void startLocalTunnel(AgentTunnel agent, Tunnel tunnel, LaunchSession launchSession)
throws TunnelException {
try {
Request req = buildLocalTunnel(tunnel, launchSession);
/* Only require replies if not running on the protocol thread. This allows autostart
* tunnels to work without blocking
*/
if (!agent.sendRequest(req, Thread.currentThread() != agent.getThread())) {
throw new TunnelException(TunnelException.AGENT_REFUSED_LOCAL_TUNNEL, (Throwable) null);
}
} catch (IOException ioe) {
throw new TunnelException(TunnelException.INTERNAL_ERROR, ioe);
}
}
public boolean processRequest(Request request, MultiplexedConnection connection) {
AgentTunnel agent = (AgentTunnel) connection;
if (request.getRequestName().equals(SETUP_AND_LAUNCH_TUNNEL)
&& request.getRequestData() != null) {
try {
ByteArrayReader reader = new ByteArrayReader(request.getRequestData());
int id = (int) reader.readInt();
Tunnel resource = (Tunnel) TunnelPlugin.SSL_TUNNEL_RESOURCE_TYPE.getResourceById(id);
if (resource == null) {
throw new Exception("No resource with ID " + id);
}
Policy policy =
LaunchSessionManager.getLaunchRequestPolicy(null, agent.getSession(), resource);
if (resource.sessionPasswordRequired(agent.getSession())) {
// TODO: prompt user for credentials through agent!
return true;
} else {
LaunchSession launchSession =
LaunchSessionFactory.getInstance()
.createLaunchSession(agent.getSession(), resource, policy);
launchSession.checkAccessRights(null, agent.getSession());
if (resource.getType() == TransportType.LOCAL_TUNNEL_ID) {
try {
Request req = buildLocalTunnel(resource, launchSession);
request.setRequestData(req.getRequestData());
return true;
} catch (IOException ioe) {
throw new TunnelException(TunnelException.INTERNAL_ERROR, ioe);
}
} else if (resource.getType() == TransportType.REMOTE_TUNNEL_ID) {
startRemoteTunnel(agent, resource, launchSession);
request.setRequestData(null);
return true;
} else {
throw new TunnelException(
TunnelException.INTERNAL_ERROR,
(Throwable) null,
"Unknown tunnel type " + resource.getType());
}
}
} catch (Exception e) {
log.error("Failed to start tunnel.", e);
return false;
}
}
return false;
}
/**
* Stop all forwards giving the resource ID of the <i>SSL-Tunnel</i> that started them.
*
* @param launchSession launch session
* @throws NoPermissionException if not allowed
* @throws CoreException on any other error
*/
public void stopTunnels(LaunchSession launchSession) throws NoPermissionException, CoreException {
if (!DefaultAgentManager.getInstance().hasActiveAgent(launchSession.getSession())) {
throw new TunnelException(TunnelException.INTERNAL_ERROR, (Throwable) null, "No agent.");
}
Tunnel tunnel = (Tunnel) launchSession.getResource();
launchSession.checkAccessRights(null, agent.getSession());
MultiplexedConnection agent =
DefaultAgentManager.getInstance().getAgentBySession(launchSession.getSession());
try {
if (tunnel.getType() == TransportType.LOCAL_TUNNEL_ID) {
Collection<Tunnel> l = new ArrayList<Tunnel>();
l.add(tunnel);
stopLocalTunnels(agent, l);
} else if (tunnel.getType() == TransportType.REMOTE_TUNNEL_ID) {
Collection<Tunnel> l = new ArrayList<Tunnel>();
l.add(tunnel);
stopRemoteTunnels(agent, l);
} else {
throw new TunnelException(
TunnelException.INTERNAL_ERROR,
(Throwable) null,
"Unknown tunnel type " + tunnel.getType());
}
CoreServlet.getServlet()
.fireCoreEvent(
new ResourceAccessEvent(
this,
TunnelsEventConstants.TUNNEL_CLOSED,
launchSession.getResource(),
launchSession.getPolicy(),
launchSession.getSession(),
CoreEvent.STATE_SUCCESSFUL));
} catch (TunnelException te) {
CoreServlet.getServlet()
.fireCoreEvent(
new ResourceAccessEvent(
this,
TunnelsEventConstants.TUNNEL_CLOSED,
launchSession.getResource(),
launchSession.getPolicy(),
launchSession.getSession(),
te));
throw te;
} finally {
LaunchSessionFactory.getInstance().removeLaunchSession(launchSession);
}
}
/**
* Start port forwards for the <i>SSL Tunnel</i> specified by the provided resource ID.
*
* @param launchSession launch session
* @throws NoPermissionException if not allowed
* @throws TunnelException on any other other
* @throws PolicyException on any other determininig policy
*/
public void startTunnel(LaunchSession launchSession)
throws NoPermissionException, TunnelException, PolicyException {
if (!DefaultAgentManager.getInstance().hasActiveAgent(launchSession.getSession())) {
throw new TunnelException(TunnelException.INTERNAL_ERROR, (Throwable) null, "No agent.");
} else {
Tunnel tunnel = (Tunnel) launchSession.getResource();
launchSession.checkAccessRights(null, agent.getSession());
AgentTunnel agent =
DefaultAgentManager.getInstance().getAgentBySession(launchSession.getSession());
try {
if (tunnel.getType() == TransportType.LOCAL_TUNNEL_ID) {
startLocalTunnel(agent, tunnel, launchSession);
} else if (tunnel.getType() == TransportType.REMOTE_TUNNEL_ID) {
startRemoteTunnel(agent, tunnel, launchSession);
} else {
throw new TunnelException(
TunnelException.INTERNAL_ERROR,
(Throwable) null,
"Unknown tunnel type " + tunnel.getType());
}
// Fire event
CoreServlet.getServlet()
.fireCoreEvent(
new ResourceAccessEvent(
this,
TunnelsEventConstants.TUNNEL_OPENED,
launchSession.getResource(),
launchSession.getPolicy(),
launchSession.getSession(),
CoreEvent.STATE_SUCCESSFUL));
} catch (TunnelException te) {
// Fire event
CoreServlet.getServlet()
.fireCoreEvent(
new ResourceAccessEvent(
this,
TunnelsEventConstants.TUNNEL_OPENED,
launchSession.getResource(),
launchSession.getPolicy(),
launchSession.getSession(),
te));
throw te;
}
}
}
@SuppressWarnings("unchecked")
void notifyAutoStartTunnels() {
try {
SessionInfo session = agent.getSession();
List<Tunnel> tunnels =
ResourceUtil.getGrantedResource(session, TunnelPlugin.SSL_TUNNEL_RESOURCE_TYPE);
List<BundleActionMessage> tunnelFailures = new ArrayList<BundleActionMessage>();
for (Tunnel tunnel : tunnels) {
if (tunnel.isAutoStart()) {
try {
Policy policy =
PolicyDatabaseFactory.getInstance()
.getGrantingPolicyForUser(session.getUser(), tunnel);
LaunchSession launchSession =
LaunchSessionFactory.getInstance().createLaunchSession(session, tunnel, policy);
startTunnel(launchSession);
} catch (TunnelException tne) {
log.error("failed to start tunnel: '" + tunnel + "'", tne);
tunnelFailures.add(tne.getBundleActionMessage());
}
}
}
if (!tunnelFailures.isEmpty()) {
tunnelFailures.add(
0,
new BundleActionMessage("tunnels", "error.tunnels.autostart", tunnelFailures.size()));
for (BundleActionMessage actionMessage : tunnelFailures) {
GlobalWarning globalWarning = new GlobalWarning(session.getHttpSession(), actionMessage);
GlobalWarningManager.getInstance().addToSession(globalWarning);
}
}
} catch (Exception e) {
log.error("Failed to start auto-start tunnels", e);
}
}
public void initializeTunnel(AgentTunnel tunnel) {
tunnel.registerRequestHandler(SETUP_AND_LAUNCH_TUNNEL, this);
}