Set lots of KEx Printfs to log.Printf (and off by default). Hacky non=tty shell works!

This commit is contained in:
Russ Magee 2018-01-17 21:27:00 -08:00
parent cca2895526
commit e8fe31f6d7
3 changed files with 44 additions and 46 deletions

View file

@ -4,6 +4,8 @@ import (
"flag"
"fmt"
"io"
"io/ioutil"
"log"
"os"
"sync"
@ -34,6 +36,8 @@ func main() {
flag.StringVar(&server, "s", "localhost:2000", "server hostname/address[:port]")
flag.Parse()
log.SetOutput(ioutil.Discard)
conn, err := hkex.Dial("tcp", server, cAlg, hAlg)
if err != nil {
fmt.Println("Err!")

View file

@ -3,6 +3,7 @@ package main
import (
"flag"
"fmt"
"io/ioutil"
"log"
"os/exec"
"os/user"
@ -36,13 +37,14 @@ type cmdRunner struct {
status int
}
func cmd(r *cmdRunner) {
/*
func cmd(r *cmdRunner) {
switch r.op {
case OpR:
//Clean up r.cmd beforehand
r.arg = strings.TrimSpace(r.arg)
fmt.Printf("[cmd was:'%s']\n", r.arg)
runCmdAs(r.who, r.arg)
runCmdAs(r.who, r.arg, nil)
fmt.Println(r.arg)
break
default:
@ -50,14 +52,15 @@ func cmd(r *cmdRunner) {
break
}
}
*/
// Run a command (via os.exec) as a specific user
func runCmdAs(who string, cmd string) (err error) {
func runCmdAs(who string, cmd string, conn hkex.Conn) (err error) {
u, _ := user.Lookup(who)
var uid, gid uint32
fmt.Sscanf(u.Uid, "%d", &uid)
fmt.Sscanf(u.Gid, "%d", &gid)
//fmt.Println("uid:", uid, "gid:", gid)
fmt.Println("uid:", uid, "gid:", gid)
args := strings.Split(cmd, " ")
arg0 := args[0]
@ -65,6 +68,10 @@ func runCmdAs(who string, cmd string) (err error) {
c := exec.Command(arg0, args...)
c.SysProcAttr = &syscall.SysProcAttr{}
c.SysProcAttr.Credential = &syscall.Credential{Uid: uid, Gid: gid}
c.Stdin = conn
c.Stdout = conn
c.Stderr = conn
err = c.Run()
if err != nil {
log.Printf("Command finished with error: %v", err)
@ -84,6 +91,8 @@ func main() {
flag.StringVar(&laddr, "l", ":2000", "interface[:port] to listen")
flag.Parse()
log.SetOutput(ioutil.Discard)
// Listen on TCP port 2000 on all available unicast and
// anycast IP addresses of the local system.
l, err := hkex.Listen("tcp", laddr)
@ -155,13 +164,18 @@ func main() {
// authCookie: "c00ki3",
// status: 0}
}
// From here, one could pass all subsequent data
// between client/server attached to an exec.Cmd,
// as data to/from a file, etc.
conn.Write([]byte("SERVER RESPONSE to '"))
conn.Write(data)
conn.Write([]byte("'\n"))
if *connOp == 's' {
fmt.Println("[Running shell]")
runCmdAs("larissa", "bash -l -i", conn)
// Returned hopefully via an EOF or exit/logout;
// Clear current op so user can enter next, or EOF
connOp = nil
fmt.Println("[Exiting shell]")
}
if strings.Trim(string(data), "\r\n") == "exit" {
conn.Close()
}

