sshportal/pkg/bastion/logtunnel.go

package bastion // import "moul.io/sshportal/pkg/bastion"

import (
	"encoding/binary"
	"errors"
	"io"
	"log"
	"syscall"
	"time"

	"golang.org/x/crypto/ssh"
)

type logTunnel struct {
	host    string
	channel ssh.Channel
	writer  io.WriteCloser
}

type logTunnelForwardData struct {
	DestinationHost string
	DestinationPort uint32
	SourceHost      string
	SourcePort      uint32
}

func writeHeader(fd io.Writer, length int) {
	t := time.Now()

	tv := syscall.NsecToTimeval(t.UnixNano())

	if err := binary.Write(fd, binary.LittleEndian, int32(tv.Sec)); err != nil {
		log.Printf("failed to write log header: %v", err)
	}
	if err := binary.Write(fd, binary.LittleEndian, tv.Usec); err != nil {
		log.Printf("failed to write log header: %v", err)
	}
	if err := binary.Write(fd, binary.LittleEndian, int32(length)); err != nil {
		log.Printf("failed to write log header: %v", err)
	}
}

func newLogTunnel(channel ssh.Channel, writer io.WriteCloser, host string) io.ReadWriteCloser {
	return &logTunnel{
		host:    host,
		channel: channel,
		writer:  writer,
	}
}

func (l *logTunnel) Read(data []byte) (int, error) {
	return 0, errors.New("logTunnel.Read is not implemented")
}

func (l *logTunnel) Write(data []byte) (int, error) {
	writeHeader(l.writer, len(data)+len(l.host+": "))
	if _, err := l.writer.Write([]byte(l.host + ": ")); err != nil {
		log.Printf("failed to write log: %v", err)
	}
	if _, err := l.writer.Write(data); err != nil {
		log.Printf("failed to write log: %v", err)
	}

	return l.channel.Write(data)
}

func (l *logTunnel) Close() error {
	l.writer.Close()

	return l.channel.Close()
}
refactor: split package main sshportal refactor. Focused on splitting up package main into packages main, dbmodels, crypto, and bastion. 2019-01-01 01:39:45 +08:00			`package bastion // import "moul.io/sshportal/pkg/bastion"`
Logtunnel (#1) * * When a new channel is opened we got stuck in the select loop in bastionsession.go, and we couldn't open a new channel. The fix is easy it calls the bastionsession.ChannelHandler in a goroutine, at the cost of some error management. I think this is ok because we can allow a channel to fail on his own. This seems to be * This add the tunnel feature, which use a new concurrent channel. * This add some pcap logging for tunnel. For now it is logged only one way, and the logged ip packet seems buggy. * Add logtunnuel as a package. The logfile format is a tweaked version of ttyrec format file as it will be easy to review the use of human readable tunnel... To get the ChannelHandler work as a go routine I had to deactivate lint errcheck for logcahnnel. I think this could be a problem. What is your thoughts about this ? 2018-01-18 18:20:37 +08:00
			`import (`
			`"encoding/binary"`
build: switch to golangci-lint 2018-11-16 22:44:29 +08:00			`"errors"`
Logtunnel (#1) * * When a new channel is opened we got stuck in the select loop in bastionsession.go, and we couldn't open a new channel. The fix is easy it calls the bastionsession.ChannelHandler in a goroutine, at the cost of some error management. I think this is ok because we can allow a channel to fail on his own. This seems to be * This add the tunnel feature, which use a new concurrent channel. * This add some pcap logging for tunnel. For now it is logged only one way, and the logged ip packet seems buggy. * Add logtunnuel as a package. The logfile format is a tweaked version of ttyrec format file as it will be easy to review the use of human readable tunnel... To get the ChannelHandler work as a go routine I had to deactivate lint errcheck for logcahnnel. I think this could be a problem. What is your thoughts about this ? 2018-01-18 18:20:37 +08:00			`"io"`
build: switch to golangci-lint 2018-11-16 22:44:29 +08:00			`"log"`
Logtunnel (#1) * * When a new channel is opened we got stuck in the select loop in bastionsession.go, and we couldn't open a new channel. The fix is easy it calls the bastionsession.ChannelHandler in a goroutine, at the cost of some error management. I think this is ok because we can allow a channel to fail on his own. This seems to be * This add the tunnel feature, which use a new concurrent channel. * This add some pcap logging for tunnel. For now it is logged only one way, and the logged ip packet seems buggy. * Add logtunnuel as a package. The logfile format is a tweaked version of ttyrec format file as it will be easy to review the use of human readable tunnel... To get the ChannelHandler work as a go routine I had to deactivate lint errcheck for logcahnnel. I think this could be a problem. What is your thoughts about this ? 2018-01-18 18:20:37 +08:00			`"syscall"`
			`"time"`

