bitinflow/expose
1
0
Fork 0
mirror of https://github.com/bitinflow/expose.git synced 2026-03-13 13:35:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add ability to expose TCP connections (#123)

Browse Source
This commit is contained in:
Marcel Pociot
2020-09-08 16:27:39 +02:00
committed by GitHub
parent c8cfe7b8b4
commit 2f57fa1952
29 changed files with 1430 additions and 1159 deletions
Download Patch File Download Diff File Expand all files Collapse all files

75
app/Server/Connections/ConnectionManager.php
View File

@@ -5,8 +5,10 @@ namespace App\Server\Connections;
use App\Contracts\ConnectionManager as ConnectionManagerContract;
use App\Contracts\SubdomainGenerator;
use App\Http\QueryParameters;
use App\Server\Exceptions\NoFreePortAvailable;
use Ratchet\ConnectionInterface;
use React\EventLoop\LoopInterface;
use React\Socket\Server;
class ConnectionManager implements ConnectionManagerContract
{
@@ -60,6 +62,49 @@ class ConnectionManager implements ConnectionManagerContract
return $storedConnection;
}
public function storeTcpConnection(int $port, ConnectionInterface $connection): ControlConnection
{
$clientId = (string) uniqid();
$connection->client_id = $clientId;
$storedConnection = new TcpControlConnection(
$connection,
$port,
$this->getSharedTcpServer(),
$clientId,
$this->getAuthTokenFromConnection($connection)
);
$this->connections[] = $storedConnection;
return $storedConnection;
}
protected function getSharedTcpServer(): Server
{
$portRange = config('expose.admin.tcp_port_range');
$port = $portRange['from'] ?? 50000;
$maxPort = $portRange['to'] ?? 60000;
do {
try {
$portFound = true;
$server = new Server('0.0.0.0:'.$port, $this->loop);
} catch (\RuntimeException $exception) {
$portFound = false;
$port++;
if ($port > $maxPort) {
throw new NoFreePortAvailable();
}
}
} while (! $portFound);
return $server;
}
public function storeHttpConnection(ConnectionInterface $httpConnection, $requestId): HttpConnection
{
$this->httpConnections[$requestId] = new HttpConnection($httpConnection);
@@ -82,6 +127,16 @@ class ConnectionManager implements ConnectionManagerContract
if (isset($connection->client_id)) {
$clientId = $connection->client_id;
$controlConnection = collect($this->connections)->first(function ($connection) use ($clientId) {
return $connection->client_id == $clientId;
});
if ($controlConnection instanceof TcpControlConnection) {
$controlConnection->stop();
$controlConnection = null;
}
$this->connections = collect($this->connections)->reject(function ($connection) use ($clientId) {
return $connection->client_id == $clientId;
})->toArray();
@@ -118,9 +173,29 @@ class ConnectionManager implements ConnectionManagerContract
->filter(function ($connection) use ($authToken) {
return $connection->authToken === $authToken;
})
->filter(function ($connection) {
return get_class($connection) === ControlConnection::class;
})
->map(function ($connection) {
return $connection->toArray();
})
->values()
->toArray();
}
public function getTcpConnectionsForAuthToken(string $authToken): array
{
return collect($this->connections)
->filter(function ($connection) use ($authToken) {
return $connection->authToken === $authToken;
})
->filter(function ($connection) {
return get_class($connection) === TcpControlConnection::class;
})
->map(function ($connection) {
return $connection->toArray();
})
->values()
->toArray();
}
}

1
app/Server/Connections/ControlConnection.php
View File

@@ -57,6 +57,7 @@ class ControlConnection
public function toArray()
{
return [
'type' => 'http',
'host' => $this->host,
'client_id' => $this->client_id,
'auth_token' => $this->authToken,

107
app/Server/Connections/TcpControlConnection.php Normal file
View File

@@ -0,0 +1,107 @@
<?php
namespace App\Server\Connections;
use Ratchet\ConnectionInterface;
use Ratchet\RFC6455\Messaging\Frame;
use React\Socket\Server;
class TcpControlConnection extends ControlConnection
{
public $proxy;
public $proxyConnection;
public $port;
public $shared_port;
public $shared_server;
public function __construct(ConnectionInterface $socket, int $port, Server $sharedServer, string $clientId, string $authToken = '')
{
$this->socket = $socket;
$this->client_id = $clientId;
$this->shared_server = $sharedServer;
$this->port = $port;
$this->shared_at = now()->toDateTimeString();
$this->shared_port = parse_url($sharedServer->getAddress(), PHP_URL_PORT);
$this->authToken = $authToken;
$this->configureServer($sharedServer);
}
public function setMaximumConnectionLength(int $maximumConnectionLength)
{
$this->socket->send(json_encode([
'event' => 'setMaximumConnectionLength',
'data' => [
'length' => $maximumConnectionLength,
],
]));
}
public function registerProxy($requestId)
{
$this->socket->send(json_encode([
'event' => 'createProxy',
'data' => [
'request_id' => $requestId,
'client_id' => $this->client_id,
],
]));
}
public function registerTcpProxy($requestId)
{
$this->socket->send(json_encode([
'event' => 'createTcpProxy',
'data' => [
'port' => $this->port,
'tcp_request_id' => $requestId,
'client_id' => $this->client_id,
],
]));
}
public function stop()
{
$this->shared_server->close();
$this->shared_server = null;
}
public function close()
{
$this->socket->close();
}
public function toArray()
{
return [
'type' => 'tcp',
'port' => $this->port,
'client_id' => $this->client_id,
'shared_port' => $this->shared_port,
'shared_at' => $this->shared_at,
];
}
protected function configureServer(Server $sharedServer)
{
$requestId = uniqid();
$sharedServer->on('connection', function (\React\Socket\ConnectionInterface $connection) use ($requestId) {
$this->proxyConnection = $connection;
$this->once('tcp_proxy_ready_'.$requestId, function (ConnectionInterface $proxy) use ($connection) {
$this->proxy = $proxy;
$connection->on('data', function ($data) use ($proxy) {
$binaryMsg = new Frame($data, true, Frame::OP_BINARY);
$proxy->send($binaryMsg);
});
$connection->resume();
});
$connection->pause();
$this->registerTcpProxy($requestId);
});
}
}

7
app/Server/Exceptions/NoFreePortAvailable.php Normal file
View File

@@ -0,0 +1,7 @@
<?php
namespace App\Server\Exceptions;
class NoFreePortAvailable extends \Exception
{
}

6
app/Server/Factory.php
View File

@@ -10,11 +10,14 @@ use App\Http\Server as HttpServer;
use App\Server\Connections\ConnectionManager;
use App\Server\Http\Controllers\Admin\DeleteUsersController;
use App\Server\Http\Controllers\Admin\DisconnectSiteController;
use App\Server\Http\Controllers\Admin\DisconnectTcpConnectionController;
use App\Server\Http\Controllers\Admin\GetSettingsController;
use App\Server\Http\Controllers\Admin\GetSitesController;
use App\Server\Http\Controllers\Admin\GetTcpConnectionsController;
use App\Server\Http\Controllers\Admin\GetUserDetailsController;
use App\Server\Http\Controllers\Admin\GetUsersController;
use App\Server\Http\Controllers\Admin\ListSitesController;
use App\Server\Http\Controllers\Admin\ListTcpConnectionsController;
use App\Server\Http\Controllers\Admin\ListUsersController;
use App\Server\Http\Controllers\Admin\RedirectToUsersController;
use App\Server\Http\Controllers\Admin\ShowSettingsController;
@@ -120,6 +123,7 @@ class Factory
$this->router->get('/users', ListUsersController::class, $adminCondition);
$this->router->get('/settings', ShowSettingsController::class, $adminCondition);
$this->router->get('/sites', ListSitesController::class, $adminCondition);
$this->router->get('/tcp', ListTcpConnectionsController::class, $adminCondition);
$this->router->get('/api/settings', GetSettingsController::class, $adminCondition);
$this->router->post('/api/settings', StoreSettingsController::class, $adminCondition);
@@ -129,6 +133,8 @@ class Factory
$this->router->delete('/api/users/{id}', DeleteUsersController::class, $adminCondition);
$this->router->get('/api/sites', GetSitesController::class, $adminCondition);
$this->router->delete('/api/sites/{id}', DisconnectSiteController::class, $adminCondition);
$this->router->get('/api/tcp', GetTcpConnectionsController::class, $adminCondition);
$this->router->delete('/api/tcp/{id}', DisconnectTcpConnectionController::class, $adminCondition);
}
protected function bindConfiguration()

42
app/Server/Http/Controllers/Admin/DisconnectTcpConnectionController.php Normal file
View File

@@ -0,0 +1,42 @@
<?php
namespace App\Server\Http\Controllers\Admin;
use App\Contracts\ConnectionManager;
use App\Server\Configuration;
use App\Server\Connections\TcpControlConnection;
use Illuminate\Http\Request;
use Ratchet\ConnectionInterface;
class DisconnectTcpConnectionController extends AdminController
{
/** @var ConnectionManager */
protected $connectionManager;
/** @var Configuration */
protected $configuration;
public function __construct(ConnectionManager $connectionManager)
{
$this->connectionManager = $connectionManager;
}
public function handle(Request $request, ConnectionInterface $httpConnection)
{
$connection = $this->connectionManager->findControlConnectionForClientId($request->get('id'));
if (! is_null($connection)) {
$connection->close();
$this->connectionManager->removeControlConnection($connection);
}
$httpConnection->send(respond_json([
'tcp_connections' => collect($this->connectionManager->getConnections())
->filter(function ($connection) {
return get_class($connection) === TcpControlConnection::class;
})
->values(),
]));
}
}

15
app/Server/Http/Controllers/Admin/GetSitesController.php
View File

@@ -4,6 +4,7 @@ namespace App\Server\Http\Controllers\Admin;
use App\Contracts\ConnectionManager;
use App\Server\Configuration;
use App\Server\Connections\ControlConnection;
use Illuminate\Http\Request;
use Ratchet\ConnectionInterface;
@@ -23,12 +24,16 @@ class GetSitesController extends AdminController
{
$httpConnection->send(
respond_json([
'sites' => collect($this->connectionManager->getConnections())->map(function ($site, $siteId) {
$site = $site->toArray();
$site['id'] = $siteId;
'sites' => collect($this->connectionManager->getConnections())
->filter(function ($connection) {
return get_class($connection) === ControlConnection::class;
})
->map(function ($site, $siteId) {
$site = $site->toArray();
$site['id'] = $siteId;
return $site;
})->values(),
return $site;
})->values(),
])
);
}

41
app/Server/Http/Controllers/Admin/GetTcpConnectionsController.php Normal file
View File

@@ -0,0 +1,41 @@
<?php
namespace App\Server\Http\Controllers\Admin;
use App\Contracts\ConnectionManager;
use App\Server\Configuration;
use App\Server\Connections\TcpControlConnection;
use Illuminate\Http\Request;
use Ratchet\ConnectionInterface;
class GetTcpConnectionsController extends AdminController
{
/** @var ConnectionManager */
protected $connectionManager;
/** @var Configuration */
protected $configuration;
public function __construct(ConnectionManager $connectionManager, Configuration $configuration)
{
$this->connectionManager = $connectionManager;
}
public function handle(Request $request, ConnectionInterface $httpConnection)
{
$httpConnection->send(
respond_json([
'tcp_connections' => collect($this->connectionManager->getConnections())
->filter(function ($connection) {
return get_class($connection) === TcpControlConnection::class;
})
->map(function ($site, $siteId) {
$site = $site->toArray();
$site['id'] = $siteId;
return $site;
})
->values(),
])
);
}
}

16
app/Server/Http/Controllers/Admin/ListSitesController.php
View File

@@ -4,6 +4,7 @@ namespace App\Server\Http\Controllers\Admin;
use App\Contracts\ConnectionManager;
use App\Server\Configuration;
use App\Server\Connections\ControlConnection;
use Illuminate\Http\Request;
use Ratchet\ConnectionInterface;
@@ -25,12 +26,17 @@ class ListSitesController extends AdminController
$sites = $this->getView($httpConnection, 'server.sites.index', [
'scheme' => $this->configuration->port() === 443 ? 'https' : 'http',
'configuration' => $this->configuration,
'sites' => collect($this->connectionManager->getConnections())->map(function ($site, $siteId) {
$site = $site->toArray();
$site['id'] = $siteId;
'sites' => collect($this->connectionManager->getConnections())
->filter(function ($connection) {
return get_class($connection) === ControlConnection::class;
})
->map(function ($site, $siteId) {
$site = $site->toArray();
$site['id'] = $siteId;
return $site;
})->values(),
return $site;
})
->values(),
]);
$httpConnection->send(

46
app/Server/Http/Controllers/Admin/ListTcpConnectionsController.php Normal file
View File

@@ -0,0 +1,46 @@
<?php
namespace App\Server\Http\Controllers\Admin;
use App\Contracts\ConnectionManager;
use App\Server\Configuration;
use App\Server\Connections\TcpControlConnection;
use Illuminate\Http\Request;
use Ratchet\ConnectionInterface;
class ListTcpConnectionsController extends AdminController
{
/** @var ConnectionManager */
protected $connectionManager;
/** @var Configuration */
protected $configuration;
public function __construct(ConnectionManager $connectionManager, Configuration $configuration)
{
$this->connectionManager = $connectionManager;
$this->configuration = $configuration;
}
public function handle(Request $request, ConnectionInterface $httpConnection)
{
$sites = $this->getView($httpConnection, 'server.tcp.index', [
'scheme' => $this->configuration->port() === 443 ? 'https' : 'http',
'configuration' => $this->configuration,
'connections' => collect($this->connectionManager->getConnections())
->filter(function ($connection) {
return get_class($connection) === TcpControlConnection::class;
})
->map(function ($connection, $connectionId) {
$connection = $connection->toArray();
$connection['id'] = $connectionId;
return $connection;
})
->values(),
]);
$httpConnection->send(
respond_html($sites)
);
}
}

1
app/Server/Http/Controllers/Admin/StoreUsersController.php
View File

@@ -40,6 +40,7 @@ class StoreUsersController extends AdminController
'name' => $request->get('name'),
'auth_token' => (string) Str::uuid(),
'can_specify_subdomains' => (int) $request->get('can_specify_subdomains'),
'can_share_tcp_ports' => (int) $request->get('can_share_tcp_ports'),
];
$this->userRepository

104
app/Server/Http/Controllers/ControlMessageController.php
View File

@@ -5,6 +5,7 @@ namespace App\Server\Http\Controllers;
use App\Contracts\ConnectionManager;
use App\Contracts\UserRepository;
use App\Http\QueryParameters;
use App\Server\Exceptions\NoFreePortAvailable;
use Ratchet\ConnectionInterface;
use Ratchet\WebSocket\MessageComponentInterface;
use React\Promise\Deferred;
@@ -53,6 +54,10 @@ class ControlMessageController implements MessageComponentInterface
if (isset($connection->request_id)) {
return $this->sendResponseToHttpConnection($connection->request_id, $msg);
}
if (isset($connection->tcp_request_id)) {
$connectionInfo = $this->connectionManager->findControlConnectionForClientId($connection->tcp_client_id);
$connectionInfo->proxyConnection->write($msg);
}
try {
$payload = json_decode($msg);
@@ -77,22 +82,11 @@ class ControlMessageController implements MessageComponentInterface
{
$this->verifyAuthToken($connection)
->then(function ($user) use ($connection, $data) {
if (! $this->hasValidSubdomain($connection, $data->subdomain, $user)) {
return;
if ($data->type === 'http') {
$this->handleHttpConnection($connection, $data, $user);
} elseif ($data->type === 'tcp') {
$this->handleTcpConnection($connection, $data, $user);
}
$connectionInfo = $this->connectionManager->storeConnection($data->host, $data->subdomain, $connection);
$this->connectionManager->limitConnectionLength($connectionInfo, config('expose.admin.maximum_connection_length'));
$connection->send(json_encode([
'event' => 'authenticated',
'data' => [
'message' => config('expose.admin.messages.message_of_the_day'),
'subdomain' => $connectionInfo->subdomain,
'client_id' => $connectionInfo->client_id,
],
]));
}, function () use ($connection) {
$connection->send(json_encode([
'event' => 'authenticationFailed',
@@ -104,6 +98,57 @@ class ControlMessageController implements MessageComponentInterface
});
}
protected function handleHttpConnection(ConnectionInterface $connection, $data, $user = null)
{
if (! $this->hasValidSubdomain($connection, $data->subdomain, $user)) {
return;
}
$connectionInfo = $this->connectionManager->storeConnection($data->host, $data->subdomain, $connection);
$this->connectionManager->limitConnectionLength($connectionInfo, config('expose.admin.maximum_connection_length'));
$connection->send(json_encode([
'event' => 'authenticated',
'data' => [
'message' => config('expose.admin.messages.message_of_the_day'),
'subdomain' => $connectionInfo->subdomain,
'client_id' => $connectionInfo->client_id,
],
]));
}
protected function handleTcpConnection(ConnectionInterface $connection, $data, $user = null)
{
if (! $this->canShareTcpPorts($connection, $data, $user)) {
return;
}
try {
$connectionInfo = $this->connectionManager->storeTcpConnection($data->port, $connection);
} catch (NoFreePortAvailable $exception) {
$connection->send(json_encode([
'event' => 'authenticationFailed',
'data' => [
'message' => config('expose.admin.messages.no_free_tcp_port_available'),
],
]));
$connection->close();
return;
}
$connection->send(json_encode([
'event' => 'authenticated',
'data' => [
'message' => config('expose.admin.messages.message_of_the_day'),
'port' => $connectionInfo->port,
'shared_port' => $connectionInfo->shared_port,
'client_id' => $connectionInfo->client_id,
],
]));
}
protected function registerProxy(ConnectionInterface $connection, $data)
{
$connection->request_id = $data->request_id;
@@ -115,6 +160,18 @@ class ControlMessageController implements MessageComponentInterface
]);
}
protected function registerTcpProxy(ConnectionInterface $connection, $data)
{
$connection->tcp_client_id = $data->client_id;
$connection->tcp_request_id = $data->tcp_request_id;
$connectionInfo = $this->connectionManager->findControlConnectionForClientId($data->client_id);
$connectionInfo->emit('tcp_proxy_ready_'.$data->tcp_request_id, [
$connection,
]);
}
/**
* {@inheritdoc}
*/
@@ -180,4 +237,21 @@ class ControlMessageController implements MessageComponentInterface
return true;
}
protected function canShareTcpPorts(ConnectionInterface $connection, $data, $user)
{
if (! is_null($user) && $user['can_share_tcp_ports'] === 0) {
$connection->send(json_encode([
'event' => 'authenticationFailed',
'data' => [
'message' => config('expose.admin.messages.custom_subdomain_unauthorized'),
],
]));
$connection->close();
return false;
}
return true;
}
}

5
app/Server/UserRepository/DatabaseUserRepository.php
View File

@@ -72,6 +72,7 @@ class DatabaseUserRepository implements UserRepository
protected function getUserDetails(array $user)
{
$user['sites'] = $user['auth_token'] !== '' ? $this->connectionManager->getConnectionsForAuthToken($user['auth_token']) : [];
$user['tcp_connections'] = $user['auth_token'] !== '' ? $this->connectionManager->getTcpConnectionsForAuthToken($user['auth_token']) : [];
return $user;
}
@@ -113,8 +114,8 @@ class DatabaseUserRepository implements UserRepository
$deferred = new Deferred();
$this->database->query("
INSERT INTO users (name, auth_token, can_specify_subdomains, created_at)
VALUES (:name, :auth_token, :can_specify_subdomains, DATETIME('now'))
INSERT INTO users (name, auth_token, can_specify_subdomains, can_share_tcp_ports, created_at)
VALUES (:name, :auth_token, :can_specify_subdomains, :can_share_tcp_ports, DATETIME('now'))
", $data)
->then(function (Result $result) use ($deferred) {
$this->database->query('SELECT * FROM users WHERE id = :id', ['id' => $result->insertId])