def test_rogue_ssh_sessions(self):
port = self.osinteraction.get_open_port()
port2 = self.osinteraction.get_open_port()
self.assertNotEqual(port, port2)
request_open_port(port, server=self.test_server)
command = [
'/usr/bin/ssh',
'open@%s' % self.test_server.split('//')[1], '-R',
'%s:localhost:%s' % (port2, port2), 'wrong_session_token'
]
print(command)
p = subprocess.Popen(command,
bufsize=2048,
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
shell=False)
failed = wait_for_response(lambda: p.poll() is not None,
timeout=10,
throw=False)
sleep(3)
output = self.osinteraction.non_block_read(p)
print(output)
self.assertTrue(
'remote port forwarding failed for listen port' in output[1])
self.assertFalse(failed)
def test_rogue_ssh_session__correct__old_version(self):
port = self.osinteraction.get_open_port()
response = request_open_port(port,
server=self.test_server,
client_version='0.9.3')
command = [
'/usr/bin/ssh',
'open@%s' % self.test_server.split('//')[1], '-R',
'%s:localhost:%s' % (response.remote_port, port)
] # No response.session_token!
print(command)
p = subprocess.Popen(command,
bufsize=2048,
stdin=subprocess.PIPE,
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
shell=False)
run_method_with_timeout(lambda: wait_for_response(
lambda: p.poll() is not None, timeout=10, throw=False),
10,
raise_exception=False)
if p.returncode is not None:
print(p.communicate())
self.assertEqual(p.returncode, None)
def start_port_forward(self, session, server=DEFAULT_SERVER):
self.restart_on_failure = True
self.automatic_restart = False
self.session = session
if not session.public_key_file:
session.public_key_file, session.private_key_file = get_default_key_locations(
)
with open(session.public_key_file, 'r') as f:
public_key = f.readline().strip()
# This is the main loop. Exit this and the program ends.
while self.restart_on_failure and not self.stopped:
try:
response = openport_api.request_open_port(
session.local_port,
request_server_port=session.server_port,
restart_session_token=session.server_session_token,
error_callback=session.notify_error,
stop_callback=session.notify_stop,
http_forward=session.http_forward,
server=server,
automatic_restart=self.automatic_restart,
public_key=public_key,
forward_tunnel=session.forward_tunnel,
ip_link_protection=session.ip_link_protection,
)
self.last_response = response
if session.server_port != response.remote_port:
self.repeat_message = True
session.server = response.server
if not session.forward_tunnel:
session.server_port = response.remote_port
session.pid = os.getpid()
session.account_id = response.account_id
session.key_id = response.key_id
session.server_session_token = response.session_token
session.http_forward_address = response.http_forward_address
session.open_port_for_ip_link = response.open_port_for_ip_link
self.port_forwarding_service = PortForwardingService(
session.local_port,
session.server_port,
session.server,
SERVER_SSH_PORT,
SERVER_SSH_USER,
session.public_key_file,
session.private_key_file,
success_callback=session.notify_success,
error_callback=session.notify_error,
fallback_server_ssh_port=response.fallback_ssh_server_port,
fallback_ssh_server=response.fallback_ssh_server_ip,
http_forward_address=session.http_forward_address,
start_callback=self.session_start,
forward_tunnel=session.forward_tunnel,
session_token=session.server_session_token,
keep_alive_interval_seconds=session.
keep_alive_interval_seconds,
)
self.port_forwarding_service.start() # hangs
except openport_api.FatalSessionError as e:
logger.info('(Re)starting the session was denied: %s' % e)
break
except SystemExit as e:
raise
except IOError as e:
if e.errno != errno.EINTR:
logger.error(e)
sleep(10)
except TunnelError as e:
logger.error(e)
sleep(10)
except Exception as e:
# logger.exception(e)
logger.error('general exception: {}'.format(e))
sleep(10)
finally:
self.automatic_restart = True