2018-09-10 03:03:40 +00:00
|
|
|
/*
|
|
|
|
* Licensed to the Apache Software Foundation (ASF) under one
|
|
|
|
* or more contributor license agreements. See the NOTICE file
|
|
|
|
* distributed with this work for additional information
|
|
|
|
* regarding copyright ownership. The ASF licenses this file
|
|
|
|
* to you under the Apache License, Version 2.0 (the
|
|
|
|
* "License"); you may not use this file except in compliance
|
|
|
|
* with the License. You may obtain a copy of the License at
|
|
|
|
*
|
|
|
|
* http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
*
|
|
|
|
* Unless required by applicable law or agreed to in writing,
|
|
|
|
* software distributed under the License is distributed on an
|
|
|
|
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
|
|
|
|
* KIND, either express or implied. See the License for the
|
|
|
|
* specific language governing permissions and limitations
|
|
|
|
* under the License.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#include "settings.h"
|
|
|
|
|
|
|
|
#include <guacamole/user.h>
|
|
|
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
|
|
|
/* Client plugin arguments */
|
|
|
|
const char* GUAC_KUBERNETES_CLIENT_ARGS[] = {
|
|
|
|
"hostname",
|
|
|
|
"port",
|
2018-09-11 01:39:06 +00:00
|
|
|
"namespace",
|
|
|
|
"pod",
|
|
|
|
"container",
|
2018-09-10 03:03:40 +00:00
|
|
|
"use-ssl",
|
2018-09-11 10:03:17 +00:00
|
|
|
"client-cert",
|
|
|
|
"client-key",
|
|
|
|
"ca-cert",
|
2018-09-10 03:03:40 +00:00
|
|
|
"ignore-cert",
|
|
|
|
"font-name",
|
|
|
|
"font-size",
|
|
|
|
"color-scheme",
|
|
|
|
"typescript-path",
|
|
|
|
"typescript-name",
|
|
|
|
"create-typescript-path",
|
|
|
|
"recording-path",
|
|
|
|
"recording-name",
|
|
|
|
"recording-exclude-output",
|
|
|
|
"recording-exclude-mouse",
|
|
|
|
"recording-include-keys",
|
|
|
|
"create-recording-path",
|
|
|
|
"read-only",
|
|
|
|
"backspace",
|
|
|
|
"scrollback",
|
2019-02-19 19:34:18 +00:00
|
|
|
"disable-copy",
|
|
|
|
"disable-paste",
|
2018-09-10 03:03:40 +00:00
|
|
|
NULL
|
|
|
|
};
|
|
|
|
|
|
|
|
enum KUBERNETES_ARGS_IDX {
|
2019-03-30 17:43:01 +00:00
|
|
|
|
2018-09-10 03:03:40 +00:00
|
|
|
/**
|
|
|
|
* The hostname to connect to. Required.
|
|
|
|
*/
|
|
|
|
IDX_HOSTNAME,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The port to connect to. Optional.
|
|
|
|
*/
|
|
|
|
IDX_PORT,
|
|
|
|
|
2018-09-11 01:39:06 +00:00
|
|
|
/**
|
|
|
|
* The name of the Kubernetes namespace of the pod containing the container
|
|
|
|
* being attached to. If omitted, the default namespace will be used.
|
|
|
|
*/
|
|
|
|
IDX_NAMESPACE,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The name of the Kubernetes pod containing with the container being
|
|
|
|
* attached to. Required.
|
|
|
|
*/
|
|
|
|
IDX_POD,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The name of the container to attach to. If omitted, the first container
|
|
|
|
* in the pod will be used.
|
|
|
|
*/
|
|
|
|
IDX_CONTAINER,
|
|
|
|
|
2018-09-10 03:03:40 +00:00
|
|
|
/**
|
2018-09-10 05:54:50 +00:00
|
|
|
* Whether SSL/TLS should be used. If omitted, SSL/TLS will not be used.
|
2018-09-10 03:03:40 +00:00
|
|
|
*/
|
|
|
|
IDX_USE_SSL,
|
|
|
|
|
|
|
|
/**
|
2018-09-11 10:03:17 +00:00
|
|
|
* The certificate to use if performing SSL/TLS client authentication to
|
|
|
|
* authenticate with the Kubernetes server, in PEM format. If omitted, SSL
|
|
|
|
* client authentication will not be performed.
|
2018-09-10 03:03:40 +00:00
|
|
|
*/
|
2018-09-11 10:03:17 +00:00
|
|
|
IDX_CLIENT_CERT,
|
2018-09-10 03:03:40 +00:00
|
|
|
|
|
|
|
/**
|
2018-09-11 10:03:17 +00:00
|
|
|
* The key to use if performing SSL/TLS client authentication to
|
|
|
|
* authenticate with the Kubernetes server, in PEM format. If omitted, SSL
|
|
|
|
* client authentication will not be performed.
|
2018-09-10 03:03:40 +00:00
|
|
|
*/
|
2018-09-11 10:03:17 +00:00
|
|
|
IDX_CLIENT_KEY,
|
2018-09-10 03:03:40 +00:00
|
|
|
|
|
|
|
/**
|
2018-09-11 10:03:17 +00:00
|
|
|
* The certificate of the certificate authority that signed the certificate
|
|
|
|
* of the Kubernetes server, in PEM format. If omitted. verification of
|
|
|
|
* the Kubernetes server certificate will use the systemwide certificate
|
|
|
|
* authorities.
|
2018-09-10 03:03:40 +00:00
|
|
|
*/
|
2018-09-11 10:03:17 +00:00
|
|
|
IDX_CA_CERT,
|
2018-09-10 03:03:40 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Whether the certificate used by the Kubernetes server for SSL/TLS should
|
|
|
|
* be ignored if it cannot be validated.
|
|
|
|
*/
|
|
|
|
IDX_IGNORE_CERT,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The name of the font to use within the terminal.
|
|
|
|
*/
|
|
|
|
IDX_FONT_NAME,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The size of the font to use within the terminal, in points.
|
|
|
|
*/
|
|
|
|
IDX_FONT_SIZE,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The color scheme to use, as a series of semicolon-separated color-value
|
|
|
|
* pairs: "background: <color>", "foreground: <color>", or
|
|
|
|
* "color<n>: <color>", where <n> is a number from 0 to 255, and <color> is
|
|
|
|
* "color<n>" or an X11 color code (e.g. "aqua" or "rgb:12/34/56").
|
|
|
|
* The color scheme can also be one of the special values: "black-white",
|
|
|
|
* "white-black", "gray-black", or "green-black".
|
|
|
|
*/
|
|
|
|
IDX_COLOR_SCHEME,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The full absolute path to the directory in which typescripts should be
|
|
|
|
* written.
|
|
|
|
*/
|
|
|
|
IDX_TYPESCRIPT_PATH,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The name that should be given to typescripts which are written in the
|
|
|
|
* given path. Each typescript will consist of two files: "NAME" and
|
|
|
|
* "NAME.timing".
|
|
|
|
*/
|
|
|
|
IDX_TYPESCRIPT_NAME,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Whether the specified typescript path should automatically be created
|
|
|
|
* if it does not yet exist.
|
|
|
|
*/
|
|
|
|
IDX_CREATE_TYPESCRIPT_PATH,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The full absolute path to the directory in which screen recordings
|
|
|
|
* should be written.
|
|
|
|
*/
|
|
|
|
IDX_RECORDING_PATH,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The name that should be given to screen recordings which are written in
|
|
|
|
* the given path.
|
|
|
|
*/
|
|
|
|
IDX_RECORDING_NAME,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Whether output which is broadcast to each connected client (graphics,
|
|
|
|
* streams, etc.) should NOT be included in the session recording. Output
|
|
|
|
* is included by default, as it is necessary for any recording which must
|
|
|
|
* later be viewable as video.
