_core/protocol/ssh/ssh_recorder.cpp | 14 +-- server/tp_core/protocol/ssh/ssh_session.cpp | 44 ++++----- server/tp_core/protocol/ssh/ssh_session.h | 8 +- 10 files changed, 139 insertions(+), 142 deletions(-) diff --git a/common/teleport/teleport_const.h b/common/teleport/teleport_const.h index 92dd96e..ffae67d 100644 --- a/common/teleport/teleport_const.h +++ b/common/teleport/teleport_const.h @@ -96,7 +96,7 @@ #define TPE_SYS_MAINTENANCE 10003 // 系统维护中 #define TPE_USER_LOCKED 10100 // 用户已经被锁定(连续多次错误密码) -#define TPE_USER_BAN 10101 // 用户已经被禁用 +#define TPE_USER_DISABLED 10101 // 用户已经被禁用 #define TPE_USER_AUTH 10102 // 身份验证失败 //------------------------------------------------------- diff --git a/server/tp_core/common/base_record.h b/server/tp_core/common/base_record.h index e060835..d6d1b7c 100644 --- a/server/tp_core/common/base_record.h +++ b/server/tp_core/common/base_record.h @@ -30,12 +30,12 @@ typedef struct TS_RECORD_HEADER_BASIC ex_u64 timestamp; // 本次录像的起始时间(UTC时间戳) ex_u16 width; // 初始屏幕尺寸:宽 ex_u16 height; // 初始屏幕尺寸:高 - char user_name[32]; // teleport账号 - char account_name[32]; // 远程主机用户名 + char user_username[32]; // teleport账号 + char acc_username[32]; // 远程主机用户名 - char real_remote_host_ip[40]; // 远程主机IP - char remote_host_ip[40]; // 远程主机IP - ex_u16 remote_host_port; // 远程主机端口 + char host_ip[40]; // 远程主机IP + char conn_ip[40]; // 远程主机IP + ex_u16 conn_port; // 远程主机端口 char client_ip[40]; // 客户端IP diff --git a/server/tp_core/common/protocol_interface.h b/server/tp_core/common/protocol_interface.h index 19b5e33..49966ce 100644 --- a/server/tp_core/common/protocol_interface.h +++ b/server/tp_core/common/protocol_interface.h @@ -21,25 +21,24 @@ typedef struct TPP_CONNECT_INFO // 与此连接信息相关的三个要素的ID int user_id; int host_id; - int account_id; + int acc_id; - char* user_name; // 申请本次连接的用户名 + char* user_username; // 申请本次连接的用户名 - char* real_remote_host_ip; // 真正的远程主机IP(如果是直接连接模式,则与remote_host_ip相同) - char* remote_host_ip; // 要连接的远程主机的IP(如果是端口映射模式,则为路由主机的IP) - int remote_host_port; // 要连接的远程主机的端口(如果是端口映射模式,则为路由主机的端口) + char* host_ip; // 真正的远程主机IP(如果是直接连接模式,则与remote_host_ip相同) + char* conn_ip; // 要连接的远程主机的IP(如果是端口映射模式,则为路由主机的IP) + int conn_port; // 要连接的远程主机的端口(如果是端口映射模式,则为路由主机的端口) char* client_ip; - char* account_name; // 远程主机的账号 - char* account_secret; // 远程主机账号的密码(或者私钥) - //char* account_param; + char* acc_username; // 远程主机的账号 + char* acc_secret; // 远程主机账号的密码(或者私钥) char* username_prompt; // for telnet char* password_prompt; // for telnet int protocol_type; int protocol_sub_type; + int protocol_flag; int auth_type; - int connect_flag; }TPP_CONNECT_INFO; typedef TPP_CONNECT_INFO* (*TPP_GET_CONNNECT_INFO_FUNC)(const char* sid); diff --git a/server/tp_core/core/ts_main.cpp b/server/tp_core/core/ts_main.cpp index 4527017..386bb63 100644 --- a/server/tp_core/core/ts_main.cpp +++ b/server/tp_core/core/ts_main.cpp @@ -20,18 +20,18 @@ TPP_CONNECT_INFO* tpp_get_connect_info(const char* sid) info->sid = (char*)calloc(1, sinfo.sid.length() + 1); ex_strcpy(info->sid, sinfo.sid.length() + 1, sinfo.sid.c_str()); - info->user_name = (char*)calloc(1, sinfo.user_name.length() + 1); - ex_strcpy(info->user_name, sinfo.user_name.length() + 1, sinfo.user_name.c_str()); - info->real_remote_host_ip = (char*)calloc(1, sinfo.real_remote_host_ip.length() + 1); - ex_strcpy(info->real_remote_host_ip, sinfo.real_remote_host_ip.length() + 1, sinfo.real_remote_host_ip.c_str()); - info->remote_host_ip = (char*)calloc(1, sinfo.remote_host_ip.length() + 1); - ex_strcpy(info->remote_host_ip, sinfo.remote_host_ip.length() + 1, sinfo.remote_host_ip.c_str()); + info->user_username = (char*)calloc(1, sinfo.user_username.length() + 1); + ex_strcpy(info->user_username, sinfo.user_username.length() + 1, sinfo.user_username.c_str()); + info->host_ip = (char*)calloc(1, sinfo.host_ip.length() + 1); + ex_strcpy(info->host_ip, sinfo.host_ip.length() + 1, sinfo.host_ip.c_str()); + info->conn_ip = (char*)calloc(1, sinfo.conn_ip.length() + 1); + ex_strcpy(info->conn_ip, sinfo.conn_ip.length() + 1, sinfo.conn_ip.c_str()); info->client_ip = (char*)calloc(1, sinfo.client_ip.length() + 1); ex_strcpy(info->client_ip, sinfo.client_ip.length() + 1, sinfo.client_ip.c_str()); - info->account_name = (char*)calloc(1, sinfo.account_name.length() + 1); - ex_strcpy(info->account_name, sinfo.account_name.length() + 1, sinfo.account_name.c_str()); - info->account_secret = (char*)calloc(1, sinfo.account_secret.length() + 1); - ex_strcpy(info->account_secret, sinfo.account_secret.length() + 1, sinfo.account_secret.c_str()); + info->acc_username = (char*)calloc(1, sinfo.acc_username.length() + 1); + ex_strcpy(info->acc_username, sinfo.acc_username.length() + 1, sinfo.acc_username.c_str()); + info->acc_secret = (char*)calloc(1, sinfo.acc_secret.length() + 1); + ex_strcpy(info->acc_secret, sinfo.acc_secret.length() + 1, sinfo.acc_secret.c_str()); info->username_prompt = (char*)calloc(1, sinfo.username_prompt.length() + 1); ex_strcpy(info->username_prompt, sinfo.username_prompt.length() + 1, sinfo.username_prompt.c_str()); info->password_prompt = (char*)calloc(1, sinfo.password_prompt.length() + 1); @@ -39,12 +39,12 @@ TPP_CONNECT_INFO* tpp_get_connect_info(const char* sid) info->user_id = sinfo.user_id; info->host_id = sinfo.host_id; - info->account_id = sinfo.account_id; - info->remote_host_port = sinfo.remote_host_port; + info->acc_id = sinfo.acc_id; + info->conn_port = sinfo.conn_port; info->protocol_type = sinfo.protocol_type; info->protocol_sub_type = sinfo.protocol_sub_type; + info->protocol_flag = sinfo.protocol_flag; info->auth_type= sinfo.auth_type; - info->connect_flag = sinfo.connect_flag; return info; } @@ -55,12 +55,12 @@ void tpp_free_connect_info(TPP_CONNECT_INFO* info) return; free(info->sid); - free(info->user_name); - free(info->real_remote_host_ip); - free(info->remote_host_ip); + free(info->user_username); + free(info->host_ip); + free(info->conn_ip); free(info->client_ip); - free(info->account_name); - free(info->account_secret); + free(info->acc_username); + free(info->acc_secret); free(info->username_prompt); free(info->password_prompt); free(info); @@ -75,18 +75,18 @@ bool tpp_session_begin(const TPP_CONNECT_INFO* info, int* db_id) sinfo.sid = info->sid; sinfo.user_id = info->user_id; sinfo.host_id = info->host_id; - sinfo.account_id = info->account_id; - sinfo.user_name = info->user_name; - sinfo.real_remote_host_ip = info->real_remote_host_ip; - sinfo.remote_host_ip = info->remote_host_ip; + sinfo.acc_id = info->acc_id; + sinfo.user_username = info->user_username; + sinfo.host_ip = info->host_ip; + sinfo.conn_ip = info->conn_ip; sinfo.client_ip = info->client_ip; - sinfo.account_name = info->account_name; + sinfo.acc_username = info->acc_username; - sinfo.remote_host_port = info->remote_host_port; + sinfo.conn_port = info->conn_port; sinfo.protocol_type = info->protocol_type; sinfo.protocol_sub_type = info->protocol_sub_type; + //sinfo.protocol_flag = info->protocol_flag; sinfo.auth_type = info->auth_type; - //sinfo.connect_flag = info->connect_flag; return ts_web_rpc_session_begin(sinfo, *db_id); } diff --git a/server/tp_core/core/ts_session.cpp b/server/tp_core/core/ts_session.cpp index df3378b..f2996c4 100644 --- a/server/tp_core/core/ts_session.cpp +++ b/server/tp_core/core/ts_session.cpp @@ -76,19 +76,19 @@ bool TsSessionManager::get_connect_info(const ex_astr& sid, TS_CONNECT_INFO& inf info.sid = it->second->sid; info.user_id = it->second->user_id; info.host_id = it->second->host_id; - info.account_id = it->second->account_id; - info.user_name = it->second->user_name; - info.real_remote_host_ip = it->second->real_remote_host_ip; - info.remote_host_ip = it->second->remote_host_ip; - info.remote_host_port = it->second->remote_host_port; + info.acc_id = it->second->acc_id; + info.user_username = it->second->user_username; + info.host_ip = it->second->host_ip; + info.conn_ip = it->second->conn_ip; + info.conn_port = it->second->conn_port; info.client_ip = it->second->client_ip; - info.account_name = it->second->account_name; - info.account_secret = it->second->account_secret; + info.acc_username = it->second->acc_username; + info.acc_secret = it->second->acc_secret; info.username_prompt = it->second->username_prompt; info.password_prompt = it->second->password_prompt; - info.connect_flag = it->second->connect_flag; info.protocol_type = it->second->protocol_type; info.protocol_sub_type = it->second->protocol_sub_type; + info.protocol_flag = it->second->protocol_flag; info.auth_type = it->second->auth_type; it->second->ref_count++; @@ -100,7 +100,7 @@ bool TsSessionManager::request_session(ex_astr& sid, TS_CONNECT_INFO* info) { ExThreadSmartLock locker(m_lock); - EXLOGD("[core] request session: account: [%s], protocol: [%d], auth-mode: [%d]\n", info->account_name.c_str(), info->protocol_type, info->auth_type); + EXLOGD("[core] request session: account: [%s], protocol: [%d], auth-mode: [%d]\n", info->acc_username.c_str(), info->protocol_type, info->auth_type); ex_astr _sid; int retried = 0; @@ -124,7 +124,7 @@ bool TsSessionManager::request_session(ex_astr& sid, TS_CONNECT_INFO* info) if (info->protocol_type == TP_PROTOCOL_TYPE_RDP) { char szTmp[8] = { 0 }; - snprintf(szTmp, 8, "%02X", (unsigned char)(info->account_name.length() + info->account_secret.length())); + snprintf(szTmp, 8, "%02X", (unsigned char)(info->acc_username.length() + info->acc_secret.length())); sid += szTmp; } @@ -143,9 +143,9 @@ void TsSessionManager::_gen_session_id(ex_astr& sid, const TS_CONNECT_INFO* info mbedtls_sha1_starts(&sha); mbedtls_sha1_update(&sha, (const unsigned char*)&_tick, sizeof(ex_u64)); mbedtls_sha1_update(&sha, (const unsigned char*)&_tid, sizeof(ex_u64)); - mbedtls_sha1_update(&sha, (const unsigned char*)info->remote_host_ip.c_str(), info->remote_host_ip.length()); + mbedtls_sha1_update(&sha, (const unsigned char*)info->conn_ip.c_str(), info->conn_ip.length()); mbedtls_sha1_update(&sha, (const unsigned char*)info->client_ip.c_str(), info->client_ip.length()); - mbedtls_sha1_update(&sha, (const unsigned char*)info->account_name.c_str(), info->account_name.length()); + mbedtls_sha1_update(&sha, (const unsigned char*)info->acc_username.c_str(), info->acc_username.length()); mbedtls_sha1_finish(&sha, sha_digist); mbedtls_sha1_free(&sha); diff --git a/server/tp_core/core/ts_session.h