Commit 34875577 authored by Kirk Webb's avatar Kirk Webb

Add support for reusable keyed serial console/log URLs.

Stopgap solution - somewhat risky.  What we would prefer is a solution
that requires users to authenticate and grab a new keyed URL each time
they want to connect to a console.
parent b4293a4b
......@@ -3876,9 +3876,9 @@ sub SendApod($$)
# The hash can only be used once and is valid for a short time
# (say, 30 seconds).
#
sub GenTipAclUrl($;$)
sub GenTipAclUrl($;$$)
{
my ($self,$expstamp) = @_;
my ($self,$expstamp,$reuseurl) = @_;
my $node_id = $self->node_id();
my $hash = TBGenSecretKey();
if (!defined($hash)) {
......@@ -3895,8 +3895,15 @@ sub GenTipAclUrl($;$)
return undef;
}
if (!defined($reuseurl)) {
$reuseurl = 0;
} elsif ($reuseurl != 0 && $reuseurl != 1) {
print STDERR "Invalid value for 'reuseurl': $reuseurl\n";
return undef;
}
DBQueryWarn("update tiplines set urlhash='$hash', ".
" urlstamp=$expstamp ".
" urlstamp=$expstamp, reuseurl=$reuseurl ".
"where node_id='$node_id'")
or return undef;
......@@ -3922,7 +3929,7 @@ sub ClrTipAclUrl($)
my ($self) = @_;
my $node_id = $self->node_id();
DBQueryWarn("update tiplines set urlhash=NULL,urlstamp=0 ".
DBQueryWarn("update tiplines set urlhash=NULL,urlstamp=0,reuseurl=0 ".
"where node_id='$node_id'")
or return -1;
......
......@@ -4472,6 +4472,7 @@ CREATE TABLE `tiplines` (
`keydata` text,
`urlhash` varchar(64) default NULL,
`urlstamp` int(10) unsigned NOT NULL default '0',
`reuseurl` tinyint(1) NOT NULL default '0',
PRIMARY KEY (`tipname`),
KEY `node_id` (`node_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
......
#
# tiplines auth extension.
#
use strict;
use libdb;
sub DoUpdate($$$)
{
my ($dbhandle, $dbname, $version) = @_;
if (!DBSlotExists("tiplines", "reuseurl")) {
DBQueryFatal("alter table tiplines add ".
" `reuseurl` tinyint(1) NOT NULL default '0' ".
" after urlstamp");
}
return 0;
}
1;
# Local Variables:
# mode:perl
# End:
......@@ -29,12 +29,13 @@ use Getopt::Std;
#
sub usage()
{
print(STDOUT "Usage: spewconlog [-l linecount] [-k key] node\n");
print(STDOUT "Usage: spewconlog [-l linecount] [-k key [-r]] node\n");
exit(-1);
}
my $optlist = "l:k:";
my $optlist = "l:k:r";
my $linecount = 0;
my $key;
my $reuseurl = 0;
my $logdir = "/var/log/tiplogs";
my $logname;
my $cmd;
......@@ -120,6 +121,9 @@ if (defined($options{"l"})) {
" Bad data in linecount: $linecount\n");
}
}
if (defined($options{"r"})) {
$reuseurl = 1;
}
usage()
if (@ARGV != 1);
my $node_id = $ARGV[0];
......@@ -157,7 +161,9 @@ if (defined($key)) {
die("*** $0:\n".
" You not have permission to view console log for $node_id!\n");
}
$node->ClrTipAclUrl();
if (!$reuseurl) {
$node->ClrTipAclUrl();
}
}
elsif (!TBAdmin($UID) &&
(! TBNodeAccessCheck($UID, TB_NODEACCESS_READINFO, ($node_id)))) {
......
......@@ -43,7 +43,7 @@ if (isset($key)) {
$safe_key = addslashes($key);
$query_result =
DBQueryFatal("select urlstamp from tiplines ".
DBQueryFatal("select urlstamp,reuseurl from tiplines ".
"where node_id='$node_id' and urlhash='$safe_key' and ".
" urlstamp!=0");
......@@ -53,14 +53,19 @@ if (isset($key)) {
$row = mysql_fetch_array($query_result);
$stamp = $row['urlstamp'];
if ($stamp <= time()) {
DBQueryFatal("update tiplines set urlhash=NULL,urlstamp=0 ".
DBQueryFatal("update tiplines set urlhash=NULL,urlstamp=0,".
"reuseurl=0 ".
"where node_id='$node_id'");
USERERROR("Key is no longer valid", 1);
}
}
# Use once URL. Clear it.
DBQueryFatal("update tiplines set urlhash=NULL,urlstamp=0 ".
"where node_id='$node_id'");
# URLs are use-once, unless marked as reusable (dangerous).
$reuse = $row['reuseurl'];
if ($reuse != 1) {
DBQueryFatal("update tiplines set urlhash=NULL,urlstamp=0,".
"reuseurl=0 ".
"where node_id='$node_id'");
}
$uid = "nobody";
$isadmin = 0;
}
......
......@@ -40,7 +40,7 @@ if (isset($key)) {
$safe_key = addslashes($key);
$query_result =
DBQueryFatal("select urlstamp from tiplines ".
DBQueryFatal("select urlstamp, reuseurl from tiplines ".
"where node_id='$node_id' and urlhash='$safe_key' and ".
" urlstamp!=0");
......@@ -50,7 +50,8 @@ if (isset($key)) {
$row = mysql_fetch_array($query_result);
$stamp = $row['urlstamp'];
if ($stamp <= time()) {
DBQueryFatal("update tiplines set urlhash=NULL,urlstamp=0 ".
DBQueryFatal("update tiplines set urlhash=NULL,urlstamp=0,".
"reuseurl=0 ".
"where node_id='$node_id'");
USERERROR("Key is no longer valid", 1);
}
......@@ -58,6 +59,10 @@ if (isset($key)) {
$uid = "nobody";
$isadmin = 0;
$optarg = "-k " . escapeshellarg($key);
$reuse = $row['reuseurl'];
if ($reuse == 1) {
$optarg .= " -r";
}
}
else {
#
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment