def __init__(self):
self.event = threading.Event()
self.tty_args = ['?', 80, 40] # 终端参数(终端, 长, 宽)
# self.ssh_args = None # ssh连接参数
self.ssh_args = None
self.type = None
self.http_user = None # 终端日志 -- http用户
self.hostname = None # 后端主机名称
self.password = None
self.hostid = None # 终端日志 -- hostid
self.closed = False
self.chan_cli = None
self.client = None
self.client_addr = None
self.group = 'session_' + gen_rand_char()
self.cmd = '' # 多行命令
self.cmd_tmp = '' # 一行命令
self.tab_mode = False # 使用tab命令补全时需要读取返回数据然后添加到当前输入命令后
self.history_mode = False
self.start_time = time.time()
tmp_date1 = time.strftime("%Y-%m-%d", time.localtime(int(self.start_time)))
tmp_date2 = time.strftime("%Y%m%d%H%M%S", time.localtime(int(self.start_time)))
if not os.path.isdir(os.path.join(settings.RECORD_ROOT, tmp_date1)):
os.makedirs(os.path.join(settings.RECORD_ROOT, tmp_date1))
self.res_file = settings.RECORD_DIR + '/' + tmp_date1 + '/' + 'clissh_' + \
tmp_date2 + '_' + gen_rand_char(16) + '.txt'
self.log_start_time = timezone.now()
self.last_save_time = self.start_time
self.res_asciinema = []
self.width = 80
self.height = 40
self.user_role = False # False 普通用户 True 管理员
self.superusername = None
self.superpassword = None
self.lock = False # 锁定会话
def __init__(self):
self.event = threading.Event()
self.tty_args = ['?', 80, 40] # 终端参数(终端, 长, 宽)
# self.ssh_args = None # ssh连接参数
self.ssh_args = None
self.type = None
self.http_user = None # 终端日志 -- http用户
self.hostname = None # 后端主机名称
self.password = None
self.hostid = None # 终端日志 -- hostid
self.closed = False
self.chan_cli = None
self.client = None
self.client_addr = None
self.group = 'session_' + gen_rand_char()
self.cmd = '' # 多行命令
self.cmd_tmp = '' # 一行命令
self.tab_mode = False # 使用tab命令补全时需要读取返回数据然后添加到当前输入命令后
self.history_mode = False
self.res_file = gen_rand_char(16) + '.txt'
self.start_time = time.time()
self.log_start_time = timezone.now()
self.last_save_time = self.start_time
self.res_asciinema = []
self.res_asciinema.append(
json.dumps(
{
"version": 2,
"width": 250, # 设置足够宽,以便播放时全屏不至于显示错乱
"height": 40,
"timestamp": int(self.start_time),
"env": {"SHELL": "/bin/sh", "TERM": "linux"}
}
)
)
def __init__(self):
self.event = threading.Event()
self.tty_args = ['?', 80, 40] # 终端参数(终端, 长, 宽)
# self.ssh_args = None # ssh连接参数
self.ssh_args = None
self.type = None
self.http_user = None # 终端日志 -- http用户
self.hostname = None # 后端主机名称
self.password = None
self.hostid = None # 终端日志 -- hostid
self.closed = False
self.chan_cli = None
self.client = None
self.client_addr = None
self.group = 'session_' + gen_rand_char()
self.cmd = '' # 多行命令
self.cmd_tmp = '' # 一行命令
self.tab_mode = False # 使用tab命令补全时需要读取返回数据然后添加到当前输入命令后
self.history_mode = False
self.start_time = time.time()
self.res_file = 'clissh_' + str(int(
self.start_time)) + '_' + gen_rand_char(16) + '.txt'
self.log_start_time = timezone.now()
self.last_save_time = self.start_time
self.res_asciinema = []
self.width = 80
self.height = 40
self.user_role = False # False 普通用户 True 管理员
self.superusername = None
self.superpassword = None
self.lock = False # 锁定会话
def __init__(self, websocker, message):
self.websocker = websocker
self.message = message
self.cmd = '' # 记录多行处理过的命令
self.cmd_tmp = '' # 记录一行待处理的命令
self.res = ''
self.start_time = time.time()
tmp_date1 = time.strftime("%Y-%m-%d",
time.localtime(int(self.start_time)))
tmp_date2 = time.strftime("%Y%m%d%H%M%S",
time.localtime(int(self.start_time)))
if not os.path.isdir(os.path.join(settings.RECORD_ROOT, tmp_date1)):
os.makedirs(os.path.join(settings.RECORD_ROOT, tmp_date1))
self.res_file = settings.RECORD_DIR + '/' + tmp_date1 + '/' + 'webssh_' + \
tmp_date2 + '_' + gen_rand_char(16) + '.txt'
self.last_save_time = self.start_time
self.res_asciinema = []
self.zmodem = False
self.zmodemOO = False
mp_readline.TESTING = True
self.rl = mp_readline.MpReadline()
self.tab_mode = False # 使用tab命令补全时需要读取返回数据然后添加到当前输入命令后
self.history_mode = False
self.enter = False # 是否输入回车 \r, 为 True 时则根据 ssh 服务端返回的数据判断是否是执行的命令或者是编辑文本
self.ctrl_z = False
self.ctrl_c = False
def terminal_cli_sftp(request):
host_id = request.POST.get('hostid', None)
username = request.session.get('username')
password = gen_rand_char(16) # 生成随机密码
terminal_type = 'ssh'
key = '%s_%s_%s' % (terminal_type, username, password)
key_sftp = '%s_%s_%s_sftp_count' % (terminal_type, username, password)
# cache.set(key, host_id, timeout=60 * 60 * 24) # 写入 redis 缓存以便 proxy_sshd 读取
cache.set(key, {'host_id': host_id, 'issuperuser': request.session['issuperuser']}, timeout=60 * 60 * 24)
# 用于限制随机密码sftp登陆次数
cache.set(key_sftp, 1, timeout=60 * 60 * 24) # 写入 redis 缓存以便 proxy_sshd 读取
host = RemoteUserBindHost.objects.get(pk=host_id)
user = User.objects.get(username=username)
clisftp = json.loads(user.setting)['clisftp']
sftp_app = None
for i in clisftp:
if i['enable']:
sftp_app = i
break
link_sftp = '{scheme}://%s %s' % (sftp_app['path'], sftp_app['args'])
return HttpResponse(link_sftp.format(
scheme='apploader',
login_host=request.META['HTTP_HOST'].split(':')[0],
port=settings.PROXY_SSHD.get('listen_port', 2222),
login_user=username,
login_passwd=password,
host=host.ip,
username=host.remote_user.username,
hostname=host.hostname,
))
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.group = 'session_' + gen_rand_char()
self.session = dict()
self.message = dict()
self.client = None
self.user_agent = None
self.is_running = False
def __init__(self, websocker):
self.websocker = websocker
self.start_time = time.time()
self.last_save_time = self.start_time
self.res_file = 'webguacamole_' + str(int(
self.start_time)) + '_' + gen_rand_char(16) + '.txt'
self.res = []
self.guacamoleclient = None
def __init__(self, websocker, message):
self.websocker = websocker
self.message = message
self.cmd = '' # 多行命令
self.cmd_tmp = '' # 一行命令
self.res_file = gen_rand_char(16) + '.txt'
self.res = ''
self.tn = telnetlib.Telnet()
def __init__(self, proxy_ssh, *largs, **kwargs):
self.sftp_closed = False
self.char = gen_rand_char(16)
super(SFTPInterface, self).__init__(proxy_ssh, *largs, **kwargs)
self.client, self.transport = self.get_sftp_proxy_client(
proxy_ssh.ssh_args)
transport_keepalive(self.transport)
self.root_path = proxy_ssh.root_path if ('root_path'
in proxy_ssh.__dict__) else ''
