Add support for console tipline in a browswer iframe using

shellinabox as the backend.

Add support for console tipline in a browswer iframe using
shellinabox as the backend.
46ce9763 · Leigh B Stoller · 3c04b342 · 46ce9763
Commit 46ce9763 authored Dec 16, 2013 by Leigh B Stoller
Hide whitespace changes
Inline Side-by-side

Showing with 154 additions and 12 deletions

www/nodetipacl.php3 www/nodetipacl.php3 +154 -12

No files found.
--- a/www/nodetipacl.php3
+++ b/www/nodetipacl.php3
 <?php
 #
-# Copyright (c) 2000-2011 University of Utah and the Flux Group.
+# Copyright (c) 2000-2013 University of Utah and the Flux Group.
 # 
 # {{{EMULAB-LICENSE
 # 
@@ -55,6 +55,9 @@ if (!$isadmin &&
    USERERROR("You do not have permission to tip to node $node_id!", 1);
 }

+# Array of arguments
+$console = array();
+
 #
 # Ask outer emulab for the stuff we need. It does it own perm checks
 #
@@ -113,18 +116,157 @@ else {
    $certhash = str_replace(":","",strtolower($matches[1]));
 }

-$filename = $node_id . ".tbacl"; 
+if (! $BROWSER_CONSOLE_ENABLE) {
+    $filename = $node_id . ".tbacl"; 
+
+    header("Content-Type: text/x-testbed-acl");
+    header("Content-Disposition: inline; filename=$filename;");
+    header("Content-Description: ACL key file for a testbed node serial port");
+
+    # XXX, should handle multiple tip lines gracefully somehow, 
+    # but not important for now.
+
+    echo "host:   $server\n";	
+    echo "port:   $portnum\n";
+    echo "keylen: $keylen\n";
+    echo "key:    $keydata\n";
+    echo "ssl-server-cert: $certhash\n";
+    return;
+}
+
+#
+# ShellInABox
+#
+$console["server"]   = $server;
+$console["portnum"]  = $portnum;
+$console["keylen"]   = $keylen;
+$console["keydata"]  = $keydata;
+$console["certhash"] = $certhash;
+
+#
+# Generate an authentication object to pass to the browser that
+# is passed to the web server on ops. This is used to grant
+# permission to the user to invoke tip to the console. 
+#
+function ConsoleAuthObject($uid, $nodeid, $console)
+{
+    global $USERNODE;
+	
+    $file = "/usr/testbed/etc/sshauth.key";
+    
+    #
+    # We need the secret that is shared with ops.
+    #
+    $fp = fopen($file, "r");
+    if (! $fp) {
+	TBERROR("Error opening $file", 0);
+	return null;
+    }
+    $key = fread($fp, 128);
+    fclose($fp);
+    if (!$key) {
+	TBERROR("Could not get key from $file", 0);
+	return null;
+    }
+    $key   = chop($key);
+    $stuff = GENHASH();
+    $now   = time();
+
+    $authobj = array('uid'       => $uid,
+		     'console'   => $console,
+		     'stuff'     => $stuff,
+		     'nodeid'    => $nodeid,
+		     'timestamp' => $now,
+		     'baseurl'   => "https://${USERNODE}",
+		     'signature_method' => 'HMAC-SHA1',
+		     'api_version' => '1.0',
+		     'signature' => hash_hmac('sha1',
+					      $uid . $stuff . $nodeid . $now .
+					      " " . implode(",", $console),
+					      $key),
+    );
+    return json_encode($authobj);
+}
+$console_auth = ConsoleAuthObject($uid, $node_id, $console);
+
+PAGEHEADER("$nodeid Console");
+
+$referrer = $_SERVER['HTTP_REFERER'];
+
+echo "\n";
+echo "<script src='https://code.jquery.com/jquery.js'></script>\n";
+echo "<script>\n";
+echo "var tbbaseurl = '$referrer';\n";
+?>
+function StartConsole(id, authobject)
+{
+    var jsonauth = $.parseJSON(authobject);
+	
+    var callback = function(stuff) {
+        var split   = stuff.split(':');
+        var session = split[0];
+    	var port    = split[1];
+
+        var url   = jsonauth.baseurl + ':' + port + '/' + '#' +
+            encodeURIComponent(document.location.href) + ',' + session;
+        console.log(url);
+        var iwidth  = $('#' + id).width();
+        var iheight = GetMaxHeight(id) - 50;
+
+        $('#' + id).html('<iframe id="' + id + '_iframe" ' +
+			   'width=' + iwidth + ' ' +
+                           'height=' + iheight + ' ' +
+                           'src=\'' + url + '\'>');

-header("Content-Type: text/x-testbed-acl");
-header("Content-Disposition: inline; filename=$filename;");
-header("Content-Description: ACL key file for a testbed node serial port");
+	//
+	// Setup a custom event handler so we can kill the connection.
+	//
+	$('#' + id).on("killconsole",
+		       { "url": jsonauth.baseurl + ':' + port + '/quit' +
+			        '?session=' + session },
+		       function(e) {
+			   console.log("killconsole: " + e.data.url);
+			   $.ajax({
+     			       url: e.data.url,
+			       type: 'GET',
+			   });
+		       });

-# XXX, should handle multiple tip lines gracefully somehow, 
-# but not important for now.
+	// Install a click handler for the X button.
+	$("#" + id + "_kill").click(function(e) {
+	    e.preventDefault();
+	    // Trigger the custom event.
+	    $("#" + id).trigger("killconsole");
+
+	    PageReplace(tbbaseurl);
+	})
+    }
+    var xmlthing = $.ajax({
+	// the URL for the request
+     	url: jsonauth.baseurl + '/d77e8041d1ad',
+ 
+     	// the data to send (will be converted to a query string)
+	data: {
+	    auth: authobject,
+	},
+ 
+ 	// Needs to be a POST to send the auth object.
+	type: 'POST',
+ 
+    	// Ask for plain text for easier parsing. 
+	dataType : 'text',
+    });
+    xmlthing.done(callback);
+}
+</script>
+
+<?php
+echo "<div id='${nodeid}_console' style='width: 100%;'></div>";
+echo "<center><button type=button id='${nodeid}_console_kill'>Close</button>" .
+     "</center>\n";
+echo "<script language=JavaScript>
+      StartConsole('${nodeid}_console', '$console_auth');
+      </script>\n";

-echo "host:   $server\n";	
-echo "port:   $portnum\n";
-echo "keylen: $keylen\n";
-echo "key:    $keydata\n";
-echo "ssl-server-cert: $certhash\n";
+PAGEFOOTER();
 ?>