Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
emulab
emulab-devel
Commits
46ce9763
Commit
46ce9763
authored
Dec 16, 2013
by
Leigh B Stoller
Browse files
Add support for console tipline in a browswer iframe using
shellinabox as the backend.
parent
3c04b342
Changes
1
Hide whitespace changes
Inline
Side-by-side
www/nodetipacl.php3
View file @
46ce9763
<?php
#
# Copyright (c) 2000-201
1
University of Utah and the Flux Group.
# Copyright (c) 2000-201
3
University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
...
...
@@ -55,6 +55,9 @@ if (!$isadmin &&
USERERROR
(
"You do not have permission to tip to node
$node_id
!"
,
1
);
}
# Array of arguments
$console
=
array
();
#
# Ask outer emulab for the stuff we need. It does it own perm checks
#
...
...
@@ -113,18 +116,157 @@ else {
$certhash
=
str_replace
(
":"
,
""
,
strtolower
(
$matches
[
1
]));
}
$filename
=
$node_id
.
".tbacl"
;
if
(
!
$BROWSER_CONSOLE_ENABLE
)
{
$filename
=
$node_id
.
".tbacl"
;
header
(
"Content-Type: text/x-testbed-acl"
);
header
(
"Content-Disposition: inline; filename=
$filename
;"
);
header
(
"Content-Description: ACL key file for a testbed node serial port"
);
# XXX, should handle multiple tip lines gracefully somehow,
# but not important for now.
echo
"host:
$server
\n
"
;
echo
"port:
$portnum
\n
"
;
echo
"keylen:
$keylen
\n
"
;
echo
"key:
$keydata
\n
"
;
echo
"ssl-server-cert:
$certhash
\n
"
;
return
;
}
#
# ShellInABox
#
$console
[
"server"
]
=
$server
;
$console
[
"portnum"
]
=
$portnum
;
$console
[
"keylen"
]
=
$keylen
;
$console
[
"keydata"
]
=
$keydata
;
$console
[
"certhash"
]
=
$certhash
;
#
# Generate an authentication object to pass to the browser that
# is passed to the web server on ops. This is used to grant
# permission to the user to invoke tip to the console.
#
function
ConsoleAuthObject
(
$uid
,
$nodeid
,
$console
)
{
global
$USERNODE
;
$file
=
"/usr/testbed/etc/sshauth.key"
;
#
# We need the secret that is shared with ops.
#
$fp
=
fopen
(
$file
,
"r"
);
if
(
!
$fp
)
{
TBERROR
(
"Error opening
$file
"
,
0
);
return
null
;
}
$key
=
fread
(
$fp
,
128
);
fclose
(
$fp
);
if
(
!
$key
)
{
TBERROR
(
"Could not get key from
$file
"
,
0
);
return
null
;
}
$key
=
chop
(
$key
);
$stuff
=
GENHASH
();
$now
=
time
();
$authobj
=
array
(
'uid'
=>
$uid
,
'console'
=>
$console
,
'stuff'
=>
$stuff
,
'nodeid'
=>
$nodeid
,
'timestamp'
=>
$now
,
'baseurl'
=>
"https://${USERNODE}"
,
'signature_method'
=>
'HMAC-SHA1'
,
'api_version'
=>
'1.0'
,
'signature'
=>
hash_hmac
(
'sha1'
,
$uid
.
$stuff
.
$nodeid
.
$now
.
" "
.
implode
(
","
,
$console
),
$key
),
);
return
json_encode
(
$authobj
);
}
$console_auth
=
ConsoleAuthObject
(
$uid
,
$node_id
,
$console
);
PAGEHEADER
(
"
$nodeid
Console"
);
$referrer
=
$_SERVER
[
'HTTP_REFERER'
];
echo
"
\n
"
;
echo
"<script src='https://code.jquery.com/jquery.js'></script>
\n
"
;
echo
"<script>
\n
"
;
echo
"var tbbaseurl = '
$referrer
';
\n
"
;
?>
function StartConsole(id, authobject)
{
var jsonauth = $.parseJSON(authobject);
var callback = function(stuff) {
var split = stuff.split(':');
var session = split[0];
var port = split[1];
var url = jsonauth.baseurl + ':' + port + '/' + '#' +
encodeURIComponent(document.location.href) + ',' + session;
console.log(url);
var iwidth = $('#' + id).width();
var iheight = GetMaxHeight(id) - 50;
$('#' + id).html('
<iframe
id=
"' + id + '_iframe"
'
+
'
width=
' + iwidth + '
'
+
'
height=
' + iheight + '
'
+
'
src=
\''
+
url
+
'\'
>
');
header
(
"Content-Type: text/x-testbed-acl"
);
header
(
"Content-Disposition: inline; filename=
$filename
;"
);
header
(
"Content-Description: ACL key file for a testbed node serial port"
);
//
// Setup a custom event handler so we can kill the connection.
//
$('#' + id).on("killconsole",
{ "url": jsonauth.baseurl + ':' + port + '/quit' +
'?session=' + session },
function(e) {
console.log("killconsole: " + e.data.url);
$.ajax({
url: e.data.url,
type: 'GET',
});
});
# XXX, should handle multiple tip lines gracefully somehow,
# but not important for now.
// Install a click handler for the X button.
$("#" + id + "_kill").click(function(e) {
e.preventDefault();
// Trigger the custom event.
$("#" + id).trigger("killconsole");
PageReplace(tbbaseurl);
})
}
var xmlthing = $.ajax({
// the URL for the request
url: jsonauth.baseurl + '/d77e8041d1ad',
// the data to send (will be converted to a query string)
data: {
auth: authobject,
},
// Needs to be a POST to send the auth object.
type: 'POST',
// Ask for plain text for easier parsing.
dataType : 'text',
});
xmlthing.done(callback);
}
</script>
<?php
echo
"<div id='${nodeid}_console' style='width: 100%;'></div>"
;
echo
"<center><button type=button id='${nodeid}_console_kill'>Close</button>"
.
"</center>
\n
"
;
echo
"<script language=JavaScript>
StartConsole('${nodeid}_console', '
$console_auth
');
</script>
\n
"
;
echo
"host:
$server
\n
"
;
echo
"port:
$portnum
\n
"
;
echo
"keylen:
$keylen
\n
"
;
echo
"key:
$keydata
\n
"
;
echo
"ssl-server-cert:
$certhash
\n
"
;
PAGEFOOTER
();
?>
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment