Commit 662cde15 authored by Michal Horejsek's avatar Michal Horejsek

Merge branch 'direct-tcpip-logs' into 'master'

Disable direct-tcpip traceback logs

Closes #2

See merge request !7
parents bb81fe56 15c30f51
......@@ -10,10 +10,13 @@ import tty
from twisted import cred
from twisted.application import service
from twisted.conch.avatar import ConchUser
from twisted.conch.ssh import factory, keys, userauth, connection, session
from twisted.conch.ssh import common, factory, keys, session, userauth
from twisted.conch.ssh.connection import MSG_CHANNEL_OPEN_FAILURE, OPEN_CONNECT_FAILED
from twisted.conch.ssh.connection import SSHConnection as SSHConnectionTwisted
from twisted.conch.unix import SSHSessionForUnixConchUser
from twisted.internet import reactor, defer
from twisted.python import components
from twisted.internet import defer, reactor
from twisted.python import components, log
from twisted.python.compat import networkString
from haas_proxy.balancer import Balancer
from haas_proxy.utils import force_text
......@@ -37,6 +40,28 @@ class ProxyService(service.Service):
return self._port.stopListening()
class SSHConnection(SSHConnectionTwisted):
"""
Overridden SSHConnection for disabling logs a traceback about a failed direct-tcpip connections
"""
# pylint: disable=invalid-name,inconsistent-return-statements
def ssh_CHANNEL_OPEN(self, packet):
# pylint: disable=unbalanced-tuple-unpacking
channel_type, rest = common.getNS(packet)
if channel_type != b'direct-tcpip':
return super().ssh_CHANNEL_OPEN(packet)
senderChannel, _ = struct.unpack('>3L', rest[:12])
log.err('channel open failed, direct-tcpip is not allowed')
reason = OPEN_CONNECT_FAILED
self.transport.sendPacket(
MSG_CHANNEL_OPEN_FAILURE,
struct.pack('>2L', senderChannel, reason) +
common.NS(networkString('unknown failure')) + common.NS(b'')
)
# pylint: disable=abstract-method
class ProxySSHFactory(factory.SSHFactory):
"""
......@@ -50,7 +75,7 @@ class ProxySSHFactory(factory.SSHFactory):
self.privateKeys = {private_key.sshType(): private_key}
self.services = {
b'ssh-userauth': userauth.SSHUserAuthServer,
b'ssh-connection': connection.SSHConnection,
b'ssh-connection': SSHConnection,
}
self.portal = cred.portal.Portal(
ProxySSHRealm(), checkers=[ProxyPasswordChecker()])
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment