mirror of https://gogs.blitter.com/RLabs/xs
Set lots of KEx Printfs to log.Printf (and off by default). Hacky non=tty shell works!
This commit is contained in:
parent
cca2895526
commit
e8fe31f6d7
|
@ -4,6 +4,8 @@ import (
|
||||||
"flag"
|
"flag"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io"
|
"io"
|
||||||
|
"io/ioutil"
|
||||||
|
"log"
|
||||||
"os"
|
"os"
|
||||||
"sync"
|
"sync"
|
||||||
|
|
||||||
|
@ -34,6 +36,8 @@ func main() {
|
||||||
flag.StringVar(&server, "s", "localhost:2000", "server hostname/address[:port]")
|
flag.StringVar(&server, "s", "localhost:2000", "server hostname/address[:port]")
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
||||||
|
log.SetOutput(ioutil.Discard)
|
||||||
|
|
||||||
conn, err := hkex.Dial("tcp", server, cAlg, hAlg)
|
conn, err := hkex.Dial("tcp", server, cAlg, hAlg)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Println("Err!")
|
fmt.Println("Err!")
|
||||||
|
|
|
@ -3,6 +3,7 @@ package main
|
||||||
import (
|
import (
|
||||||
"flag"
|
"flag"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"io/ioutil"
|
||||||
"log"
|
"log"
|
||||||
"os/exec"
|
"os/exec"
|
||||||
"os/user"
|
"os/user"
|
||||||
|
@ -36,13 +37,14 @@ type cmdRunner struct {
|
||||||
status int
|
status int
|
||||||
}
|
}
|
||||||
|
|
||||||
func cmd(r *cmdRunner) {
|
/*
|
||||||
|
func cmd(r *cmdRunner) {
|
||||||
switch r.op {
|
switch r.op {
|
||||||
case OpR:
|
case OpR:
|
||||||
//Clean up r.cmd beforehand
|
//Clean up r.cmd beforehand
|
||||||
r.arg = strings.TrimSpace(r.arg)
|
r.arg = strings.TrimSpace(r.arg)
|
||||||
fmt.Printf("[cmd was:'%s']\n", r.arg)
|
fmt.Printf("[cmd was:'%s']\n", r.arg)
|
||||||
runCmdAs(r.who, r.arg)
|
runCmdAs(r.who, r.arg, nil)
|
||||||
fmt.Println(r.arg)
|
fmt.Println(r.arg)
|
||||||
break
|
break
|
||||||
default:
|
default:
|
||||||
|
@ -50,14 +52,15 @@ func cmd(r *cmdRunner) {
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
*/
|
||||||
|
|
||||||
// Run a command (via os.exec) as a specific user
|
// Run a command (via os.exec) as a specific user
|
||||||
func runCmdAs(who string, cmd string) (err error) {
|
func runCmdAs(who string, cmd string, conn hkex.Conn) (err error) {
|
||||||
u, _ := user.Lookup(who)
|
u, _ := user.Lookup(who)
|
||||||
var uid, gid uint32
|
var uid, gid uint32
|
||||||
fmt.Sscanf(u.Uid, "%d", &uid)
|
fmt.Sscanf(u.Uid, "%d", &uid)
|
||||||
fmt.Sscanf(u.Gid, "%d", &gid)
|
fmt.Sscanf(u.Gid, "%d", &gid)
|
||||||
//fmt.Println("uid:", uid, "gid:", gid)
|
fmt.Println("uid:", uid, "gid:", gid)
|
||||||
|
|
||||||
args := strings.Split(cmd, " ")
|
args := strings.Split(cmd, " ")
|
||||||
arg0 := args[0]
|
arg0 := args[0]
|
||||||
|
@ -65,6 +68,10 @@ func runCmdAs(who string, cmd string) (err error) {
|
||||||
c := exec.Command(arg0, args...)
|
c := exec.Command(arg0, args...)
|
||||||
c.SysProcAttr = &syscall.SysProcAttr{}
|
c.SysProcAttr = &syscall.SysProcAttr{}
|
||||||
c.SysProcAttr.Credential = &syscall.Credential{Uid: uid, Gid: gid}
|
c.SysProcAttr.Credential = &syscall.Credential{Uid: uid, Gid: gid}
|
||||||
|
c.Stdin = conn
|
||||||
|
c.Stdout = conn
|
||||||
|
c.Stderr = conn
|
||||||
|
|
||||||
err = c.Run()
|
err = c.Run()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
log.Printf("Command finished with error: %v", err)
|
log.Printf("Command finished with error: %v", err)
|
||||||
|
@ -84,6 +91,8 @@ func main() {
|
||||||
flag.StringVar(&laddr, "l", ":2000", "interface[:port] to listen")
|
flag.StringVar(&laddr, "l", ":2000", "interface[:port] to listen")
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
|
|
||||||
|
log.SetOutput(ioutil.Discard)
|
||||||
|
|
||||||
// Listen on TCP port 2000 on all available unicast and
|
// Listen on TCP port 2000 on all available unicast and
|
||||||
// anycast IP addresses of the local system.
|
// anycast IP addresses of the local system.
|
||||||
l, err := hkex.Listen("tcp", laddr)
|
l, err := hkex.Listen("tcp", laddr)
|
||||||
|
@ -155,13 +164,18 @@ func main() {
|
||||||
// authCookie: "c00ki3",
|
// authCookie: "c00ki3",
|
||||||
// status: 0}
|
// status: 0}
|
||||||
}
|
}
|
||||||
|
|
||||||
// From here, one could pass all subsequent data
|
// From here, one could pass all subsequent data
|
||||||
// between client/server attached to an exec.Cmd,
|
// between client/server attached to an exec.Cmd,
|
||||||
// as data to/from a file, etc.
|
// as data to/from a file, etc.
|
||||||
conn.Write([]byte("SERVER RESPONSE to '"))
|
if *connOp == 's' {
|
||||||
conn.Write(data)
|
fmt.Println("[Running shell]")
|
||||||
conn.Write([]byte("'\n"))
|
runCmdAs("larissa", "bash -l -i", conn)
|
||||||
|
// Returned hopefully via an EOF or exit/logout;
|
||||||
|
// Clear current op so user can enter next, or EOF
|
||||||
|
connOp = nil
|
||||||
|
fmt.Println("[Exiting shell]")
|
||||||
|
}
|
||||||
if strings.Trim(string(data), "\r\n") == "exit" {
|
if strings.Trim(string(data), "\r\n") == "exit" {
|
||||||
conn.Close()
|
conn.Close()
|
||||||
}
|
}
|
||||||
|
|
56
hkexnet.go
56
hkexnet.go
|
@ -25,6 +25,7 @@ import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"crypto/cipher"
|
"crypto/cipher"
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"log"
|
||||||
"math/big"
|
"math/big"
|
||||||
"net"
|
"net"
|
||||||
"time"
|
"time"
|
||||||
|
@ -104,27 +105,27 @@ func (c Conn) applyConnExtensions(extensions ...string) {
|
||||||
for _, s := range extensions {
|
for _, s := range extensions {
|
||||||
switch s {
|
switch s {
|
||||||
case "C_AES_256":
|
case "C_AES_256":
|
||||||
fmt.Println("[extension arg = C_AES_256]")
|
log.Println("[extension arg = C_AES_256]")
|
||||||
c.cipheropts &= (0xFFFFFF00)
|
c.cipheropts &= (0xFFFFFF00)
|
||||||
c.cipheropts |= CAlgAES256
|
c.cipheropts |= CAlgAES256
|
||||||
break
|
break
|
||||||
case "C_TWOFISH_128":
|
case "C_TWOFISH_128":
|
||||||
fmt.Println("[extension arg = C_TWOFISH_128]")
|
log.Println("[extension arg = C_TWOFISH_128]")
|
||||||
c.cipheropts &= (0xFFFFFF00)
|
c.cipheropts &= (0xFFFFFF00)
|
||||||
c.cipheropts |= CAlgTwofish128
|
c.cipheropts |= CAlgTwofish128
|
||||||
break
|
break
|
||||||
case "C_BLOWFISH_64":
|
case "C_BLOWFISH_64":
|
||||||
fmt.Println("[extension arg = C_BLOWFISH_64]")
|
log.Println("[extension arg = C_BLOWFISH_64]")
|
||||||
c.cipheropts &= (0xFFFFFF00)
|
c.cipheropts &= (0xFFFFFF00)
|
||||||
c.cipheropts |= CAlgBlowfish64
|
c.cipheropts |= CAlgBlowfish64
|
||||||
break
|
break
|
||||||
case "H_SHA256":
|
case "H_SHA256":
|
||||||
fmt.Println("[extension arg = H_SHA256]")
|
log.Println("[extension arg = H_SHA256]")
|
||||||
c.cipheropts &= (0xFFFF00FF)
|
c.cipheropts &= (0xFFFF00FF)
|
||||||
c.cipheropts |= (HmacSHA256 << 8)
|
c.cipheropts |= (HmacSHA256 << 8)
|
||||||
break
|
break
|
||||||
default:
|
default:
|
||||||
fmt.Printf("[Dial ext \"%s\" ignored]\n", s)
|
log.Printf("[Dial ext \"%s\" ignored]\n", s)
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -161,10 +162,10 @@ func Dial(protocol string, ipport string, extensions ...string) (hc *Conn, err e
|
||||||
}
|
}
|
||||||
|
|
||||||
hc.h.PeerD = d
|
hc.h.PeerD = d
|
||||||
fmt.Printf("** D:%s\n", hc.h.d.Text(16))
|
log.Printf("** D:%s\n", hc.h.d.Text(16))
|
||||||
fmt.Printf("**(c)** peerD:%s\n", hc.h.PeerD.Text(16))
|
log.Printf("**(c)** peerD:%s\n", hc.h.PeerD.Text(16))
|
||||||
hc.h.FA()
|
hc.h.FA()
|
||||||
fmt.Printf("**(c)** FA:%s\n", hc.h.fa)
|
log.Printf("**(c)** FA:%s\n", hc.h.fa)
|
||||||
|
|
||||||
hc.r = hc.getStream(hc.h.fa)
|
hc.r = hc.getStream(hc.h.fa)
|
||||||
hc.w = hc.getStream(hc.h.fa)
|
hc.w = hc.getStream(hc.h.fa)
|
||||||
|
@ -277,10 +278,10 @@ func (hl HKExListener) Accept() (hc Conn, err error) {
|
||||||
return hc, err
|
return hc, err
|
||||||
}
|
}
|
||||||
hc.h.PeerD = d
|
hc.h.PeerD = d
|
||||||
fmt.Printf("** D:%s\n", hc.h.d.Text(16))
|
log.Printf("** D:%s\n", hc.h.d.Text(16))
|
||||||
fmt.Printf("**(s)** peerD:%s\n", hc.h.PeerD.Text(16))
|
log.Printf("**(s)** peerD:%s\n", hc.h.PeerD.Text(16))
|
||||||
hc.h.FA()
|
hc.h.FA()
|
||||||
fmt.Printf("**(s)** FA:%s\n", hc.h.fa)
|
log.Printf("**(s)** FA:%s\n", hc.h.fa)
|
||||||
|
|
||||||
fmt.Fprintf(c, "0x%s\n%08x:%08x:%02x\n", hc.h.d.Text(16),
|
fmt.Fprintf(c, "0x%s\n%08x:%08x:%02x\n", hc.h.d.Text(16),
|
||||||
hc.cipheropts, hc.opts, hc.op)
|
hc.cipheropts, hc.opts, hc.op)
|
||||||
|
@ -296,7 +297,7 @@ func (hl HKExListener) Accept() (hc Conn, err error) {
|
||||||
//
|
//
|
||||||
// See go doc io.Reader
|
// See go doc io.Reader
|
||||||
func (c Conn) Read(b []byte) (n int, err error) {
|
func (c Conn) Read(b []byte) (n int, err error) {
|
||||||
fmt.Printf("[Decrypting...]\n")
|
log.Printf("[Decrypting...]\n")
|
||||||
|
|
||||||
//c.c.SetReadDeadline(time.Now().Add(1 * time.Second))
|
//c.c.SetReadDeadline(time.Now().Add(1 * time.Second))
|
||||||
n, err = c.c.Read(b)
|
n, err = c.c.Read(b)
|
||||||
|
@ -307,14 +308,14 @@ func (c Conn) Read(b []byte) (n int, err error) {
|
||||||
// panic(err)
|
// panic(err)
|
||||||
//}
|
//}
|
||||||
}
|
}
|
||||||
fmt.Printf(" ctext:%+v\n", b[:n]) // print only used portion
|
log.Printf(" ctext:%+v\n", b[:n]) // print only used portion
|
||||||
db := bytes.NewBuffer(b[:n])
|
db := bytes.NewBuffer(b[:n])
|
||||||
// The StreamReader acts like a pipe, decrypting
|
// The StreamReader acts like a pipe, decrypting
|
||||||
// whatever is available and forwarding the result
|
// whatever is available and forwarding the result
|
||||||
// to the parameter of Read() as a normal io.Reader
|
// to the parameter of Read() as a normal io.Reader
|
||||||
rs := &cipher.StreamReader{S: c.r, R: db}
|
rs := &cipher.StreamReader{S: c.r, R: db}
|
||||||
n, err = rs.Read(b)
|
n, err = rs.Read(b)
|
||||||
fmt.Printf(" ptext:%+v\n", b[:n])
|
log.Printf(" ptext:%+v\n", b[:n])
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -322,8 +323,8 @@ func (c Conn) Read(b []byte) (n int, err error) {
|
||||||
//
|
//
|
||||||
// See go doc io.Writer
|
// See go doc io.Writer
|
||||||
func (c Conn) Write(b []byte) (n int, err error) {
|
func (c Conn) Write(b []byte) (n int, err error) {
|
||||||
fmt.Printf("[Encrypting...]\n")
|
log.Printf("[Encrypting...]\n")
|
||||||
fmt.Printf(" ptext:%+v\n", b)
|
log.Printf(" ptext:%+v\n", b)
|
||||||
var wb bytes.Buffer
|
var wb bytes.Buffer
|
||||||
// The StreamWriter acts like a pipe, forwarding whatever is
|
// The StreamWriter acts like a pipe, forwarding whatever is
|
||||||
// written to it through the cipher, encrypting as it goes
|
// written to it through the cipher, encrypting as it goes
|
||||||
|
@ -332,28 +333,7 @@ func (c Conn) Write(b []byte) (n int, err error) {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
panic(err)
|
panic(err)
|
||||||
}
|
}
|
||||||
fmt.Printf(" ctext:%+v\n", wb.Bytes())
|
log.Printf(" ctext:%+v\n", wb.Bytes())
|
||||||
n, err = c.c.Write(wb.Bytes())
|
n, err = c.c.Write(wb.Bytes())
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// Return c coerced into a HKEx Conn (which implements interface net.Conn)
|
|
||||||
// Only useful if one wants to convert an open connection later to HKEx
|
|
||||||
// (Use Dial() instead to start with HKEx automatically.)
|
|
||||||
/*
|
|
||||||
func NewHKExConn(c *net.Conn) (hc *Conn) {
|
|
||||||
hc = new(Conn)
|
|
||||||
|
|
||||||
hc.c = *c
|
|
||||||
hc.h = New(0, 0)
|
|
||||||
d := big.NewInt(0)
|
|
||||||
_, err := fmt.Fscanln(hc.c, d)
|
|
||||||
if err != nil {
|
|
||||||
//
|
|
||||||
}
|
|
||||||
hc.h.PeerD = d
|
|
||||||
fmt.Printf("** D:%s\n", hc.h.d.Text(16))
|
|
||||||
fmt.Printf("** peerD:%s\n", hc.h.PeerD.Text(16))
|
|
||||||
return
|
|
||||||
}
|
|
||||||
*/
|
|
||||||
|
|
Loading…
Reference in New Issue