xs/hkexsession.go

140 lines
3.6 KiB
Go
Raw Normal View History

package hkexsh
// Package hkexsh - a secure terminal client/server written from scratch in Go
//
// Copyright (c) 2017-2018 Russell Magee
// Licensed under the terms of the MIT license (see LICENSE.mit in this
// distribution)
//
// golang implementation by Russ Magee (rmagee_at_gmail.com)
// Session info/routines for the HKExSh
import (
"fmt"
"runtime"
)
// Session holds essential bookkeeping info about an active session.
type Session struct {
op []byte
who []byte
connhost []byte
termtype []byte // client initial $TERM
cmd []byte
authCookie []byte
status uint32 // exit status (0-255 is std UNIX status)
}
// Output Session record as a string. Implements Stringer interface.
func (h *Session) String() string {
return fmt.Sprintf("hkexsh.Session:\nOp:%v\nWho:%v\nCmd:%v\nAuthCookie:%v\nStatus:%v",
h.op, h.who, h.cmd, h.AuthCookie(false), h.status)
}
// Op returns the op code of the Session (interactive shell, cmd, ...)
func (h Session) Op() []byte {
return h.op
}
// SetOp stores the op code desired for a Session.
func (h *Session) SetOp(o []byte) {
h.op = o
}
// Who returns the user associated with a Session.
func (h Session) Who() []byte {
return h.who
}
// SetWho sets the username associated with a Session.
func (h *Session) SetWho(w []byte) {
h.who = w
}
// ConnHost returns the connecting hostname/IP string for a Session.
func (h Session) ConnHost() []byte {
return h.connhost
}
// SetConnHost stores the connecting hostname/IP string for a Session.
func (h *Session) SetConnHost(n []byte) {
h.connhost = n
}
// TermType returns the TERM env variable reported by the client initiating
// a Session.
func (h Session) TermType() []byte {
return h.termtype
}
// SetTermType stores the TERM env variable supplied by the client initiating
// a Session.
func (h *Session) SetTermType(t []byte) {
h.termtype = t
}
// Cmd returns the command requested for execution by a client initiating
// the Session.
func (h Session) Cmd() []byte {
return h.cmd
}
// SetCmd stores the command request by the client for execution when initiating
// the Session.
func (h *Session) SetCmd(c []byte) {
h.cmd = c
}
// AuthCookie returns the authcookie (essentially the password) used for
// authorization of the Session. This return value is censored unless
// reallyShow is true (so dumps of Session Info do not accidentally leak it).
func (h Session) AuthCookie(reallyShow bool) []byte {
if reallyShow {
return h.authCookie
}
return []byte("**REDACTED**")
}
// SetAuthCookie stores the authcookie (essential the password) used to
// authenticate the Session.
func (h *Session) SetAuthCookie(a []byte) {
h.authCookie = a
}
// ClearAuthCookie attempts to scrub the Session's stored authcookie.
//
// This should of course be called as soon as possible after authentication
// and it is no longer required.
func (h *Session) ClearAuthCookie() {
for i := range h.authCookie {
h.authCookie[i] = 0
}
runtime.GC()
}
// Status returns the (current) Session status code.
//
// This usually corresponds to a UNIX shell exit code, but
// extended codes are returns at times to indicate internal errors.
func (h Session) Status() uint32 {
return h.status
}
// SetStatus stores the current Session status code.
func (h *Session) SetStatus(s uint32) {
h.status = s
}
// NewSession returns a new Session record.
func NewSession(op, who, connhost, ttype, cmd, authcookie []byte, status uint32) *Session {
return &Session{
op: op,
who: who,
connhost: connhost,
termtype: ttype,
cmd: cmd,
authCookie: authcookie,
status: status}
}