|
|
|
|
*/
|
|
|
|
IDX_RECORDING_EXCLUDE_OUTPUT,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Whether changes to mouse state, such as position and buttons pressed or
|
|
|
|
* released, should NOT be included in the session recording. Mouse state
|
|
|
|
* is included by default, as it is necessary for the mouse cursor to be
|
|
|
|
* rendered in any resulting video.
|
|
|
|
*/
|
|
|
|
IDX_RECORDING_EXCLUDE_MOUSE,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Whether keys pressed and released should be included in the session
|
|
|
|
* recording. Key events are NOT included by default within the recording,
|
|
|
|
* as doing so has privacy and security implications. Including key events
|
|
|
|
* may be necessary in certain auditing contexts, but should only be done
|
|
|
|
* with caution. Key events can easily contain sensitive information, such
|
|
|
|
* as passwords, credit card numbers, etc.
|
|
|
|
*/
|
|
|
|
IDX_RECORDING_INCLUDE_KEYS,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Whether the specified screen recording path should automatically be
|
|
|
|
* created if it does not yet exist.
|
|
|
|
*/
|
|
|
|
IDX_CREATE_RECORDING_PATH,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* "true" if this connection should be read-only (user input should be
|
|
|
|
* dropped), "false" or blank otherwise.
|
|
|
|
*/
|
|
|
|
IDX_READ_ONLY,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* ASCII code, as an integer to use for the backspace key, or 127
|
|
|
|
* if not specified.
|
|
|
|
*/
|
|
|
|
IDX_BACKSPACE,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The maximum size of the scrollback buffer in rows.
|
|
|
|
*/
|
|
|
|
IDX_SCROLLBACK,
|
|
|
|
|
2019-02-19 19:34:18 +00:00
|
|
|
/**
|
|
|
|
* Whether outbound clipboard access should be blocked. If set to "true",
|
|
|
|
* it will not be possible to copy data from the terminal to the client
|
|
|
|
* using the clipboard. By default, clipboard access is not blocked.
|
|
|
|
*/
|
|
|
|
IDX_DISABLE_COPY,
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Whether inbound clipboard access should be blocked. If set to "true", it
|
|
|
|
* will not be possible to paste data from the client to the terminal using
|
|
|
|
* the clipboard. By default, clipboard access is not blocked.
|
|
|
|
*/
|
|
|
|
IDX_DISABLE_PASTE,
|
|
|
|
|
2018-09-10 03:03:40 +00:00
|
|
|
KUBERNETES_ARGS_COUNT
|
|
|
|
};
|
|
|
|
|
|
|
|
guac_kubernetes_settings* guac_kubernetes_parse_args(guac_user* user,
|
|
|
|
int argc, const char** argv) {
|
|
|
|
|
|
|
|
/* Validate arg count */
|
|
|
|
if (argc != KUBERNETES_ARGS_COUNT) {
|
|
|
|
guac_user_log(user, GUAC_LOG_WARNING, "Incorrect number of connection "
|
|
|
|
"parameters provided: expected %i, got %i.",
|
|
|
|
KUBERNETES_ARGS_COUNT, argc);
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
guac_kubernetes_settings* settings =
|
|
|
|
calloc(1, sizeof(guac_kubernetes_settings));
|
|
|
|
|
2018-09-11 01:39:06 +00:00
|
|
|
/* Read hostname */
|
2018-09-10 03:03:40 +00:00
|
|
|
settings->hostname =
|
|
|
|
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_HOSTNAME, "");
|
|
|
|
|
2018-09-11 01:39:06 +00:00
|
|
|
/* Read port */
|
|
|
|
settings->port =
|
|
|
|
guac_user_parse_args_int(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_PORT, GUAC_KUBERNETES_DEFAULT_PORT);
|
|
|
|
|
|
|
|
