use std::cmp::min;
use std::collections::HashMap;
use std::ffi::{OsStr, OsString};
-use std::io::{ErrorKind, Read, Result, Write};
-use std::net::TcpStream;
+use std::io::{ErrorKind, Write};
use std::os::unix::io::{AsRawFd, FromRawFd};
use std::os::unix::process::CommandExt;
use std::process::Command;
use std::time::{Duration, Instant};
+use anyhow::{bail, format_err, Result};
use clap::{App, AppSettings, Arg};
-use curl::easy::Easy;
-use mio::net::TcpListener;
-use mio::unix::{EventedFd, UnixReady};
-use mio::{Events, Poll, PollOpt, Ready, Token};
+use mio::net::{TcpListener, TcpStream};
+use mio::unix::SourceFd;
+use mio::{Events, Interest, Poll, Token};
-use proxmox::sys::error::io_err_other;
-use proxmox::sys::linux::pty::{make_controlling_terminal, PTY};
-use proxmox::tools::byte_buffer::ByteBuffer;
-use proxmox::{io_bail, io_format_err};
+use proxmox_io::ByteBuffer;
+use proxmox_lang::error::io_err_other;
+use proxmox_sys::{
+ linux::pty::{make_controlling_terminal, PTY},
+};
const MSG_TYPE_DATA: u8 = 0;
const MSG_TYPE_RESIZE: u8 = 1;
buf: &mut ByteBuffer,
timeout: Duration,
) -> TicketResult {
+ let mut poll = Poll::new()?;
+ poll.registry()
+ .register(stream, Token(0), Interest::READABLE)?;
+ let mut events = Events::with_capacity(1);
+
let now = Instant::now();
- while !&buf[..].contains(&b'\n') {
- if buf.is_full() || now.elapsed() >= timeout {
- io_bail!("authentication data is incomplete: {:?}", &buf[..]);
- }
- stream.set_read_timeout(Some(Duration::new(1, 0)))?;
- match buf.read_from(stream) {
- Ok(n) => {
- if n == 0 {
- io_bail!("connection closed before authentication");
+ let mut elapsed = Duration::new(0, 0);
+
+ loop {
+ poll.poll(&mut events, Some(timeout - elapsed))?;
+ if !events.is_empty() {
+ match buf.read_from(stream) {
+ Ok(n) => {
+ if n == 0 {
+ bail!("connection closed before authentication");
+ }
}
+ Err(err) if err.kind() == ErrorKind::WouldBlock => {}
+ Err(err) => return Err(err.into()),
}
- Err(err) if err.kind() == ErrorKind::WouldBlock => {}
- Err(err) => return Err(err),
+
+ if buf[..].contains(&b'\n') {
+ break;
+ }
+
+ if buf.is_full() {
+ bail!("authentication data is incomplete: {:?}", &buf[..]);
+ }
+ }
+
+ elapsed = now.elapsed();
+ if elapsed > timeout {
+ bail!("timed out");
}
}
- stream.set_read_timeout(None)?;
let newline_idx = &buf[..].iter().position(|&x| x == b'\n').unwrap();
let line = buf.remove_data(*newline_idx);
let (username, ticket) = line.split_at(pos);
Ok((username.into(), ticket[1..].into()))
}
- None => io_bail!("authentication data is invalid"),
+ None => bail!("authentication data is invalid"),
}
}
authport: u16,
port: Option<u16>,
) -> Result<()> {
- let mut curl = Easy::new();
- curl.url(&format!(
- "http://localhost:{}/api2/json/access/ticket",
- authport
- ))?;
-
- let username = curl.url_encode(username);
- let ticket = curl.url_encode(ticket);
- let path = curl.url_encode(path.as_bytes());
-
- let mut post_fields = Vec::with_capacity(5);
- post_fields.push(format!("username={}", username));
- post_fields.push(format!("password={}", ticket));
- post_fields.push(format!("path={}", path));
-
+ let mut post_fields: Vec<(&str, &str)> = Vec::with_capacity(5);
+ post_fields.push(("username", std::str::from_utf8(username)?));
+ post_fields.push(("password", std::str::from_utf8(ticket)?));
+ post_fields.push(("path", path));
if let Some(perm) = perm {
- let perm = curl.url_encode(perm.as_bytes());
- post_fields.push(format!("privs={}", perm));
+ post_fields.push(("privs", perm));
}
-
+ let port_str;
if let Some(port) = port {
- post_fields.push(format!("port={}", port));
+ port_str = port.to_string();
+ post_fields.push(("port", &port_str));
}
- curl.post_fields_copy(post_fields.join("&").as_bytes())?;
- curl.post(true)?;
- curl.perform()?;
+ let url = format!("http://localhost:{}/api2/json/access/ticket", authport);
- let response_code = curl.response_code()?;
-
- if response_code != 200 {
- io_bail!("invalid authentication, code {}", response_code);
+ match ureq::post(&url).send_form(&post_fields[..]) {
+ Ok(res) if res.status() == 200 => Ok(()),
+ Ok(res) | Err(ureq::Error::Status(_, res)) => {
+ let code = res.status();
+ bail!("invalid authentication - {} {}", code, res.status_text())
+ }
+ Err(err) => bail!("authentication request failed - {}", err),
}
-
- Ok(())
}
fn listen_and_accept(
std::net::TcpListener::bind((hostname, port as u16))?
};
let port = listener.local_addr()?.port();
- let listener = TcpListener::from_std(listener)?;
- let poll = Poll::new()?;
+ let mut listener = TcpListener::from_std(listener);
+ let mut poll = Poll::new()?;
- poll.register(&listener, Token(0), Ready::readable(), PollOpt::edge())?;
+ poll.registry()
+ .register(&mut listener, Token(0), Interest::READABLE)?;
let mut events = Events::with_capacity(1);
- let mut timeout = timeout;
+ let now = Instant::now();
+ let mut elapsed = Duration::new(0, 0);
+
loop {
- let now = Instant::now();
- poll.poll(&mut events, Some(timeout))?;
- let elapsed = now.elapsed();
+ poll.poll(&mut events, Some(timeout - elapsed))?;
if !events.is_empty() {
- let (stream, client) = listener.accept_std()?;
+ let (stream, client) = listener.accept()?;
println!("client connection: {:?}", client);
return Ok((stream, port));
}
- if timeout >= elapsed {
- timeout -= elapsed;
- } else {
- io_bail!("timed out");
+
+ elapsed = now.elapsed();
+ if elapsed > timeout {
+ bail!("timed out");
}
}
}
command.spawn()?;
- pty.set_size(80, 20).map_err(|x| x.as_errno().unwrap())?;
+ pty.set_size(80, 20)?;
Ok(pty)
}
let use_port_as_fd = matches.is_present("use-port-as-fd");
if use_port_as_fd && port > u16::MAX as u64 {
- return Err(io_format_err!("port too big"));
+ return Err(format_err!("port too big"));
} else if port > i32::MAX as u64 {
- return Err(io_format_err!("Invalid FD number"));
+ return Err(format_err!("Invalid FD number"));
}
- let (mut stream, port) =
+ let (mut tcp_handle, port) =
listen_and_accept("localhost", port, use_port_as_fd, Duration::new(10, 0))
- .map_err(|err| io_format_err!("failed waiting for client: {}", err))?;
+ .map_err(|err| format_err!("failed waiting for client: {}", err))?;
- let (username, ticket) = read_ticket_line(&mut stream, &mut pty_buf, Duration::new(10, 0))
- .map_err(|err| io_format_err!("failed reading ticket: {}", err))?;
+ let (username, ticket) = read_ticket_line(&mut tcp_handle, &mut pty_buf, Duration::new(10, 0))
+ .map_err(|err| format_err!("failed reading ticket: {}", err))?;
let port = if use_port_as_fd { Some(port) } else { None };
authenticate(&username, &ticket, path, perm, authport, port)?;
- stream.write_all(b"OK").expect("error writing response");
-
- let mut tcp_handle = mio::net::TcpStream::from_stream(stream)?;
+ tcp_handle.write_all(b"OK").expect("error writing response");
- let poll = Poll::new()?;
+ let mut poll = Poll::new()?;
let mut events = Events::with_capacity(128);
let mut pty = run_pty(cmd, cmdparams)?;
- poll.register(
- &tcp_handle,
+ poll.registry().register(
+ &mut tcp_handle,
TCP,
- Ready::readable() | Ready::writable() | UnixReady::hup(),
- PollOpt::edge(),
+ Interest::READABLE | Interest::WRITABLE,
)?;
- poll.register(
- &EventedFd(&pty.as_raw_fd()),
+ poll.registry().register(
+ &mut SourceFd(&pty.as_raw_fd()),
PTY,
- Ready::readable() | Ready::writable() | UnixReady::hup(),
- PollOpt::edge(),
+ Interest::READABLE | Interest::WRITABLE,
)?;
let mut tcp_writable = true;
}
for event in &events {
- let readiness = event.readiness();
- let writable = readiness.is_writable();
- let readable = readiness.is_readable();
- if UnixReady::from(readiness).is_hup() {
+ let writable = event.is_writable();
+ let readable = event.is_readable();
+ if event.is_read_closed() {
finished = true;
}
match event.token() {
}
Err(err) => {
if !finished {
- return Err(io_format_err!("error reading from tcp: {}", err));
+ return Err(format_err!("error reading from tcp: {}", err));
}
break;
}
}
Err(err) => {
if !finished {
- return Err(io_format_err!("error reading from pty: {}", err));
+ return Err(format_err!("error reading from pty: {}", err));
}
break;
}
}
Err(err) => {
if !finished {
- return Err(io_format_err!("error writing to tcp : {}", err));
+ return Err(format_err!("error writing to tcp : {}", err));
}
break;
}
}
Err(err) => {
if !finished {
- return Err(io_format_err!("error writing to pty : {}", err));
+ return Err(format_err!("error writing to pty : {}", err));
}
break;
}