Merge pull request #46 from glyptodon/ssh-fs
GUAC-1172: Add filesystem object support to SSH/SFTP.
This commit is contained in:
commit
a6e9e0cfca
@ -162,6 +162,7 @@ int guac_client_init(guac_client* client, int argc, char** argv) {
|
|||||||
client_data->enable_sftp = strcmp(argv[IDX_ENABLE_SFTP], "true") == 0;
|
client_data->enable_sftp = strcmp(argv[IDX_ENABLE_SFTP], "true") == 0;
|
||||||
client_data->sftp_session = NULL;
|
client_data->sftp_session = NULL;
|
||||||
client_data->sftp_ssh_session = NULL;
|
client_data->sftp_ssh_session = NULL;
|
||||||
|
client_data->sftp_filesystem = NULL;
|
||||||
strcpy(client_data->sftp_upload_path, ".");
|
strcpy(client_data->sftp_upload_path, ".");
|
||||||
|
|
||||||
#ifdef ENABLE_SSH_AGENT
|
#ifdef ENABLE_SSH_AGENT
|
||||||
|
@ -33,6 +33,8 @@
|
|||||||
#include <libssh2.h>
|
#include <libssh2.h>
|
||||||
#include <libssh2_sftp.h>
|
#include <libssh2_sftp.h>
|
||||||
|
|
||||||
|
#include <guacamole/object.h>
|
||||||
|
|
||||||
#ifdef ENABLE_SSH_AGENT
|
#ifdef ENABLE_SSH_AGENT
|
||||||
#include "ssh_agent.h"
|
#include "ssh_agent.h"
|
||||||
#endif
|
#endif
|
||||||
@ -128,7 +130,13 @@ typedef struct ssh_guac_client_data {
|
|||||||
LIBSSH2_SFTP* sftp_session;
|
LIBSSH2_SFTP* sftp_session;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* The path files will be sent to.
|
* The filesystem object exposed for the SFTP session.
|
||||||
|
*/
|
||||||
|
guac_object* sftp_filesystem;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The path files will be sent to, if uploaded directly via a "file"
|
||||||
|
* instruction.
|
||||||
*/
|
*/
|
||||||
char sftp_upload_path[GUAC_SFTP_MAX_PATH];
|
char sftp_upload_path[GUAC_SFTP_MAX_PATH];
|
||||||
|
|
||||||
|
@ -101,15 +101,20 @@ int ssh_guac_client_free_handler(guac_client* client) {
|
|||||||
/* Free channels */
|
/* Free channels */
|
||||||
libssh2_channel_free(guac_client_data->term_channel);
|
libssh2_channel_free(guac_client_data->term_channel);
|
||||||
|
|
||||||
/* Clean up SFTP */
|
/* Shutdown SFTP session, if any */
|
||||||
if (guac_client_data->sftp_session)
|
if (guac_client_data->sftp_session)
|
||||||
libssh2_sftp_shutdown(guac_client_data->sftp_session);
|
libssh2_sftp_shutdown(guac_client_data->sftp_session);
|
||||||
|
|
||||||
|
/* Disconnect SSH session corresponding to the SFTP session */
|
||||||
if (guac_client_data->sftp_ssh_session) {
|
if (guac_client_data->sftp_ssh_session) {
|
||||||
libssh2_session_disconnect(guac_client_data->sftp_ssh_session, "Bye");
|
libssh2_session_disconnect(guac_client_data->sftp_ssh_session, "Bye");
|
||||||
libssh2_session_free(guac_client_data->sftp_ssh_session);
|
libssh2_session_free(guac_client_data->sftp_ssh_session);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/* Clean up the SFTP filesystem object */
|
||||||
|
if (guac_client_data->sftp_filesystem)
|
||||||
|
guac_client_free_object(client, guac_client_data->sftp_filesystem);
|
||||||
|
|
||||||
/* Free session */
|
/* Free session */
|
||||||
if (guac_client_data->session != NULL)
|
if (guac_client_data->session != NULL)
|
||||||
libssh2_session_free(guac_client_data->session);
|
libssh2_session_free(guac_client_data->session);
|
||||||
|
@ -28,15 +28,40 @@
|
|||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
#include <libgen.h>
|
#include <libgen.h>
|
||||||
#include <stdbool.h>
|
#include <stdbool.h>
|
||||||
|
#include <stdio.h>
|
||||||
|
#include <stdlib.h>
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
|
|
||||||
#include <libssh2_sftp.h>
|
#include <libssh2_sftp.h>
|
||||||
#include <guacamole/client.h>
|
#include <guacamole/client.h>
|
||||||
|
#include <guacamole/object.h>
|
||||||
#include <guacamole/protocol.h>
|
#include <guacamole/protocol.h>
|
||||||
#include <guacamole/socket.h>
|
#include <guacamole/socket.h>
|
||||||
#include <guacamole/stream.h>
|
#include <guacamole/stream.h>
|
||||||
|
|
||||||
static bool __ssh_guac_valid_filename(char* filename) {
|
/**
|
||||||
|
* Concatenates the given filename with the given path, separating the two
|
||||||
|
* with a single forward slash. The full result must be no more than
|
||||||
|
* GUAC_SFTP_MAX_PATH bytes long, counting null terminator.
