Ejemplo n.º 1
0
    def process(self):
        # Rewrite GET on /ovd/guacamole/ovdlogin
        if self.http.path.startswith("/ovd/guacamole/ovdlogin"):
            match = re.search("(?P<separator>[?&])token=(?P<token>[^&]*)",
                              self.http.path)

            if Licensing.check_license() is not True:
                raise ProtocolException("No valid license")

            if match is not None:
                token = match.group("token")
                address = self.f_ctrl.send(("digest_token", token))

                if not address or type(address) != tuple or len(address) < 2:
                    raise Exception('token authorization failed for: ' + token)

                host, port = address
                path = self.http.path[0:match.start("separator")]
                path += match.group(
                    "separator") + "server=" + host + "&port=" + str(port)
                path += self.http.path[match.end("token"):]

                match = HttpMessage.http_req_ptn.search(self.http.headers)

                if match is not None:
                    headers = self.http.headers[0:match.start("url")]
                    headers += path
                    headers += self.http.headers[match.end("url"):]

                    self.http.path = path
                    self.http.headers = headers

        ## manage webapps
        referer = self.http.get_header("Referer")
        if self.http.path.startswith("/webapps/"):
            command = self.http.path[len("/webapps/"):]
            command_header = self.http.get_header("x-ovd-service")
            params_header = self.http.get_header("x-ovd-param")
            server_header = self.http.get_header("x-ovd-webappsserver")
            url = urlparse.urlparse(server_header)
            token = url.path[len("/webapps-"):]
            if not command == command_header:
                Logger.error("%s:: invalid webapps command" %
                             (self.__class__.__name__))
                return ''

            new_path = self.http.path + "?" + params_header
            self.http.headers = self.http.headers.replace(
                self.http.path, new_path)
            self.http.path = new_path

        elif self.http.path.startswith("/webapps-"):
            components = self.http.path.split("/")
            new_path = "/" + "/".join(components[2:])
            if not new_path.startswith("/webapps/"):
                new_path = "/webapps" + new_path

            self.http.headers = self.http.headers.replace(
                self.http.path, new_path)

        elif referer is not None:
            url = urlparse.urlparse(referer)
            if url.path.startswith("/webapps-"):
                webapps_prefix = url.path.split("/")[1]
                self.http.service = Service.WEBAPPS
                new_path = "/" + webapps_prefix + self.http.path
                self.http.headers = self.http.headers.replace(
                    webapps_prefix, "webapps")
                self.http.path = new_path

        # Check last service. If different, a new serverCommunicator must be created
        reconnect = False
        if self.last_service is not None and self.http.service is not None and self.last_service != self.http.service:
            names = [
                'SESSION_MANAGER', 'ADMINISTRATION', 'WEB_CLIENT', 'ROOT',
                'WEBAPPS'
            ]
            Logger.debug("Gateway:: Client service type switched from " +
                         names[self.last_service] + " to " +
                         names[self.http.service])
            reconnect = True

        # test path permission
        http_code = self.http.auth()
        if http_code is not httplib.OK:
            host = self.http.get_header("Host")
            if host is None:
                host = "%s:%d" % (self.socket.getsockname())

            self.send(page_error(http_code, addr=host))
            self.socket.sock_shutdown(socket.SHUT_WR)
            self.handle_close()
            return ''

        # path redirection
        if self.communicator is None or reconnect is True:
            addr = None
        else:
            addr = self.communicator.getpeername()[0]

        redirection = self.http.redirect(addr)

        if redirection is not None:
            (protocol, addr) = redirection

            # Update service
            self.last_service = self.http.service

            if self.communicator is not None:
                self.communicator.close()

            if protocol is Protocol.HTTP:
                self.communicator = HttpServerCommunicator(addr,
                                                           self.f_ctrl,
                                                           communicator=self)
            elif protocol is Protocol.HTTPS:
                self.communicator = HttpsServerCommunicator(
                    (addr, self.ssl_ctx), self.f_ctrl, communicator=self)

