webvirtcloud/console/novncd

#!/usr/bin/env python3

import os
import sys
import logging
import django

DIR_PATH = os.path.dirname(os.path.abspath(__file__))
ROOT_PATH = os.path.abspath(os.path.join(DIR_PATH, "..", ""))
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "webvirtcloud.settings")
CERT = DIR_PATH + "/cert.pem"

if ROOT_PATH not in sys.path:
    sys.path.append(ROOT_PATH)

django.setup()

import re
import socket

# from six.moves import http_cookies as Cookie
from http import cookies as Cookie
from webvirtcloud.settings import WS_PORT, WS_HOST, WS_CERT
from vrtManager.connection import CONN_SSH, CONN_SOCKET
from console.sshtunnels import SSHTunnels
from optparse import OptionParser

parser = OptionParser()

parser.add_option(
    "-v",
    "--verbose",
    dest="verbose",
    action="store_true",
    help="Verbose mode",
    default=False,
)

parser.add_option(
    "-d", "--debug", dest="debug", action="store_true", help="Debug mode", default=False
)

parser.add_option(
    "-H", "--host", dest="host", action="store", help="Listen host", default=WS_HOST
)

parser.add_option(
    "-p",
    "--port",
    dest="port",
    action="store",
    help="Listen port",
    default=WS_PORT or 6080,
)

parser.add_option(
    "-c",
    "--cert",
    dest="cert",
    action="store",
    help="Certificate file path",
    default=WS_CERT or CERT,
)

(options, args) = parser.parse_args()

FORMAT = "%(asctime)s - %(name)s - %(levelname)s : %(message)s"
if options.debug:
    logging.basicConfig(level=logging.DEBUG, format=FORMAT)
    options.verbose = True
elif options.verbose:
    logging.basicConfig(level=logging.INFO, format=FORMAT)
else:
    logging.basicConfig(level=logging.WARNING, format=FORMAT)

try:
    from websockify import WebSocketProxy

    try:
        from websockify import ProxyRequestHandler
    except ImportError:
        USE_HANDLER = False
    else:
        USE_HANDLER = True
except ImportError:
    try:
        from novnc.wsproxy import WebSocketProxy
    except ImportError:
        print("Unable to import a websockify implementation,\n please install one")
        sys.exit(1)
    else:
        USE_HANDLER = False


def get_connection_infos(token):
    from instances.models import Instance
    from vrtManager.instance import wvmInstance

    try:
        temptoken = token.split("-", 1)
        host = int(temptoken[0])
        uuid = temptoken[1]
        instance = Instance.objects.get(compute_id=host, uuid=uuid)
        conn = wvmInstance(
            instance.compute.hostname,
            instance.compute.login,
            instance.compute.password,
            instance.compute.type,
            instance.name,
        )
        if instance.compute.hostname.count(":"):
            connhost = instance.compute.hostname.split(":")[0]
            connport = instance.compute.hostname.split(":")[1]
        else:
            connhost = instance.compute.hostname
            connport = 22
        connuser = instance.compute.login
        conntype = instance.compute.type
        console_host = conn.get_console_listener_addr()
        console_port = conn.get_console_port()
        console_socket = conn.get_console_socket()
    except Exception as e:
        logging.error(
            "Fail to retrieve console connection infos for token %s : %s" % (token, e)
        )
        raise
    return (
        connhost,
        connport,
        connuser,
        conntype,
        console_host,
        console_port,
        console_socket,
    )


class CompatibilityMixIn(object):
    def _new_client(self, daemon, socket_factory):
        # NoVNC uses it's own convention that forward token
        # from the request to a cookie header, we should check
        # also for this behavior
        hcookie = self.headers.get("cookie")

        if hcookie:
            cookie = Cookie.SimpleCookie()
            for hcookie_part in hcookie.split(";"):
                hcookie_part = hcookie_part.lstrip()
                try:
                    cookie.load(hcookie_part)
                except Cookie.CookieError:
                    # NOTE(stgleb): Do not print out cookie content
                    # for security reasons.
                    self.msg("Found malformed cookie")
                else:
                    if "token" in cookie:
                        token = cookie["token"].value

        (
            connhost,
            connport,
            connuser,
            conntype,
            console_host,
            console_port,
            console_socket,
        ) = get_connection_infos(token)

        cnx_debug_msg = "Connection infos :\n"
        cnx_debug_msg += "- connhost : '%s'\n" % connhost
        cnx_debug_msg += "- connport : '%s'\n" % connport
        cnx_debug_msg += "- connuser : '%s'\n" % connuser
        cnx_debug_msg += "- conntype : '%s'\n" % conntype
        cnx_debug_msg += "- console_host : '%s'\n" % console_host
        cnx_debug_msg += "- console_port : '%s'\n" % console_port
        cnx_debug_msg += "- console_socket : '%s'\n" % console_socket
        logging.debug(cnx_debug_msg)

        if console_socket and conntype == CONN_SOCKET:
            # Local socket on local host
            self.msg("Try to open local socket %s" % console_socket)
            tsock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
            tsock.connect(console_socket)
        elif console_socket or re.match("^127\.", console_host):
            # Need tunnel to physical host
            if conntype != CONN_SSH:
                self.msg(
                    "Need a tunnel to access console but can't mount "
                    + "one because it's not a SSH host"
                )
                raise Exception(self.msg)
            try:
                # generate a string with all placeholders to avoid TypeErrors
                # in sprintf
                # https://github.com/retspen/webvirtmgr/pull/497
                error_msg = "Try to open tunnel on %s@%s:%s on console %s:%s "
                error_msg += "(or socket %s)"
                self.msg(
                    error_msg
                    % (
                        connuser,
                        connhost,
                        connport,
                        console_host,
                        console_port,
                        console_socket,
                    )
                )
                tunnel = SSHTunnels(
                    connhost,
                    connuser,
                    connport,
                    console_host,
                    console_port,
                    console_socket,
                )
                fd = tunnel.open_new()
                tunnel.unlock()
                tsock = socket.fromfd(fd, socket.AF_INET, socket.SOCK_STREAM)
            except Exception as e:
                self.msg("Fail to open tunnel : %s" % e)
                raise
            self.msg("Tunnel opened")
        else:
            # Direct access
            self.msg("connecting to: %s:%s" % (connhost, console_port))
            tsock = socket_factory(connhost, console_port, connect=True)
            tunnel = None

        if self.verbose and not daemon:
            print(self.traffic_legend)

        # Start proxying
        try:
            self.msg("Start proxying")
            self.do_proxy(tsock)
        except Exception:
            if tunnel:
                self.vmsg(
                    "%s:%s (via %s@%s:%s) : Websocket client or Target closed"
                    % (console_host, console_port, connuser, connhost, connport)
                )
                if tsock:
                    tsock.shutdown(socket.SHUT_RDWR)
                    tsock.close()
                tunnel.close_all()
            raise


if USE_HANDLER:

    class NovaProxyRequestHandler(ProxyRequestHandler, CompatibilityMixIn):
        def msg(self, *args, **kwargs):
            self.log_message(*args, **kwargs)

        def vmsg(self, *args, **kwargs):
            if self.verbose:
                self.msg(*args, **kwargs)

        def new_websocket_client(self):
            """
            Called after a new WebSocket connection has been established.
            """
            # Setup variable for compatibility
            daemon = self.server.daemon
            socket_factory = self.server.socket

            self._new_client(daemon, socket_factory)

else:

    class NovaWebSocketProxy(WebSocketProxy, CompatibilityMixIn):
        def new_client(self):
            """
            Called after a new WebSocket connection has been established.
            """
            # Setup variable for compatibility
            daemon = self.daemon
            socket_factory = self.socket

            self._new_client(daemon, socket_factory)


if __name__ == "__main__":
    if USE_HANDLER:
        # Create the WebSocketProxy with NovaProxyRequestHandler handler
        server = WebSocketProxy(
            RequestHandlerClass=NovaProxyRequestHandler,
            listen_host=options.host,
            listen_port=options.port,
            source_is_ipv6=False,
            verbose=options.verbose,
            cert=options.cert,
            key=None,
            ssl_only=False,
            daemon=False,
            record=False,
            web=False,
            traffic=False,
            target_host="ignore",
            target_port="ignore",
            wrap_mode="exit",
            wrap_cmd=None,
        )
    else:
        # Create the NovaWebSockets proxy
        server = NovaWebSocketProxy(
            listen_host=options.host,
            listen_port=options.port,
            source_is_ipv6=False,
            verbose=options.verbose,
            cert=options.cert,
            key=None,
            ssl_only=False,
            daemon=False,
            record=False,
            web=False,
            target_host="ignore",
            target_port="ignore",
            wrap_mode="exit",
            wrap_cmd=None,
        )
    server.start_server()