self.cmd = ''
self.proxy_ssh = proxy_ssh
try:
self._client = self.proxy_ssh.chan_cli.transport.remote_version
except Exception:
self._client = 'clissh'
try:
self.client_addr = self.proxy_ssh.chan_cli.transport.sock.getpeername(
)[0]
except Exception:
self.client_addr = '1.0.0.0'
data = {
'name':
'{}_{}_sftp_session'.format(self.proxy_ssh.http_user,
self.proxy_ssh.password),
'group':
self.proxy_ssh.group,
'user':
self.proxy_ssh.http_user,
'host':
self.proxy_ssh.ssh_args[0],
'username':
self.proxy_ssh.ssh_args[2],
'protocol':
5, # 5 sftp
'port':
self.proxy_ssh.ssh_args[1],
'type':
4, # 4 clisftp
'address':
self.client_addr,
'useragent':
self._client,
}
TerminalSession.objects.create(**data)
# 设置连接到redis,使管理员可强制关闭软件终端 会话最大有效时间 30 天
cache.set('{}_{}_sftp_session'.format(self.proxy_ssh.http_user,
self.proxy_ssh.password),
True,
timeout=60 * 60 * 24 * 30)
self.last_operation_time = time.time() # 最后一次操作日志,用于指定时间无操作后退出
t = threading.Thread(target=self.check_backend)
t.daemon = True
t.start()
def terminal_cli(request):
host_id = request.POST.get('hostid', None)
username = request.session.get('username')
if request.session['issuperuser'] and request.session[
'username'] == 'admin':
hosts = RemoteUserBindHost.objects.filter(
Q(pk=host_id),
Q(enabled=True),
)
else:
hosts = RemoteUserBindHost.objects.filter(
Q(pk=host_id),
Q(enabled=True),
Q(user__username=username) | Q(group__user__username=username),
).distinct()
if not hosts:
error_message = '不存在的主机!'
return JsonResponse({"code": 400, "error": error_message})
else:
host = hosts[0]
password = gen_rand_char(16) # 生成随机密码
terminal_type = 'ssh'
key = '%s_%s_%s' % (terminal_type, username, password)
key_ssh = '%s_%s_%s_ssh_count' % (terminal_type, username, password)
key_sftp = '%s_%s_%s_sftp_count' % (terminal_type, username, password)
# cache.set(key, host_id, timeout=60 * 60 * 24) # 写入 redis 缓存以便 proxy_sshd 读取
cache.set(key, {
'host_id': host_id,
'issuperuser': request.session['issuperuser']
},
timeout=60 * 60 * 24)
# 用于限制随机密码ssh和sftp登陆次数
cache.set(key_ssh, 1, timeout=60 * 60 * 24) # 写入 redis 缓存以便 proxy_sshd 读取
if '客户端sftp' in request.session[
settings.INIT_PERMISSION]['titles']: # 判断权限
cache.set(key_sftp, 1, timeout=60 * 60 * 24)
user = User.objects.get(username=username)
clissh = json.loads(user.setting)['clissh']
ssh_app = None
for i in clissh:
if i['enable']:
ssh_app = i
break
link_ssh = '{scheme}://%s %s' % (ssh_app['path'], ssh_app['args'])
return HttpResponse(
link_ssh.format(
scheme='apploader',
login_host=request.META['HTTP_HOST'].split(':')[0],
port=settings.PROXY_SSHD.get('listen_port', 2222),
login_user=username,
login_passwd=password,
host=host.ip,
username=host.remote_user.username,
hostname=host.hostname,
))
def __init__(self, proxy_ssh, *largs, **kwargs):
# print(proxy_ssh, 999999999)
self.char = gen_rand_char(16)
super(SFTPInterface, self).__init__(proxy_ssh, *largs, **kwargs)
# import ipdb; ipdb.set_trace()
self.client, self.transport = self.get_sftp_proxy_client(
proxy_ssh.ssh_args)
transport_keepalive(self.transport)
self.root_path = proxy_ssh.root_path if ('root_path'
in proxy_ssh.__dict__) else ''
