Skip to content
Projects
Groups
Snippets
Help
This project
Loading...
Sign in / Register
Toggle navigation
C
chisel
Overview
Overview
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Registry
Registry
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
anun
chisel
Commits
24e571ad
Commit
24e571ad
authored
Jun 17, 2024
by
anun
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
verify edge
parent
a1db662c
Hide whitespace changes
Inline
Side-by-side
Showing
8 changed files
with
105 additions
and
33 deletions
+105
-33
chisel
+0
-0
client/client.go
+11
-0
go.mod
+1
-0
go.sum
+2
-0
server/server.go
+50
-28
server/server_handler.go
+30
-0
share/settings/env.go
+9
-4
share/settings/remote.go
+2
-1
No files found.
chisel
View file @
24e571ad
No preview for this file type
client/client.go
View file @
24e571ad
...
@@ -175,11 +175,14 @@ func NewClient(c *Config) (*Client, error) {
...
@@ -175,11 +175,14 @@ func NewClient(c *Config) (*Client, error) {
if
c
.
Edge
.
EdgeSecret
!=
""
{
if
c
.
Edge
.
EdgeSecret
!=
""
{
client
.
computed
.
Edge
.
EdgeSecret
=
c
.
Edge
.
EdgeSecret
client
.
computed
.
Edge
.
EdgeSecret
=
c
.
Edge
.
EdgeSecret
}
}
/*
client.Debugf("---> c.Edge = %s", c.Edge)
client.Debugf("---> c.Edge = %s", c.Edge)
client.Debugf("---> c.EdgeId = %s", c.Edge.EdgeId)
client.Debugf("---> c.EdgeId = %s", c.Edge.EdgeId)
client.Debugf("---> c.EdgeSecret = %s", c.Edge.EdgeSecret)
client.Debugf("---> c.EdgeSecret = %s", c.Edge.EdgeSecret)
//validate remotes
//validate remotes
// client.Debugf("---> c.Remotes = %s", c.Remotes)
// client.Debugf("---> c.Remotes = %s", c.Remotes)
*/
for
_
,
s
:=
range
c
.
Remotes
{
for
_
,
s
:=
range
c
.
Remotes
{
//Anun
//Anun
/*
/*
...
@@ -207,6 +210,14 @@ func NewClient(c *Config) (*Client, error) {
...
@@ -207,6 +210,14 @@ func NewClient(c *Config) (*Client, error) {
if
!
r
.
Reverse
&&
!
r
.
Stdio
&&
!
r
.
CanListen
()
{
if
!
r
.
Reverse
&&
!
r
.
Stdio
&&
!
r
.
CanListen
()
{
return
nil
,
fmt
.
Errorf
(
"Client cannot listen on %s"
,
r
.
String
())
return
nil
,
fmt
.
Errorf
(
"Client cannot listen on %s"
,
r
.
String
())
}
}
if
c
.
Edge
.
EdgeId
!=
""
{
r
.
EdgeId
=
c
.
Edge
.
EdgeId
}
if
c
.
Edge
.
EdgeSecret
!=
""
{
r
.
EdgeSecret
=
c
.
Edge
.
EdgeSecret
}
client
.
computed
.
Remotes
=
append
(
client
.
computed
.
Remotes
,
r
)
client
.
computed
.
Remotes
=
append
(
client
.
computed
.
Remotes
,
r
)
}
}
// client.computed.Edge = c.Edge
// client.computed.Edge = c.Edge
...
...
go.mod
View file @
24e571ad
...
@@ -17,6 +17,7 @@ require (
...
@@ -17,6 +17,7 @@ require (
require (
require (
github.com/andrew-d/go-termutil v0.0.0-20150726205930-009166a695a2 // indirect
github.com/andrew-d/go-termutil v0.0.0-20150726205930-009166a695a2 // indirect
github.com/jmoiron/sqlx v1.4.0 // indirect
github.com/jmoiron/sqlx v1.4.0 // indirect
github.com/joho/godotenv v1.5.1 // indirect
github.com/jpillora/ansi v1.0.3 // indirect
github.com/jpillora/ansi v1.0.3 // indirect
github.com/lib/pq v1.10.9 // indirect
github.com/lib/pq v1.10.9 // indirect
github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce // indirect
github.com/tomasen/realip v0.0.0-20180522021738-f0c99a92ddce // indirect
...
...
go.sum
View file @
24e571ad
...
@@ -12,6 +12,8 @@ github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWm
...
@@ -12,6 +12,8 @@ github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWm
github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
github.com/jmoiron/sqlx v1.4.0 h1:1PLqN7S1UYp5t4SrVVnt4nUVNemrDAtxlulVe+Qgm3o=
github.com/jmoiron/sqlx v1.4.0 h1:1PLqN7S1UYp5t4SrVVnt4nUVNemrDAtxlulVe+Qgm3o=
github.com/jmoiron/sqlx v1.4.0/go.mod h1:ZrZ7UsYB/weZdl2Bxg6jCRO9c3YHl8r3ahlKmRT4JLY=
github.com/jmoiron/sqlx v1.4.0/go.mod h1:ZrZ7UsYB/weZdl2Bxg6jCRO9c3YHl8r3ahlKmRT4JLY=
github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
github.com/jpillora/ansi v1.0.3 h1:nn4Jzti0EmRfDxm7JtEs5LzCbNwd5sv+0aE+LdS9/ZQ=
github.com/jpillora/ansi v1.0.3 h1:nn4Jzti0EmRfDxm7JtEs5LzCbNwd5sv+0aE+LdS9/ZQ=
github.com/jpillora/ansi v1.0.3/go.mod h1:D2tT+6uzJvN1nBVQILYWkIdq7zG+b5gcFN5WI/VyjMY=
github.com/jpillora/ansi v1.0.3/go.mod h1:D2tT+6uzJvN1nBVQILYWkIdq7zG+b5gcFN5WI/VyjMY=
github.com/jpillora/backoff v1.0.0 h1:uvFg412JmmHBHw7iwprIxkPMI+sGQ4kzOWsMeHnm2EA=
github.com/jpillora/backoff v1.0.0 h1:uvFg412JmmHBHw7iwprIxkPMI+sGQ4kzOWsMeHnm2EA=
...
...
server/server.go
View file @
24e571ad
...
@@ -21,11 +21,12 @@ import (
...
@@ -21,11 +21,12 @@ import (
"golang.org/x/crypto/ssh"
"golang.org/x/crypto/ssh"
"fmt"
"fmt"
"
github.com/jmoiron/sqlx
"
"
database/sql
"
_
"github.com/lib/pq"
// The database driver in use.
_
"github.com/lib/pq"
// The database driver in use.
)
)
/*
// Anun
// Anun
type DdConfig struct {
type DdConfig struct {
User string
User string
...
@@ -44,6 +45,7 @@ func DbOpen(cfg DdConfig) (*sqlx.DB, error) {
...
@@ -44,6 +45,7 @@ func DbOpen(cfg DdConfig) (*sqlx.DB, error) {
var dataSoruce = fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s sslmode=%s", cfg.Host, cfg.Port, cfg.User, cfg.Password, cfg.Name, sslmode)
var dataSoruce = fmt.Sprintf("host=%s port=%d user=%s password=%s dbname=%s sslmode=%s", cfg.Host, cfg.Port, cfg.User, cfg.Password, cfg.Name, sslmode)
return sqlx.Connect("postgres", dataSoruce)
return sqlx.Connect("postgres", dataSoruce)
}
}
*/
// Config is the configuration for the chisel service
// Config is the configuration for the chisel service
type
Config
struct
{
type
Config
struct
{
...
@@ -69,6 +71,7 @@ type Server struct {
...
@@ -69,6 +71,7 @@ type Server struct {
sessions
*
settings
.
Users
sessions
*
settings
.
Users
sshConfig
*
ssh
.
ServerConfig
sshConfig
*
ssh
.
ServerConfig
users
*
settings
.
UserIndex
users
*
settings
.
UserIndex
db
*
sql
.
DB
}
}
var
upgrader
=
websocket
.
Upgrader
{
var
upgrader
=
websocket
.
Upgrader
{
...
@@ -167,24 +170,26 @@ func NewServer(c *Config) (*Server, error) {
...
@@ -167,24 +170,26 @@ func NewServer(c *Config) (*Server, error) {
//Anun
//Anun
dbenable
:=
settings
.
EnvBool
(
"DB_ENABLE"
)
if
settings
.
InitEnv
()
{
dbuser
:=
settings
.
EnvString
(
"DB_USERNAME"
)
/*
dbpassword
:=
settings
.
EnvString
(
"DB_PASSWORD"
)
dbenable:= settings.EnvBool("DB_ENABLE")
dbhost
:=
settings
.
EnvString
(
"DB_HOST"
)
dbuser:= settings.Env("DB_USERNAME")
dbport
:=
settings
.
EnvInt
(
"DB_PORT"
,
0
)
dbpassword:= settings.Env("DB_PASSWORD")
dbschema
:=
settings
.
EnvString
(
"DB_NAME"
)
dbhost:= settings.Env("DB_HOST")
dbDisableTLS
:=
settings
.
EnvBool
(
"DB_DISABLE_TLS"
)
dbport:= settings.EnvInt("DB_PORT",0)
dbschema:= settings.Env("DB_NAME")
dbDisableTLS:= settings.EnvBool("DB_DISABLE_TLS")
dbConfig
:=
DdConfig
{
dbConfig := DdConfig{
User
:
dbuser
,
User: dbuser,
Password
:
dbpassword
,
Password: dbpassword,
Host
:
dbhost
,
Host: dbhost,
Port
:
dbport
,
Port: dbport,
Name
:
dbschema
,
Name: dbschema,
DisableTLS
:
dbDisableTLS
,
DisableTLS: dbDisableTLS,
}
}
server
.
Infof
(
"dbConfig %s"
,
dbConfig
)
server.Infof("dbConfig %s", dbConfig)
server.Infof("%s", dbenable)
server.Infof("%s", dbenable)
server.Infof("%s", dbuser)
server.Infof("%s", dbuser)
server.Infof("%s", dbpassword)
server.Infof("%s", dbpassword)
...
@@ -192,18 +197,35 @@ server.Infof("%s", dbhost)
...
@@ -192,18 +197,35 @@ server.Infof("%s", dbhost)
server.Infof("%s", dbport)
server.Infof("%s", dbport)
server.Infof("%s", dbschema)
server.Infof("%s", dbschema)
server.Infof("%s", dbDisableTLS)
server.Infof("%s", dbDisableTLS)
db, err := DbOpen(dbConfig)
if err != nil {
server.Infof("connecting database fail", err)
}else{
server.Infof("connecting database, %s", db)
server.db = db
}
*/
db
,
err
:=
DbOpen
(
dbConfig
)
// Connect to database
if
err
!=
nil
{
connStr
:=
settings
.
Env
(
"DB_URI"
)
server
.
Infof
(
"connecting database fail"
,
err
)
db
,
err
:=
sql
.
Open
(
"postgres"
,
connStr
)
}
else
{
if
err
!=
nil
{
server
.
Infof
(
"connecting database, %s"
,
db
)
log
.
Fatal
(
err
)
}
}
if
err
!=
nil
{
dbEnable
:=
settings
.
EnvBool
(
"DB_ENABLE"
)
fmt
.
Fprintf
(
os
.
Stdout
,
"Connection to the database failed
\n
"
)
server
.
Infof
(
"dbEnable: %s"
,
dbEnable
)
return
server
,
nil
if
settings
.
EnvBool
(
"DB_ENABLE"
)
{
}
server
.
Infof
(
"Edge Platform enabled"
)
err
=
db
.
Ping
()
if
err
!=
nil
{
fmt
.
Fprintf
(
os
.
Stdout
,
"Connection to the database failed
\n
"
)
return
server
,
nil
}
if
err
==
nil
{
fmt
.
Fprintf
(
os
.
Stdout
,
"You have connected to the database successfully
\n
"
)
server
.
db
=
db
}
}
}
return
server
,
nil
return
server
,
nil
}
}
...
...
server/server_handler.go
View file @
24e571ad
...
@@ -7,6 +7,8 @@ import (
...
@@ -7,6 +7,8 @@ import (
"time"
"time"
"net"
"net"
"strconv"
"strconv"
"fmt"
"database/sql"
chshare
"dev.nexpie.com/anun/chisel/share"
chshare
"dev.nexpie.com/anun/chisel/share"
"dev.nexpie.com/anun/chisel/share/cnet"
"dev.nexpie.com/anun/chisel/share/cnet"
...
@@ -14,8 +16,15 @@ import (
...
@@ -14,8 +16,15 @@ import (
"dev.nexpie.com/anun/chisel/share/tunnel"
"dev.nexpie.com/anun/chisel/share/tunnel"
"golang.org/x/crypto/ssh"
"golang.org/x/crypto/ssh"
"golang.org/x/sync/errgroup"
"golang.org/x/sync/errgroup"
_
"github.com/lib/pq"
)
)
type
Edge
struct
{
EdgeId
string
EdgeSecret
string
Active
bool
}
func
getTCPPort
()
(
port
int
,
err
error
)
{
func
getTCPPort
()
(
port
int
,
err
error
)
{
var
a
*
net
.
TCPAddr
var
a
*
net
.
TCPAddr
if
a
,
err
=
net
.
ResolveTCPAddr
(
"tcp"
,
"localhost:0"
);
err
==
nil
{
if
a
,
err
=
net
.
ResolveTCPAddr
(
"tcp"
,
"localhost:0"
);
err
==
nil
{
...
@@ -144,8 +153,17 @@ func (s *Server) handleWebsocket(w http.ResponseWriter, req *http.Request) {
...