|
||||||
|
*
|
||||||
|
* @param fullpath
|
||||||
|
* The buffer to store the result within. This buffer must be at least
|
||||||
|
* GUAC_SFTP_MAX_PATH bytes long.
|
||||||
|
*
|
||||||
|
* @param path
|
||||||
|
* The path to append the filename to.
|
||||||
|
*
|
||||||
|
* @param filename
|
||||||
|
* The filename to append to the path.
|
||||||
|
*
|
||||||
|
* @return
|
||||||
|
* true if the filename is valid and was successfully appended to the path,
|
||||||
|
* false otherwise.
|
||||||
|
*/
|
||||||
|
static bool guac_ssh_append_filename(char* fullpath, const char* path,
|
||||||
|
const char* filename) {
|
||||||
|
|
||||||
|
int i;
|
||||||
|
|
||||||
/* Disallow "." as a filename */
|
/* Disallow "." as a filename */
|
||||||
if (strcmp(filename, ".") == 0)
|
if (strcmp(filename, ".") == 0)
|
||||||
@ -46,20 +71,51 @@ static bool __ssh_guac_valid_filename(char* filename) {
|
|||||||
if (strcmp(filename, "..") == 0)
|
if (strcmp(filename, "..") == 0)
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
/* Search for path separator characters */
|
/* Copy path, append trailing slash */
|
||||||
for (;;) {
|
for (i=0; i<GUAC_SFTP_MAX_PATH; i++) {
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Append trailing slash only if:
|
||||||
|
* 1) Trailing slash is not already present
|
||||||
|
* 2) Path is non-empty
|
||||||
|
*/
|
||||||
|
|
||||||
|
char c = path[i];
|
||||||
|
if (c == '\0') {
|
||||||
|
if (i > 0 && path[i-1] != '/')
|
||||||
|
fullpath[i++] = '/';
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Copy character if not end of string */
|
||||||
|
fullpath[i] = c;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Append filename */
|
||||||
|
for (; i<GUAC_SFTP_MAX_PATH; i++) {
|
||||||
|
|
||||||
char c = *(filename++);
|
char c = *(filename++);
|
||||||
if (c == '\0')
|
if (c == '\0')
|
||||||
break;
|
break;
|
||||||
|
|
||||||
/* Replace slashes with underscores */
|
/* Filenames may not contain slashes */
|
||||||
if (c == '\\' || c == '/')
|
if (c == '\\' || c == '/')
|
||||||
return false;
|
return false;
|
||||||
|
|
||||||
|
/* Append each character within filename */
|
||||||
|
fullpath[i] = c;
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/* If filename does not contain a path, it's ok */
|
/* Verify path length is within maximum */
|
||||||
|
if (i == GUAC_SFTP_MAX_PATH)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
/* Terminate path string */
|
||||||
|
fullpath[i] = '\0';
|
||||||
|
|
||||||
|
/* Append was successful */
|
||||||
return true;
|
return true;
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -70,56 +126,24 @@ int guac_sftp_file_handler(guac_client* client, guac_stream* stream,
|
|||||||
ssh_guac_client_data* client_data = (ssh_guac_client_data*) client->data;
|
ssh_guac_client_data* client_data = (ssh_guac_client_data*) client->data;
|
||||||
char fullpath[GUAC_SFTP_MAX_PATH];
|
char fullpath[GUAC_SFTP_MAX_PATH];
|
||||||
LIBSSH2_SFTP_HANDLE* file;
|
LIBSSH2_SFTP_HANDLE* file;
|
||||||
int i;
|
|
||||||
|
|
||||||
/* Ensure filename is a valid filename and not a path */
|
/* Concatenate filename with path */
|
||||||
if (!__ssh_guac_valid_filename(filename)) {
|
if (!guac_ssh_append_filename(fullpath,
|
||||||
|
client_data->sftp_upload_path, filename)) {
|
||||||
|
|
||||||
guac_client_log(client, GUAC_LOG_DEBUG,
|
guac_client_log(client, GUAC_LOG_DEBUG,
|
||||||
"Filename \"%s\" is invalid",
|
"Filename \"%s\" is invalid or resulting path is too long",
|
||||||
filename);
|
filename);
|
||||||
|
|
||||||
guac_protocol_send_ack(client->socket, stream, "SFTP: Illegal filename",
|
/* Abort transfer - invalid filename */
|
||||||
|
guac_protocol_send_ack(client->socket, stream,
|
||||||
|
"SFTP: Illegal filename",
|
||||||
GUAC_PROTOCOL_STATUS_CLIENT_BAD_REQUEST);
|
GUAC_PROTOCOL_STATUS_CLIENT_BAD_REQUEST);
|
||||||
|
|
||||||
guac_socket_flush(client->socket);
|
guac_socket_flush(client->socket);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Copy upload path, append trailing slash */
|
|
||||||
for (i=0; i<GUAC_SFTP_MAX_PATH; i++) {
|
|
||||||
char c = client_data->sftp_upload_path[i];
|
|
||||||
if (c == '\0') {
|
|
||||||
fullpath[i++] = '/';
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
fullpath[i] = c;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Append filename */
|
|
||||||
for (; i<GUAC_SFTP_MAX_PATH; i++) {
|
|
||||||
char c = *(filename++);
|
|
||||||
if (c == '\0')
|
|
||||||
break;
|
|
||||||
|
|
||||||
fullpath[i] = c;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* If path + filename exceeds max length, abort */
|
|
||||||
if (i == GUAC_SFTP_MAX_PATH) {
|
|
||||||
|
|
||||||
guac_client_log(client, GUAC_LOG_DEBUG,
|
|
||||||
"Filename exceeds maximum of %i characters",
|
|
||||||
GUAC_SFTP_MAX_PATH);
|
|
||||||
|
|
||||||
guac_protocol_send_ack(client->socket, stream, "SFTP: Name too long", GUAC_PROTOCOL_STATUS_CLIENT_OVERRUN);
|
|
||||||
guac_socket_flush(client->socket);
|
|
||||||
return 0;
|
|
||||||
}
|
|
||||||
|
|
||||||
/* Terminate path string */
|
|
||||||
fullpath[i] = '\0';
|
|
||||||
|
|
||||||
/* Open file via SFTP */
|
/* Open file via SFTP */
|
||||||
file = libssh2_sftp_open(client_data->sftp_session, fullpath,
|
file = libssh2_sftp_open(client_data->sftp_session, fullpath,
|
||||||
LIBSSH2_FXF_WRITE | LIBSSH2_FXF_CREAT | LIBSSH2_FXF_TRUNC,
|
LIBSSH2_FXF_WRITE | LIBSSH2_FXF_CREAT | LIBSSH2_FXF_TRUNC,
|
||||||
@ -300,3 +324,434 @@ void guac_sftp_set_upload_path(guac_client* client, char* path) {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
guac_object* guac_sftp_expose_filesystem(guac_client* client) {
|
||||||
|
|
||||||
|
/* Init filesystem */
|
||||||
|
guac_object* filesystem = guac_client_alloc_object(client);
|
||||||
|
filesystem->get_handler = guac_sftp_get_handler;
|
||||||
|
filesystem->put_handler = guac_sftp_put_handler;
|
||||||
|
|
||||||
|
/* Send filesystem to client */
|
||||||
|
guac_protocol_send_filesystem(client->socket, filesystem, "/");
|
||||||
|
guac_socket_flush(client->socket);
|
||||||
|
|
||||||
|
/* Return allocated filesystem */
|
||||||
|
return filesystem;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Given a stream, the client to which it belongs, and the current directory
|
||||||
|
* list state, flushes the contents of the JSON buffer to a blob instruction.
|
||||||
|
* Note that this will flush the JSON buffer only, and will not necessarily
|
||||||
|
* flush the underlying guac_socket of the client.
|
||||||
|
*
|
||||||
|
* @param client
|
||||||
|
* The client to which the data will be flushed.
|
||||||
|
*
|
||||||
|
* @param stream
|
||||||
|
* The stream through which the flushed data should be sent as a blob.
|
||||||
|
*
|
||||||
|
* @param list_state
|
||||||
|
* The directory list state.
|
||||||
|
*/
|
||||||
|
static void guac_sftp_ls_flush_json(guac_client* client, guac_stream* stream,
|
||||||
|
guac_sftp_ls_state* list_state) {
|
||||||
|
|
||||||
|
/* If JSON buffer is non-empty, write contents to blob and reset */
|
||||||
|
if (list_state->json_size > 0) {
|
||||||
|
guac_protocol_send_blob(client->socket, stream,
|
||||||
|
list_state->json_buffer, list_state->json_size);
|
||||||
|
|
||||||
|
/* Reset JSON buffer size */
|
||||||
|
list_state->json_size = 0;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Given a stream, the client to which it belongs, and the current directory
|
||||||
|
* list state, writes the contents of the given buffer to the JSON buffer of
|
||||||
|
* the directory list state, flushing as necessary.
