Skip to content

Commit

Permalink
Fixed pam tunnel start command
Browse files Browse the repository at this point in the history
  • Loading branch information
@idimov-keeper
idimov-keeper committed Jan 10, 2025
1 parent 32d7678 commit e74eabf
Show file tree
Hide file tree
Showing 2 changed files with 48 additions and 9 deletions.
56 changes: 47 additions & 9 deletions keepercommander/commands/discoveryrotation.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2725,7 +2725,7 @@ def setup_logging(self, convo_id, log_queue, logging_level):
logger.debug("Logging setup complete.")
return logger

async def connect(self, params, record_uid, convo_num, host, port,
async def connect(self, params, record_uid, gateway_uid, convo_num, host, port,
log_queue, seed, target_host, target_port, socks):

# Setup custom logging to put logs into log_queue
Expand Down Expand Up @@ -2756,7 +2756,7 @@ async def connect(self, params, record_uid, convo_num, host, port,
# Set up the pc
print_ready_event = asyncio.Event()
kill_server_event = asyncio.Event()
pc = WebRTCConnection(params=params, record_uid=record_uid, symmetric_key=symmetric_key,
pc = WebRTCConnection(params=params, record_uid=record_uid, gateway_uid=gateway_uid, symmetric_key=symmetric_key,
print_ready_event=print_ready_event, kill_server_event=kill_server_event,
logger=logger, server=params.server)

Expand Down Expand Up @@ -2792,7 +2792,7 @@ async def connect(self, params, record_uid, convo_num, host, port,
finally:
logger.debug("--> STOP LISTENING FOR MESSAGES FROM GATEWAY --------")

def pre_connect(self, params, record_uid, convo_num, host, port,
def pre_connect(self, params, record_uid, gateway_uid, convo_num, host, port,
seed, target_host, target_port, socks):
tunnel_name = f"{convo_num}"

Expand Down Expand Up @@ -2821,6 +2821,7 @@ def custom_exception_handler(_loop, context):
self.connect(
params=params,
record_uid=record_uid,
gateway_uid=gateway_uid,
convo_num=convo_num,
host=host,
port=port,
Expand Down Expand Up @@ -2892,12 +2893,12 @@ def execute(self, params, **kwargs):
micro_version = sys.version_info.micro

if (major_version, minor_version, micro_version) < (from_version[0], from_version[1], from_version[2]):
print(f"{bcolors.FAIL}This code requires Python {from_version[0]}.{from_version[1]}.{from_version[2]} or higher. "
print(f"{bcolors.FAIL}This command requires Python {from_version[0]}.{from_version[1]}.{from_version[2]} or higher. "
f"You are using {major_version}.{minor_version}.{micro_version}.{bcolors.ENDC}")
return
if (major_version, minor_version, micro_version) >= (tom_version[0], from_version[1], from_version[2]):
print(f"{bcolors.FAIL}This code requires Python {from_version[0]}.{from_version[1]}.{from_version[2]} or higher. "
f"You are using {major_version}.{minor_version}.{micro_version}.{bcolors.ENDC}")
if (major_version, minor_version, micro_version) >= (to_version[0], to_version[1], to_version[2]):
print(f"{bcolors.FAIL}This command is compatible with Python versions below {to_version[0]}.{to_version[1]}.{to_version[2]} "
f"(Current Python version: {major_version}.{minor_version}.{micro_version}){bcolors.ENDC}")
return

record_uid = kwargs.get('uid')
Expand Down Expand Up @@ -2963,8 +2964,19 @@ def execute(self, params, **kwargs):
base64_seed = client_private_seed.get_default_value(str).encode('utf-8')
seed = base64_to_bytes(base64_seed)

t = threading.Thread(target=self.pre_connect, args=(params, record_uid, convo_num, host, port,
seed, target_host, target_port, socks)
# gateway = kwargs.get('gateway_uid') # type: Optional[str]
# if gateway:
# gateways = gateway_helper.get_all_gateways(params)
# gateway_uid = next((utils.base64_url_encode(x.controllerUid) for x in gateways
# if utils.base64_url_encode(x.controllerUid) == gateway
# or x.controllerName.casefold() == gateway.casefold()), None)
gateway_uid = self.get_gateway_uid_from_record(params, record_uid)
if not gateway_uid:
print(f"{bcolors.FAIL}Gateway not found for record {record_uid}.{bcolors.ENDC}")
return

t = threading.Thread(target=self.pre_connect, args=(params, record_uid, gateway_uid, convo_num,
host, port, seed, target_host, target_port, socks)
)

# Setting the thread as a daemon thread
Expand Down Expand Up @@ -3056,3 +3068,29 @@ def print_fail(con_num):
else:
print_fail(convo_num)

def get_config_uid_from_record(self, params, record_uid):
record = vault.KeeperRecord.load(params, record_uid)
if not isinstance(record, vault.TypedRecord):
raise CommandError('', f"{bcolors.FAIL}Record {record_uid} not found.{bcolors.ENDC}")
record_type = record.record_type
if record_type not in ("pamMachine pamDatabase pamDirectory pamRemoteBrowser").split():
raise CommandError('', f"{bcolors.FAIL}This record's type is not supported for tunnels. "
f"Tunnels are only supported on pamMachine, pamDatabase, pamDirectory, "
f"and pamRemoteBrowser records{bcolors.ENDC}")

encrypted_session_token, encrypted_transmission_key, transmission_key = get_keeper_tokens(params)
existing_config_uid = get_config_uid(params, encrypted_session_token, encrypted_transmission_key, record_uid)
return existing_config_uid

def get_gateway_uid_from_record(self, params, record_uid):
gateway_uid = ''
pam_config_uid = self.get_config_uid_from_record(params, record_uid)
if pam_config_uid:
record = vault.KeeperRecord.load(params, pam_config_uid)
if record:
field = record.get_typed_field('pamResources')
value = field.get_default_value(dict)
if value:
gateway_uid = value.get('controllerUid', '') or ''

return gateway_uid
1 change: 1 addition & 0 deletions keepercommander/commands/tunnel/port_forward/endpoint.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -692,6 +692,7 @@ async def signal_channel(self, kind: str, base64_nonce: str):
'''
router_response = router_send_action_to_gateway(
params=self.params,
destination_gateway_uid_str=self.gateway_uid,
gateway_action=GatewayActionWebRTCSession(
inputs={
"recordUid": self.record_uid,
Expand Down

0 comments on commit e74eabf

Please sign in to comment.