        # gateway header's tag
        self.http.set_header('OVD-Gateway', 'on')

        # keep alive header handle
        if not Config.http_keep_alive:
            self.http.set_header('Connection', 'close')

        return self.http.show()
Ejemplo n.º 2
0
    def __init__(self, remote=None, communicator=None):
        ServerCommunicator.__init__(self, remote, communicator)

        if Licensing.check_license() is not True:
            raise ProtocolException("No valid license")
Ejemplo n.º 3
0
    def __init__(self, socket=None, communicator=None):
        SSLCommunicator.__init__(self, socket, communicator)

        if Licensing.check_license() is not True:
            raise ProtocolException("No valid license")
Ejemplo n.º 4
0
	def process(self):
		# Rewrite GET on /ovd/guacamole/ovdlogin
		if self.http.path.startswith("/ovd/guacamole/ovdlogin"):
			match = re.search("(?P<separator>[?&])token=(?P<token>[^&]*)", self.http.path)

			if Licensing.check_license() is not True:
				raise ProtocolException("No valid license")

			if match is not None:
				token = match.group("token")
				address = self.f_ctrl.send(("digest_token", token))

				if not address or type(address) != tuple or len(address)<2:
					raise Exception('token authorization failed for: ' + token)

				host, port = address
				path = self.http.path[0:match.start("separator")]
				path+= match.group("separator")+"server="+host+"&port="+str(port)
				path+= self.http.path[match.end("token"):]

				match = HttpMessage.http_req_ptn.search(self.http.headers)

				if match is not None:
					headers = self.http.headers[0:match.start("url")]
					headers+= path
					headers+= self.http.headers[match.end("url"):]

					self.http.path = path
					self.http.headers = headers

		## manage webapps
		referer= self.http.get_header("Referer")
		if self.http.path.startswith("/webapps/"):
			command = self.http.path[len("/webapps/"):]
			command_header = self.http.get_header("x-ovd-service")
			params_header = self.http.get_header("x-ovd-param")
			server_header = self.http.get_header("x-ovd-webappsserver")
			url = urlparse.urlparse(server_header)
			token = url.path[len("/webapps-"):]
			if not command == command_header:
				Logger.error("%s:: invalid webapps command"% (self.__class__.__name__))
				return ''
			
			new_path = self.http.path+"?"+params_header
			self.http.headers = self.http.headers.replace(self.http.path, new_path)
			self.http.path = new_path
		
		
		elif self.http.path.startswith("/webapps-"):
			components = self.http.path.split("/")
			new_path = "/" + "/".join(components[2:])
			if not new_path.startswith("/webapps/"):
				new_path = "/webapps" + new_path
			
			self.http.headers = self.http.headers.replace(self.http.path, new_path)
		
		elif referer is not None:
			url = urlparse.urlparse(referer)
			if url.path.startswith("/webapps-"):
				webapps_prefix = url.path.split("/")[1]
				self.http.service = Service.WEBAPPS
				new_path = "/" + webapps_prefix + self.http.path
				self.http.headers = self.http.headers.replace(webapps_prefix, "webapps")
				self.http.path = new_path
		
		
		# Check last service. If different, a new serverCommunicator must be created
		reconnect = False
		if self.last_service is not None and self.http.service is not None and self.last_service != self.http.service :
			names = ['SESSION_MANAGER', 'ADMINISTRATION', 'WEB_CLIENT', 'ROOT', 'WEBAPPS']
			Logger.debug("Gateway:: Client service type switched from "+names[self.last_service]+" to "+names[self.http.service])
			reconnect = True

		# test path permission
		http_code = self.http.auth()
		if http_code is not httplib.OK:
			host = self.http.get_header("Host")
			if host is None:
				host = "%s:%d" % (self.socket.getsockname())
			
			self.send(page_error(http_code, addr=host))
			self.socket.sock_shutdown(socket.SHUT_WR)
			self.handle_close()
			return ''

		# path redirection
		if self.communicator is None or reconnect is True :
			addr = None
		else:
			addr = self.communicator.getpeername()[0]

		redirection = self.http.redirect(addr)

		if redirection is not None:
			(protocol, addr) = redirection

			# Update service
			self.last_service = self.http.service

			if self.communicator is not None:
				self.communicator.close()

			if protocol is Protocol.HTTP:
				self.communicator = HttpServerCommunicator(
					addr, self.f_ctrl, communicator=self)
			elif protocol is Protocol.HTTPS:
				self.communicator = HttpsServerCommunicator(
					(addr, self.ssl_ctx), self.f_ctrl, communicator=self)
		
		# gateway header's tag
		self.http.set_header('OVD-Gateway', 'on')
		
		# keep alive header handle
		if not Config.http_keep_alive:
			self.http.set_header('Connection', 'close')
		
		return self.http.show()
Ejemplo n.º 5
0
	def __init__(self, remote=None, communicator=None):
		ServerCommunicator.__init__(self, remote, communicator)

		if Licensing.check_license() is not True:
			raise ProtocolException("No valid license")
Ejemplo n.º 6
0
	def __init__(self, socket=None, communicator=None):
		SSLCommunicator.__init__(self, socket, communicator)

		if Licensing.check_license() is not True:
			raise ProtocolException("No valid license")