2018-12-08 19:29:58 +00:00
|
|
|
package hkexsh
|
|
|
|
|
|
|
|
// Package hkexsh - a secure terminal client/server written from scratch in Go
|
2018-09-07 22:35:33 +00:00
|
|
|
//
|
|
|
|
// Copyright (c) 2017-2018 Russell Magee
|
|
|
|
// Licensed under the terms of the MIT license (see LICENSE.mit in this
|
|
|
|
// distribution)
|
|
|
|
//
|
|
|
|
// golang implementation by Russ Magee (rmagee_at_gmail.com)
|
|
|
|
|
2018-12-08 19:29:58 +00:00
|
|
|
// Session info/routines for the HKExSh
|
2018-09-07 22:35:33 +00:00
|
|
|
|
|
|
|
import (
|
|
|
|
"fmt"
|
|
|
|
"runtime"
|
|
|
|
)
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// Session holds essential bookkeeping info about an active session.
|
2018-09-07 22:35:33 +00:00
|
|
|
type Session struct {
|
|
|
|
op []byte
|
|
|
|
who []byte
|
2018-09-14 08:13:14 +00:00
|
|
|
connhost []byte
|
2018-09-08 03:37:47 +00:00
|
|
|
termtype []byte // client initial $TERM
|
2018-09-07 22:35:33 +00:00
|
|
|
cmd []byte
|
|
|
|
authCookie []byte
|
|
|
|
status uint32 // exit status (0-255 is std UNIX status)
|
|
|
|
}
|
|
|
|
|
|
|
|
// Output Session record as a string. Implements Stringer interface.
|
|
|
|
func (h *Session) String() string {
|
|
|
|
return fmt.Sprintf("hkexsh.Session:\nOp:%v\nWho:%v\nCmd:%v\nAuthCookie:%v\nStatus:%v",
|
|
|
|
h.op, h.who, h.cmd, h.AuthCookie(false), h.status)
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// Op returns the op code of the Session (interactive shell, cmd, ...)
|
2018-09-07 22:35:33 +00:00
|
|
|
func (h Session) Op() []byte {
|
|
|
|
return h.op
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// SetOp stores the op code desired for a Session.
|
2018-09-07 22:35:33 +00:00
|
|
|
func (h *Session) SetOp(o []byte) {
|
|
|
|
h.op = o
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// Who returns the user associated with a Session.
|
2018-09-07 22:35:33 +00:00
|
|
|
func (h Session) Who() []byte {
|
|
|
|
return h.who
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// SetWho sets the username associated with a Session.
|
2018-09-07 22:35:33 +00:00
|
|
|
func (h *Session) SetWho(w []byte) {
|
|
|
|
h.who = w
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// ConnHost returns the connecting hostname/IP string for a Session.
|
2018-09-14 08:13:14 +00:00
|
|
|
func (h Session) ConnHost() []byte {
|
|
|
|
return h.connhost
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// SetConnHost stores the connecting hostname/IP string for a Session.
|
2018-09-14 08:13:14 +00:00
|
|
|
func (h *Session) SetConnHost(n []byte) {
|
|
|
|
h.connhost = n
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// TermType returns the TERM env variable reported by the client initiating
|
|
|
|
// a Session.
|
2018-09-08 03:37:47 +00:00
|
|
|
func (h Session) TermType() []byte {
|
|
|
|
return h.termtype
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// SetTermType stores the TERM env variable supplied by the client initiating
|
|
|
|
// a Session.
|
2018-09-08 03:37:47 +00:00
|
|
|
func (h *Session) SetTermType(t []byte) {
|
|
|
|
h.termtype = t
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// Cmd returns the command requested for execution by a client initiating
|
|
|
|
// the Session.
|
2018-09-07 22:35:33 +00:00
|
|
|
func (h Session) Cmd() []byte {
|
|
|
|
return h.cmd
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// SetCmd stores the command request by the client for execution when initiating
|
|
|
|
// the Session.
|
2018-09-07 22:35:33 +00:00
|
|
|
func (h *Session) SetCmd(c []byte) {
|
|
|
|
h.cmd = c
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// AuthCookie returns the authcookie (essentially the password) used for
|
|
|
|
// authorization of the Session. This return value is censored unless
|
|
|
|
// reallyShow is true (so dumps of Session Info do not accidentally leak it).
|
2018-09-07 22:35:33 +00:00
|
|
|
func (h Session) AuthCookie(reallyShow bool) []byte {
|
|
|
|
if reallyShow {
|
|
|
|
return h.authCookie
|
|
|
|
}
|
2018-11-25 18:24:10 +00:00
|
|
|
return []byte("**REDACTED**")
|
2018-09-07 22:35:33 +00:00
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// SetAuthCookie stores the authcookie (essential the password) used to
|
|
|
|
// authenticate the Session.
|
2018-09-07 22:35:33 +00:00
|
|
|
func (h *Session) SetAuthCookie(a []byte) {
|
|
|
|
h.authCookie = a
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// ClearAuthCookie attempts to scrub the Session's stored authcookie.
|
|
|
|
//
|
|
|
|
// This should of course be called as soon as possible after authentication
|
|
|
|
// and it is no longer required.
|
2018-09-07 22:35:33 +00:00
|
|
|
func (h *Session) ClearAuthCookie() {
|
|
|
|
for i := range h.authCookie {
|
|
|
|
h.authCookie[i] = 0
|
|
|
|
}
|
|
|
|
runtime.GC()
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// Status returns the (current) Session status code.
|
|
|
|
//
|
|
|
|
// This usually corresponds to a UNIX shell exit code, but
|
|
|
|
// extended codes are returns at times to indicate internal errors.
|
2018-09-07 22:35:33 +00:00
|
|
|
func (h Session) Status() uint32 {
|
|
|
|
return h.status
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// SetStatus stores the current Session status code.
|
2018-09-07 22:35:33 +00:00
|
|
|
func (h *Session) SetStatus(s uint32) {
|
|
|
|
h.status = s
|
|
|
|
}
|
|
|
|
|
2018-11-25 18:24:10 +00:00
|
|
|
// NewSession returns a new Session record.
|
2018-09-14 08:13:14 +00:00
|
|
|
func NewSession(op, who, connhost, ttype, cmd, authcookie []byte, status uint32) *Session {
|
2018-09-07 22:35:33 +00:00
|
|
|
return &Session{
|
|
|
|
op: op,
|
|
|
|
who: who,
|
2018-09-14 08:13:14 +00:00
|
|
|
connhost: connhost,
|
2018-09-08 03:37:47 +00:00
|
|
|
termtype: ttype,
|
2018-09-07 22:35:33 +00:00
|
|
|
cmd: cmd,
|
|
|
|
authCookie: authcookie,
|
|
|
|
status: status}
|
|
|
|
}
|