def __init__(self, websocker, message):
self.websocker = websocker
self.message = message
self.cmd = '' # 多行命令
self.cmd_tmp = '' # 一行命令
self.res = ''
self.tab_mode = False # 使用tab命令补全时需要读取返回数据然后添加到当前输入命令后
self.history_mode = False
self.start_time = time.time()
self.res_file = 'webssh_' + str(int(
self.start_time)) + '_' + gen_rand_char(16) + '.txt'
self.last_save_time = self.start_time
self.res_asciinema = []
def __init__(self, websocker):
self.websocker = websocker
self.start_time = time.time()
self.last_save_time = self.start_time
tmp_date1 = time.strftime("%Y-%m-%d",
time.localtime(int(self.start_time)))
tmp_date2 = time.strftime("%Y%m%d%H%M%S",
time.localtime(int(self.start_time)))
if not os.path.isdir(os.path.join(settings.RECORD_ROOT, tmp_date1)):
os.makedirs(os.path.join(settings.RECORD_ROOT, tmp_date1))
self.res_file = settings.RECORD_DIR + '/' + tmp_date1 + '/' + 'webguacamole_' + \
tmp_date2 + '_' + gen_rand_char(16) + '.txt'
self.res = []
self.guacamoleclient = None
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
self.message = {'status': 0, 'message': None}
"""
status:
0: ssh 连接正常, websocket 正常
1: 发生未知错误, 关闭 ssh 和 websocket 连接
message:
status 为 1 时, message 为具体的错误信息
status 为 0 时, message 为 ssh 返回的数据, 前端页面将获取 ssh 返回的数据并写入终端页面
"""
self.session = None
self.remote_host = None
self.start_time = None
self.send_flag = 0 # 0 发送自身通道,1 发送 group 通道,作用为当管理员查看会话时,进入 group 通道
self.group = 'session_' + gen_rand_char()
def __init__(self, *args, **kwargs):
super().__init__(*args, **kwargs)
query_string = self.scope.get('query_string').decode()
guacamole_args = QueryDict(query_string=query_string, encoding='utf-8')
self.hostid = int(guacamole_args.get('hostid'))
self.remote_host = None
self.width = guacamole_args.get('width')
self.height = guacamole_args.get('height')
self.dpi = guacamole_args.get('dpi')
self.session = None
self.start_time = timezone.now()
self.send_flag = 0 # 0 发送自身通道,1 发送 group 通道,作用为当管理员查看会话时,进入 group 通道
self.group = 'session_' + gen_rand_char()
self.user_agent = None
self.guacamoleclient = None
self.lock = False
self.last_operation_time = time.time()
self.closed = False
def __init__(self, websocker, message):
self.websocker = websocker
self.message = message
self.cmd = '' # 多行命令
self.cmd_tmp = '' # 一行命令
self.res = ''
self.tab_mode = False # 使用tab命令补全时需要读取返回数据然后添加到当前输入命令后
self.history_mode = False
self.start_time = time.time()
tmp_date1 = time.strftime("%Y-%m-%d", time.localtime(int(self.start_time)))
tmp_date2 = time.strftime("%Y%m%d%H%M%S", time.localtime(int(self.start_time)))
if not os.path.isdir(os.path.join(settings.RECORD_ROOT, tmp_date1)):
os.makedirs(os.path.join(settings.RECORD_ROOT, tmp_date1))
self.res_file = settings.RECORD_DIR + '/' + tmp_date1 + '/' + 'webssh_' + \
tmp_date2 + '_' + gen_rand_char(16) + '.txt'
self.last_save_time = self.start_time
self.res_asciinema = []
self.zmodem = False
self.zmodemOO = False
def __init__(self, websocker, message):
self.websocker = websocker
self.message = message
self.cmd = '' # 多行命令
self.cmd_tmp = '' # 一行命令
self.res = ''
self.tab_mode = False # 使用tab命令补全时需要读取返回数据然后添加到当前输入命令后
self.history_mode = False
self.res_file = gen_rand_char(16) + '.txt'
self.start_time = time.time()
self.last_save_time = self.start_time
self.res_asciinema = []
self.res_asciinema.append(
json.dumps({
"version": 2,
"width": 250, # 设置足够宽,以便播放时全屏不至于显示错乱
"height": 40,
"timestamp": int(self.start_time),
"env": {
"SHELL": "/bin/sh",
"TERM": "linux"
}
}))
def terminal_cli(request):
host_id = request.POST.get('hostid', None)
username = request.session.get('username')
password = gen_rand_char(16) # 生成随机密码
terminal_type = 'ssh'
key = '%s_%s_%s' % (terminal_type, username, password)
key_ssh = '%s_%s_%s_ssh_count' % (terminal_type, username, password)
key_sftp = '%s_%s_%s_sftp_count' % (terminal_type, username, password)
cache.set(key, host_id,
timeout=60 * 60 * 24) # 写入 redis 缓存以便 proxy_sshd 读取
# 用于限制随机密码ssh和sftp登陆次数
cache.set(key_ssh, 1, timeout=60 * 60 * 24) # 写入 redis 缓存以便 proxy_sshd 读取
cache.set(key_sftp, 1, timeout=60 * 60 * 24) # 写入 redis 缓存以便 proxy_sshd 读取
# Xshell.exe" ssh://网站用户:临时密码@堡垒机:端口 -newtab SSH用户/SSH主机
# link = '{scheme}://{user}:{passwd}@{cmdb}:{port}\\" \\"-newtab\\" \\"{username}/{host}\\"'
host = RemoteUserBindHost.objects.get(pk=host_id)
link_crt_ssh = '{scheme}://C:\\Program Files\\VanDyke Software\\Clients\\SecureCRT.exe /T /N "{username}@{host}" /SSH2 /L {user} /PASSWORD {passwd} {cmdb} /P {port}'
link_xshell_ssh = '{scheme}://C:\\Program Files (x86)\\NetSarang\\Xmanager Enterprise 5\\Xshell.exe -newtab "{username}@{host}" -url ssh://{user}:{passwd}@{cmdb}:{port}'
link_putty_ssh = '{scheme}://C:\\Users\\xx\\AppData\\Roaming\\TP4A\\Teleport-Assist\\tools\\putty\\putty.exe -l {user} -pw {passwd} {cmdb} -P {port}'
link_winscp_sftp = '{scheme}://C:\\Users\\xx\\AppData\\Roaming\\TP4A\\Teleport-Assist\\tools\\winscp\\WinSCP.exe /sessionname="{username}@{host}" {user}:{passwd}@{cmdb}:{port}'
clissh = 'link_crt_ssh'
if clissh == 'link_crt_ssh':
return HttpResponse(
link_crt_ssh.format(
scheme='apploader',
cmdb=request.META['HTTP_HOST'].split(':')[0],
port=settings.PROXY_SSHD.get('listen_port', 2222),
user=username,
passwd=password,
host=host.ip,
username=host.remote_user.username,
))
elif clissh == 'link_xshell_ssh':
return HttpResponse(
link_xshell_ssh.format(
scheme='apploader', # 自定义的网页调用外部软件(xshell)协议
cmdb=request.META['HTTP_HOST'].split(
':')[0], # xshell连接主机(cmdb堡垒机代理)
port=settings.PROXY_SSHD.get('listen_port', 2222),
user=username, # xshell连接主机的用户(cmdb堡垒机代理)
passwd=password,
host=host.ip, # xshell标签显示连接的主机(后端SSH实际主机)
username=host.remote_user.
username, # xshell标签显示连接的用户(后端SSH实际用户)
))
elif clissh == 'link_winscp_sftp':
return HttpResponse(
link_winscp_sftp.format(
scheme='apploader',
cmdb=request.META['HTTP_HOST'].split(':')[0],
port=settings.PROXY_SSHD.get('listen_port', 2222),
user=username,
passwd=password,
host=host.ip,
username=host.remote_user.username,
))
elif clissh in ('link_putty_ssh'):
return HttpResponse(
link_putty_ssh.format(
scheme='apploader',
cmdb=request.META['HTTP_HOST'].split(':')[0],
port=settings.PROXY_SSHD.get('listen_port', 2222),
user=username,
passwd=password,
host=host.ip,
username=host.remote_user.username,
))