|
||||||
|
*
|
||||||
|
* @param client
|
||||||
|
* The client to which the data will be flushed as necessary.
|
||||||
|
*
|
||||||
|
* @param stream
|
||||||
|
* The stream through which the flushed data should be sent as a blob, if
|
||||||
|
* data must be flushed at all.
|
||||||
|
*
|
||||||
|
* @param list_state
|
||||||
|
* The directory list state containing the JSON buffer to which the given
|
||||||
|
* buffer should be written.
|
||||||
|
*
|
||||||
|
* @param buffer
|
||||||
|
* The buffer to write.
|
||||||
|
*
|
||||||
|
* @param length
|
||||||
|
* The number of bytes in the buffer.
|
||||||
|
*
|
||||||
|
* @return
|
||||||
|
* true if at least one blob was written, false otherwise.
|
||||||
|
*/
|
||||||
|
static bool guac_sftp_ls_write_json(guac_client* client, guac_stream* stream,
|
||||||
|
guac_sftp_ls_state* list_state, const char* buffer, int length) {
|
||||||
|
|
||||||
|
bool blob_written = false;
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Append to and flush the JSON buffer as necessary to write the given
|
||||||
|
* data
|
||||||
|
*/
|
||||||
|
while (length > 0) {
|
||||||
|
|
||||||
|
/* Ensure provided data does not exceed size of buffer */
|
||||||
|
int blob_length = length;
|
||||||
|
if (blob_length > sizeof(list_state->json_buffer))
|
||||||
|
blob_length = sizeof(list_state->json_buffer);
|
||||||
|
|
||||||
|
/* Flush if more room is needed */
|
||||||
|
if (list_state->json_size + blob_length > sizeof(list_state->json_buffer)) {
|
||||||
|
guac_sftp_ls_flush_json(client, stream, list_state);
|
||||||
|
blob_written = true;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Append data to JSON buffer */
|
||||||
|
memcpy(list_state->json_buffer + list_state->json_size,
|
||||||
|
buffer, blob_length);
|
||||||
|
|
||||||
|
list_state->json_size += blob_length;
|
||||||
|
|
||||||
|
/* Advance to next blob of data */
|
||||||
|
buffer += blob_length;
|
||||||
|
length -= blob_length;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
return blob_written;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Given a stream, the client to which it belongs, and the current directory
|
||||||
|
* list state, writes the given string as a proper JSON string, including
|
||||||
|
* starting and ending quotes. The contents of the string will be escaped as
|
||||||
|
* necessary.
|
||||||
|
*
|
||||||
|
* @param client
|
||||||
|
* The client to which the data will be flushed as necessary.
|
||||||
|
*
|
||||||
|
* @param stream
|
||||||
|
* The stream through which the flushed data should be sent as a blob, if
|
||||||
|
* data must be flushed at all.
|
||||||
|
*
|
||||||
|
* @param list_state
|
||||||
|
* The directory list state containing the JSON buffer to which the given
|
||||||
|
* string should be written as a proper JSON string.
|
||||||
|
*
|
||||||
|
* @param str
|
||||||
|
* The string to write.
|
||||||
|
*
|
||||||
|
* @return
|
||||||
|
* true if at least one blob was written, false otherwise.
|
||||||
|
*/
|
||||||
|
static bool guac_sftp_ls_write_json_string(guac_client* client,
|
||||||
|
guac_stream* stream, guac_sftp_ls_state* list_state,
|
||||||
|
const char* str) {
|
||||||
|
|
||||||
|
bool blob_written = false;
|
||||||
|
|
||||||
|
/* Write starting quote */
|
||||||
|
blob_written |= guac_sftp_ls_write_json(client, stream,
|
||||||
|
list_state, "\"", 1);
|
||||||
|
|
||||||
|
/* Write given string, escaping as necessary */
|
||||||
|
const char* current = str;
|
||||||
|
for (; *current != '\0'; current++) {
|
||||||
|
|
||||||
|
/* Escape all quotes */
|
||||||
|
if (*current == '"') {
|
||||||
|
|
||||||
|
/* Write any string content up to current character */
|
||||||
|
if (current != str)
|
||||||
|
blob_written |= guac_sftp_ls_write_json(client, stream,
|
||||||
|
list_state, str, current - str);
|
||||||
|
|
||||||
|
/* Escape the quote that was just read */
|
||||||
|
blob_written |= guac_sftp_ls_write_json(client, stream,
|
||||||
|
list_state, "\\", 1);
|
||||||
|
|
||||||
|
/* Reset string */
|
||||||
|
str = current;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Write any remaining string content */
|
||||||
|
if (current != str)
|
||||||
|
blob_written |= guac_sftp_ls_write_json(client, stream,
|
||||||
|
list_state, str, current - str);
|
||||||
|
|
||||||
|
/* Write ending quote */
|
||||||
|
blob_written |= guac_sftp_ls_write_json(client, stream,
|
||||||
|
list_state, "\"", 1);
|
||||||
|
|
||||||
|
return blob_written;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Given a stream, the client to which it belongs, and the current directory
|
||||||
|
* list state, writes the given directory entry as a JSON name/value pair. The
|
||||||
|
* name and value will be written as proper JSON strings separated by a colon.
|
||||||
|
*
|
||||||
|
* @param client
|
||||||
|
* The client to which the data will be flushed as necessary.
|
||||||
|
*
|
||||||
|
* @param stream
|
||||||
|
* The stream through which the flushed data should be sent as a blob, if
|
||||||
|
* data must be flushed at all.
|
||||||
|
*
|
||||||
|
* @param list_state
|
||||||
|
* The directory list state containing the JSON buffer to which the given
|
||||||
|
* directory should be written as a JSON name/value pair.
|
||||||
|
*
|
||||||
|
* @param mimetype
|
||||||
|
* The mimetype of the directory entry to write.
|
||||||
|
*
|
||||||
|
* @param filename
|
||||||
|
* The filename of the directory entry to write.
|
||||||
|
*
|
||||||
|
* @return
|
||||||
|
* true if at least one blob was written, false otherwise.
|
||||||
|
*/
|
||||||
|
static bool guac_sftp_ls_write_entry(guac_client* client, guac_stream* stream,
|
||||||
|
guac_sftp_ls_state* list_state, const char* mimetype,
|
||||||
|
const char* filename) {
|
||||||
|
|
||||||
|
bool blob_written = false;
|
||||||
|
|
||||||
|
/* Write leading comma if not first entry */
|
||||||
|
if (list_state->entries_written != 0)
|
||||||
|
blob_written |= guac_sftp_ls_write_json(client, stream,
|
||||||
|
list_state, ",", 1);
|
||||||
|
|
||||||
|
/* Write filename */
|
||||||
|
blob_written |= guac_sftp_ls_write_json_string(client, stream,
|
||||||
|
list_state, filename);
|
||||||
|
|
||||||
|
/* Separate filename from mimetype with colon */
|
||||||
|
blob_written |= guac_sftp_ls_write_json(client, stream,
|
||||||
|
list_state, ":", 1);
|
||||||
|
|
||||||
|
/* Write mimetype */
|
||||||
|
blob_written |= guac_sftp_ls_write_json_string(client, stream,
|
||||||
|
list_state, mimetype);
|
||||||
|
|
||||||
|
list_state->entries_written++;
|
||||||
|
|
||||||
|
return blob_written;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
int guac_sftp_ls_ack_handler(guac_client* client, guac_stream* stream,
|
||||||
|
char* message, guac_protocol_status status) {
|
||||||
|
|
||||||
|
int bytes_read;
|
||||||
|
bool blob_written = false;
|
||||||
|
|
||||||
|
char filename[GUAC_SFTP_MAX_PATH];
|
||||||
|
LIBSSH2_SFTP_ATTRIBUTES attributes;
|
||||||
|
|
||||||
|
ssh_guac_client_data* client_data = (ssh_guac_client_data*) client->data;
|
||||||
|
LIBSSH2_SFTP* sftp = client_data->sftp_session;
|
||||||
|
guac_sftp_ls_state* list_state = (guac_sftp_ls_state*) stream->data;
|
||||||
|
|
||||||
|
/* If unsuccessful, free stream and abort */
|
||||||
|
if (status != GUAC_PROTOCOL_STATUS_SUCCESS) {
|
||||||
|
libssh2_sftp_closedir(list_state->directory);
|
||||||
|
guac_client_free_stream(client, stream);
|
||||||
|
free(list_state);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* While directory entries remain */
|
||||||
|
while ((bytes_read = libssh2_sftp_readdir(list_state->directory,
|
||||||
|
filename, sizeof(filename), &attributes)) > 0
|
||||||
|
&& !blob_written) {
|
||||||
|
|
||||||
|
char absolute_path[GUAC_SFTP_MAX_PATH];
|
||||||
|
|
||||||
|
/* Skip current and parent directory entries */
|
||||||
|
if (strcmp(filename, ".") == 0 || strcmp(filename, "..") == 0)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
/* Concatenate into absolute path - skip if invalid */
|
||||||
|
if (!guac_ssh_append_filename(absolute_path,
|
||||||
|
list_state->directory_name, filename)) {
|
||||||
|
|
||||||
|
guac_client_log(client, GUAC_LOG_DEBUG,
|
||||||
|
"Skipping filename \"%s\" - filename is invalid or "
|
||||||
|
"resulting path is too long", filename);
|
||||||
|
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Stat explicitly if symbolic link (might point to directory) */
|
||||||
|
if (LIBSSH2_SFTP_S_ISLNK(attributes.permissions))
|
||||||
|
libssh2_sftp_stat(sftp, absolute_path, &attributes);
|
||||||
|
|
||||||
|
/* Determine mimetype */
|
||||||
|
const char* mimetype;
|
||||||
|
if (LIBSSH2_SFTP_S_ISDIR(attributes.permissions))
|
||||||
|
mimetype = GUAC_CLIENT_STREAM_INDEX_MIMETYPE;
|
||||||
|
else
|
||||||
|
mimetype = "application/octet-stream";
|
||||||
|
|
||||||
|
/* Write leading brace if just starting */
|
||||||
|
if (list_state->entries_written == 0)
|
||||||
|
blob_written |= guac_sftp_ls_write_json(client, stream,
|
||||||
|
list_state, "{", 1);
|
||||||
|
|
||||||
|
/* Write entry */
|
||||||
|
blob_written |= guac_sftp_ls_write_entry(client, stream,
|
||||||
|
list_state, mimetype, absolute_path);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Complete JSON and cleanup at end of directory */
|
||||||
|
if (bytes_read <= 0) {
|
||||||
|
|
||||||
|
/* Write end of JSON */
|
||||||
|
guac_sftp_ls_write_json(client, stream, list_state, "}", 1);
|
||||||
|
guac_sftp_ls_flush_json(client, stream, list_state);
|
||||||
|
|
||||||
|
/* Clean up resources */
|
||||||
|
libssh2_sftp_closedir(list_state->directory);
|
||||||
|
free(list_state);
|
||||||
|
|
||||||
|
/* Signal of stream */
|
||||||
|
guac_protocol_send_end(client->socket, stream);
|
||||||
|
guac_client_free_stream(client, stream);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
guac_socket_flush(client->socket);
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
int guac_sftp_get_handler(guac_client* client, guac_object* object,
|
||||||
|
char* name) {
|
||||||
|
|
||||||
|
ssh_guac_client_data* client_data = (ssh_guac_client_data*) client->data;
|
||||||
|
LIBSSH2_SFTP* sftp = client_data->sftp_session;
|
||||||
|
LIBSSH2_SFTP_ATTRIBUTES attributes;
|
||||||
|
|
||||||
|
/* Attempt to read file information */
|
||||||
|
if (libssh2_sftp_stat(sftp, name, &attributes)) {
|
||||||
|
guac_client_log(client, GUAC_LOG_INFO, "Unable to read file \"%s\"",
|
||||||
|
name);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* If directory, send contents of directory */
|
||||||
|
if (LIBSSH2_SFTP_S_ISDIR(attributes.permissions)) {
|
||||||
|
|
||||||
|
/* Open as directory */
|
||||||
|
LIBSSH2_SFTP_HANDLE* dir = libssh2_sftp_opendir(sftp, name);
|
||||||
|
if (dir == NULL) {
|
||||||
|
guac_client_log(client, GUAC_LOG_INFO,
|
||||||
|
"Unable to read directory \"%s\": %s",
|
||||||
|
name, libssh2_sftp_last_error(sftp));
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Init directory listing state */
|
||||||
|
guac_sftp_ls_state* list_state = malloc(sizeof(guac_sftp_ls_state));
|
||||||
|
|
||||||
|
list_state->directory = dir;
|
||||||
|
strncpy(list_state->directory_name, name,
|
||||||
|
sizeof(list_state->directory_name));
|
||||||
|
|
||||||
|
list_state->json_size = 0;
|
||||||
|
list_state->entries_written = 0;
|
||||||
|
|
||||||
|
/* Allocate stream for body */
|
||||||
|
guac_stream* stream = guac_client_alloc_stream(client);
|
||||||
|
stream->ack_handler = guac_sftp_ls_ack_handler;
|
||||||
|
stream->data = list_state;
|
||||||
|
|
||||||
|
/* Associate new stream with get request */
|
||||||
|
guac_protocol_send_body(client->socket, object, stream,
|
||||||
|
GUAC_CLIENT_STREAM_INDEX_MIMETYPE, name);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Otherwise, send file contents */
|
||||||
|
else {
|
||||||
|
|
||||||
|
/* Open as normal file */
|
||||||
|
LIBSSH2_SFTP_HANDLE* file = libssh2_sftp_open(sftp, name,
|
||||||
|
LIBSSH2_FXF_READ, 0);
|
||||||
|
if (file == NULL) {
|
||||||
|
guac_client_log(client, GUAC_LOG_INFO,
|
||||||
|
"Unable to read file \"%s\": %s",
|
||||||
|
name, libssh2_sftp_last_error(sftp));
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Allocate stream for body */
|
||||||
|
guac_stream* stream = guac_client_alloc_stream(client);
|
||||||
|
stream->ack_handler = guac_sftp_ack_handler;
|
||||||
|
stream->data = file;
|
||||||
|
|
||||||
|
/* Associate new stream with get request */
|
||||||
|
guac_protocol_send_body(client->socket, object, stream,
|
||||||
|
"application/octet-stream", name);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
guac_socket_flush(client->socket);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
int guac_sftp_put_handler(guac_client* client, guac_object* object,
|
||||||
|
guac_stream* stream, char* mimetype, char* name) {
|
||||||
|
|
||||||
|
ssh_guac_client_data* client_data = (ssh_guac_client_data*) client->data;
|
||||||
|
LIBSSH2_SFTP* sftp = client_data->sftp_session;
|
||||||
|
|
||||||
|
/* Open file via SFTP */
|
||||||
|
LIBSSH2_SFTP_HANDLE* file = libssh2_sftp_open(sftp, name,
|
||||||
|
LIBSSH2_FXF_WRITE | LIBSSH2_FXF_CREAT | LIBSSH2_FXF_TRUNC,
|
||||||
|
S_IRUSR | S_IWUSR);
|
||||||
|
|
||||||
|
/* Acknowledge stream if successful */
|
||||||
|
if (file != NULL) {
|
||||||
|
guac_client_log(client, GUAC_LOG_DEBUG, "File \"%s\" opened", name);
|
||||||
|
guac_protocol_send_ack(client->socket, stream, "SFTP: File opened",
|
||||||
|
GUAC_PROTOCOL_STATUS_SUCCESS);
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Abort on failure */
|
||||||
|
else {
|
||||||
|
guac_client_log(client, GUAC_LOG_INFO, "Unable to open file \"%s\": %s",
|
||||||
|
name, libssh2_sftp_last_error(sftp));
|
||||||
|
guac_protocol_send_ack(client->socket, stream, "SFTP: Open failed",
|
||||||
|
GUAC_PROTOCOL_STATUS_RESOURCE_NOT_FOUND);
|
||||||
|
}
|
||||||
|
|
||||||
|
/* Set handlers for file stream */
|
||||||
|
stream->blob_handler = guac_sftp_blob_handler;
|
||||||
|
stream->end_handler = guac_sftp_end_handler;
|
||||||
|
|
||||||
|
/* Store file within stream */
|
||||||
|
stream->data = file;
|
||||||
|
|
||||||
|
guac_socket_flush(client->socket);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
@ -26,7 +26,11 @@
|
|||||||
|
|
||||||
#include "config.h"
|
#include "config.h"
|
||||||
|
|
||||||
|
#include <libssh2.h>
|
||||||
|
#include <libssh2_sftp.h>
|
||||||
|
|
||||||
#include <guacamole/client.h>
|
#include <guacamole/client.h>
|
||||||
|
#include <guacamole/object.h>
|
||||||
#include <guacamole/protocol.h>
|
#include <guacamole/protocol.h>
|
||||||
#include <guacamole/stream.h>
|
#include <guacamole/stream.h>
|
||||||
|
|
||||||
@ -35,6 +39,41 @@
|
|||||||
*/
|
*/
|
||||||
#define GUAC_SFTP_MAX_PATH 2048
|
#define GUAC_SFTP_MAX_PATH 2048
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The current state of a directory listing operation.
|
||||||
|
*/
|
||||||
|
typedef struct guac_sftp_ls_state {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Reference to the directory currently being listed over SFTP. This
|
||||||
|
* directory must already be open from a call to libssh2_sftp_opendir().
|
||||||
|
*/
|
||||||
|
LIBSSH2_SFTP_HANDLE* directory;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The absolute path of the directory being listed.
|
||||||
|
*/
|
||||||
|
char directory_name[GUAC_SFTP_MAX_PATH];
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Buffer of partial JSON data. The individual blobs which make up the JSON
|
||||||
|
* body of the directory listing sent over the Guacamole protocol will be
|
||||||
|
* built here.
|
||||||
|
*/
|
||||||
|
char json_buffer[4096];
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The number of bytes currently used within the JSON buffer.
|
||||||
|
*/
|
||||||
|
int json_size;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* The number of entries written to the JSON thus far.
|
||||||
|
*/
|
||||||
|
int entries_written;
|
||||||
|
|
||||||
|
} guac_sftp_ls_state;
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Handler for file messages which begins an SFTP data transfer (upload).