			`"golang.org/x/crypto/ssh"`
			`)`

			`type logTunnel struct {`
			`host string`
			`channel ssh.Channel`
			`writer io.WriteCloser`
			`}`

refactor: split package main sshportal refactor. Focused on splitting up package main into packages main, dbmodels, crypto, and bastion. 2019-01-01 01:39:45 +08:00			`type logTunnelForwardData struct {`
Logtunnel (#1) * * When a new channel is opened we got stuck in the select loop in bastionsession.go, and we couldn't open a new channel. The fix is easy it calls the bastionsession.ChannelHandler in a goroutine, at the cost of some error management. I think this is ok because we can allow a channel to fail on his own. This seems to be * This add the tunnel feature, which use a new concurrent channel. * This add some pcap logging for tunnel. For now it is logged only one way, and the logged ip packet seems buggy. * Add logtunnuel as a package. The logfile format is a tweaked version of ttyrec format file as it will be easy to review the use of human readable tunnel... To get the ChannelHandler work as a go routine I had to deactivate lint errcheck for logcahnnel. I think this could be a problem. What is your thoughts about this ? 2018-01-18 18:20:37 +08:00			`DestinationHost string`
			`DestinationPort uint32`
chore: use moul.io/sshportal canonical url 2018-11-16 22:36:14 +08:00			`SourceHost string`
			`SourcePort uint32`
Logtunnel (#1) * * When a new channel is opened we got stuck in the select loop in bastionsession.go, and we couldn't open a new channel. The fix is easy it calls the bastionsession.ChannelHandler in a goroutine, at the cost of some error management. I think this is ok because we can allow a channel to fail on his own. This seems to be * This add the tunnel feature, which use a new concurrent channel. * This add some pcap logging for tunnel. For now it is logged only one way, and the logged ip packet seems buggy. * Add logtunnuel as a package. The logfile format is a tweaked version of ttyrec format file as it will be easy to review the use of human readable tunnel... To get the ChannelHandler work as a go routine I had to deactivate lint errcheck for logcahnnel. I think this could be a problem. What is your thoughts about this ? 2018-01-18 18:20:37 +08:00			`}`

			`func writeHeader(fd io.Writer, length int) {`
			`t := time.Now()`

			`tv := syscall.NsecToTimeval(t.UnixNano())`

build: switch to golangci-lint 2018-11-16 22:44:29 +08:00			`if err := binary.Write(fd, binary.LittleEndian, int32(tv.Sec)); err != nil {`
			`log.Printf("failed to write log header: %v", err)`
			`}`
			`if err := binary.Write(fd, binary.LittleEndian, tv.Usec); err != nil {`
			`log.Printf("failed to write log header: %v", err)`
			`}`
			`if err := binary.Write(fd, binary.LittleEndian, int32(length)); err != nil {`
			`log.Printf("failed to write log header: %v", err)`
			`}`
Logtunnel (#1) * * When a new channel is opened we got stuck in the select loop in bastionsession.go, and we couldn't open a new channel. The fix is easy it calls the bastionsession.ChannelHandler in a goroutine, at the cost of some error management. I think this is ok because we can allow a channel to fail on his own. This seems to be * This add the tunnel feature, which use a new concurrent channel. * This add some pcap logging for tunnel. For now it is logged only one way, and the logged ip packet seems buggy. * Add logtunnuel as a package. The logfile format is a tweaked version of ttyrec format file as it will be easy to review the use of human readable tunnel... To get the ChannelHandler work as a go routine I had to deactivate lint errcheck for logcahnnel. I think this could be a problem. What is your thoughts about this ? 2018-01-18 18:20:37 +08:00			`}`