/* Read Kubernetes namespace */
|
|
|
|
settings->kubernetes_namespace =
|
|
|
|
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_NAMESPACE, GUAC_KUBERNETES_DEFAULT_NAMESPACE);
|
|
|
|
|
|
|
|
/* Read name of Kubernetes pod (required) */
|
|
|
|
settings->kubernetes_pod =
|
|
|
|
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_POD, NULL);
|
|
|
|
|
|
|
|
/* Read container of pod (optional) */
|
|
|
|
settings->kubernetes_container =
|
|
|
|
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_CONTAINER, NULL);
|
|
|
|
|
2018-09-10 03:03:40 +00:00
|
|
|
/* Parse whether SSL should be used */
|
|
|
|
settings->use_ssl =
|
|
|
|
guac_user_parse_args_boolean(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
2018-09-10 05:54:50 +00:00
|
|
|
IDX_USE_SSL, false);
|
2018-09-10 03:03:40 +00:00
|
|
|
|
|
|
|
/* Read SSL/TLS connection details only if enabled */
|
|
|
|
if (settings->use_ssl) {
|
|
|
|
|
2018-09-11 10:03:17 +00:00
|
|
|
settings->client_cert =
|
2018-09-10 03:03:40 +00:00
|
|
|
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS,
|
2018-09-11 10:03:17 +00:00
|
|
|
argv, IDX_CLIENT_CERT, NULL);
|
2018-09-10 03:03:40 +00:00
|
|
|
|
2018-09-11 10:03:17 +00:00
|
|
|
settings->client_key =
|
2018-09-10 03:03:40 +00:00
|
|
|
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS,
|
2018-09-11 10:03:17 +00:00
|
|
|
argv, IDX_CLIENT_KEY, NULL);
|
2018-09-10 03:03:40 +00:00
|
|
|
|
2018-09-11 10:03:17 +00:00
|
|
|
settings->ca_cert =
|
2018-09-10 03:03:40 +00:00
|
|
|
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS,
|
2018-09-11 10:03:17 +00:00
|
|
|
argv, IDX_CA_CERT, NULL);
|
2018-09-10 03:03:40 +00:00
|
|
|
|
|
|
|
settings->ignore_cert =
|
|
|
|
guac_user_parse_args_boolean(user, GUAC_KUBERNETES_CLIENT_ARGS,
|
|
|
|
argv, IDX_IGNORE_CERT, false);
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
/* Read-only mode */
|
|
|
|
settings->read_only =
|
|
|
|
guac_user_parse_args_boolean(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_READ_ONLY, false);
|
|
|
|
|
|
|
|
/* Read maximum scrollback size */
|
|
|
|
settings->max_scrollback =
|
|
|
|
guac_user_parse_args_int(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_SCROLLBACK, GUAC_KUBERNETES_DEFAULT_MAX_SCROLLBACK);
|
|
|
|
|
|
|
|
/* Read font name */
|
|
|
|
settings->font_name =
|
|
|
|
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_FONT_NAME, GUAC_KUBERNETES_DEFAULT_FONT_NAME);
|
|
|
|
|
|
|
|
/* Read font size */
|
|
|
|
settings->font_size =
|
|
|
|
guac_user_parse_args_int(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_FONT_SIZE, GUAC_KUBERNETES_DEFAULT_FONT_SIZE);
|
|
|
|
|
|
|
|
/* Copy requested color scheme */
|
|
|
|
settings->color_scheme =
|
|
|
|
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_COLOR_SCHEME, "");
|
|
|
|
|
|
|
|
/* Pull width/height/resolution directly from user */
|
|
|
|
settings->width = user->info.optimal_width;
|
|
|
|
settings->height = user->info.optimal_height;
|
|
|
|
settings->resolution = user->info.optimal_resolution;
|
|
|
|
|
|
|
|
/* Read typescript path */
|
|
|
|
settings->typescript_path =
|
|
|
|
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_TYPESCRIPT_PATH, NULL);
|
|
|
|
|
|
|
|
/* Read typescript name */
|
|
|
|
settings->typescript_name =
|
|
|
|
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_TYPESCRIPT_NAME, GUAC_KUBERNETES_DEFAULT_TYPESCRIPT_NAME);
|
|
|
|
|
|
|
|
/* Parse path creation flag */
|
|
|
|
settings->create_typescript_path =
|
|
|
|
guac_user_parse_args_boolean(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_CREATE_TYPESCRIPT_PATH, false);
|
|
|
|
|
|
|
|
/* Read recording path */
|
|
|
|
settings->recording_path =
|
|
|
|
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_RECORDING_PATH, NULL);
|
|
|
|
|
|
|
|
/* Read recording name */
|
|
|
|
settings->recording_name =
|
|
|
|
guac_user_parse_args_string(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_RECORDING_NAME, GUAC_KUBERNETES_DEFAULT_RECORDING_NAME);
|
|
|
|
|
|
|
|
/* Parse output exclusion flag */
|
|
|
|
settings->recording_exclude_output =
|
|
|
|
guac_user_parse_args_boolean(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_RECORDING_EXCLUDE_OUTPUT, false);
|
|
|
|
|
|
|
|
/* Parse mouse exclusion flag */
|
|
|
|
settings->recording_exclude_mouse =
|
|
|
|
guac_user_parse_args_boolean(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_RECORDING_EXCLUDE_MOUSE, false);
|
|
|
|
|
|
|
|
/* Parse key event inclusion flag */
|
|
|
|
settings->recording_include_keys =
|
|
|
|
guac_user_parse_args_boolean(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_RECORDING_INCLUDE_KEYS, false);
|
|
|
|
|
|
|
|
/* Parse path creation flag */
|
|
|
|
settings->create_recording_path =
|
|
|
|
guac_user_parse_args_boolean(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_CREATE_RECORDING_PATH, false);
|
|
|
|
|
|
|
|
/* Parse backspace key code */
|
|
|
|
settings->backspace =
|
|
|
|
guac_user_parse_args_int(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_BACKSPACE, 127);
|
|
|
|
|
2019-02-19 19:34:18 +00:00
|
|
|
/* Parse clipboard copy disable flag */
|
|
|
|
settings->disable_copy =
|
|
|
|
guac_user_parse_args_boolean(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_DISABLE_COPY, false);
|
|
|
|
|
|
|
|
/* Parse clipboard paste disable flag */
|
|
|
|
settings->disable_paste =
|
|
|
|
guac_user_parse_args_boolean(user, GUAC_KUBERNETES_CLIENT_ARGS, argv,
|
|
|
|
IDX_DISABLE_PASTE, false);
|
|
|
|
|
2018-09-10 03:03:40 +00:00
|
|
|
/* Parsing was successful */
|
|
|
|
return settings;
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
|
|
void guac_kubernetes_settings_free(guac_kubernetes_settings* settings) {
|
|
|
|
|
|
|
|
/* Free network connection information */
|
|
|
|
free(settings->hostname);
|
|
|
|
|
2018-09-11 01:39:06 +00:00
|
|
|
/* Free Kubernetes pod/container details */
|
|
|
|
free(settings->kubernetes_namespace);
|
|
|
|
free(settings->kubernetes_pod);
|
|
|
|
free(settings->kubernetes_container);
|
|
|
|
|
2018-09-10 03:03:40 +00:00
|
|
|
/* Free SSL/TLS details */
|
2018-09-11 10:03:17 +00:00
|
|
|
free(settings->client_cert);
|
|
|
|
free(settings->client_key);
|
|
|
|
free(settings->ca_cert);
|
2018-09-10 03:03:40 +00:00
|
|
|
|
|
|
|
/* Free display preferences */
|
|
|
|
free(settings->font_name);
|
|
|
|
free(settings->color_scheme);
|
|
|
|
|
|
|
|
/* Free typescript settings */
|
|
|
|
free(settings->typescript_name);
|
|
|
|
free(settings->typescript_path);
|
|
|
|
|
|
|
|
/* Free screen recording settings */
|
|
|
|
free(settings->recording_name);
|
|
|
|
free(settings->recording_path);
|
|
|
|
|
|
|
|
/* Free overall structure */
|
|
|
|
free(settings);
|
|
|
|
|
|
|
|
}
|
|
|
|
|