mirror of
https://github.com/warp-tech/warpgate.git
synced 2024-09-20 06:46:17 +08:00
split common into common and core
This commit is contained in:
parent
d292cca03e
commit
7ed223c8dd
|
@ -15,6 +15,10 @@ replace = version = "{new_version}"
|
|||
search = version = "{current_version}"
|
||||
replace = version = "{new_version}"
|
||||
|
||||
[bumpversion:file:warpgate-config/Cargo.toml]
|
||||
search = version = "{current_version}"
|
||||
replace = version = "{new_version}"
|
||||
|
||||
[bumpversion:file:warpgate-database-protocols/Cargo.toml]
|
||||
search = version = "{current_version}"
|
||||
replace = version = "{new_version}"
|
||||
|
|
67
Cargo.lock
generated
67
Cargo.lock
generated
|
@ -4573,7 +4573,7 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "warpgate"
|
||||
version = "0.4.0"
|
||||
version = "0.5.0"
|
||||
dependencies = [
|
||||
"ansi_term",
|
||||
"anyhow",
|
||||
|
@ -4600,6 +4600,7 @@ dependencies = [
|
|||
"tracing-subscriber",
|
||||
"warpgate-admin",
|
||||
"warpgate-common",
|
||||
"warpgate-core",
|
||||
"warpgate-protocol-http",
|
||||
"warpgate-protocol-mysql",
|
||||
"warpgate-protocol-ssh",
|
||||
|
@ -4607,7 +4608,7 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "warpgate-admin"
|
||||
version = "0.4.0"
|
||||
version = "0.5.0"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"async-trait",
|
||||
|
@ -4629,13 +4630,14 @@ dependencies = [
|
|||
"tracing",
|
||||
"uuid",
|
||||
"warpgate-common",
|
||||
"warpgate-core",
|
||||
"warpgate-db-entities",
|
||||
"warpgate-protocol-ssh",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "warpgate-common"
|
||||
version = "0.4.0"
|
||||
version = "0.5.0"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"argon2",
|
||||
|
@ -4667,6 +4669,45 @@ dependencies = [
|
|||
"tracing-subscriber",
|
||||
"url",
|
||||
"uuid",
|
||||
"warpgate-sso",
|
||||
"webpki",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "warpgate-core"
|
||||
version = "0.5.0"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"argon2",
|
||||
"async-trait",
|
||||
"bytes 1.2.1",
|
||||
"chrono",
|
||||
"data-encoding",
|
||||
"futures",
|
||||
"humantime-serde",
|
||||
"lazy_static",
|
||||
"once_cell",
|
||||
"packet",
|
||||
"password-hash 0.4.1",
|
||||
"poem",
|
||||
"poem-openapi",
|
||||
"rand",
|
||||
"rand_chacha",
|
||||
"rand_core",
|
||||
"rustls",
|
||||
"rustls-pemfile",
|
||||
"sea-orm",
|
||||
"serde",
|
||||
"serde_json",
|
||||
"thiserror",
|
||||
"tokio",
|
||||
"totp-rs",
|
||||
"tracing",
|
||||
"tracing-core",
|
||||
"tracing-subscriber",
|
||||
"url",
|
||||
"uuid",
|
||||
"warpgate-common",
|
||||
"warpgate-db-entities",
|
||||
"warpgate-db-migrations",
|
||||
"warpgate-sso",
|
||||
|
@ -4675,7 +4716,7 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "warpgate-database-protocols"
|
||||
version = "0.4.0"
|
||||
version = "0.5.0"
|
||||
dependencies = [
|
||||
"bitflags",
|
||||
"bytes 1.2.1",
|
||||
|
@ -4688,7 +4729,7 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "warpgate-db-entities"
|
||||
version = "0.4.0"
|
||||
version = "0.5.0"
|
||||
dependencies = [
|
||||
"chrono",
|
||||
"poem-openapi",
|
||||
|
@ -4696,11 +4737,12 @@ dependencies = [
|
|||
"serde",
|
||||
"serde_json",
|
||||
"uuid",
|
||||
"warpgate-common",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "warpgate-db-migrations"
|
||||
version = "0.4.0"
|
||||
version = "0.5.0"
|
||||
dependencies = [
|
||||
"async-std",
|
||||
"chrono",
|
||||
|
@ -4711,7 +4753,7 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "warpgate-protocol-http"
|
||||
version = "0.4.0"
|
||||
version = "0.5.0"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"async-trait",
|
||||
|
@ -4735,6 +4777,7 @@ dependencies = [
|
|||
"uuid",
|
||||
"warpgate-admin",
|
||||
"warpgate-common",
|
||||
"warpgate-core",
|
||||
"warpgate-db-entities",
|
||||
"warpgate-sso",
|
||||
"warpgate-web",
|
||||
|
@ -4742,7 +4785,7 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "warpgate-protocol-mysql"
|
||||
version = "0.4.0"
|
||||
version = "0.5.0"
|
||||
dependencies = [
|
||||
"anyhow",
|
||||
"async-trait",
|
||||
|
@ -4761,6 +4804,7 @@ dependencies = [
|
|||
"tracing",
|
||||
"uuid",
|
||||
"warpgate-common",
|
||||
"warpgate-core",
|
||||
"warpgate-database-protocols",
|
||||
"warpgate-db-entities",
|
||||
"webpki",
|
||||
|
@ -4768,7 +4812,7 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "warpgate-protocol-ssh"
|
||||
version = "0.4.0"
|
||||
version = "0.5.0"
|
||||
dependencies = [
|
||||
"ansi_term",
|
||||
"anyhow",
|
||||
|
@ -4786,13 +4830,14 @@ dependencies = [
|
|||
"tracing",
|
||||
"uuid",
|
||||
"warpgate-common",
|
||||
"warpgate-core",
|
||||
"warpgate-db-entities",
|
||||
"zeroize",
|
||||
]
|
||||
|
||||
[[package]]
|
||||
name = "warpgate-sso"
|
||||
version = "0.4.0"
|
||||
version = "0.5.0"
|
||||
dependencies = [
|
||||
"async-trait",
|
||||
"bytes 1.2.1",
|
||||
|
@ -4808,7 +4853,7 @@ dependencies = [
|
|||
|
||||
[[package]]
|
||||
name = "warpgate-web"
|
||||
version = "0.4.0"
|
||||
version = "0.5.0"
|
||||
dependencies = [
|
||||
"rust-embed",
|
||||
"serde",
|
||||
|
|
|
@ -5,6 +5,7 @@ members = [
|
|||
"warpgate",
|
||||
"warpgate-admin",
|
||||
"warpgate-common",
|
||||
"warpgate-core",
|
||||
"warpgate-db-migrations",
|
||||
"warpgate-db-entities",
|
||||
"warpgate-database-protocols",
|
||||
|
|
2
justfile
2
justfile
|
@ -1,4 +1,4 @@
|
|||
projects := "warpgate warpgate-admin warpgate-common warpgate-db-entities warpgate-db-migrations warpgate-database-protocols warpgate-protocol-ssh warpgate-protocol-mysql warpgate-sso"
|
||||
projects := "warpgate warpgate-admin warpgate-common warpgate-db-entities warpgate-db-migrations warpgate-database-protocols warpgate-protocol-ssh warpgate-protocol-mysql warpgate-protocol-http warpgate-core warpgate-sso"
|
||||
|
||||
run *ARGS:
|
||||
RUST_BACKTRACE=1 RUST_LOG=warpgate cd warpgate && cargo run -- --config ../config.yaml {{ARGS}}
|
||||
|
|
|
@ -38,6 +38,7 @@ tokio = {version = "1.20", features = ["tracing"]}
|
|||
tracing = "0.1"
|
||||
uuid = { version = "1.0", features = ["v4", "serde"] }
|
||||
warpgate-common = { version = "*", path = "../warpgate-common" }
|
||||
warpgate-core = { version = "*", path = "../warpgate-core" }
|
||||
warpgate-db-entities = { version = "*", path = "../warpgate-db-entities" }
|
||||
warpgate-protocol-ssh = { version = "*", path = "../warpgate-protocol-ssh" }
|
||||
regex = "1.6"
|
||||
|
|
|
@ -16,7 +16,7 @@ use tokio::io::{AsyncBufReadExt, BufReader};
|
|||
use tokio::sync::Mutex;
|
||||
use tracing::*;
|
||||
use uuid::Uuid;
|
||||
use warpgate_common::recordings::{AsciiCast, SessionRecordings, TerminalRecordingItem};
|
||||
use warpgate_core::recordings::{AsciiCast, SessionRecordings, TerminalRecordingItem};
|
||||
use warpgate_db_entities::Recording::{self, RecordingKind};
|
||||
|
||||
pub struct Api;
|
||||
|
|
|
@ -7,7 +7,7 @@ use poem_openapi::{ApiResponse, OpenApi};
|
|||
use sea_orm::{ColumnTrait, DatabaseConnection, EntityTrait, QueryFilter, QueryOrder};
|
||||
use tokio::sync::Mutex;
|
||||
use uuid::Uuid;
|
||||
use warpgate_common::{SessionSnapshot, State};
|
||||
use warpgate_core::{SessionSnapshot, State};
|
||||
use warpgate_db_entities::{Recording, Session};
|
||||
|
||||
pub struct Api;
|
||||
|
|
|
@ -10,7 +10,7 @@ use poem_openapi::payload::Json;
|
|||
use poem_openapi::{ApiResponse, OpenApi};
|
||||
use sea_orm::{ColumnTrait, DatabaseConnection, EntityTrait, QueryFilter, QueryOrder};
|
||||
use tokio::sync::Mutex;
|
||||
use warpgate_common::{SessionSnapshot, State};
|
||||
use warpgate_core::{SessionSnapshot, State};
|
||||
|
||||
use super::pagination::{PaginatedResponse, PaginationParams};
|
||||
|
||||
|
|
|
@ -4,7 +4,8 @@ use poem::web::Data;
|
|||
use poem_openapi::payload::Json;
|
||||
use poem_openapi::{ApiResponse, OpenApi};
|
||||
use tokio::sync::Mutex;
|
||||
use warpgate_common::{ConfigProvider, Target};
|
||||
use warpgate_common::Target;
|
||||
use warpgate_core::ConfigProvider;
|
||||
|
||||
pub struct Api;
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ use poem::web::Data;
|
|||
use poem_openapi::payload::Json;
|
||||
use poem_openapi::{ApiResponse, OpenApi};
|
||||
use tokio::sync::Mutex;
|
||||
use warpgate_common::{ConfigProvider, UserSnapshot};
|
||||
use warpgate_core::{ConfigProvider, UserSnapshot};
|
||||
|
||||
pub struct Api;
|
||||
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
mod api;
|
||||
use poem::{EndpointExt, IntoEndpoint, Route};
|
||||
use poem_openapi::OpenApiService;
|
||||
use warpgate_common::Services;
|
||||
use warpgate_core::Services;
|
||||
|
||||
pub fn admin_api_app(services: &Services) -> impl IntoEndpoint {
|
||||
let api_service = OpenApiService::new(
|
||||
|
|
|
@ -42,8 +42,6 @@ tracing-core = "0.1"
|
|||
tracing-subscriber = "0.3"
|
||||
url = "2.2"
|
||||
uuid = { version = "1.0", features = ["v4", "serde"] }
|
||||
warpgate-db-entities = { version = "*", path = "../warpgate-db-entities" }
|
||||
warpgate-db-migrations = { version = "*", path = "../warpgate-db-migrations" }
|
||||
warpgate-sso = { version = "*", path = "../warpgate-sso" }
|
||||
rustls = { version = "0.20", features = ["dangerous_configuration"] }
|
||||
rustls-pemfile = "1.0"
|
||||
|
|
|
@ -2,9 +2,7 @@ mod cred;
|
|||
mod policy;
|
||||
mod selector;
|
||||
mod state;
|
||||
mod store;
|
||||
pub use cred::*;
|
||||
pub use policy::*;
|
||||
pub use selector::*;
|
||||
pub use state::*;
|
||||
pub use store::*;
|
||||
|
|
|
@ -1,7 +1,15 @@
|
|||
use std::collections::HashSet;
|
||||
|
||||
use uuid::Uuid;
|
||||
|
||||
use super::{AuthCredential, CredentialPolicy, CredentialPolicyResponse};
|
||||
use crate::AuthResult;
|
||||
use super::{AuthCredential, CredentialKind, CredentialPolicy, CredentialPolicyResponse};
|
||||
|
||||
#[derive(Debug, Clone)]
|
||||
pub enum AuthResult {
|
||||
Accepted { username: String },
|
||||
Need(HashSet<CredentialKind>),
|
||||
Rejected,
|
||||
}
|
||||
|
||||
pub struct AuthState {
|
||||
id: Uuid,
|
||||
|
@ -13,7 +21,7 @@ pub struct AuthState {
|
|||
}
|
||||
|
||||
impl AuthState {
|
||||
pub(crate) fn new(
|
||||
pub fn new(
|
||||
id: Uuid,
|
||||
username: String,
|
||||
protocol: String,
|
||||
|
|
|
@ -1,29 +1,16 @@
|
|||
#![feature(let_else, drain_filter, duration_constants)]
|
||||
pub mod auth;
|
||||
mod config;
|
||||
mod config_providers;
|
||||
pub mod consts;
|
||||
mod data;
|
||||
pub mod db;
|
||||
mod error;
|
||||
pub mod eventhub;
|
||||
pub mod helpers;
|
||||
pub mod logging;
|
||||
mod protocols;
|
||||
pub mod recordings;
|
||||
mod services;
|
||||
mod state;
|
||||
mod tls;
|
||||
mod try_macro;
|
||||
mod types;
|
||||
|
||||
pub use config::*;
|
||||
pub use config_providers::*;
|
||||
pub use data::*;
|
||||
pub use error::WarpgateError;
|
||||
pub use protocols::*;
|
||||
pub use services::*;
|
||||
pub use state::{SessionState, SessionStateInit, State};
|
||||
pub use tls::*;
|
||||
pub use try_macro::*;
|
||||
pub use types::*;
|
||||
|
|
52
warpgate-core/Cargo.toml
Normal file
52
warpgate-core/Cargo.toml
Normal file
|
@ -0,0 +1,52 @@
|
|||
[package]
|
||||
edition = "2021"
|
||||
license = "Apache-2.0"
|
||||
name = "warpgate-core"
|
||||
version = "0.5.0"
|
||||
|
||||
[dependencies]
|
||||
warpgate-common = { version = "*", path = "../warpgate-common" }
|
||||
warpgate-db-entities = { version = "*", path = "../warpgate-db-entities" }
|
||||
warpgate-db-migrations = { version = "*", path = "../warpgate-db-migrations" }
|
||||
|
||||
anyhow = "1.0"
|
||||
argon2 = "0.4"
|
||||
async-trait = "0.1"
|
||||
bytes = "1.2"
|
||||
chrono = { version = "0.4", features = ["serde"] }
|
||||
data-encoding = "2.3"
|
||||
humantime-serde = "1.1"
|
||||
lazy_static = "1.4"
|
||||
futures = "0.3"
|
||||
once_cell = "1.10"
|
||||
packet = "0.1"
|
||||
password-hash = "0.4"
|
||||
poem = { version = "^1.3.37", features = ["rustls"] }
|
||||
poem-openapi = { version = "^2.0.6", features = [
|
||||
"swagger-ui",
|
||||
"chrono",
|
||||
"uuid",
|
||||
"static-files",
|
||||
] }
|
||||
rand = "0.8"
|
||||
rand_chacha = "0.3"
|
||||
rand_core = { version = "0.6", features = ["std"] }
|
||||
sea-orm = { version = "^0.9", features = [
|
||||
"sqlx-sqlite",
|
||||
"runtime-tokio-native-tls",
|
||||
"macros",
|
||||
], default-features = false }
|
||||
serde = "1.0"
|
||||
serde_json = "1.0"
|
||||
thiserror = "1.0"
|
||||
tokio = { version = "1.20", features = ["tracing"] }
|
||||
totp-rs = { version = "3.0", features = ["otpauth"] }
|
||||
tracing = "0.1"
|
||||
tracing-core = "0.1"
|
||||
tracing-subscriber = "0.3"
|
||||
url = "2.2"
|
||||
uuid = { version = "1.0", features = ["v4", "serde"] }
|
||||
warpgate-sso = { version = "*", path = "../warpgate-sso" }
|
||||
rustls = { version = "0.20", features = ["dangerous_configuration"] }
|
||||
rustls-pemfile = "1.0"
|
||||
webpki = "0.22"
|
|
@ -5,9 +5,10 @@ use std::time::{Duration, Instant};
|
|||
use once_cell::sync::Lazy;
|
||||
use tokio::sync::{broadcast, Mutex};
|
||||
use uuid::Uuid;
|
||||
use warpgate_common::auth::{AuthResult, AuthState};
|
||||
use warpgate_common::WarpgateError;
|
||||
|
||||
use super::AuthState;
|
||||
use crate::{AuthResult, ConfigProvider, WarpgateError};
|
||||
use crate::ConfigProvider;
|
||||
|
||||
#[allow(clippy::unwrap_used)]
|
||||
pub static TIMEOUT: Lazy<Duration> = Lazy::new(|| Duration::from_secs(60 * 10));
|
|
@ -3,34 +3,26 @@ use std::sync::Arc;
|
|||
|
||||
use async_trait::async_trait;
|
||||
use data_encoding::BASE64;
|
||||
use sea_orm::ActiveValue::Set;
|
||||
use sea_orm::{ActiveModelTrait, DatabaseConnection, EntityTrait};
|
||||
use tokio::sync::Mutex;
|
||||
use tracing::*;
|
||||
use uuid::Uuid;
|
||||
use warpgate_db_entities::Ticket;
|
||||
|
||||
use super::ConfigProvider;
|
||||
use crate::auth::{
|
||||
use warpgate_common::auth::{
|
||||
AllCredentialsPolicy, AnySingleCredentialPolicy, AuthCredential, CredentialKind,
|
||||
CredentialPolicy, PerProtocolCredentialPolicy,
|
||||
};
|
||||
use crate::helpers::hash::verify_password_hash;
|
||||
use crate::helpers::otp::verify_totp;
|
||||
use crate::{Target, User, UserAuthCredential, UserSnapshot, WarpgateConfig, WarpgateError};
|
||||
use warpgate_common::helpers::hash::verify_password_hash;
|
||||
use warpgate_common::helpers::otp::verify_totp;
|
||||
use warpgate_common::{Target, User, UserAuthCredential, WarpgateConfig, WarpgateError};
|
||||
|
||||
use super::ConfigProvider;
|
||||
use crate::UserSnapshot;
|
||||
|
||||
pub struct FileConfigProvider {
|
||||
db: Arc<Mutex<DatabaseConnection>>,
|
||||
config: Arc<Mutex<WarpgateConfig>>,
|
||||
}
|
||||
|
||||
impl FileConfigProvider {
|
||||
pub async fn new(
|
||||
db: &Arc<Mutex<DatabaseConnection>>,
|
||||
config: &Arc<Mutex<WarpgateConfig>>,
|
||||
) -> Self {
|
||||
pub async fn new(config: &Arc<Mutex<WarpgateConfig>>) -> Self {
|
||||
Self {
|
||||
db: db.clone(),
|
||||
config: config.clone(),
|
||||
}
|
||||
}
|
||||
|
@ -284,20 +276,4 @@ impl ConfigProvider for FileConfigProvider {
|
|||
|
||||
Ok(intersect)
|
||||
}
|
||||
|
||||
async fn consume_ticket(&mut self, ticket_id: &Uuid) -> Result<(), WarpgateError> {
|
||||
let db = self.db.lock().await;
|
||||
let ticket = Ticket::Entity::find_by_id(*ticket_id).one(&*db).await?;
|
||||
let Some(ticket) = ticket else {
|
||||
return Err(WarpgateError::InvalidTicket(*ticket_id));
|
||||
};
|
||||
|
||||
if let Some(uses_left) = ticket.uses_left {
|
||||
let mut model: Ticket::ActiveModel = ticket.into();
|
||||
model.uses_left = Set(Some(uses_left - 1));
|
||||
model.update(&*db).await?;
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
||||
}
|
|
@ -1,24 +1,18 @@
|
|||
mod file;
|
||||
use std::collections::HashSet;
|
||||
use std::sync::Arc;
|
||||
|
||||
use async_trait::async_trait;
|
||||
pub use file::FileConfigProvider;
|
||||
use sea_orm::{ColumnTrait, DatabaseConnection, EntityTrait, QueryFilter};