|
* Handler for file messages which begins an SFTP data transfer (upload).
|
||||||
*/
|
*/
|
||||||
@ -68,5 +107,90 @@ guac_stream* guac_sftp_download_file(guac_client* client, char* filename);
|
|||||||
*/
|
*/
|
||||||
void guac_sftp_set_upload_path(guac_client* client, char* path);
|
void guac_sftp_set_upload_path(guac_client* client, char* path);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Exposes access to SFTP via a filesystem object, returning that object. The
|
||||||
|
* object returned must eventually be explicitly freed through a call to
|
||||||
|
* guac_client_free_object().
|
||||||
|
*
|
||||||
|
* @param client
|
||||||
|
* The Guacamole client to expose the filesystem to.
|
||||||
|
*
|
||||||
|
* @return
|
||||||
|
* The resulting Guacamole filesystem object, initialized and exposed to
|
||||||
|
* the client.
|
||||||
|
*/
|
||||||
|
guac_object* guac_sftp_expose_filesystem(guac_client* client);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handler for get messages. In context of SFTP and the filesystem exposed via
|
||||||
|
* the Guacamole protocol, get messages request the body of a file within the
|
||||||
|
* filesystem.
|
||||||
|
*
|
||||||
|
* @param client
|
||||||
|
* The client receiving the get message.
|
||||||
|
*
|
||||||
|
* @param object
|
||||||
|
* The Guacamole protocol object associated with the get request itself.
|
||||||
|
*
|
||||||
|
* @param name
|
||||||
|
* The name of the input stream (file) being requested.
|
||||||
|
*
|
||||||
|
* @return
|
||||||
|
* Zero on success, non-zero on error.
|
||||||
|
*/
|
||||||
|
int guac_sftp_get_handler(guac_client* client, guac_object* object,
|
||||||
|
char* name);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handler for put messages. In context of SFTP and the filesystem exposed via
|
||||||
|
* the Guacamole protocol, put messages request write access to a file within
|
||||||
|
* the filesystem.
|
||||||
|
*
|
||||||
|
* @param client
|
||||||
|
* The client receiving the put message.
|
||||||
|
*
|
||||||
|
* @param object
|
||||||
|
* The Guacamole protocol object associated with the put request itself.
|
||||||
|
*
|
||||||
|
* @param stream
|
||||||
|
* The Guacamole protocol stream along which the client will be sending
|
||||||
|
* file data.
|
||||||
|
*
|
||||||
|
* @param mimetype
|
||||||
|
* The mimetype of the data being send along the stream.
|
||||||
|
*
|
||||||
|
* @param name
|
||||||
|
* The name of the input stream (file) being requested.
|
||||||
|
*
|
||||||
|
* @return
|
||||||
|
* Zero on success, non-zero on error.
|
||||||
|
*/
|
||||||
|
int guac_sftp_put_handler(guac_client* client, guac_object* object,
|
||||||
|
guac_stream* stream, char* mimetype, char* name);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Handler for ack messages received due to receipt of a "body" or "blob"
|
||||||
|
* instruction associated with a SFTP directory list operation.
|
||||||
|
*
|
||||||
|
* @param client
|
||||||
|
* The client receiving the ack message.
|
||||||
|
*
|
||||||
|
* @param stream
|
||||||
|
* The Guacamole protocol stream associated with the received ack message.
|
||||||
|
*
|
||||||
|
* @param message
|
||||||
|
* An arbitrary human-readable message describing the nature of the
|
||||||
|
* success or failure denoted by this ack message.
|
||||||
|
*
|
||||||
|
* @param status
|
||||||
|
* The status code associated with this ack message, which may indicate
|
||||||
|
* success or an error.
|
||||||
|
*
|
||||||
|
* @return
|
||||||
|
* Zero on success, non-zero on error.
|
||||||
|
*/
|
||||||
|
int guac_sftp_ls_ack_handler(guac_client* client, guac_stream* stream,
|
||||||
|
char* message, guac_protocol_status status);
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
@ -476,6 +476,9 @@ void* ssh_client_thread(void* data) {
|
|||||||
/* Set file handler */
|
/* Set file handler */
|
||||||
client->file_handler = guac_sftp_file_handler;
|
client->file_handler = guac_sftp_file_handler;
|
||||||
|
|
||||||
|
/* Expose filesystem */
|
||||||
|
client_data->sftp_filesystem = guac_sftp_expose_filesystem(client);
|
||||||
|
|
||||||
guac_client_log(client, GUAC_LOG_DEBUG, "SFTP session initialized");
|
guac_client_log(client, GUAC_LOG_DEBUG, "SFTP session initialized");
|
||||||
|
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user