erik/converge
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

eliminated the username.

Browse Source
This commit is contained in:
Erik Brakkee 2024-08-06 22:38:59 +02:00
parent e9744a7c2f
commit 7af575119d
12 changed files with 16 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
cmd/agent/agent.go
View File

@ -300,7 +300,7 @@ func main() {
defer wsConn.Close() defer wsConn.Close()
shell := chooseShell(shells) shell := chooseShell(shells)
serverInfo, err := comms.AgentInitialization(wsConn, comms.NewAgentInfo(shell)) _, err = comms.AgentInitialization(wsConn, comms.NewAgentInfo(shell))
if err != nil { if err != nil {
log.Printf("ERROR: %v", err) log.Printf("ERROR: %v", err)
os.Exit(1) os.Exit(1)
@ -352,10 +352,10 @@ func main() {
log.Println() log.Println()
log.Printf("Clients should use the following commands to connect to this agent:") log.Printf("Clients should use the following commands to connect to this agent:")
log.Println() log.Println()
sshCommand := fmt.Sprintf("ssh -oServerAliveInterval=10 -oProxyCommand=\"wsproxy %s\" %s@localhost", sshCommand := fmt.Sprintf("ssh -oServerAliveInterval=10 -oProxyCommand=\"wsproxy %s\" localhost",
clientUrl, serverInfo.UserPassword.Username) clientUrl)
sftpCommand := fmt.Sprintf("sftp -oServerAliveInterval=10 -oProxyCommand=\"wsproxy %s\" %s@localhost", sftpCommand := fmt.Sprintf("sftp -oServerAliveInterval=10 -oProxyCommand=\"wsproxy %s\" localhost",
clientUrl, serverInfo.UserPassword.Username) clientUrl)
log.Println(" # For SSH") log.Println(" # For SSH")
log.Println(" " + sshCommand) log.Println(" " + sshCommand)
log.Println() log.Println()

19
cmd/converge/converge.go
View File

@ -1,19 +1,16 @@
package main package main
import ( import (
"converge/pkg/comms"
"converge/pkg/models" "converge/pkg/models"
"converge/pkg/server/converge" "converge/pkg/server/converge"
"converge/pkg/support/websocketutil" "converge/pkg/support/websocketutil"
"fmt" "fmt"
"log" "log"
"math/rand"
"net" "net"
"net/http" "net/http"
_ "net/http/pprof" _ "net/http/pprof"
"os" "os"
"regexp" "regexp"
"strconv"
"strings" "strings"
_ "time/tzdata" _ "time/tzdata"
) )
@ -98,19 +95,6 @@ func main() {
printHelp("") printHelp("")
} }
userPassword := comms.UserPassword{
Username: strconv.Itoa(rand.Int()),
}
username, ok := os.LookupEnv("CONVERGE_USERNAME")
if ok {
userPassword.Username = username
} else {
os.Setenv("CONVERGE_USERNAME", userPassword.Username)
}
log.Printf("Using username '%s'", userPassword.Username)
notifications := make(chan *models.State, 10) notifications := make(chan *models.State, 10)
admin := converge.NewAdmin(notifications) admin := converge.NewAdmin(notifications)
websessions := converge.NewWebSessions(notifications) websessions := converge.NewWebSessions(notifications)
@ -124,8 +108,7 @@ func main() {
return return
} }
log.Printf("Got registration connection: '%s'\n", publicId) log.Printf("Got registration connection: '%s'\n", publicId)
err = admin.Register(publicId, conn, err = admin.Register(publicId, conn)
userPassword)
if err != nil { if err != nil {
log.Printf("Error %v\n", err) log.Printf("Error %v\n", err)
} }

3
cmd/converge/convergeaccess.go
View File

@ -8,7 +8,7 @@ import (
"strings" "strings"
) )
func getConvergeAccess(r *http.Request, sshRemoteUser string) models.ConvergeAccess { func getConvergeAccess(r *http.Request) models.ConvergeAccess {
pattern := regexp.MustCompile("^(.*)/usage$") pattern := regexp.MustCompile("^(.*)/usage$")
matches := pattern.FindStringSubmatch(r.URL.Path) matches := pattern.FindStringSubmatch(r.URL.Path)
@ -41,6 +41,5 @@ func getConvergeAccess(r *http.Request, sshRemoteUser string) models.ConvergeAcc
Secure: secure, Secure: secure,
BaseUrl: baseUrl, BaseUrl: baseUrl,
Location: location, Location: location,
Username: sshRemoteUser,
} }
} }

3
cmd/converge/pagehandler.go
View File

@ -6,8 +6,7 @@ import (
) )
func pageHandler(w http.ResponseWriter, r *http.Request) { func pageHandler(w http.ResponseWriter, r *http.Request) {
username := getAgentSshUser() access := getConvergeAccess(r)
access := getConvergeAccess(r, username)
switch r.URL.Path { switch r.URL.Path {
case "": case "":

8
cmd/converge/usage.go
View File

@ -6,7 +6,6 @@ import (
"github.com/gliderlabs/ssh" "github.com/gliderlabs/ssh"
"math/rand" "math/rand"
"net/http" "net/http"
"os"
"regexp" "regexp"
"strconv" "strconv"
"strings" "strings"
@ -37,7 +36,7 @@ func generateCLIExammple(w http.ResponseWriter, r *http.Request) {
sshPublicKeys = append(sshPublicKeys, line) sshPublicKeys = append(sshPublicKeys, line)
} }
} }
access := getConvergeAccess(r, getAgentSshUser()) access := getConvergeAccess(r)
usageInputs := templates.NewUsageInputs(id, sshPublicKeys, remoteShells, localShells) usageInputs := templates.NewUsageInputs(id, sshPublicKeys, remoteShells, localShells)
matched, _ := regexp.MatchString("^[a-zA-Z0-9-_]+$", id) matched, _ := regexp.MatchString("^[a-zA-Z0-9-_]+$", id)
@ -68,8 +67,3 @@ func generateCLIExammple(w http.ResponseWriter, r *http.Request) {
http.Error(w, err.Error(), 500) http.Error(w, err.Error(), 500)
} }
} }
func getAgentSshUser() string {
username, _ := os.LookupEnv("CONVERGE_USERNAME")
return username
}

1
cmd/templaterender/render.go
View File

@ -41,7 +41,6 @@ func main() {
Secure: "s", Secure: "s",
BaseUrl: "example.com", BaseUrl: "example.com",
Location: netherlands, Location: netherlands,
Username: "converge",
} }
fullindex := func() templ.Component { fullindex := func() templ.Component {

3
compose.yaml
View File

@ -7,6 +7,3 @@ services:
context: . context: .
ports: ports:
- 8000:8000 - 8000:8000
environment:
CONVERGE_USERNAME: abc
TZ: "Japan"

3
kubernetes/deployment.yaml
View File

@ -21,8 +21,5 @@ spec:
name: converge name: converge
ports: ports:
- containerPort: 8000 - containerPort: 8000
env:
- name: CONVERGE_USERNAME
value: converge

8
pkg/comms/events.go
View File

@ -47,14 +47,9 @@ type ProtocolVersion struct {
Version int Version int
} }
type UserPassword struct {
Username string
}
// initialization mesaage when agent connects to server // initialization mesaage when agent connects to server
type ServerInfo struct { type ServerInfo struct {
UserPassword UserPassword
} }
// confirmation message when agent connects // confirmation message when agent connects
@ -106,9 +101,6 @@ func RegisterEventsWithGob() {
// ConvergeServer to Agent and client // ConvergeServer to Agent and client
gob.Register(ProtocolVersion{}) gob.Register(ProtocolVersion{})
// ConvergeServer to Agent
gob.Register(UserPassword{})
// ConvergeServer to Client // ConvergeServer to Client
gob.Register(ClientConnectionInfo{}) gob.Register(ClientConnectionInfo{})

1
pkg/models/convergeaccess.go
View File

@ -7,5 +7,4 @@ type ConvergeAccess struct {
Secure string Secure string
BaseUrl string BaseUrl string
Location *time.Location Location *time.Location
Username string
} }

7
pkg/server/converge/admin.go
View File

@ -266,12 +266,9 @@ func (admin *Admin) RemoveClient(client *ClientConnection) error {
return nil return nil
} }
func (admin *Admin) Register(publicId string, conn io.ReadWriteCloser, func (admin *Admin) Register(publicId string, conn io.ReadWriteCloser) error {
userPassword comms.UserPassword) error {
serverInfo := comms.ServerInfo{ serverInfo := comms.ServerInfo{}
UserPassword: userPassword,
}
agentInfo, err := comms.ServerInitialization(conn, serverInfo) agentInfo, err := comms.ServerInitialization(conn, serverInfo)
if err != nil { if err != nil {

13
pkg/server/templates/usage.templ
View File

@ -54,17 +54,14 @@ templ AgentUsage(access models.ConvergeAccess, usageInputs UsageInputs) {
<h2>Connecting to the agent</h2> <h2>Connecting to the agent</h2>
<p>The embedded ssh server in the agent supports both ssh and sftp. The user name is fixed <p>The embedded ssh server in the agent supports both ssh and sftp.
at <code>{ access.Username }</code>. This is the user used to connect to the embedded
SSH server, after logging in however you will be running in a shell that is started
by the same user that started the agent.
</p> </p>
<code-sample id="ssh-connect"> <code-sample id="ssh-connect">
ssh -oServerAliveInterval=10 -oProxyCommand="wsproxy ws{access.Secure}://{access.BaseUrl}/client/{usageInputs.Id}" { access.Username }{"@localhost"} ssh -oServerAliveInterval=10 -oProxyCommand="wsproxy ws{access.Secure}://{access.BaseUrl}/client/{usageInputs.Id}" {"localhost"}
</code-sample> </code-sample>
<code-sample id="sftp-connect"> <code-sample id="sftp-connect">
sftp -oServerAliveInterval=10 -oProxyCommand="wsproxy ws{access.Secure}://{access.BaseUrl}/client/{usageInputs.Id}" { access.Username }{"@localhost"} sftp -oServerAliveInterval=10 -oProxyCommand="wsproxy ws{access.Secure}://{access.BaseUrl}/client/{usageInputs.Id}" {"localhost"}
</code-sample> </code-sample>
@ -78,8 +75,8 @@ templ AgentUsage(access models.ConvergeAccess, usageInputs UsageInputs) {
way to connect. In this method, a local port forwarder is started that forwards a local port way to connect. In this method, a local port forwarder is started that forwards a local port
to the webserver. Then you can start an ssh client that connects to the local tcp port. to the webserver. Then you can start an ssh client that connects to the local tcp port.
</p> </p>
<code-sample id="tcptows-ssh">ssh -oServerAliveInterval=10 -p 10000 { access.Username }{"@localhost"}</code-sample> <code-sample id="tcptows-ssh">ssh -oServerAliveInterval=10 -p 10000 {"localhost"}</code-sample>
<code-sample id="tcptows-sftp">sftp -oServerAliveInterval=10 -p 10000 { access.Username }{"@localhost"}</code-sample> <code-sample id="tcptows-sftp">sftp -oServerAliveInterval=10 -p 10000 {"localhost"}</code-sample>
<p>This requires the <code>tcptows</code> utility which is available in the <p>This requires the <code>tcptows</code> utility which is available in the
<a href="downloads.html">downloads</a> section. The utility must be started beforehand <a href="downloads.html">downloads</a> section. The utility must be started beforehand