|
||||
use sea_orm::ActiveValue::Set;
|
||||
use sea_orm::{ActiveModelTrait, ColumnTrait, DatabaseConnection, EntityTrait, QueryFilter};
|
||||
use tokio::sync::Mutex;
|
||||
use tracing::*;
|
||||
use uuid::Uuid;
|
||||
use warpgate_common::auth::{AuthCredential, CredentialPolicy};
|
||||
use warpgate_common::{Secret, Target, WarpgateError};
|
||||
use warpgate_db_entities::Ticket;
|
||||
|
||||
use crate::auth::{AuthCredential, CredentialKind, CredentialPolicy};
|
||||
use crate::{Secret, Target, UserSnapshot, WarpgateError};
|
||||
|
||||
#[derive(Debug, Clone)]
|
||||
pub enum AuthResult {
|
||||
Accepted { username: String },
|
||||
Need(HashSet<CredentialKind>),
|
||||
Rejected,
|
||||
}
|
||||
use crate::UserSnapshot;
|
||||
|
||||
#[async_trait]
|
||||
pub trait ConfigProvider {
|
||||
|
@ -47,8 +41,6 @@ pub trait ConfigProvider {
|
|||
username: &str,
|
||||
target: &str,
|
||||
) -> Result<bool, WarpgateError>;
|
||||
|
||||
async fn consume_ticket(&mut self, ticket_id: &Uuid) -> Result<(), WarpgateError>;
|
||||
}
|
||||
|
||||
//TODO: move this somewhere
|
||||
|
@ -85,3 +77,22 @@ pub async fn authorize_ticket(
|
|||
}
|
||||
}
|
||||
}
|
||||
|
||||
pub async fn consume_ticket(
|
||||
db: &Arc<Mutex<DatabaseConnection>>,
|
||||
ticket_id: &Uuid,
|
||||
) -> Result<(), WarpgateError> {
|
||||
let db = db.lock().await;
|
||||
let ticket = Ticket::Entity::find_by_id(*ticket_id).one(&*db).await?;
|
||||
let Some(ticket) = ticket else {
|
||||
return Err(WarpgateError::InvalidTicket(*ticket_id));
|
||||
};
|
||||
|
||||
if let Some(uses_left) = ticket.uses_left {
|
||||
let mut model: Ticket::ActiveModel = ticket.into();
|
||||
model.uses_left = Set(Some(uses_left - 1));
|
||||
model.update(&*db).await?;
|
||||
}
|
||||
|
||||
Ok(())
|
||||
}
|
|
@ -2,9 +2,8 @@ use chrono::{DateTime, Utc};
|
|||
use poem_openapi::Object;
|
||||
use serde::{Deserialize, Serialize};
|
||||
use uuid::Uuid;
|
||||
use warpgate_db_entities::Session;
|
||||
|
||||
use crate::{SessionId, Target, User};
|
||||
use warpgate_db_entities::{Session};
|
||||
use warpgate_common::{SessionId, Target, User};
|
||||
|
||||
#[derive(Serialize, Deserialize, Object)]
|
||||
pub struct SessionSnapshot {
|
|
@ -5,12 +5,11 @@ use sea_orm::sea_query::Expr;
|
|||
use sea_orm::{
|
||||
ConnectOptions, Database, DatabaseConnection, EntityTrait, QueryFilter, TransactionTrait,
|
||||
};
|
||||
use warpgate_common::helpers::fs::secure_file;
|
||||
use warpgate_common::WarpgateConfig;
|
||||
use warpgate_db_entities::LogEntry;
|
||||
use warpgate_db_migrations::migrate_database;
|
||||
|
||||
use crate::helpers::fs::secure_file;
|
||||
use crate::WarpgateConfig;
|
||||
|
||||
pub async fn connect_to_db(config: &WarpgateConfig) -> Result<DatabaseConnection> {
|
||||
let mut url = url::Url::parse(&config.store.database_url.expose_secret()[..])?;
|
||||
if url.scheme() == "sqlite" {
|
16
warpgate-core/src/lib.rs
Normal file
16
warpgate-core/src/lib.rs
Normal file
|
@ -0,0 +1,16 @@
|
|||
#![feature(let_else, drain_filter, duration_constants)]
|
||||
mod data;
|
||||
mod state;
|
||||
pub use data::*;
|
||||
pub use state::{SessionState, SessionStateInit, State};
|
||||
mod config_providers;
|
||||
pub use config_providers::*;
|
||||
pub mod db;
|
||||
mod protocols;
|
||||
pub use protocols::*;
|
||||
pub mod recordings;
|
||||
mod services;
|
||||
pub use services::*;
|
||||
mod auth_state_store;
|
||||
pub use auth_state_store::*;
|
||||
pub mod logging;
|
|
@ -1,7 +1,7 @@
|
|||
mod database;
|
||||
mod layer;
|
||||
mod socket;
|
||||
mod values;
|
||||
|
||||
pub use database::{install_database_logger, make_database_logger_layer};
|
||||
pub use socket::make_socket_logger_layer;
|
||||
mod database;
|
||||
pub use database::{install_database_logger, make_database_logger_layer};
|
|
@ -6,7 +6,7 @@ use tracing_subscriber::registry::LookupSpan;
|
|||
use tracing_subscriber::Layer;
|
||||
|
||||
use super::layer::ValuesLogLayer;
|
||||
use crate::WarpgateConfig;
|
||||
use warpgate_common::WarpgateConfig;
|
||||
|
||||
static SKIP_KEY: &str = "is_socket_logging_error";
|
||||
|
|
@ -2,9 +2,10 @@ use std::sync::Arc;
|
|||
|
||||
use sea_orm::{ColumnTrait, DatabaseConnection, EntityTrait, QueryFilter};
|
||||
use tokio::sync::Mutex;
|
||||
use warpgate_common::{SessionId, Target, WarpgateError};
|
||||
use warpgate_db_entities::Session;
|
||||
|
||||
use crate::{SessionId, SessionState, State, Target, WarpgateError};
|
||||
use crate::{SessionState, State};
|
||||
|
||||
pub trait SessionHandle {
|
||||
fn close(&mut self);
|
|
@ -4,8 +4,7 @@ use std::net::SocketAddr;
|
|||
use anyhow::Result;
|
||||
use async_trait::async_trait;
|
||||
pub use handle::{SessionHandle, WarpgateServerHandle};
|
||||
|
||||
use crate::Target;
|
||||
use warpgate_common::Target;
|
||||
|
||||
#[derive(Debug, thiserror::Error)]
|
||||
pub enum TargetTestError {
|
|
@ -7,9 +7,9 @@ use sea_orm::{ActiveModelTrait, DatabaseConnection};
|
|||
use tokio::sync::{broadcast, Mutex};
|
||||
use tracing::*;
|
||||
use uuid::Uuid;
|
||||
use warpgate_common::helpers::fs::secure_directory;
|
||||
use warpgate_common::{RecordingsConfig, SessionId, WarpgateConfig};
|
||||
use warpgate_db_entities::Recording::{self, RecordingKind};
|
||||
|
||||
use crate::{RecordingsConfig, SessionId, WarpgateConfig};
|
||||
mod terminal;
|
||||
mod traffic;
|
||||
mod writer;
|
||||
|
@ -58,7 +58,7 @@ impl SessionRecordings {
|
|||
path.push(&config.store.recordings.path);
|
||||
if config.store.recordings.enable {
|
||||
std::fs::create_dir_all(&path)?;
|
||||
crate::helpers::fs::secure_directory(&path)?;
|
||||
secure_directory(&path)?;
|
||||
}
|
||||
Ok(Self {
|
||||
db,
|
|
@ -39,7 +39,7 @@ pub enum TerminalRecordingItem {
|
|||
time: f32,
|
||||
#[serde(default)]
|
||||
stream: TerminalRecordingStreamId,
|
||||
#[serde(with = "crate::helpers::serde_base64")]
|
||||
#[serde(with = "warpgate_common::helpers::serde_base64")]
|
||||
data: Bytes,
|
||||
},
|
||||
PtyResize {
|
|
@ -10,11 +10,11 @@ use tokio::io::{AsyncWriteExt, BufWriter};
|
|||
use tokio::sync::{broadcast, mpsc, Mutex};
|
||||
use tracing::*;
|
||||
use uuid::Uuid;
|
||||
use warpgate_common::helpers::fs::secure_file;
|
||||
use warpgate_common::try_block;
|
||||
use warpgate_db_entities::Recording;
|
||||
|
||||
use super::{Error, Result};
|
||||
use crate::helpers::fs::secure_file;
|
||||
use crate::try_block;
|
||||
|
||||
#[derive(Clone)]
|
||||
pub struct RecordingWriter {
|
|
@ -4,11 +4,11 @@ use std::time::Duration;
|
|||
use anyhow::Result;
|
||||
use sea_orm::DatabaseConnection;
|
||||
use tokio::sync::Mutex;
|
||||
use warpgate_common::WarpgateConfig;
|
||||
|
||||
use crate::auth::AuthStateStore;
|
||||
use crate::db::{connect_to_db, sanitize_db};
|
||||
use crate::recordings::SessionRecordings;
|
||||
use crate::{ConfigProvider, FileConfigProvider, State, WarpgateConfig};
|
||||
use crate::{AuthStateStore, ConfigProvider, FileConfigProvider, State};
|
||||
|
||||
#[derive(Clone)]
|
||||
pub struct Services {
|
||||
|
@ -30,7 +30,7 @@ impl Services {
|
|||
let recordings = Arc::new(Mutex::new(recordings));
|
||||
|
||||
let config = Arc::new(Mutex::new(config));
|
||||
let config_provider = Arc::new(Mutex::new(FileConfigProvider::new(&db, &config).await));
|
||||
let config_provider = Arc::new(Mutex::new(FileConfigProvider::new(&config).await));
|
||||
|
||||
let auth_state_store = Arc::new(Mutex::new(AuthStateStore::new(config_provider.clone())));
|
||||
|
|
@ -7,9 +7,10 @@ use sea_orm::{ActiveModelTrait, DatabaseConnection, EntityTrait};
|
|||
use tokio::sync::{broadcast, Mutex};
|
||||
use tracing::*;
|
||||
use uuid::Uuid;
|
||||
use warpgate_common::{SessionId, ProtocolName, Target};
|
||||
use warpgate_db_entities::Session;
|
||||
|
||||
use crate::{ProtocolName, SessionHandle, SessionId, Target, WarpgateServerHandle};
|
||||
use crate::{SessionHandle, WarpgateServerHandle};
|
||||
|
||||
pub struct State {
|
||||
pub sessions: HashMap<SessionId, Arc<Mutex<SessionState>>>,
|
|
@ -11,3 +11,4 @@ sea-orm = {version = "^0.9", features = ["macros", "with-chrono", "with-uuid", "
|
|||
serde = "1.0"
|
||||
serde_json = "1.0"
|
||||
uuid = {version = "1.0", features = ["v4", "serde"]}
|
||||
warpgate-common = { version = "*", path = "../warpgate-common" }
|
||||
|
|
|
@ -24,6 +24,7 @@ tokio-tungstenite = {version = "0.17", features = ["rustls-tls-native-roots"]}
|
|||
tracing = "0.1"
|
||||
warpgate-admin = {version = "*", path = "../warpgate-admin"}
|
||||
warpgate-common = {version = "*", path = "../warpgate-common"}
|
||||
warpgate-core = {version = "*", path = "../warpgate-core"}
|
||||
warpgate-db-entities = {version = "*", path = "../warpgate-db-entities"}
|
||||
warpgate-web = {version = "*", path = "../warpgate-web"}
|
||||
warpgate-sso = {version = "*", path = "../warpgate-sso"}
|
||||
|
|
|
@ -9,8 +9,9 @@ use poem_openapi::{ApiResponse, Enum, Object, OpenApi};
|
|||
use tokio::sync::Mutex;
|
||||
use tracing::*;
|
||||
use uuid::Uuid;
|
||||
use warpgate_common::auth::{AuthCredential, AuthState, CredentialKind};
|
||||
use warpgate_common::{AuthResult, Secret, Services, WarpgateError};
|
||||
use warpgate_common::auth::{AuthCredential, AuthState, CredentialKind, AuthResult};
|
||||
use warpgate_core::{Services};
|
||||
use warpgate_common::{Secret, WarpgateError};
|
||||
|
||||
use crate::common::{
|
||||
authorize_session, endpoint_auth, get_auth_state_for_request, SessionAuthorization, SessionExt,
|
||||
|
|
|
@ -4,7 +4,7 @@ use poem::Request;
|
|||
use poem_openapi::payload::Json;
|
||||
use poem_openapi::{ApiResponse, Object, OpenApi};
|
||||
use serde::Serialize;
|
||||
use warpgate_common::Services;
|
||||
use warpgate_core::Services;
|
||||
|
||||
use crate::common::{SessionAuthorization, SessionExt};
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@ use poem_openapi::param::{Path, Query};
|
|||
use poem_openapi::payload::Json;
|
||||
use poem_openapi::{ApiResponse, Object, OpenApi};
|
||||
use serde::{Deserialize, Serialize};
|
||||
use warpgate_common::Services;
|
||||
use warpgate_core::Services;
|
||||
use warpgate_sso::{SsoClient, SsoLoginRequest};
|
||||
|
||||
pub struct Api;
|
||||
|
|
|
@ -5,8 +5,8 @@ use poem_openapi::param::Query;
|
|||
use poem_openapi::payload::{Json, Response};
|
||||
use poem_openapi::{ApiResponse, Enum, Object, OpenApi};
|
||||
use tracing::*;
|
||||
use warpgate_common::auth::AuthCredential;
|
||||
use warpgate_common::{AuthResult, Services};
|
||||
use warpgate_common::auth::{AuthCredential, AuthResult};
|
||||
use warpgate_core::Services;
