pushing for external testing
This commit is contained in:
brent s
parent
1bac4a9d78
commit
aa791870be
|
|
@ -43,8 +43,10 @@ def dictify(obj):
|
||||||
# if uid == 3:
|
# if uid == 3:
|
||||||
# print(_u)
|
# print(_u)
|
||||||
|
|
||||||
|
print(mgmt.conn['read'])
|
||||||
_server = mgmt.conn['read'].getServer(1)
|
_server = mgmt.conn['read'].getServer(1)
|
||||||
|
|
||||||
|
print(_server.getACL(0))
|
||||||
|
|
||||||
#acl = _server.getACL(0)
|
#acl = _server.getACL(0)
|
||||||
#print(acl[0])
|
#print(acl[0])
|
||||||
|
|
|
||||||
|
|
@ -36,11 +36,9 @@ read =
|
||||||
write =
|
write =
|
||||||
|
|
||||||
[TUNNEL]
|
[TUNNEL]
|
||||||
# NOTE: TO USE SSH TUNNELING, YOU MUST HAVE THE PARAMIKO PYTHON MODULE INSTALLED.
|
# NOTE: TO USE SSH TUNNELING, YOU MUST HAVE THE "sshtunnel" PYTHON MODULE INSTALLED.
|
||||||
# If enabled, we will bind the remote port to the host and port given in the [ICE] section.
|
# If enabled, we will bind the remote port to the host and port given in the [ICE] section.
|
||||||
# So you probably want to use localhost/127.0.0.1/::1 up there, and if you're
|
# So you probably want to use localhost/127.0.0.1/::1 up there.
|
||||||
# running this script as a non-root user (you should be), then you'll want an
|
|
||||||
# ephemeral/non-privileged port that doesn't have anything bound to it.
|
|
||||||
|
|
||||||
# If this is enabled, we will try to initiate an SSH tunnel to the remote server,
|
# If this is enabled, we will try to initiate an SSH tunnel to the remote server,
|
||||||
# and use the Ice interface through that. Probably only works with TCP Ice instances.
|
# and use the Ice interface through that. Probably only works with TCP Ice instances.
|
||||||
|
|
|
||||||
|
|
@ -13,7 +13,6 @@ import IcePy # python-zeroc-ice in AUR
|
||||||
import getpass
|
import getpass
|
||||||
import os
|
import os
|
||||||
import re
|
import re
|
||||||
import subprocess
|
|
||||||
import sys
|
import sys
|
||||||
import tempfile
|
import tempfile
|
||||||
|
|
||||||
|
|
@ -45,16 +44,10 @@ class IceMgr(object):
|
||||||
|
|
||||||
def sshTunnel(self):
|
def sshTunnel(self):
|
||||||
try:
|
try:
|
||||||
import paramiko
|
from sshtunnel import SSHTunnelForwarder,create_logger
|
||||||
except ImportError:
|
except ImportError:
|
||||||
raise ImportError('You must install Paramiko to use SSH tunneling!')
|
raise ImportError('You must install the sshtunnel Python module to use SSH tunneling!')
|
||||||
# This is the start of an ugly, ugly hack.
|
import time
|
||||||
# All because, to my knowledge, Paramiko can't guess the key type and still
|
|
||||||
# let us use .connect() with a passphrase on the key, etc. etc.
|
|
||||||
_keyidmap = {'dsa': 'DSS',
|
|
||||||
'ecdsa': 'ECDSA',
|
|
||||||
'ed25519': 'Ed25519',
|
|
||||||
'rsa': 'RSA'}
|
|
||||||
_sshcfg = self.cfg['TUNNEL']
|
_sshcfg = self.cfg['TUNNEL']
|
||||||
# Do some munging to make this easier to deal with.
|
# Do some munging to make this easier to deal with.
|
||||||
if _sshcfg['user'] == '':
|
if _sshcfg['user'] == '':
|
||||||
|
|
@ -78,29 +71,35 @@ class IceMgr(object):
|
||||||
if _sshcfg['key'] == '':
|
if _sshcfg['key'] == '':
|
||||||
_sshcfg['key'] = '~/.ssh/id_rsa'
|
_sshcfg['key'] = '~/.ssh/id_rsa'
|
||||||
_key = os.path.abspath(os.path.expanduser(_sshcfg['key']))
|
_key = os.path.abspath(os.path.expanduser(_sshcfg['key']))
|
||||||
# We need to convert it to a Paramiko Pkey type.
|
# We need to get the passphrase for the key, if it's set.
|
||||||
if _sshcfg['key_passphrase'].lower() == 'true':
|
if _sshcfg['key_passphrase'].lower() == 'true':
|
||||||
_keypass = getpass.getpass(('What is the passphrase for {0}? ' +
|
_keypass = getpass.getpass(('What is the passphrase for {0}? ' +
|
||||||
'(Will not be echoed back.)\nPassphrase: ')).encode('utf-8')
|
'(Will not be echoed back.)\nPassphrase: ').format(_key)).encode('utf-8')
|
||||||
else:
|
else:
|
||||||
_keypass = None
|
_keypass = None
|
||||||
# Remember that "ugly hack" I mention at the beginning of this method?
|
# To pring debug info, just add "logger=create_logger(loglevel=1)" to the params.
|
||||||
# Here's the rest of it. Recoil in terror.
|
self.ssh = SSHTunnelForwarder(_sshcfg['host'],
|
||||||
_cmd = subprocess.run(['ssh-keygen', '-l', '-f', _key],
|
ssh_pkey = _key,
|
||||||
stdout = subprocess.PIPE)
|
ssh_private_key_password = _keypass,
|
||||||
_kt = re.sub('[()]', '', _cmd.stdout.decode('utf-8').split()[-1]).lower()
|
ssh_username = _sshcfg['user'],
|
||||||
_keyfunc = getattr(paramiko, '{0}Key'.format(_keyidmap[_kt]))
|
ssh_port = _sshcfg['port'],
|
||||||
_sshcfg['key'] = _keyfunc.from_private_key_file(_key,
|
local_bind_address = ('127.0.0.1', ),
|
||||||
_keypass)
|
remote_bind_address = (self.cfg['ICE']['host'],
|
||||||
# That... was painful. But it *works*, darn it!
|
int(self.cfg['ICE']['port'])),
|
||||||
#self.ssh = paramiko.SSHClient()
|
set_keepalive = 3.0)
|
||||||
self.ssh = paramiko.Transport((_sshcfg['host'],
|
self.ssh.start()
|
||||||
_sshcfg['port']))
|
if self.args['verbose']:
|
||||||
#self.ssh.set_missing_host_key_policy(paramiko.AutoAddPolicy())
|
print('Configured tunneling for {0}:{1}({2}:{3}) => {4}:{5}'.format(
|
||||||
self.ssh.connect(_sshcfg['host'],
|
_sshcfg['host'],
|
||||||
username = _sshcfg['user'],
|
_sshcfg['port'],
|
||||||
password = _ssh['passphrase'],
|
self.cfg['ICE']['host'],
|
||||||
pkey = _sshcfg['key'])
|
self.cfg['ICE']['port'],
|
||||||
|
self.ssh.local_bind_address[0],
|
||||||
|
self.ssh.local_bind_address[1]))
|
||||||
|
#self.cfg['ICE']['port'] = int(self.ssh.local_bind_ports[0])
|
||||||
|
self.cfg['ICE']['port'] = int(self.ssh.local_bind_port)
|
||||||
|
self.cfg['ICE']['host'] = self.ssh.local_bind_address[0]
|
||||||
|
time.sleep(3)
|
||||||
return()
|
return()
|
||||||
|
|
||||||
def connect(self):
|
def connect(self):
|
||||||
|
|
@ -115,9 +114,9 @@ class IceMgr(object):
|
||||||
_conn = Ice.InitializationData()
|
_conn = Ice.InitializationData()
|
||||||
_conn.properties = _prop_data
|
_conn.properties = _prop_data
|
||||||
self.ice = Ice.initialize(_conn)
|
self.ice = Ice.initialize(_conn)
|
||||||
_host = 'Meta:{0} -h {1} -p {2}'.format(self.cfg['ICE']['proto'],
|
_host = 'Meta:{0} -h {1} -p {2} -t 1000'.format(self.cfg['ICE']['proto'],
|
||||||
self.cfg['ICE']['host'],
|
self.cfg['ICE']['host'],
|
||||||
self.cfg['ICE']['port'])
|
self.cfg['ICE']['port'])
|
||||||
_ctx = self.ice.stringToProxy(_host)
|
_ctx = self.ice.stringToProxy(_host)
|
||||||
# I owe a lot of neat tricks here to:
|
# I owe a lot of neat tricks here to:
|
||||||
# https://raw.githubusercontent.com/mumble-voip/mumble-scripts/master/Helpers/mice.py
|
# https://raw.githubusercontent.com/mumble-voip/mumble-scripts/master/Helpers/mice.py
|
||||||
|
|
@ -293,6 +292,9 @@ class IceMgr(object):
|
||||||
|
|
||||||
def close(self):
|
def close(self):
|
||||||
self.ice.destroy()
|
self.ice.destroy()
|
||||||
|
if self.cfg['TUNNEL']['enable'].lower() in ('', 'true'):
|
||||||
|
self.ssh.stop()
|
||||||
|
self.ssh.close()
|
||||||
return()
|
return()
|
||||||
|
|
||||||
def parseArgs():
|
def parseArgs():
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue