diff --git a/Build/Release/BIG-IP-ILX-WebSSH2-0.2.8.tgz b/Build/Release/BIG-IP-ILX-WebSSH2-0.2.8.tgz index 03f21f3..15d257e 100644 Binary files a/Build/Release/BIG-IP-ILX-WebSSH2-0.2.8.tgz and b/Build/Release/BIG-IP-ILX-WebSSH2-0.2.8.tgz differ diff --git a/Build/Release/BIG-IP-ILX-WebSSH2-0.2.8.tgz.sha256 b/Build/Release/BIG-IP-ILX-WebSSH2-0.2.8.tgz.sha256 index 9af6467..2e20490 100644 --- a/Build/Release/BIG-IP-ILX-WebSSH2-0.2.8.tgz.sha256 +++ b/Build/Release/BIG-IP-ILX-WebSSH2-0.2.8.tgz.sha256 @@ -1 +1 @@ -b5d91410538e7aac2c2ba1e28a2d965e2586492954c12a97817c7737c4f4c327 Build/Release/BIG-IP-ILX-WebSSH2-0.2.8.tgz +e2e70f7d2949b6c8fe0299f888a3725763a62c01a1faea1fb729babc2ed51c92 Build/Release/BIG-IP-ILX-WebSSH2-0.2.8.tgz diff --git a/ChangeLog.md b/ChangeLog.md index 25e7247..a5f17d0 100644 --- a/ChangeLog.md +++ b/ChangeLog.md @@ -1,5 +1,5 @@ # Change Log -## [0.2.8] TBD +## [0.2.8] 2019-05-25 ### Changes - Fixes issue if no password is entered, browser must be closed and restart to attempt to re-auth. See issue [#118](../../issues/118). Thanks @smilesm2 for the idea. - fixes broken `npm run (build|builddev)` @@ -7,6 +7,9 @@ - update webpack and dependancies - update xterm to 3.8.0 +### Fixes +- ILX workspace may not always import properly due to symbolic links (specifically ./node_modules/.bin). This is removed from the ILX package + ## [0.2.7] 2018-11-11 ### Changes - `config.reauth` was not respected if initial auth presented was incorrect, regardless of `reauth` setting in `config.json` reauth would always be attempted. fixes [#117](../../issues/117) diff --git a/app/config.json b/app/config.json.sample similarity index 100% rename from app/config.json rename to app/config.json.sample diff --git a/app/server/app.js b/app/server/app.js index 26fcfff..939618b 100644 --- a/app/server/app.js +++ b/app/server/app.js @@ -3,14 +3,102 @@ // app.js var path = require('path') -// configPath = path.join(__dirname, 'config.json') var nodeRoot = path.dirname(require.main.filename) var configPath = path.join(nodeRoot, 'config.json') var publicPath = path.join(nodeRoot, 'client', 'public') console.log('WebSSH2 service reading config from: ' + configPath) -var config = require('read-config')(configPath) var express = require('express') var logger = require('morgan') + +// sane defaults if config.json or parts are missing +let config = { + 'listen': { + 'ip': '0.0.0.0', + 'port': 2222 + }, + 'user': { + 'name': null, + 'password': null + }, + 'ssh': { + 'host': null, + 'port': 22, + 'term': 'xterm-color', + 'readyTimeout': 20000, + 'keepaliveInterval': 120000, + 'keepaliveCountMax': 10 + }, + 'terminal': { + 'cursorBlink': true, + 'scrollback': 10000, + 'tabStopWidth': 8, + 'bellStyle': 'sound' + }, + 'header': { + 'text': null, + 'background': 'green' + }, + 'session': { + 'name': 'WebSSH2', + 'secret': 'mysecret' + }, + 'options': { + 'challengeButton': true, + 'allowreauth': true + }, + 'algorithms': { + 'kex': [ + 'ecdh-sha2-nistp256', + 'ecdh-sha2-nistp384', + 'ecdh-sha2-nistp521', + 'diffie-hellman-group-exchange-sha256', + 'diffie-hellman-group14-sha1' + ], + 'cipher': [ + 'aes128-ctr', + 'aes192-ctr', + 'aes256-ctr', + 'aes128-gcm', + 'aes128-gcm@openssh.com', + 'aes256-gcm', + 'aes256-gcm@openssh.com', + 'aes256-cbc' + ], + 'hmac': [ + 'hmac-sha2-256', + 'hmac-sha2-512', + 'hmac-sha1' + ], + 'compress': [ + 'none', + 'zlib@openssh.com', + 'zlib' + ] + }, + 'serverlog': { + 'client': false, + 'server': false + }, + 'accesslog': false, + 'verify': false +} + +// test if config.json exists, if not provide error message but try to run +// anyway +try { + if (fs.existsSync(configPath)) { + console.log('ephemeral_auth service reading config from: ' + configPath) + config = require('read-config')(configPath) + } else { + console.error('\n\nERROR: Missing config.json for webssh. Current config: ' + JSON.stringify(config)) + console.error('\n See config.json.sample for details\n\n') + } +} catch (err) { + console.error('\n\nERROR: Missing config.json for webssh. Current config: ' + JSON.stringify(config)) + console.error('\n See config.json.sample for details\n\n') + console.error('ERROR:\n\n ' + err) +} + var session = require('express-session')({ secret: config.session.secret, name: config.session.name, diff --git a/bin/BIG-IP-ILX-WebSSH2-current.tgz b/bin/BIG-IP-ILX-WebSSH2-current.tgz index 03f21f3..15d257e 100644 Binary files a/bin/BIG-IP-ILX-WebSSH2-current.tgz and b/bin/BIG-IP-ILX-WebSSH2-current.tgz differ diff --git a/bin/BIG-IP-ILX-WebSSH2-current.tgz.sha256 b/bin/BIG-IP-ILX-WebSSH2-current.tgz.sha256 index 9af6467..2e20490 100644 --- a/bin/BIG-IP-ILX-WebSSH2-current.tgz.sha256 +++ b/bin/BIG-IP-ILX-WebSSH2-current.tgz.sha256 @@ -1 +1 @@ -b5d91410538e7aac2c2ba1e28a2d965e2586492954c12a97817c7737c4f4c327 Build/Release/BIG-IP-ILX-WebSSH2-0.2.8.tgz +e2e70f7d2949b6c8fe0299f888a3725763a62c01a1faea1fb729babc2ed51c92 Build/Release/BIG-IP-ILX-WebSSH2-0.2.8.tgz diff --git a/scripts/build.sh b/scripts/build.sh index 3cd4c39..6728a8c 100755 --- a/scripts/build.sh +++ b/scripts/build.sh @@ -1,21 +1,42 @@ #!/bin/bash ## Syncs from BIG-IP and builds a release based on version in extensions/ephemeral_auth/package.json - +# source ./scripts/env.sh - source ./scripts/util.sh ./scripts/pull.sh +if [ $? -ne 0 ]; then + # failure + tput bel;tput bel;tput bel;tput bel + echo -e "\n${fgLtRed}Pull command failed. Giving up.${fgLtWhi}\n" + echo ${output} + exit 255 +fi +# get version of package from package.json package_version=$(jq -r ".version" workspace/extensions/webssh2/package.json) - +# creates new workspace name with version webssh_workspace_name=$webssh_workspace_name-$package_version -ssh -o ClearAllForwardings=yes $webssh_ilxhost /bin/tar czf - -C /var/ilx/workspaces/Common/$webssh_workspace_name . > Build/Release/$webssh_package_name-$package_version.tgz +echoNotice "Creating workspace package" +runCommand "ssh -o ClearAllForwardings=yes $webssh_ilxhost /bin/tar --exclude='./extensions/webssh2/config.json' -czf - -C /var/ilx/workspaces/Common/$webssh_workspace_name . > Build/Release/$webssh_package_name-$package_version.tgz" -shasum -a 256 Build/Release/$webssh_package_name-$package_version.tgz > Build/Release/$webssh_package_name-$package_version.tgz.sha256 +echoNotice "Creating SHA256 hash" +runCommand "shasum -a 256 Build/Release/$webssh_package_name-$package_version.tgz > Build/Release/$webssh_package_name-$package_version.tgz.sha256" -cp Build/Release/$webssh_package_name-$package_version.tgz $webssh_pua_location/$webssh_package_name-current.tgz -cp Build/Release/$webssh_package_name-$package_version.tgz.sha256 $webssh_pua_location/$webssh_package_name-current.tgz.sha256 +echoNotice "Copying to current" +runCommand "cp Build/Release/$webssh_package_name-$package_version.tgz $webssh_pua_location/$webssh_package_name-current.tgz && \ + cp Build/Release/$webssh_package_name-$package_version.tgz.sha256 $webssh_pua_location/$webssh_package_name-current.tgz.sha256" -find . -name '.DS_Store' -type f -delete +echoNotice "Deleting any '.DS_Store' files" +runCommand "find . -name '.DS_Store' -type f -delete" + +echo -e "\nWorkspace packages located at:\n" +echo " Build/Release/$webssh_package_name-$package_version.tgz" +echo " Build/Release/$webssh_package_name-$package_version.tgz.sha256" +echo " $webssh_pua_location/$webssh_package_name-current.tgz" +echo " $webssh_pua_location/$webssh_package_name-current.tgz.sha256" + +echo -e "\nšŸ‘ Build Complete šŸ‘\n" + +exit 0 diff --git a/scripts/env.sh b/scripts/env.sh index 68a0dbc..1955d68 100755 --- a/scripts/env.sh +++ b/scripts/env.sh @@ -1,6 +1,6 @@ #!/bin/sh - -webssh_ilxhost=root@192.168.30.209 +#webssh_ilxhost=root@192.168.30.209 +webssh_ilxhost=root@192.168.30.203 webssh_workspace_name=webssh2 webssh_package_name=BIG-IP-ILX-WebSSH2 -webssh_pua_location=./bin +webssh_pua_location=./bin \ No newline at end of file diff --git a/scripts/pull.sh b/scripts/pull.sh index dd51cf9..9826955 100755 --- a/scripts/pull.sh +++ b/scripts/pull.sh @@ -6,37 +6,25 @@ # # Pulls an ILX workspace from a BIG-IP and syncs to ./workspace, excludes # ./workspace/extensions/ephemeral_auth/node_modules. - +# source ./scripts/env.sh - source ./scripts/util.sh +# get version of package from package.json PACKAGE_VERSION=$(jq -r ".version" workspace/extensions/webssh2/package.json 2>&1) - +# creates new workspace name with version webssh_workspace_name=$webssh_workspace_name-$PACKAGE_VERSION +echo "Pull ${fgLtCya}$webssh_workspace_name${fgLtWhi} from ${fgLtCya}$webssh_ilxhost${fgLtWhi}" + # check to see if the workspace actually exists before attempting to copy over -output=$(ssh -o ClearAllForwardings=yes $webssh_ilxhost tmsh list ilx workspace $webssh_workspace_name one-line 2>&1) -result="$?" 2>&1 +echoNotice "Checking for existing workspace ${fgLtCya}$webssh_workspace_name${fgLtWhi}" +runCommand "ssh -o ClearAllForwardings=yes $webssh_ilxhost tmsh list ilx workspace $webssh_workspace_name one-line 2>&1" -if [ $result -ne 0 ]; then - echo -e "\n\n" - echo "Workspace: $webssh_workspace_name not found, are you sure that's the right one?" - echo -e "\n\n" - echo "Terminating." - echo -e "\n\n" - exit 255 -fi +echoNotice "Pulling ${fgLtCya}$webssh_workspace_name${fgLtWhi} from ${fgLtCya}$webssh_ilxhost${fgLtWhi}" +runCommand "rsync -e 'ssh -o ClearAllForwardings=yes -ax' -avq --include=\"extensions/ephemeral_auth/node_modules/f5-*\" --exclude=\".DS_Store\" --exclude=\"extensions/ephemeral_auth/node_modules/*\" $webssh_ilxhost:/var/ilx/workspaces/Common/$webssh_workspace_name/. workspace/. 2>&1" -output=$(rsync -e 'ssh -o ClearAllForwardings=yes -ax' -avq --include="extensions/ephemeral_auth/node_modules/f5-*" --exclude=".DS_Store" --exclude="extensions/ephemeral_auth/node_modules/*" $webssh_ilxhost:/var/ilx/workspaces/Common/$webssh_workspace_name/. workspace/. 2>&1) -result="$?" 2>&1 +echo -e "\nšŸ‘ Pull complete šŸ‘\n" -if [ $result -ne 0 ]; then - echo -e "\n\n" - echo "Something went wrong with the rsync..." - echo -e "\n\n" - echo "Terminating." - echo -e "\n\n" - exit 255 -fi \ No newline at end of file +exit 0 diff --git a/scripts/push.sh b/scripts/push.sh index 03d0269..02a641a 100755 --- a/scripts/push.sh +++ b/scripts/push.sh @@ -6,81 +6,56 @@ # # Pushes ./workspace to a BIG-IP ILX workspace # - source ./scripts/env.sh - source ./scripts/util.sh # get version of package from package.json PACKAGE_VERSION=$(jq -r ".version" workspace/extensions/webssh2/package.json 2>&1) - # creates new workspace name with version webssh_workspace_name=$webssh_workspace_name-$PACKAGE_VERSION -echo -e "\n" -echo "Checking $webssh_ilxhost for workspace $webssh_workspace_name" +echo "Push ${fgLtCya}$webssh_workspace_name${fgLtWhi} to ${fgLtCya}$webssh_ilxhost${fgLtWhi}" + +echoNotice "Checking $webssh_ilxhost for workspace $webssh_workspace_name" output=$(ssh -o ClearAllForwardings=yes $webssh_ilxhost tmsh list ilx workspace $webssh_workspace_name one-line 2>&1) result="$?" 2>&1 - if [ $result -ne 0 ]; then - echo -e "\n" - echo "Workspace: $webssh_workspace_name not found, attempting to create" - echo -e "\n\n" - output=$(ssh -o ClearAllForwardings=yes $webssh_ilxhost "tmsh create ilx workspace $webssh_workspace_name node-version 6.9.1" 2>&1) - result="$?" 2>&1 - if [ $result -ne 0 ]; then - echo -e "\n\n" - echo "Error creating workspace: $webssh_workspace_name... I give up, not sure what's going on..." - echo -e "\n\n" - exit 255 - fi + echo "āŒ" + echoNotice "Attempting to create workspace" + runCommand "ssh -o ClearAllForwardings=yes $webssh_ilxhost \"tmsh create ilx workspace $webssh_workspace_name node-version 6.9.1\" 2>&1" +else + echo "āœ…" fi -echo -e "\n" -echo "Pushing ./workspace to $webssh_ilxhost at $webssh_workspace_name" -rsync -e 'ssh -o ClearAllForwardings=yes -ax' -avq --delete --exclude='.DS_Store' --exclude extensions/webssh2/node_modules workspace/. $webssh_ilxhost:/var/ilx/workspaces/Common/$webssh_workspace_name/. +echoNotice "Pushing ./workspace to $webssh_ilxhost at $webssh_workspace_name" +runCommand "rsync -e 'ssh -o ClearAllForwardings=yes -ax' -avq --delete --exclude='.DS_Store' --exclude extensions/webssh2/node_modules workspace/. $webssh_ilxhost:/var/ilx/workspaces/Common/$webssh_workspace_name/." -echo -e "\n" -echo "Setting permissions at $webssh_workspace_name on $webssh_ilxhost" -output=$(ssh -o ClearAllForwardings=yes $webssh_ilxhost "chown -R root.sdm /var/ilx/workspaces/Common/$webssh_workspace_name/; \ +echoNotice "Installing node modules at $webssh_workspace_name on $webssh_ilxhost" +runCommand "ssh -o ClearAllForwardings=yes $webssh_ilxhost \"cd /var/ilx/workspaces/Common/$webssh_workspace_name/extensions/webssh2; npm i --production\" 2>&1" + +echoNotice "Setting permissions at $webssh_workspace_name on $webssh_ilxhost" +runCommand "ssh -o ClearAllForwardings=yes $webssh_ilxhost \"chown -R root.sdm /var/ilx/workspaces/Common/$webssh_workspace_name/; \ chmod -R ug+rwX,o-w /var/ilx/workspaces/Common/$webssh_workspace_name/; \ chmod u+rw,go-w /var/ilx/workspaces/Common/$webssh_workspace_name/version; \ - chmod u+rw,go-w /var/ilx/workspaces/Common/$webssh_workspace_name/node_version" 2>&1) -result="$?" 2>&1 -if [ $result -ne 0 ]; then - echo -e "\n\n" - echo "Error setting permissions... I give up, not sure what's going on..." - echo -e "\n\n" - exit 255 -fi + chmod u+rw,go-w /var/ilx/workspaces/Common/$webssh_workspace_name/node_version\" 2>&1" -echo -e "\n" -echo "Installing node modules at $webssh_workspace_name on $webssh_ilxhost" -output=$(ssh -o ClearAllForwardings=yes $webssh_ilxhost "cd /var/ilx/workspaces/Common/$webssh_workspace_name/extensions/webssh2; npm i --production" 2>&1) -result="$?" 2>&1 +echoNotice "Deleting $webssh_workspace_name/node_modules/.bin on $webssh_ilxhost" +runCommand "ssh -o ClearAllForwardings=yes $webssh_ilxhost \"cd /var/ilx/workspaces/Common/$webssh_workspace_name/extensions/webssh2; rm -rf node_modules/.bin\" 2>&1" -if [ $result -ne 0 ]; then - echo -e "\n" - echo "Error installing modules \"npm i --production\", process incomplete." - echo -e "\n" - echo "See output below:" - echo -e "\n" - echo $output - - exit 255 -fi - -echo "Switching plugin to new workspace..." # switch plugin to new workspace -output=$(ssh -o ClearAllForwardings=yes $webssh_ilxhost tmsh modify ilx plugin WebSSH_plugin from-workspace $webssh_workspace_name 2>&1) +echoNotice "Checking to see if plugin exists" +output=$(ssh -o ClearAllForwardings=yes $webssh_ilxhost tmsh list ilx plugin WebSSH_plugin one-line 2>&1) result="$?" 2>&1 if [ $result -ne 0 ]; then - echo -e "\n\n" - echo "I give up, not sure what's going on..." - echo -e "\n\n" - exit 255 + echo "āŒ" + echoNotice "Attempting to create plugin" + runCommand "ssh -o ClearAllForwardings=yes $webssh_ilxhost tmsh create ilx plugin WebSSH_plugin from-workspace $webssh_workspace_name extensions { webssh2 { concurrency-mode single ilx-logging enabled } } 2>&1" +else + echo "āœ…" + echoNotice "Switching plugin to $webssh_workspace_name" + runCommand "ssh -o ClearAllForwardings=yes $webssh_ilxhost tmsh modify ilx plugin WebSSH_plugin from-workspace $webssh_workspace_name extensions { webssh2 { concurrency-mode single ilx-logging enabled } } 2>&1" fi -echo -e "\n" -echo "Push complete, associated $auth_workspace_name with a WebSSH_plugin plugin. Test and validate." -echo -e "\n" +echo -e "\nšŸ‘ Push complete šŸ‘\n" + +exit 0 diff --git a/scripts/util.sh b/scripts/util.sh index 7fdb206..3029a27 100755 --- a/scripts/util.sh +++ b/scripts/util.sh @@ -1,6 +1,19 @@ #!/bin/bash # Utility functions / scripts +echoNotice () { echo -e -n "\n$@... "; } + +fgLtRed=$(tput bold;tput setaf 1) +fgLtGrn=$(tput bold;tput setaf 2) +fgLtYel=$(tput bold;tput setaf 3) +fgLtBlu=$(tput bold;tput setaf 4) +fgLtMag=$(tput bold;tput setaf 5) +fgLtCya=$(tput bold;tput setaf 6) +fgLtWhi=$(tput bold;tput setaf 7) +fgLtGry=$(tput bold;tput setaf 8) + +echo ${fgLtWhi} + # check for jq and try to install... output=$(which jq 2>&1) if [[ $? -ne 0 ]]; then @@ -27,4 +40,35 @@ if [[ $? -ne 0 ]]; then exit 255 fi fi -fi \ No newline at end of file +fi + +# checks the output of a command to get the status and report/handle failure +checkOutput() { + if [ $result -eq 0 ]; then + # success + #echo "${fgLtGrn}[OK]${fgLtWhi}" + echo "āœ…" + return + else + # failure + tput bel;tput bel;tput bel;tput bel + #echo "${fgLtRed}[FAILED]${fgLtWhi}" + echo "āŒ" + echo -e "\nPrevious command failed in ${script_path}/${scriptname} with error level: ${result}" + echo -e "\nCommand:\n" + echo " ${command}" + echo -e "\nSTDOUT/STDERR:\n" + echo ${output} + exit 255 + fi +} + +# run a comand and check call checkOutput +runCommand() { + # $1 command + command=$@ + output=$((eval $command) 2>&1) + result="$?" 2>&1 + prevline=$(($LINENO-2)) + checkOutput +} \ No newline at end of file diff --git a/testing/BIG-IP-13.1.0.2-ILX-webssh2-0.2.3.tgz b/testing/BIG-IP-13.1.0.2-ILX-webssh2-0.2.3.tgz deleted file mode 100644 index b463679..0000000 Binary files a/testing/BIG-IP-13.1.0.2-ILX-webssh2-0.2.3.tgz and /dev/null differ diff --git a/workspace/extensions/webssh2/ChangeLog.md b/workspace/extensions/webssh2/ChangeLog.md index 19eb6ca..a5f17d0 100644 --- a/workspace/extensions/webssh2/ChangeLog.md +++ b/workspace/extensions/webssh2/ChangeLog.md @@ -1,4 +1,15 @@ # Change Log +## [0.2.8] 2019-05-25 +### Changes +- Fixes issue if no password is entered, browser must be closed and restart to attempt to re-auth. See issue [#118](../../issues/118). Thanks @smilesm2 for the idea. +- fixes broken `npm run (build|builddev)` + - update font-awesome fonts to 5.6.3 + - update webpack and dependancies + - update xterm to 3.8.0 + +### Fixes +- ILX workspace may not always import properly due to symbolic links (specifically ./node_modules/.bin). This is removed from the ILX package + ## [0.2.7] 2018-11-11 ### Changes - `config.reauth` was not respected if initial auth presented was incorrect, regardless of `reauth` setting in `config.json` reauth would always be attempted. fixes [#117](../../issues/117) diff --git a/workspace/extensions/webssh2/config.json.sample b/workspace/extensions/webssh2/config.json.sample new file mode 100644 index 0000000..a90f18b --- /dev/null +++ b/workspace/extensions/webssh2/config.json.sample @@ -0,0 +1,71 @@ +{ + "listen": { + "ip": "127.0.0.1", + "port": 2222 + }, + "user": { + "name": null, + "password": null + }, + "ssh": { + "host": null, + "port": 22, + "term": "xterm-color", + "readyTimeout": 20000, + "keepaliveInterval": 120000, + "keepaliveCountMax": 10 + }, + "terminal": { + "cursorBlink": true, + "scrollback": 10000, + "tabStopWidth": 8, + "bellStyle": "sound" + }, + "header": { + "text": null, + "background": "green" + }, + "session": { + "name": "WebSSH2", + "secret": "mysecret" + }, + "options": { + "challengeButton": true, + "allowreauth": true + }, + "algorithms": { + "kex": [ + "ecdh-sha2-nistp256", + "ecdh-sha2-nistp384", + "ecdh-sha2-nistp521", + "diffie-hellman-group-exchange-sha256", + "diffie-hellman-group14-sha1" + ], + "cipher": [ + "aes128-ctr", + "aes192-ctr", + "aes256-ctr", + "aes128-gcm", + "aes128-gcm@openssh.com", + "aes256-gcm", + "aes256-gcm@openssh.com", + "aes256-cbc" + ], + "hmac": [ + "hmac-sha2-256", + "hmac-sha2-512", + "hmac-sha1" + ], + "compress": [ + "none", + "zlib@openssh.com", + "zlib" + ] + }, + "serverlog": { + "client": false, + "server": false + }, + "accesslog": false, + "verify": false +} \ No newline at end of file diff --git a/workspace/extensions/webssh2/server/app.js b/workspace/extensions/webssh2/server/app.js index bd4ffe1..f7b5676 100644 --- a/workspace/extensions/webssh2/server/app.js +++ b/workspace/extensions/webssh2/server/app.js @@ -3,14 +3,102 @@ // app.js var path = require('path') -// configPath = path.join(__dirname, 'config.json') var nodeRoot = path.dirname(require.main.filename) var configPath = path.join(nodeRoot, 'config.json') var publicPath = path.join(nodeRoot, 'client', 'public') console.log('WebSSH2 service reading config from: ' + configPath) -var config = require('read-config')(configPath) var express = require('express') var logger = require('morgan') + +// sane defaults if config.json or parts are missing +let config = { + 'listen': { + 'ip': '127.0.0.1', + 'port': 2222 + }, + 'user': { + 'name': null, + 'password': null + }, + 'ssh': { + 'host': null, + 'port': 22, + 'term': 'xterm-color', + 'readyTimeout': 20000, + 'keepaliveInterval': 120000, + 'keepaliveCountMax': 10 + }, + 'terminal': { + 'cursorBlink': true, + 'scrollback': 10000, + 'tabStopWidth': 8, + 'bellStyle': 'sound' + }, + 'header': { + 'text': null, + 'background': 'green' + }, + 'session': { + 'name': 'WebSSH2', + 'secret': 'mysecret' + }, + 'options': { + 'challengeButton': true, + 'allowreauth': true + }, + 'algorithms': { + 'kex': [ + 'ecdh-sha2-nistp256', + 'ecdh-sha2-nistp384', + 'ecdh-sha2-nistp521', + 'diffie-hellman-group-exchange-sha256', + 'diffie-hellman-group14-sha1' + ], + 'cipher': [ + 'aes128-ctr', + 'aes192-ctr', + 'aes256-ctr', + 'aes128-gcm', + 'aes128-gcm@openssh.com', + 'aes256-gcm', + 'aes256-gcm@openssh.com', + 'aes256-cbc' + ], + 'hmac': [ + 'hmac-sha2-256', + 'hmac-sha2-512', + 'hmac-sha1' + ], + 'compress': [ + 'none', + 'zlib@openssh.com', + 'zlib' + ] + }, + 'serverlog': { + 'client': false, + 'server': false + }, + 'accesslog': false, + 'verify': false +} + +// test if config.json exists, if not provide error message but try to run +// anyway +try { + if (fs.existsSync(configPath)) { + console.log('ephemeral_auth service reading config from: ' + configPath) + config = require('read-config')(configPath) + } else { + console.error('\n\nERROR: Missing config.json for webssh. Current config: ' + JSON.stringify(config)) + console.error('\n See config.json.sample for details\n\n') + } +} catch (err) { + console.error('\n\nERROR: Missing config.json for webssh. Current config: ' + JSON.stringify(config)) + console.error('\n See config.json.sample for details\n\n') + console.error('ERROR:\n\n ' + err) +} + var session = require('express-session')({ secret: config.session.secret, name: config.session.name, @@ -28,7 +116,7 @@ var socket = require('./socket') var expressOptions = require('./expressOptions') // express -app.use(compression({level: 9})) +app.use(compression({ level: 9 })) app.use(session) app.use(myutil.basicAuth) if (config.accesslog) app.use(logger('common')) @@ -50,7 +138,7 @@ app.get('/ssh/host/:host?', function (req, res, next) { (validator.isFQDN(req.params.host) && req.params.host) || (/^(([a-z]|[A-Z]|[0-9]|[!^(){}\-_~])+)?\w$/.test(req.params.host) && req.params.host) || config.ssh.host, - port: (validator.isInt(req.query.port + '', {min: 1, max: 65535}) && + port: (validator.isInt(req.query.port + '', { min: 1, max: 65535 }) && req.query.port) || config.ssh.port, header: { name: req.query.header || config.header.text, @@ -63,8 +151,8 @@ app.get('/ssh/host/:host?', function (req, res, next) { req.query.sshterm) || config.ssh.term, terminal: { cursorBlink: (validator.isBoolean(req.query.cursorBlink + '') ? myutil.parseBool(req.query.cursorBlink) : config.terminal.cursorBlink), - scrollback: (validator.isInt(req.query.scrollback + '', {min: 1, max: 200000}) && req.query.scrollback) ? req.query.scrollback : config.terminal.scrollback, - tabStopWidth: (validator.isInt(req.query.tabStopWidth + '', {min: 1, max: 100}) && req.query.tabStopWidth) ? req.query.tabStopWidth : config.terminal.tabStopWidth, + scrollback: (validator.isInt(req.query.scrollback + '', { min: 1, max: 200000 }) && req.query.scrollback) ? req.query.scrollback : config.terminal.scrollback, + tabStopWidth: (validator.isInt(req.query.tabStopWidth + '', { min: 1, max: 100 }) && req.query.tabStopWidth) ? req.query.tabStopWidth : config.terminal.tabStopWidth, bellStyle: ((req.query.bellStyle) && (['sound', 'none'].indexOf(req.query.bellStyle) > -1)) ? req.query.bellStyle : config.terminal.bellStyle }, allowreplay: config.options.challengeButton || (validator.isBoolean(req.headers.allowreplay + '') ? myutil.parseBool(req.headers.allowreplay) : false), @@ -74,7 +162,7 @@ app.get('/ssh/host/:host?', function (req, res, next) { client: config.serverlog.client || false, server: config.serverlog.server || false }, - readyTimeout: (validator.isInt(req.query.readyTimeout + '', {min: 1, max: 300000}) && + readyTimeout: (validator.isInt(req.query.readyTimeout + '', { min: 1, max: 300000 }) && req.query.readyTimeout) || config.ssh.readyTimeout } if (req.session.ssh.header.name) validator.escape(req.session.ssh.header.name) @@ -101,4 +189,4 @@ io.use(function (socket, next) { // bring up socket io.on('connection', socket) -module.exports = {server: server, config: config} +module.exports = { server: server, config: config }