b/server/tp_core/core/ts_session.h index c459af2..efc9040 100644 --- a/server/tp_core/core/ts_session.h +++ b/server/tp_core/core/ts_session.h @@ -13,25 +13,24 @@ typedef struct TS_CONNECT_INFO // 与此连接信息相关的三个要素的ID int user_id; int host_id; - int account_id; + int acc_id; - ex_astr user_name;// 申请本次连接的用户名 + ex_astr user_username;// 申请本次连接的用户名 - ex_astr real_remote_host_ip;// 真正的远程主机IP(如果是直接连接模式,则与remote_host_ip相同) - ex_astr remote_host_ip;// 要连接的远程主机的IP(如果是端口映射模式,则为路由主机的IP) - int remote_host_port;// 要连接的远程主机的端口(如果是端口映射模式,则为路由主机的端口) + ex_astr host_ip;// 真正的远程主机IP(如果是直接连接模式,则与remote_host_ip相同) + ex_astr conn_ip;// 要连接的远程主机的IP(如果是端口映射模式,则为路由主机的IP) + int conn_port;// 要连接的远程主机的端口(如果是端口映射模式,则为路由主机的端口) ex_astr client_ip; - ex_astr account_name; // 远程主机的账号 - ex_astr account_secret; // 远程主机账号的密码(或者私钥) + ex_astr acc_username; // 远程主机的账号 + ex_astr acc_secret; // 远程主机账号的密码(或者私钥) ex_astr username_prompt;// for telnet ex_astr password_prompt;// for telnet int protocol_type; int protocol_sub_type; + int protocol_flag; int auth_type; - int connect_flag; - //int sys_type; int ref_count;// 这个连接信息的引用计数,如果创建的连接信息从来未被使用,则超过30秒后自动销毁 ex_u64 ticket_start;// 此连接信息的创建时间(用于超时未使用就销毁的功能) diff --git a/server/tp_core/core/ts_web_rpc.cpp b/server/tp_core/core/ts_web_rpc.cpp index c52e70e..d5a2425 100644 --- a/server/tp_core/core/ts_web_rpc.cpp +++ b/server/tp_core/core/ts_web_rpc.cpp @@ -70,20 +70,20 @@ int ts_web_rpc_get_conn_info(int conn_id, TS_CONNECT_INFO& info) if ( !_jret["user_id"].isInt() || !_jret["host_id"].isInt() - || !_jret["account_id"].isInt() - || !_jret["remote_host_port"].isInt() + || !_jret["acc_id"].isInt() + || !_jret["conn_port"].isInt() || !_jret["protocol_type"].isInt() || !_jret["protocol_sub_type"].isInt() || !_jret["auth_type"].isInt() - || !_jret["connect_flag"].isInt() + || !_jret["protocol_flag"].isInt() || !_jret["_enc"].isInt() - || !_jret["user_name"].isString() - || !_jret["real_remote_host_ip"].isString() - || !_jret["remote_host_ip"].isString() + || !_jret["user_username"].isString() + || !_jret["host_ip"].isString() + || !_jret["conn_ip"].isString() || !_jret["client_ip"].isString() - || !_jret["account_name"].isString() - || !_jret["account_secret"].isString() + || !_jret["acc_username"].isString() + || !_jret["acc_secret"].isString() || !_jret["username_prompt"].isString() || !_jret["password_prompt"].isString() ) @@ -94,37 +94,37 @@ int ts_web_rpc_get_conn_info(int conn_id, TS_CONNECT_INFO& info) int user_id; int host_id; - int account_id; - ex_astr user_name;// 申请本次连接的用户名 - ex_astr real_remote_host_ip;// 真正的远程主机IP(如果是直接连接模式,则与remote_host_ip相同) - ex_astr remote_host_ip;// 要连接的远程主机的IP(如果是端口映射模式,则为路由主机的IP) - int remote_host_port;// 要连接的远程主机的端口(如果是端口映射模式,则为路由主机的端口) + int acc_id; + ex_astr user_username;// 申请本次连接的用户名 + ex_astr host_ip;// 真正的远程主机IP(如果是直接连接模式,则与remote_host_ip相同) + ex_astr conn_ip;// 要连接的远程主机的IP(如果是端口映射模式,则为路由主机的IP) + int conn_port;// 要连接的远程主机的端口(如果是端口映射模式,则为路由主机的端口) ex_astr client_ip; - ex_astr account_name; // 远程主机的账号 - ex_astr account_secret;// 远程主机账号的密码(或者私钥) + ex_astr acc_username; // 远程主机的账号 + ex_astr acc_secret;// 远程主机账号的密码(或者私钥) ex_astr username_prompt; ex_astr password_prompt; - int protocol_type; - int protocol_sub_type; - int auth_type; - int connect_flag; + int protocol_type = 0; + int protocol_sub_type = 0; + int auth_type = 0; + int protocol_flag = 0; bool _enc; user_id = _jret["user_id"].asInt(); host_id = _jret["host_id"].asInt(); - account_id = _jret["account_id"].asInt(); - user_name = _jret["user_name"].asString(); - real_remote_host_ip = _jret["real_remote_host_ip"].asString(); - remote_host_ip = _jret["remote_host_ip"].asString(); - remote_host_port = _jret["remote_host_port"].asInt(); + acc_id = _jret["acc_id"].asInt(); + user_username = _jret["user_username"].asString(); + host_ip = _jret["host_ip"].asString(); + conn_ip = _jret["conn_ip"].asString(); + conn_port = _jret["conn_port"].asInt(); client_ip = _jret["client_ip"].asString(); - account_name = _jret["account_name"].asString(); - account_secret = _jret["account_secret"].asString(); + acc_username = _jret["acc_username"].asString(); + acc_secret = _jret["acc_secret"].asString(); username_prompt = _jret["username_prompt"].asString(); password_prompt = _jret["password_prompt"].asString(); protocol_type = _jret["protocol_type"].asInt(); protocol_sub_type = _jret["protocol_sub_type"].asInt(); - connect_flag = _jret["connect_flag"].asInt(); + protocol_flag = _jret["protocol_flag"].asInt(); auth_type = _jret["auth_type"].asInt(); _enc = _jret["_enc"].asBool(); @@ -132,11 +132,10 @@ int ts_web_rpc_get_conn_info(int conn_id, TS_CONNECT_INFO& info) // 进一步判断参数是否合法 // 注意,account_id可以为-1,表示这是一次测试连接。 if (user_id <= 0 || host_id <= 0 - || user_name.length() == 0 - || real_remote_host_ip.length() == 0 || remote_host_ip.length() == 0 || client_ip.length() == 0 - || remote_host_port <= 0 || remote_host_port >= 65535 - || account_name.length() == 0 || account_secret.length() == 0 - || connect_flag == 0 + || user_username.length() == 0 + || host_ip.length() == 0 || conn_ip.length() == 0 || client_ip.length() == 0 + || conn_port <= 0 || conn_port >= 65535 + || acc_username.length() == 0 || acc_secret.length() == 0 || !(protocol_type == TP_PROTOCOL_TYPE_RDP || protocol_type == TP_PROTOCOL_TYPE_SSH || protocol_type == TP_PROTOCOL_TYPE_TELNET) || !(auth_type == TP_AUTH_TYPE_NONE || auth_type == TP_AUTH_TYPE_PASSWORD || auth_type == TP_AUTH_TYPE_PRIVATE_KEY) ) @@ -146,28 +145,28 @@ int ts_web_rpc_get_conn_info(int conn_id, TS_CONNECT_INFO& info) if (_enc) { ex_astr _auth; - if (!ts_db_field_decrypt(account_secret, _auth)) + if (!ts_db_field_decrypt(acc_secret, _auth)) return TPE_FAILED; - account_secret = _auth; + acc_secret = _auth; } info.user_id = user_id; info.host_id = host_id; - info.account_id = account_id; - info.user_name = user_name; - info.real_remote_host_ip = real_remote_host_ip; - info.remote_host_ip = remote_host_ip; - info.remote_host_port = remote_host_port; + info.acc_id = acc_id; + info.user_username = user_username; + info.host_ip = host_ip; + info.conn_ip = conn_ip; + info.conn_port = conn_port; info.client_ip = client_ip; - info.account_name = account_name; - info.account_secret = account_secret; + info.acc_username = acc_username; + info.acc_secret = acc_secret; info.username_prompt = username_prompt; info.password_prompt = password_prompt; info.protocol_type = protocol_type; info.protocol_sub_type = protocol_sub_type; info.auth_type = auth_type; - info.connect_flag = connect_flag; + info.protocol_flag = protocol_flag; return TPE_OK; } @@ -181,14 +180,14 @@ bool ts_web_rpc_session_begin(TS_CONNECT_INFO& info, int& record_id) jreq["param"]["sid"] = info.sid.c_str(); jreq["param"]["user_id"] = info.user_id; jreq["param"]["host_id"] = info.host_id; - jreq["param"]["account_id"] = info.account_id; - jreq["param"]["user_name"] = info.user_name.c_str(); - jreq["param"]["account_name"] = info.account_name.c_str(); - jreq["param"]["real_remote_host_ip"] = info.real_remote_host_ip.c_str(); - jreq["param"]["remote_host_ip"] = info.remote_host_ip.c_str(); + jreq["param"]["acc_id"] = info.acc_id; + jreq["param"]["user_username"] = info.user_username.c_str(); + jreq["param"]["acc_username"] = info.acc_username.c_str(); + jreq["param"]["host_ip"] = info.host_ip.c_str(); + jreq["param"]["conn_ip"] = info.conn_ip.c_str(); jreq["param"]["client_ip"] = info.client_ip.c_str(); //jreq["param"]["sys_type"] = info.sys_type; - jreq["param"]["remote_host_port"] = info.remote_host_port; + jreq["param"]["conn_port"] = info.conn_port; jreq["param"]["auth_type"] = info.auth_type; jreq["param"]["protocol_type"] = info.protocol_type; jreq["param"]["protocol_sub_type"] = info.protocol_sub_type; diff --git a/server/tp_core/protocol/ssh/ssh_recorder.cpp b/server/tp_core/protocol/ssh/ssh_recorder.cpp index 0fc24f0..ea3bf79 100644 --- a/server/tp_core/protocol/ssh/ssh_recorder.cpp +++ b/server/tp_core/protocol/ssh/ssh_recorder.cpp @@ -24,15 +24,15 @@ void TppSshRec::_on_begin(const TPP_CONNECT_INFO* info) m_head.basic.timestamp = time(NULL); m_head.basic.protocol_type = info->protocol_type; m_head.basic.protocol_sub_type = info->protocol_sub_type; - m_head.basic.remote_host_port = info->remote_host_port; - // memcpy(m_head.account, info.account_name.c_str(), info.account_name.length() > 15 ? 15 : info.account_name.length()); - // memcpy(m_head.username, info.user_name.c_str(), info.user_name.length() > 15 ? 15 : info.user_name.length()); + m_head.basic.conn_port = info->conn_port; + // memcpy(m_head.account, info.acc_username.c_str(), info.acc_username.length() > 15 ? 15 : info.acc_username.length()); + // memcpy(m_head.username, info.user_username.c_str(), info.user_username.length() > 15 ? 15 : info.user_username.length()); // memcpy(m_head.ip, info.host_ip.c_str(), info.host_ip.length() > 17 ? 17 : info.host_ip.length()); - memcpy(m_head.basic.account_name, info->account_name, strlen(info->account_name) >= 31 ? 31 : strlen(info->account_name)); - memcpy(m_head.basic.user_name, info->user_name, strlen(info->user_name) >= 31 ? 31 : strlen(info->user_name)); - memcpy(m_head.basic.real_remote_host_ip, info->real_remote_host_ip, strlen(info->real_remote_host_ip) >= 39 ? 39 : strlen(info->real_remote_host_ip)); - memcpy(m_head.basic.remote_host_ip, info->remote_host_ip, strlen(info->remote_host_ip) >= 39 ? 39 : strlen(info->remote_host_ip)); + memcpy(m_head.basic.acc_username, info->acc_username, strlen(info->acc_username) >= 31 ? 31 : strlen(info->acc_username)); + memcpy(m_head.basic.user_username, info->user_username, strlen(info->user_username) >= 31 ? 31 : strlen(info->user_username)); + memcpy(m_head.basic.host_ip, info->host_ip, strlen(info->host_ip) >= 39 ? 39 : strlen(info->host_ip)); + memcpy(m_head.basic.conn_ip, info->conn_ip, strlen(info->conn_ip) >= 39 ? 