|
||||
use warpgate_sso::SsoInternalProviderConfig;
|
||||
|
||||
use super::sso_provider_detail::{SsoContext, SSO_CONTEXT_SESSION_KEY};
|
||||
|
@ -120,7 +120,8 @@ impl Api {
|
|||
};
|
||||
|
||||
let mut auth_state_store = services.auth_state_store.lock().await;
|
||||
let state_arc = get_auth_state_for_request(&username, session, &mut auth_state_store).await?;
|
||||
let state_arc =
|
||||
get_auth_state_for_request(&username, session, &mut auth_state_store).await?;
|
||||
|
||||
let mut state = state_arc.lock().await;
|
||||
let mut cp = services.config_provider.lock().await;
|
||||
|
|
|
@ -1,33 +1,27 @@
|
|||
use futures::{stream, StreamExt};
|
||||
use poem::web::Data;
|
||||
use poem_openapi::payload::Json;
|
||||
use poem_openapi::{ApiResponse, Enum, Object, OpenApi};
|
||||
use poem_openapi::{ApiResponse, Object, OpenApi};
|
||||
use serde::Serialize;
|
||||
use warpgate_common::{Services, TargetOptions};
|
||||
use warpgate_db_entities::Target;
|
||||
use warpgate_common::{TargetOptions};
|
||||
use warpgate_core::{Services};
|
||||
|
||||
use crate::common::{endpoint_auth, SessionAuthorization};
|
||||
|
||||
pub struct Api;
|
||||
|
||||
#[derive(Debug, Serialize, Clone, Enum)]
|
||||
pub enum TargetKind {
|
||||
Http,
|
||||
MySql,
|
||||
Ssh,
|
||||
WebAdmin,
|
||||
}
|
||||
|
||||
#[derive(Debug, Serialize, Clone, Object)]
|
||||
pub struct Target {
|
||||
pub struct TargetSnapshot {
|
||||
pub name: String,
|
||||
pub kind: TargetKind,
|
||||
pub kind: Target::TargetKind,
|
||||
pub external_host: Option<String>,
|
||||
}
|
||||
|
||||
#[derive(ApiResponse)]
|
||||
enum GetTargetsResponse {
|
||||
#[oai(status = 200)]
|
||||
Ok(Json<Vec<Target>>),
|
||||
Ok(Json<Vec<TargetSnapshot>>),
|
||||
}
|
||||
|
||||
#[OpenApi]
|
||||
|
@ -75,13 +69,13 @@ impl Api {
|
|||
Ok(GetTargetsResponse::Ok(Json(
|
||||
targets
|
||||
.into_iter()
|
||||
.map(|t| Target {
|
||||
.map(|t| TargetSnapshot {
|
||||
name: t.name.clone(),
|
||||
kind: match t.options {
|
||||
TargetOptions::Ssh(_) => TargetKind::Ssh,
|
||||
TargetOptions::Http(_) => TargetKind::Http,
|
||||
TargetOptions::MySql(_) => TargetKind::MySql,
|
||||
TargetOptions::WebAdmin(_) => TargetKind::WebAdmin,
|
||||
TargetOptions::Ssh(_) => Target::TargetKind::Ssh,
|
||||
TargetOptions::Http(_) => Target::TargetKind::Http,
|
||||
TargetOptions::MySql(_) => Target::TargetKind::MySql,
|
||||
TargetOptions::WebAdmin(_) => Target::TargetKind::WebAdmin,
|
||||
},
|
||||
external_host: match t.options {
|
||||
TargetOptions::Http(ref opt) => opt.external_host.clone(),
|
||||
|
|
|
@ -7,7 +7,8 @@ use poem::{handler, Body, IntoResponse, Request, Response};
|
|||
use serde::Deserialize;
|
||||
use tokio::sync::Mutex;
|
||||
use tracing::*;
|
||||
use warpgate_common::{Services, Target, TargetHTTPOptions, TargetOptions, WarpgateServerHandle};
|
||||
use warpgate_common::{Target, TargetHTTPOptions, TargetOptions};
|
||||
use warpgate_core::{Services, WarpgateServerHandle};
|
||||
|
||||
use crate::common::{gateway_redirect, SessionAuthorization, SessionExt};
|
||||
use crate::proxy::{proxy_normal_request, proxy_websocket_request};
|
||||
|
|
|
@ -10,8 +10,9 @@ use serde::{Deserialize, Serialize};
|
|||
use tokio::sync::Mutex;
|
||||
use tracing::*;
|
||||
use uuid::Uuid;
|
||||
use warpgate_common::auth::{AuthState, AuthStateStore};
|
||||
use warpgate_common::{ProtocolName, Services, TargetOptions, WarpgateError};
|
||||
use warpgate_common::auth::{AuthState};
|
||||
use warpgate_common::{ProtocolName, TargetOptions, WarpgateError};
|
||||
use warpgate_core::{AuthStateStore, Services};
|
||||
|
||||
use crate::session::SessionStore;
|
||||
|
||||
|
|
|
@ -30,12 +30,14 @@ use tokio::sync::Mutex;
|
|||
use tracing::*;
|
||||
use warpgate_admin::admin_api_app;
|
||||
use warpgate_common::{
|
||||
ProtocolServer, Services, Target, TargetOptions, TargetTestError, TlsCertificateAndPrivateKey,
|
||||
TlsCertificateBundle, TlsPrivateKey,
|
||||
Target, TargetOptions, TlsCertificateAndPrivateKey, TlsCertificateBundle, TlsPrivateKey,
|
||||
};
|
||||
use warpgate_core::{ProtocolServer, Services, TargetTestError};
|
||||
use warpgate_web::Assets;
|
||||
|
||||
use crate::common::{endpoint_admin_auth, endpoint_auth, page_auth, COOKIE_MAX_AGE, SESSION_COOKIE_NAME};
|
||||
use crate::common::{
|
||||
endpoint_admin_auth, endpoint_auth, page_auth, COOKIE_MAX_AGE, SESSION_COOKIE_NAME,
|
||||
};
|
||||
use crate::error::error_page;
|
||||
use crate::middleware::{CookieHostMiddleware, TicketMiddleware};
|
||||
use crate::session::{SessionStore, SharedSessionStorage};
|
||||
|
|
|
@ -3,9 +3,10 @@ use poem::session::Session;
|
|||
use poem::web::{Data, FromRequest};
|
||||
use poem::{Endpoint, Middleware, Request};
|
||||
use serde::Deserialize;
|
||||
use warpgate_common::{authorize_ticket, Secret, Services};
|
||||
use warpgate_common::Secret;
|
||||
use warpgate_core::{authorize_ticket, consume_ticket, Services};
|
||||
|
||||
use crate::common::{SessionExt};
|
||||
use crate::common::SessionExt;
|
||||
|
||||
pub struct TicketMiddleware {}
|
||||
|
||||
|
@ -64,9 +65,9 @@ impl<E: Endpoint> Endpoint for TicketMiddlewareEndpoint<E> {
|
|||
|
||||
if let Some(ticket_model) = {
|
||||
let ticket = Secret::new(ticket);
|
||||
let mut cp = services.config_provider.lock().await;