@@ -144,8 +153,17 @@ func (s *Server) handleWebsocket(w http.ResponseWriter, req *http.Request) {
l
.
Infof
(
"Client version (%s) differs from server version (%s)"
,
l
.
Infof
(
"Client version (%s) differs from server version (%s)"
,
v
,
chshare
.
BuildVersion
)
v
,
chshare
.
BuildVersion
)
}
}
// Anun : Check edge is active
edgeActive
,
err
:=
checkEdge
(
s
.
db
,
c
.
EdgeId
,
c
.
EdgeSecret
)
if
!
edgeActive
{
failed
(
s
.
Errorf
(
"Edge '%s' is denied"
,
c
.
EdgeId
))
return
}
//validate remotes
//validate remotes
for
_
,
r
:=
range
c
.
Remotes
{
for
_
,
r
:=
range
c
.
Remotes
{
//if user is provided, ensure they have
//if user is provided, ensure they have
//access to the desired remotes
//access to the desired remotes
if
user
!=
nil
{
if
user
!=
nil
{
...
@@ -166,6 +184,7 @@ func (s *Server) handleWebsocket(w http.ResponseWriter, req *http.Request) {
...
@@ -166,6 +184,7 @@ func (s *Server) handleWebsocket(w http.ResponseWriter, req *http.Request) {
failed
(
s
.
Errorf
(
"Server cannot listen on %s"
,
r
.
String
()))
failed
(
s
.
Errorf
(
"Server cannot listen on %s"
,
r
.
String
()))
return
return
}
}
}
}
//successfuly validated config!
//successfuly validated config!
r
.
Reply
(
true
,
nil
)
r
.
Reply
(
true
,
nil
)
...
@@ -201,3 +220,14 @@ func (s *Server) handleWebsocket(w http.ResponseWriter, req *http.Request) {
...
@@ -201,3 +220,14 @@ func (s *Server) handleWebsocket(w http.ResponseWriter, req *http.Request) {
l
.
Debugf
(
"Code (%s)"
,
s
.
config
)
l
.
Debugf
(
"Code (%s)"
,
s
.
config
)
}
}
}
}
func
checkEdge
(
db
*
sql
.
DB
,
edgeid
string
,
edgesecret
string
)
(
bool
,
error
)
{
var
active
bool
if
err
:=
db
.
QueryRow
(
`SELECT x.active FROM edgeregistry."EdgeDevice" x WHERE x.edgeid = $1 AND x.edgesecret = $2 AND x.active = true`
,
edgeid
,
edgesecret
)
.
Scan
(
&
active
);
err
!=
nil
{
if
err
==
sql
.
ErrNoRows
{
return
false
,
fmt
.
Errorf
(
"Edge %s: unknown"
,
edgeid
)
}
return
false
,
fmt
.
Errorf
(
"Edge %s: %v"
,
edgeid
,
err
)
}
return
active
,
nil
}
share/settings/env.go
View file @
24e571ad
...
@@ -5,6 +5,8 @@ import (
...
@@ -5,6 +5,8 @@ import (
"strconv"
"strconv"
"strings"
"strings"
"time"
"time"
"github.com/joho/godotenv"
)
)
// Env returns a chisel environment variable
// Env returns a chisel environment variable
...
@@ -34,8 +36,11 @@ func EnvBool(name string) bool {
...
@@ -34,8 +36,11 @@ func EnvBool(name string) bool {
return
v
==
"1"
||
strings
.
ToLower
(
v
)
==
"true"
return
v
==
"1"
||
strings
.
ToLower
(
v
)
==
"true"
}
}
//Anun
func
InitEnv
()
bool
{
func
EnvString
(
name
string
)
string
{
err
:=
godotenv
.
Load
()
return
os
.
Getenv
(
name
)
if
err
!=
nil
{
return
false
}
else
{
return
true
}
}
}
share/settings/remote.go
View file @
24e571ad
...
@@ -38,11 +38,12 @@ type Remote struct {
...
@@ -38,11 +38,12 @@ type Remote struct {
LocalHost
,
LocalPort
,
LocalProto
string
LocalHost
,
LocalPort
,
LocalProto
string
RemoteHost
,
RemotePort
,
RemoteProto
string
RemoteHost
,
RemotePort
,
RemoteProto
string
Socks
,
Reverse
,
Stdio
bool
Socks
,
Reverse
,
Stdio
bool
EdgeId
,
EdgeSecret
string
}
}
// Anun
// Anun
type
Edge
struct
{
type
Edge
struct
{
EdgeId
,
EdgeSecret
string
EdgeId
,
EdgeSecret
string
}
}
const
revPrefix
=
"R:"
const
revPrefix
=
"R:"
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment