clienttunnel

package
v0.0.0-...-8fd811e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 25, 2023 License: MIT Imports: 33 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Upgrader = websocket.Upgrader{
	ReadBufferSize:  websocketBufferSize,
	WriteBufferSize: websocketBufferSize,
	CheckOrigin:     func(r *http.Request) bool { return true },
	Subprotocols:    []string{"binary"},
}

Functions

func IsAllowed 

func IsAllowed(remote string, conn ssh.Conn, l *logger.Logger) (bool, error)

Types

type GuacToken 

type GuacToken struct {
	// contains filtered or unexported fields
}

GuacToken ... used to transport guacd config parameters from request to request

RPort RDP proxy uses Apache Guacamole to connect to remote RDP server. The RDP connection process is started in browser by showing a html form, where parameters for controlling guacd are requested. These parameters are sent to the RPort proxy via a POST-request and stored there in GuacTokenStore for further handling during the guacd handshaking. This "extra" POST-Request is necessary because the javascript-library "guacamole-common-js", which initiates the websocket-connection to guacd, is sending a GET-Request to connect. Sending the connection parameters with this GET-Request(which would be possible) would show sensitive data like password as part of the querystring.

type GuacTokenStore 

type GuacTokenStore struct {
	sync.RWMutex
	GuacTokens map[string]*GuacToken
}

func NewGuacTokenStore 

func NewGuacTokenStore() *GuacTokenStore

func (*GuacTokenStore) Add 

func (s *GuacTokenStore) Add(uuid string, token *GuacToken)

func (*GuacTokenStore) Delete 

func (s *GuacTokenStore) Delete(uuid string)

func (*GuacTokenStore) Get 

func (s *GuacTokenStore) Get(uuid string) *GuacToken

type InternalTunnelProxy 

type InternalTunnelProxy struct {
	Tunnel     *Tunnel
	Logger     *logger.Logger
	Config     *InternalTunnelProxyConfig
	Host       string
	Port       string
	TunnelHost string
	TunnelPort string
	// contains filtered or unexported fields
}

func NewInternalTunnelProxy 

func NewInternalTunnelProxy(tunnel *Tunnel, logger *logger.Logger, config *InternalTunnelProxyConfig, host string, port string, acl *TunnelACL, acme *acme.Acme) *InternalTunnelProxy

func (*InternalTunnelProxy) Addr 

func (tp *InternalTunnelProxy) Addr() string

func (*InternalTunnelProxy) SetACL 

func (tp *InternalTunnelProxy) SetACL(acl *TunnelACL)

func (*InternalTunnelProxy) Start 

func (tp *InternalTunnelProxy) Start(ctx context.Context) error

func (*InternalTunnelProxy) Stop 

func (tp *InternalTunnelProxy) Stop(ctx context.Context) error

func (*InternalTunnelProxy) TunnelAddr 

func (tp *InternalTunnelProxy) TunnelAddr() string

type InternalTunnelProxyConfig 

type InternalTunnelProxyConfig struct {
	Host         string   `mapstructure:"tunnel_host"`
	CertFile     string   `mapstructure:"tunnel_proxy_cert_file"`
	KeyFile      string   `mapstructure:"tunnel_proxy_key_file"`
	EnableAcme   bool     `mapstructure:"tunnel_enable_acme"`
	NovncRoot    string   `mapstructure:"novnc_root"`
	TLSMin       string   `mapstructure:"tls_min"`
	GuacdAddress string   `mapstructure:"guacd_address"`
	CORS         []string `mapstructure:"tunnel_cors"`
	Enabled      bool
}

func (*InternalTunnelProxyConfig) ParseAndValidate 

func (c *InternalTunnelProxyConfig) ParseAndValidate() error

type MultiProtocolTunnel 

type MultiProtocolTunnel struct {
	Protocols []TunnelProtocol
}

func (*MultiProtocolTunnel) LastActive 

func (mt *MultiProtocolTunnel) LastActive() time.Time

func (*MultiProtocolTunnel) SetACL 

func (mt *MultiProtocolTunnel) SetACL(acl *TunnelACL)

func (*MultiProtocolTunnel) Start 

func (mt *MultiProtocolTunnel) Start(ctx context.Context) error

func (*MultiProtocolTunnel) Terminate 

func (mt *MultiProtocolTunnel) Terminate(force bool) error

type SelectOption 

type SelectOption struct {
	Value       string
	Description string
	Selected    bool
}

func CreateOptions 

func CreateOptions(keys []string, values []string, selKey string) []SelectOption

type SelectOptions 

type SelectOptions []SelectOption

type Tunnel 

type Tunnel struct {
	ID string `json:"id"`

	models.Remote

	TunnelProtocol      `json:"-"`
	InternalTunnelProxy *InternalTunnelProxy `json:"-"`
	CreatedAt           time.Time            `json:"created_at"`
}

TODO(m-terel): Refactor to use separate models for representation and business logic. Tunnel represents active remote proxy connection

func NewTunnel 

func NewTunnel(logger *logger.Logger, ssh ssh.Conn, id string, remote models.Remote, acl *TunnelACL) (*Tunnel, error)

type TunnelACL 

type TunnelACL struct {
	AllowedIPs []net.IPNet
}

func ParseTunnelACL 

func ParseTunnelACL(str string) (*TunnelACL, error)

func (*TunnelACL) AddACL 

func (a *TunnelACL) AddACL(aclStr string)

func (TunnelACL) CheckAccess 

func (a TunnelACL) CheckAccess(ip net.IP) bool

CheckAccess returns true if connection from specified address is allowed

type TunnelProtocol 

type TunnelProtocol interface {
	Start(ctx context.Context) error
	Terminate(force bool) error
	LastActive() time.Time
	SetACL(*TunnelACL)
}

type TunnelProxyConnector 

type TunnelProxyConnector interface {
	InitRouter(router *mux.Router) *mux.Router
}

TunnelProxyConnector connects the tunnel proxy http server with the tunnel behind

func NewTunnelProxyConnector 

func NewTunnelProxyConnector(tp *InternalTunnelProxy) TunnelProxyConnector

type TunnelProxyConnectorHTTP 

type TunnelProxyConnectorHTTP struct {
	// contains filtered or unexported fields
}

TunnelProxyConnectorHTTP uses the standard ReverseProxy from package httputil to connect to HTTP/HTTPS server on tunnel endpoint

func NewTunnelConnectorHTTP 

func NewTunnelConnectorHTTP(tp *InternalTunnelProxy) *TunnelProxyConnectorHTTP

func (*TunnelProxyConnectorHTTP) InitRouter 

func (tc *TunnelProxyConnectorHTTP) InitRouter(router *mux.Router) *mux.Router

type TunnelProxyConnectorRDP 

type TunnelProxyConnectorRDP struct {
	// contains filtered or unexported fields
}

TunnelProxyConnectorRDP connects to a rdp tunnel via guacd (Guacamole server)

func NewTunnelConnectorRDP 

func NewTunnelConnectorRDP(tp *InternalTunnelProxy) *TunnelProxyConnectorRDP

func (*TunnelProxyConnectorRDP) InitRouter 

func (tc *TunnelProxyConnectorRDP) InitRouter(router *mux.Router) *mux.Router

InitRouter called when tunnel proxy is started

type TunnelProxyConnectorVNC 

type TunnelProxyConnectorVNC struct {
	// contains filtered or unexported fields
}

TunnelProxyConnectorVNC is a kind of 'websockify' vnc to tcp proxy to be used by a novnc instance to connect to a vnc tunnel

func NewTunnelConnectorVNC 

func NewTunnelConnectorVNC(tp *InternalTunnelProxy) *TunnelProxyConnectorVNC

func (*TunnelProxyConnectorVNC) InitRouter 

func (tc *TunnelProxyConnectorVNC) InitRouter(router *mux.Router) *mux.Router

InitRouter called when tunnel proxy is started

type WebsocketTCPProxy 

type WebsocketTCPProxy struct {
	// contains filtered or unexported fields
}

WebsocketTCPProxy holds state information about the connection being proxied.

func (*WebsocketTCPProxy) Dial 

func (p *WebsocketTCPProxy) Dial() error

func (*WebsocketTCPProxy) Initialize 

func (p *WebsocketTCPProxy) Initialize(wsConn *websocket.Conn, tcpAddr *net.TCPAddr, logger *logger.Logger) *WebsocketTCPProxy

Initialize WebsocketTCPProxy

func (*WebsocketTCPProxy) ReadTCP 

func (p *WebsocketTCPProxy) ReadTCP()

ReadTCP reads from the backend TCP connection and writes to the WebSocket.

func (*WebsocketTCPProxy) ReadWebSocket 

func (p *WebsocketTCPProxy) ReadWebSocket()

ReadWebSocket reads from the WebSocket and writes to the TCP connection.

func (*WebsocketTCPProxy) Start 

func (p *WebsocketTCPProxy) Start()

Start the bidirectional communication channel between the WebSocket and the TCP connection.

func (*WebsocketTCPProxy) Teardown 

func (p *WebsocketTCPProxy) Teardown()

Teardown the WebSocket and TCP connection.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.