|
||||
let cp = services.config_provider.lock().await;
|
||||
if let Some(res) = authorize_ticket(&services.db, &ticket).await? {
|
||||
cp.consume_ticket(&res.id).await?;
|
||||
consume_ticket(&services.db, &res.id).await?;
|
||||
Some(res)
|
||||
} else {
|
||||
None
|
||||
|
|
|
@ -9,7 +9,8 @@ use poem::{FromRequest, Request};
|
|||
use serde_json::Value;
|
||||
use tokio::sync::Mutex;
|
||||
use tracing::*;
|
||||
use warpgate_common::{Services, SessionId, SessionStateInit, WarpgateServerHandle};
|
||||
use warpgate_common::SessionId;
|
||||
use warpgate_core::{Services, SessionStateInit, WarpgateServerHandle};
|
||||
|
||||
use crate::common::{PROTOCOL_NAME, SESSION_MAX_AGE};
|
||||
use crate::session_handle::{
|
||||
|
|
|
@ -6,7 +6,7 @@ use poem::session::Session;
|
|||
use poem::web::Data;
|
||||
use poem::{FromRequest, Request, RequestBody};
|
||||
use tokio::sync::{mpsc, Mutex};
|
||||
use warpgate_common::{SessionHandle, WarpgateServerHandle};
|
||||
use warpgate_core::{SessionHandle, WarpgateServerHandle};
|
||||
|
||||
use crate::session::SessionStore;
|
||||
|
||||
|
|
|
@ -6,6 +6,7 @@ version = "0.5.0"
|
|||
|
||||
[dependencies]
|
||||
warpgate-common = { version = "*", path = "../warpgate-common" }
|
||||
warpgate-core = { version = "*", path = "../warpgate-core" }
|
||||
warpgate-db-entities = { version = "*", path = "../warpgate-db-entities" }
|
||||
warpgate-database-protocols = { version = "*", path = "../warpgate-database-protocols" }
|
||||
anyhow = { version = "1.0", features = ["std"] }
|
||||
|
|
|
@ -18,9 +18,9 @@ use rustls::ServerConfig;
|
|||
use tokio::net::TcpListener;
|
||||
use tracing::*;
|
||||
use warpgate_common::{
|
||||
ProtocolServer, Services, SessionStateInit, Target, TargetOptions, TargetTestError,
|
||||
TlsCertificateAndPrivateKey, TlsCertificateBundle, TlsPrivateKey,
|
||||
Target, TargetOptions, TlsCertificateAndPrivateKey, TlsCertificateBundle, TlsPrivateKey,
|
||||
};
|
||||
use warpgate_core::{ProtocolServer, Services, SessionStateInit, TargetTestError};
|
||||
|
||||
use crate::session::MySqlSession;
|
||||
use crate::session_handle::MySqlSessionHandle;
|
||||
|
|
|
@ -7,12 +7,12 @@ use tokio::net::TcpStream;
|
|||
use tokio::sync::Mutex;
|
||||
use tracing::*;
|
||||
use uuid::Uuid;
|
||||
use warpgate_common::auth::{AuthCredential, AuthSelector};
|
||||
use warpgate_common::auth::{AuthCredential, AuthSelector, AuthResult};
|
||||
use warpgate_common::helpers::rng::get_crypto_rng;
|
||||
use warpgate_common::{
|
||||
authorize_ticket, AuthResult, Secret, Services, TargetMySqlOptions, TargetOptions,
|
||||
WarpgateServerHandle,
|
||||
Secret, TargetMySqlOptions, TargetOptions,
|
||||
};
|
||||
use warpgate_core::{WarpgateServerHandle, Services, authorize_ticket, consume_ticket};
|
||||
use warpgate_database_protocols::io::{BufExt, Decode};
|
||||
use warpgate_database_protocols::mysql::protocol::auth::AuthPlugin;
|
||||
use warpgate_database_protocols::mysql::protocol::connect::{
|
||||
|
@ -237,11 +237,7 @@ impl MySqlSession {
|
|||
{
|
||||
Some(ticket) => {
|
||||
info!("Authorized for {} with a ticket", ticket.target);
|
||||
self.services
|
||||
.config_provider
|
||||
.lock()
|
||||
.await
|
||||
.consume_ticket(&ticket.id)
|
||||
consume_ticket(&self.services.db, &ticket.id)
|
||||
.await
|
||||
.map_err(MySqlError::other)?;
|
||||
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
use tokio::sync::mpsc;
|
||||
use warpgate_common::SessionHandle;
|
||||
use warpgate_core::SessionHandle;
|
||||
|
||||
pub struct MySqlSessionHandle {
|
||||
abort_tx: mpsc::UnboundedSender<()>,
|
||||
|
|
|
@ -21,5 +21,6 @@ tokio = {version = "1.20", features = ["tracing", "signal"]}
|
|||
tracing = "0.1"
|
||||
uuid = {version = "1.0", features = ["v4"]}
|
||||
warpgate-common = {version = "*", path = "../warpgate-common"}
|
||||
warpgate-core = {version = "*", path = "../warpgate-core"}
|
||||
warpgate-db-entities = {version = "*", path = "../warpgate-db-entities"}
|
||||
zeroize="^1.5"
|
||||
|
|
|
@ -7,7 +7,8 @@ use russh_keys::PublicKeyBase64;
|
|||
use tokio::sync::mpsc::UnboundedSender;
|
||||
use tokio::sync::oneshot;
|
||||
use tracing::*;
|
||||
use warpgate_common::{Services, SessionId, TargetSSHOptions};
|
||||
use warpgate_common::{SessionId, TargetSSHOptions};
|
||||
use warpgate_core::Services;
|
||||
|
||||
use crate::known_hosts::{KnownHostValidationResult, KnownHosts};
|
||||
use crate::ConnectionError;
|
||||
|
|
|
@ -20,7 +20,8 @@ use tokio::sync::{oneshot, Mutex};
|
|||
use tokio::task::JoinHandle;
|
||||
use tracing::*;
|
||||
use uuid::Uuid;
|
||||
use warpgate_common::{SSHTargetAuth, Services, SessionId, TargetSSHOptions};
|
||||
use warpgate_common::{SSHTargetAuth, SessionId, TargetSSHOptions};
|
||||
use warpgate_core::Services;
|
||||
|
||||
use self::handler::ClientHandlerEvent;
|
||||
use super::{ChannelOperation, DirectTCPIPParams};
|
||||
|
|
|
@ -17,10 +17,8 @@ pub use keys::*;
|
|||
use russh_keys::PublicKeyBase64;
|
||||
pub use server::run_server;
|
||||
use uuid::Uuid;
|
||||
use warpgate_common::{
|
||||
ProtocolName, ProtocolServer, Services, SshHostKeyVerificationMode, Target, TargetOptions,
|
||||
TargetTestError,
|
||||
};
|
||||
use warpgate_common::{ProtocolName, SshHostKeyVerificationMode, Target, TargetOptions};
|
||||
use warpgate_core::{ProtocolServer, Services, TargetTestError};
|
||||
|
||||
use crate::client::{RCCommand, RemoteClient};
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ pub use session::ServerSession;
|
|||
use tokio::io::{AsyncRead, AsyncWrite};
|
||||
use tokio::net::TcpListener;
|
||||
use tracing::*;
|
||||
use warpgate_common::{Services, SessionStateInit};
|
||||
use warpgate_core::{Services, SessionStateInit};
|
||||
|
||||
use crate::keys::load_host_keys;
|
||||
use crate::server::session_handle::SSHSessionHandle;
|
||||
|
|
|
@ -17,16 +17,16 @@ use tokio::sync::mpsc::{UnboundedReceiver, UnboundedSender};
|
|||
use tokio::sync::{broadcast, oneshot, Mutex};
|
||||
use tracing::*;
|
||||
use uuid::Uuid;
|
||||
use warpgate_common::auth::{AuthCredential, AuthSelector, AuthState, CredentialKind};
|
||||
use warpgate_common::auth::{AuthCredential, AuthResult, AuthSelector, AuthState, CredentialKind};
|
||||
use warpgate_common::eventhub::{EventHub, EventSender};
|
||||
use warpgate_common::recordings::{
|
||||
use warpgate_common::{
|
||||
Secret, SessionId, SshHostKeyVerificationMode, Target, TargetOptions, TargetSSHOptions,
|
||||
};
|
||||
use warpgate_core::recordings::{
|
||||
self, ConnectionRecorder, TerminalRecorder, TerminalRecordingStreamId, TrafficConnectionParams,
|
||||
TrafficRecorder,
|
||||
};
|
||||
use warpgate_common::{
|
||||
authorize_ticket, AuthResult, Secret, Services, SessionId, SshHostKeyVerificationMode, Target,
|
||||
TargetOptions, TargetSSHOptions, WarpgateServerHandle,
|
||||
};
|
||||
use warpgate_core::{authorize_ticket, consume_ticket, Services, WarpgateServerHandle};
|
||||
|
||||
use super::service_output::ServiceOutput;
|
||||
use super::session_handle::SessionHandleCommand;
|
||||
|
@ -1168,12 +1168,7 @@ impl ServerSession {
|
|||
match authorize_ticket(&self.services.db, secret).await? {
|
||||
Some(ticket) => {
|
||||
info!("Authorized for {} with a ticket", ticket.target);
|
||||
self.services
|
||||
.config_provider
|
||||
.lock()
|
||||
.await
|
||||
.consume_ticket(&ticket.id)
|
||||
.await?;
|
||||
consume_ticket(&self.services.db, &ticket.id).await?;
|
||||
self._auth_accept(&ticket.username, &ticket.target).await;
|
||||
Ok(AuthResult::Accepted {
|
||||
username: ticket.username.clone(),
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
use tokio::sync::mpsc;
|
||||
use warpgate_common::SessionHandle;
|
||||
use warpgate_core::SessionHandle;
|
||||
|
||||
#[derive(Clone, Debug, PartialEq, Eq)]
|
||||
pub enum SessionHandleCommand {
|
||||
|
|
|
@ -29,6 +29,7 @@ tracing = "0.1"
|
|||
tracing-subscriber = {version = "0.3", features = ["env-filter", "local-time"]}
|
||||
warpgate-admin = {version = "*", path = "../warpgate-admin"}
|
||||
warpgate-common = {version = "*", path = "../warpgate-common"}
|
||||
warpgate-core = {version = "*", path = "../warpgate-core"}
|
||||
warpgate-protocol-http = {version = "*", path = "../warpgate-protocol-http"}
|
||||
warpgate-protocol-mysql = {version = "*", path = "../warpgate-protocol-mysql"}
|
||||
warpgate-protocol-ssh = {version = "*", path = "../warpgate-protocol-ssh"}
|
||||
|
|
|
@ -6,9 +6,9 @@ use futures::StreamExt;
|
|||
use sd_notify::NotifyState;
|
||||
use tokio::signal::unix::SignalKind;
|
||||
use tracing::*;
|
||||
use warpgate_common::db::cleanup_db;
|
||||
use warpgate_common::logging::install_database_logger;
|
||||
use warpgate_common::{ProtocolServer, Services};
|
||||
use warpgate_core::db::cleanup_db;
|
||||
use warpgate_core::logging::install_database_logger;
|
||||
use warpgate_core::{ProtocolServer, Services};
|
||||
use warpgate_protocol_http::HTTPProtocolServer;
|
||||
use warpgate_protocol_mysql::MySQLProtocolServer;
|
||||
use warpgate_protocol_ssh::SSHProtocolServer;
|
||||
|
|
|
@ -10,9 +10,10 @@ use tracing::*;
|
|||
use warpgate_common::helpers::fs::{secure_directory, secure_file};
|
||||
use warpgate_common::helpers::hash::hash_password;
|
||||
use warpgate_common::{
|
||||
HTTPConfig, ListenEndpoint, MySQLConfig, Role, SSHConfig, Secret, Services, Target,
|
||||
HTTPConfig, ListenEndpoint, MySQLConfig, Role, SSHConfig, Secret, Target,
|
||||
TargetOptions, TargetWebAdminOptions, User, UserAuthCredential, WarpgateConfigStore,
|
||||
};
|
||||
use warpgate_core::Services;
|
||||
|
||||
use crate::config::load_config;
|
||||
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
use anyhow::Result;
|
||||
use tracing::*;
|
||||
use warpgate_common::{ProtocolServer, Services, Target, TargetOptions, TargetTestError};
|
||||
use warpgate_common::{Target, TargetOptions};
|
||||
use warpgate_core::{ProtocolServer, Services, TargetTestError};
|
||||
|
||||
use crate::config::load_config;
|
||||
|
||||
|
|
|
@ -6,7 +6,7 @@ use tracing_subscriber::fmt::time::OffsetTime;
|
|||
use tracing_subscriber::layer::SubscriberExt;
|
||||
use tracing_subscriber::util::SubscriberInitExt;
|
||||
use tracing_subscriber::{EnvFilter, Layer};
|
||||
use warpgate_common::logging::{make_database_logger_layer, make_socket_logger_layer};
|
||||
use warpgate_core::logging::{make_database_logger_layer, make_socket_logger_layer};
|
||||
use warpgate_common::WarpgateConfig;
|
||||
|
||||
pub async fn init_logging(config: Option<&WarpgateConfig>) {
|
||||
|
|
Loading…
Reference in a new issue