refactor: split package main sshportal refactor. Focused on splitting up package main into packages main, dbmodels, crypto, and bastion. 2019-01-01 01:39:45 +08:00			`func newLogTunnel(channel ssh.Channel, writer io.WriteCloser, host string) io.ReadWriteCloser {`
Logtunnel (#1) * * When a new channel is opened we got stuck in the select loop in bastionsession.go, and we couldn't open a new channel. The fix is easy it calls the bastionsession.ChannelHandler in a goroutine, at the cost of some error management. I think this is ok because we can allow a channel to fail on his own. This seems to be * This add the tunnel feature, which use a new concurrent channel. * This add some pcap logging for tunnel. For now it is logged only one way, and the logged ip packet seems buggy. * Add logtunnuel as a package. The logfile format is a tweaked version of ttyrec format file as it will be easy to review the use of human readable tunnel... To get the ChannelHandler work as a go routine I had to deactivate lint errcheck for logcahnnel. I think this could be a problem. What is your thoughts about this ? 2018-01-18 18:20:37 +08:00			`return &logTunnel{`
chore: use moul.io/sshportal canonical url 2018-11-16 22:36:14 +08:00			`host: host,`
Logtunnel (#1) * * When a new channel is opened we got stuck in the select loop in bastionsession.go, and we couldn't open a new channel. The fix is easy it calls the bastionsession.ChannelHandler in a goroutine, at the cost of some error management. I think this is ok because we can allow a channel to fail on his own. This seems to be * This add the tunnel feature, which use a new concurrent channel. * This add some pcap logging for tunnel. For now it is logged only one way, and the logged ip packet seems buggy. * Add logtunnuel as a package. The logfile format is a tweaked version of ttyrec format file as it will be easy to review the use of human readable tunnel... To get the ChannelHandler work as a go routine I had to deactivate lint errcheck for logcahnnel. I think this could be a problem. What is your thoughts about this ? 2018-01-18 18:20:37 +08:00			`channel: channel,`
			`writer: writer,`
			`}`
			`}`

			`func (l *logTunnel) Read(data []byte) (int, error) {`
build: switch to golangci-lint 2018-11-16 22:44:29 +08:00			`return 0, errors.New("logTunnel.Read is not implemented")`
Logtunnel (#1) * * When a new channel is opened we got stuck in the select loop in bastionsession.go, and we couldn't open a new channel. The fix is easy it calls the bastionsession.ChannelHandler in a goroutine, at the cost of some error management. I think this is ok because we can allow a channel to fail on his own. This seems to be * This add the tunnel feature, which use a new concurrent channel. * This add some pcap logging for tunnel. For now it is logged only one way, and the logged ip packet seems buggy. * Add logtunnuel as a package. The logfile format is a tweaked version of ttyrec format file as it will be easy to review the use of human readable tunnel... To get the ChannelHandler work as a go routine I had to deactivate lint errcheck for logcahnnel. I think this could be a problem. What is your thoughts about this ? 2018-01-18 18:20:37 +08:00			`}`

			`func (l *logTunnel) Write(data []byte) (int, error) {`
chore: use moul.io/sshportal canonical url 2018-11-16 22:36:14 +08:00			`writeHeader(l.writer, len(data)+len(l.host+": "))`
build: switch to golangci-lint 2018-11-16 22:44:29 +08:00			`if _, err := l.writer.Write([]byte(l.host + ": ")); err != nil {`
			`log.Printf("failed to write log: %v", err)`
			`}`
			`if _, err := l.writer.Write(data); err != nil {`
			`log.Printf("failed to write log: %v", err)`
			`}`
Logtunnel (#1) * * When a new channel is opened we got stuck in the select loop in bastionsession.go, and we couldn't open a new channel. The fix is easy it calls the bastionsession.ChannelHandler in a goroutine, at the cost of some error management. I think this is ok because we can allow a channel to fail on his own. This seems to be * This add the tunnel feature, which use a new concurrent channel. * This add some pcap logging for tunnel. For now it is logged only one way, and the logged ip packet seems buggy. * Add logtunnuel as a package. The logfile format is a tweaked version of ttyrec format file as it will be easy to review the use of human readable tunnel... To get the ChannelHandler work as a go routine I had to deactivate lint errcheck for logcahnnel. I think this could be a problem. What is your thoughts about this ? 2018-01-18 18:20:37 +08:00
			`return l.channel.Write(data)`
			`}`

			`func (l *logTunnel) Close() error {`
			`l.writer.Close()`

			`return l.channel.Close()`
			`}`