View file

@ -25,6 +25,7 @@ import (
"bytes"
"crypto/cipher"
"fmt"
"log"
"math/big"
"net"
"time"
@ -104,27 +105,27 @@ func (c Conn) applyConnExtensions(extensions ...string) {
for _, s := range extensions {
switch s {
case "C_AES_256":
fmt.Println("[extension arg = C_AES_256]")
log.Println("[extension arg = C_AES_256]")
c.cipheropts &= (0xFFFFFF00)
c.cipheropts |= CAlgAES256
break
case "C_TWOFISH_128":
fmt.Println("[extension arg = C_TWOFISH_128]")
log.Println("[extension arg = C_TWOFISH_128]")
c.cipheropts &= (0xFFFFFF00)
c.cipheropts |= CAlgTwofish128
break
case "C_BLOWFISH_64":
fmt.Println("[extension arg = C_BLOWFISH_64]")
log.Println("[extension arg = C_BLOWFISH_64]")
c.cipheropts &= (0xFFFFFF00)
c.cipheropts |= CAlgBlowfish64
break
case "H_SHA256":
fmt.Println("[extension arg = H_SHA256]")
log.Println("[extension arg = H_SHA256]")
c.cipheropts &= (0xFFFF00FF)
c.cipheropts |= (HmacSHA256 << 8)
break
default:
fmt.Printf("[Dial ext \"%s\" ignored]\n", s)
log.Printf("[Dial ext \"%s\" ignored]\n", s)
break
}
}
@ -161,10 +162,10 @@ func Dial(protocol string, ipport string, extensions ...string) (hc *Conn, err e
}
hc.h.PeerD = d
fmt.Printf("** D:%s\n", hc.h.d.Text(16))
fmt.Printf("**(c)** peerD:%s\n", hc.h.PeerD.Text(16))
log.Printf("** D:%s\n", hc.h.d.Text(16))
log.Printf("**(c)** peerD:%s\n", hc.h.PeerD.Text(16))
hc.h.FA()
fmt.Printf("**(c)** FA:%s\n", hc.h.fa)
log.Printf("**(c)** FA:%s\n", hc.h.fa)
hc.r = hc.getStream(hc.h.fa)
hc.w = hc.getStream(hc.h.fa)
@ -277,10 +278,10 @@ func (hl HKExListener) Accept() (hc Conn, err error) {
return hc, err
}
hc.h.PeerD = d
fmt.Printf("** D:%s\n", hc.h.d.Text(16))
fmt.Printf("**(s)** peerD:%s\n", hc.h.PeerD.Text(16))
log.Printf("** D:%s\n", hc.h.d.Text(16))
log.Printf("**(s)** peerD:%s\n", hc.h.PeerD.Text(16))
hc.h.FA()
fmt.Printf("**(s)** FA:%s\n", hc.h.fa)
log.Printf("**(s)** FA:%s\n", hc.h.fa)
fmt.Fprintf(c, "0x%s\n%08x:%08x:%02x\n", hc.h.d.Text(16),
hc.cipheropts, hc.opts, hc.op)
@ -296,7 +297,7 @@ func (hl HKExListener) Accept() (hc Conn, err error) {
//
// See go doc io.Reader
func (c Conn) Read(b []byte) (n int, err error) {
fmt.Printf("[Decrypting...]\n")
log.Printf("[Decrypting...]\n")
//c.c.SetReadDeadline(time.Now().Add(1 * time.Second))
n, err = c.c.Read(b)
@ -307,14 +308,14 @@ func (c Conn) Read(b []byte) (n int, err error) {
// panic(err)
//}
}
fmt.Printf(" ctext:%+v\n", b[:n]) // print only used portion
log.Printf(" ctext:%+v\n", b[:n]) // print only used portion
db := bytes.NewBuffer(b[:n])
// The StreamReader acts like a pipe, decrypting
// whatever is available and forwarding the result
// to the parameter of Read() as a normal io.Reader
rs := &cipher.StreamReader{S: c.r, R: db}
n, err = rs.Read(b)
fmt.Printf(" ptext:%+v\n", b[:n])
log.Printf(" ptext:%+v\n", b[:n])
return
}
@ -322,8 +323,8 @@ func (c Conn) Read(b []byte) (n int, err error) {
//
// See go doc io.Writer
func (c Conn) Write(b []byte) (n int, err error) {
fmt.Printf("[Encrypting...]\n")
fmt.Printf(" ptext:%+v\n", b)
log.Printf("[Encrypting...]\n")
log.Printf(" ptext:%+v\n", b)
var wb bytes.Buffer
// The StreamWriter acts like a pipe, forwarding whatever is
// written to it through the cipher, encrypting as it goes
@ -332,28 +333,7 @@ func (c Conn) Write(b []byte) (n int, err error) {
if err != nil {
panic(err)
}
fmt.Printf(" ctext:%+v\n", wb.Bytes())
log.Printf(" ctext:%+v\n", wb.Bytes())
n, err = c.c.Write(wb.Bytes())
return
}
// Return c coerced into a HKEx Conn (which implements interface net.Conn)
// Only useful if one wants to convert an open connection later to HKEx
// (Use Dial() instead to start with HKEx automatically.)
/*
func NewHKExConn(c *net.Conn) (hc *Conn) {
hc = new(Conn)
hc.c = *c
hc.h = New(0, 0)
d := big.NewInt(0)
_, err := fmt.Fscanln(hc.c, d)
if err != nil {
//
}
hc.h.PeerD = d
fmt.Printf("** D:%s\n", hc.h.d.Text(16))
fmt.Printf("** peerD:%s\n", hc.h.PeerD.Text(16))
return
}
*/