void startLocalTunnel(AgentTunnel agent, Tunnel tunnel, LaunchSession launchSession) throws TunnelException { try { Request req = buildLocalTunnel(tunnel, launchSession); /* Only require replies if not running on the protocol thread. This allows autostart * tunnels to work without blocking */ if (!agent.sendRequest(req, Thread.currentThread() != agent.getThread())) { throw new TunnelException(TunnelException.AGENT_REFUSED_LOCAL_TUNNEL, (Throwable) null); } } catch (IOException ioe) { throw new TunnelException(TunnelException.INTERNAL_ERROR, ioe); } }
public boolean processRequest(Request request, MultiplexedConnection connection) { AgentTunnel agent = (AgentTunnel) connection; if (request.getRequestName().equals(SETUP_AND_LAUNCH_TUNNEL) && request.getRequestData() != null) { try { ByteArrayReader reader = new ByteArrayReader(request.getRequestData()); int id = (int) reader.readInt(); Tunnel resource = (Tunnel) TunnelPlugin.SSL_TUNNEL_RESOURCE_TYPE.getResourceById(id); if (resource == null) { throw new Exception("No resource with ID " + id); } Policy policy = LaunchSessionManager.getLaunchRequestPolicy(null, agent.getSession(), resource); if (resource.sessionPasswordRequired(agent.getSession())) { // TODO: prompt user for credentials through agent! return true; } else { LaunchSession launchSession = LaunchSessionFactory.getInstance() .createLaunchSession(agent.getSession(), resource, policy); launchSession.checkAccessRights(null, agent.getSession()); if (resource.getType() == TransportType.LOCAL_TUNNEL_ID) { try { Request req = buildLocalTunnel(resource, launchSession); request.setRequestData(req.getRequestData()); return true; } catch (IOException ioe) { throw new TunnelException(TunnelException.INTERNAL_ERROR, ioe); } } else if (resource.getType() == TransportType.REMOTE_TUNNEL_ID) { startRemoteTunnel(agent, resource, launchSession); request.setRequestData(null); return true; } else { throw new TunnelException( TunnelException.INTERNAL_ERROR, (Throwable) null, "Unknown tunnel type " + resource.getType()); } } } catch (Exception e) { log.error("Failed to start tunnel.", e); return false; } } return false; }
/** * Stop all forwards giving the resource ID of the <i>SSL-Tunnel</i> that started them. * * @param launchSession launch session * @throws NoPermissionException if not allowed * @throws CoreException on any other error */ public void stopTunnels(LaunchSession launchSession) throws NoPermissionException, CoreException { if (!DefaultAgentManager.getInstance().hasActiveAgent(launchSession.getSession())) { throw new TunnelException(TunnelException.INTERNAL_ERROR, (Throwable) null, "No agent."); } Tunnel tunnel = (Tunnel) launchSession.getResource(); launchSession.checkAccessRights(null, agent.getSession()); MultiplexedConnection agent = DefaultAgentManager.getInstance().getAgentBySession(launchSession.getSession()); try { if (tunnel.getType() == TransportType.LOCAL_TUNNEL_ID) { Collection<Tunnel> l = new ArrayList<Tunnel>(); l.add(tunnel); stopLocalTunnels(agent, l); } else if (tunnel.getType() == TransportType.REMOTE_TUNNEL_ID) { Collection<Tunnel> l = new ArrayList<Tunnel>(); l.add(tunnel); stopRemoteTunnels(agent, l); } else { throw new TunnelException( TunnelException.INTERNAL_ERROR, (Throwable) null, "Unknown tunnel type " + tunnel.getType()); } CoreServlet.getServlet() .fireCoreEvent( new ResourceAccessEvent( this, TunnelsEventConstants.TUNNEL_CLOSED, launchSession.getResource(), launchSession.getPolicy(), launchSession.getSession(), CoreEvent.STATE_SUCCESSFUL)); } catch (TunnelException te) { CoreServlet.getServlet() .fireCoreEvent( new ResourceAccessEvent( this, TunnelsEventConstants.TUNNEL_CLOSED, launchSession.getResource(), launchSession.getPolicy(), launchSession.getSession(), te)); throw te; } finally { LaunchSessionFactory.getInstance().removeLaunchSession(launchSession); } }
/** * Start port forwards for the <i>SSL Tunnel</i> specified by the provided resource ID. * * @param launchSession launch session * @throws NoPermissionException if not allowed * @throws TunnelException on any other other * @throws PolicyException on any other determininig policy */ public void startTunnel(LaunchSession launchSession) throws NoPermissionException, TunnelException, PolicyException { if (!DefaultAgentManager.getInstance().hasActiveAgent(launchSession.getSession())) { throw new TunnelException(TunnelException.INTERNAL_ERROR, (Throwable) null, "No agent."); } else { Tunnel tunnel = (Tunnel) launchSession.getResource(); launchSession.checkAccessRights(null, agent.getSession()); AgentTunnel agent = DefaultAgentManager.getInstance().getAgentBySession(launchSession.getSession()); try { if (tunnel.getType() == TransportType.LOCAL_TUNNEL_ID) { startLocalTunnel(agent, tunnel, launchSession); } else if (tunnel.getType() == TransportType.REMOTE_TUNNEL_ID) { startRemoteTunnel(agent, tunnel, launchSession); } else { throw new TunnelException( TunnelException.INTERNAL_ERROR, (Throwable) null, "Unknown tunnel type " + tunnel.getType()); } // Fire event CoreServlet.getServlet() .fireCoreEvent( new ResourceAccessEvent( this, TunnelsEventConstants.TUNNEL_OPENED, launchSession.getResource(), launchSession.getPolicy(), launchSession.getSession(), CoreEvent.STATE_SUCCESSFUL)); } catch (TunnelException te) { // Fire event CoreServlet.getServlet() .fireCoreEvent( new ResourceAccessEvent( this, TunnelsEventConstants.TUNNEL_OPENED, launchSession.getResource(), launchSession.getPolicy(), launchSession.getSession(), te)); throw te; } } }
@SuppressWarnings("unchecked") void notifyAutoStartTunnels() { try { SessionInfo session = agent.getSession(); List<Tunnel> tunnels = ResourceUtil.getGrantedResource(session, TunnelPlugin.SSL_TUNNEL_RESOURCE_TYPE); List<BundleActionMessage> tunnelFailures = new ArrayList<BundleActionMessage>(); for (Tunnel tunnel : tunnels) { if (tunnel.isAutoStart()) { try { Policy policy = PolicyDatabaseFactory.getInstance() .getGrantingPolicyForUser(session.getUser(), tunnel); LaunchSession launchSession = LaunchSessionFactory.getInstance().createLaunchSession(session, tunnel, policy); startTunnel(launchSession); } catch (TunnelException tne) { log.error("failed to start tunnel: '" + tunnel + "'", tne); tunnelFailures.add(tne.getBundleActionMessage()); } } } if (!tunnelFailures.isEmpty()) { tunnelFailures.add( 0, new BundleActionMessage("tunnels", "error.tunnels.autostart", tunnelFailures.size())); for (BundleActionMessage actionMessage : tunnelFailures) { GlobalWarning globalWarning = new GlobalWarning(session.getHttpSession(), actionMessage); GlobalWarningManager.getInstance().addToSession(globalWarning); } } } catch (Exception e) { log.error("Failed to start auto-start tunnels", e); } }
public void initializeTunnel(AgentTunnel tunnel) { tunnel.registerRequestHandler(SETUP_AND_LAUNCH_TUNNEL, this); }