39 : strlen(info->conn_ip)); } void TppSshRec::_on_end(void) diff --git a/server/tp_core/protocol/ssh/ssh_session.cpp b/server/tp_core/protocol/ssh/ssh_session.cpp index 4da5d6a..7931a42 100644 --- a/server/tp_core/protocol/ssh/ssh_session.cpp +++ b/server/tp_core/protocol/ssh/ssh_session.cpp @@ -241,22 +241,22 @@ int SshSession::_on_auth_password_request(ssh_session session, const char *user, return SSH_AUTH_DENIED; // } // -// _this->m_remote_host_ip = sftp_info.host_ip; -// _this->m_remote_host_port = sftp_info.host_port; +// _this->m_conn_ip = sftp_info.host_ip; +// _this->m_conn_port = sftp_info.host_port; // _this->m_auth_type = sftp_info.auth_mode; -// _this->m_account_name = sftp_info.user_name; -// _this->m_account_secret = sftp_info.user_auth; +// _this->m_acc_name = sftp_info.user_name; +// _this->m_acc_secret = sftp_info.user_auth; // protocol = TP_PROTOCOL_TYPE_SSH; // // // 因为是从sftp会话得来的登录数据,因此限制本会话只能用于sftp,不允许再使用shell了。 // _this->_enter_sftp_mode(); } else { - _this->m_remote_host_ip = sess_info->remote_host_ip; - _this->m_remote_host_port = sess_info->remote_host_port; + _this->m_conn_ip = sess_info->conn_ip; + _this->m_conn_port = sess_info->conn_port; _this->m_auth_type = sess_info->auth_type; - _this->m_account_name = sess_info->account_name; - _this->m_account_secret = sess_info->account_secret; + _this->m_acc_name = sess_info->acc_username; + _this->m_acc_secret = sess_info->acc_secret; protocol = sess_info->protocol_type; } @@ -280,10 +280,10 @@ int SshSession::_on_auth_password_request(ssh_session session, const char *user, sess_info = NULL; // 现在尝试根据session-id获取得到的信息,连接并登录真正的SSH服务器 - EXLOGV("[ssh] try to connect to real SSH server %s:%d\n", _this->m_remote_host_ip.c_str(), _this->m_remote_host_port); + EXLOGV("[ssh] try to connect to real SSH server %s:%d\n", _this->m_conn_ip.c_str(), _this->m_conn_port); _this->m_srv_session = ssh_new(); - ssh_options_set(_this->m_srv_session, SSH_OPTIONS_HOST, _this->m_remote_host_ip.c_str()); - int port = (int)_this->m_remote_host_port; + ssh_options_set(_this->m_srv_session, SSH_OPTIONS_HOST, _this->m_conn_ip.c_str()); + int port = (int)_this->m_conn_port; ssh_options_set(_this->m_srv_session, SSH_OPTIONS_PORT, &port); #ifdef EX_DEBUG // int flag = SSH_LOG_FUNCTIONS; @@ -291,7 +291,7 @@ int SshSession::_on_auth_password_request(ssh_session session, const char *user, #endif if (_this->m_auth_type != TP_AUTH_TYPE_NONE) - ssh_options_set(_this->m_srv_session, SSH_OPTIONS_USER, _this->m_account_name.c_str()); + ssh_options_set(_this->m_srv_session, SSH_OPTIONS_USER, _this->m_acc_name.c_str()); //#ifdef EX_DEBUG // // int _timeout_us = 500000000; // 5 sec. @@ -304,7 +304,7 @@ int SshSession::_on_auth_password_request(ssh_session session, const char *user, int rc = 0; rc = ssh_connect(_this->m_srv_session); if (rc != SSH_OK) { - EXLOGE("[ssh] can not connect to real SSH server %s:%d. [%d]%s\n", _this->m_remote_host_ip.c_str(), _this->m_remote_host_port, rc, ssh_get_error(_this->m_srv_session)); + EXLOGE("[ssh] can not connect to real SSH server %s:%d. [%d]%s\n", _this->m_conn_ip.c_str(), _this->m_conn_port, rc, ssh_get_error(_this->m_srv_session)); _this->m_have_error = true; _this->m_retcode = TP_SESS_STAT_ERR_CONNECT; return SSH_AUTH_ERROR; @@ -352,9 +352,9 @@ int SshSession::_on_auth_password_request(ssh_session session, const char *user, const char* prompt = ssh_userauth_kbdint_getprompt(_this->m_srv_session, iprompt, &echo); EXLOGV("[ssh] interactive login prompt: %s\n", prompt); - rc = ssh_userauth_kbdint_setanswer(_this->m_srv_session, iprompt, _this->m_account_secret.c_str()); + rc = ssh_userauth_kbdint_setanswer(_this->m_srv_session, iprompt, _this->m_acc_secret.c_str()); if (rc < 0) { - EXLOGE("[ssh] invalid password for interactive mode to login to real SSH server %s:%d.\n", _this->m_remote_host_ip.c_str(), _this->m_remote_host_port); + EXLOGE("[ssh] invalid password for interactive mode to login to real SSH server %s:%d.\n", _this->m_conn_ip.c_str(), _this->m_conn_port); _this->m_have_error = true; _this->m_retcode = TP_SESS_STAT_ERR_AUTH_DENIED; return SSH_AUTH_ERROR; @@ -374,7 +374,7 @@ int SshSession::_on_auth_password_request(ssh_session session, const char *user, } // 不支持交互式登录,则尝试密码方式 - rc = ssh_userauth_password(_this->m_srv_session, NULL, _this->m_account_secret.c_str()); + rc = ssh_userauth_password(_this->m_srv_session, NULL, _this->m_acc_secret.c_str()); if (rc == SSH_AUTH_SUCCESS) { EXLOGW("[ssh] logon with password mode.\n"); _this->m_is_logon = true; @@ -384,14 +384,14 @@ int SshSession::_on_auth_password_request(ssh_session session, const char *user, EXLOGD("[ssh] failed to login with password mode, got %d.\n", rc); } - EXLOGE("[ssh] can not use password mode or interactive mode ot login to real SSH server %s:%d.\n", _this->m_remote_host_ip.c_str(), _this->m_remote_host_port); + EXLOGE("[ssh] can not use password mode or interactive mode ot login to real SSH server %s:%d.\n", _this->m_conn_ip.c_str(), _this->m_conn_port); _this->m_have_error = true; _this->m_retcode = TP_SESS_STAT_ERR_AUTH_DENIED; return SSH_AUTH_ERROR; } else if (_this->m_auth_type == TP_AUTH_TYPE_PRIVATE_KEY) { ssh_key key = NULL; - if (SSH_OK != ssh_pki_import_privkey_base64(_this->m_account_secret.c_str(), NULL, NULL, NULL, &key)) { + if (SSH_OK != ssh_pki_import_privkey_base64(_this->m_acc_secret.c_str(), NULL, NULL, NULL, &key)) { EXLOGE("[ssh] can not import private-key for auth.\n"); _this->m_have_error = true; _this->m_retcode = TP_SESS_STAT_ERR_BAD_SSH_KEY; @@ -407,7 +407,7 @@ int SshSession::_on_auth_password_request(ssh_session session, const char *user, return SSH_AUTH_SUCCESS; } else { - EXLOGE("[ssh] failed to use private-key to login to real SSH server %s:%d.\n", _this->m_remote_host_ip.c_str(), _this->m_remote_host_port); + EXLOGE("[ssh] failed to use private-key to login to real SSH server %s:%d.\n", _this->m_conn_ip.c_str(), _this->m_conn_port); _this->m_have_error = true; _this->m_retcode = TP_SESS_STAT_ERR_AUTH_DENIED; return SSH_AUTH_ERROR; @@ -1045,7 +1045,7 @@ int SshSession::_on_client_channel_subsystem_request(ssh_session session, ssh_ch void SshSession::_enter_sftp_mode(void) { if (!m_is_sftp) { m_is_sftp = true; - m_proxy->add_sftp_session_info(m_sid, m_remote_host_ip, m_remote_host_port, m_account_name, m_account_secret, m_auth_type); + m_proxy->add_sftp_session_info(m_sid, m_conn_ip, m_conn_port, m_acc_name, m_acc_secret, m_auth_type); } } @@ -1126,8 +1126,8 @@ int SshSession::_on_server_channel_data(ssh_session session, ssh_channel channel " - authroized by %s\r\n"\ "=============================================\r\n"\ "\r\n", - _this->m_remote_host_ip.c_str(), - _this->m_remote_host_port, auth_mode + _this->m_conn_ip.c_str(), + _this->m_conn_port, auth_mode ); int buf_len = strlen(buf); diff --git a/server/tp_core/protocol/ssh/ssh_session.h b/server/tp_core/protocol/ssh/ssh_session.h index f3affe5..51cd9d5 100644 --- a/server/tp_core/protocol/ssh/ssh_session.h +++ b/server/tp_core/protocol/ssh/ssh_session.h @@ -102,10 +102,10 @@ private: ex_u16 m_client_port; ex_astr m_sid; - ex_astr m_remote_host_ip; - ex_u16 m_remote_host_port; - ex_astr m_account_name; - ex_astr m_account_secret; + ex_astr m_conn_ip; + ex_u16 m_conn_port; + ex_astr m_acc_name; + ex_astr m_acc_secret; int m_auth_type; bool m_is_first_server_data;