[UPdate] 更新coco

LICENSE

@@ -47,7 +47,7 @@ authors' sake, the GPL requires that modified versions be marked as
 changed, so that their problems will not be attributed erroneously to
 authors of previous versions.
 
-  Some devices are designed to deny users access to install or run
+  Some devices are designed to deny users access to install or start_worker
 modified versions of the software inside them, although the manufacturer
 can do so.  This is fundamentally incompatible with the aim of
 protecting users' freedom to change the software.  The systematic
@@ -129,11 +129,11 @@ implementation is available to the public in source code form.  A
 "Major Component", in this context, means a major essential component
 (kernel, window system, and so on) of the specific operating system
 (if any) on which the executable work runs, or a compiler used to
-produce the work, or an object code interpreter used to run it.
+produce the work, or an object code interpreter used to start_worker it.
 
   The "Corresponding Source" for a work in object code form means all
 the source code needed to generate, install, and (for an executable
-work) run the object code and to modify the work, including scripts to
+work) start_worker the object code and to modify the work, including scripts to
 control those activities.  However, it does not include the work's
 System Libraries, or general-purpose tools or generally available free
 programs which are used unmodified in performing those activities but
@@ -156,12 +156,12 @@ same work.
   All rights granted under this License are granted for the term of
 copyright on the Program, and are irrevocable provided the stated
 conditions are met.  This License explicitly affirms your unlimited
-permission to run the unmodified Program.  The output from running a
+permission to start_worker the unmodified Program.  The output from running a
 covered work is covered by this License only if the output, given its
 content, constitutes a covered work.  This License acknowledges your
 rights of fair use or other equivalent, as provided by copyright law.
 
-  You may make, run and propagate covered works that you do not
+  You may make, start_worker and propagate covered works that you do not
 convey, without conditions so long as your license otherwise remains
 in force.  You may convey covered works to others for the sole purpose
 of having them make modifications exclusively for you, or provide you
@@ -435,7 +435,7 @@ material under section 10.
   9. Acceptance Not Required for Having Copies.
 
   You are not required to accept this License in order to receive or
-run a copy of the Program.  Ancillary propagation of a covered work
+start_worker a copy of the Program.  Ancillary propagation of a covered work
 occurring solely as a consequence of using peer-to-peer transmission
 to receive a copy likewise does not require acceptance.  However,
 nothing other than this License grants you permission to propagate or
@@ -446,7 +446,7 @@ covered work, you indicate your acceptance of this License to do so.
   10. Automatic Licensing of Downstream Recipients.
 
   Each time you convey a covered work, the recipient automatically
-receives a license from the original licensors, to run, modify and
+receives a license from the original licensors, to start_worker, modify and
 propagate that work, subject to this License.  You are not responsible
 for enforcing compliance by third parties with this License.
 
@@ -486,7 +486,7 @@ this License.
 
   Each contributor grants you a non-exclusive, worldwide, royalty-free
 patent license under the contributor's essential patent claims, to
-make, use, sell, offer for sale, import and otherwise run, modify and
+make, use, sell, offer for sale, import and otherwise start_worker, modify and
 propagate the contents of its contributor version.
 
   In the following three paragraphs, a "patent license" is any express

README.md

@@ -31,7 +31,7 @@ Also some config you need kown:
 
 ## Start
 
-    # python run_server.py
+    # python start_server.py
 
 When your start ssh server, It will register with jumpserver api,
 

coco/app.py

@@ -18,7 +18,7 @@ from .httpd import HttpServer
 from .logger import create_logger
 from .tasks import TaskHandler
 from .recorder import get_command_recorder_class, ServerReplayRecorder
-from .utils import get_logger
+from .utils import get_logger, register_app, register_service
 
 
 __version__ = '1.3.0'
@@ -67,6 +67,7 @@ class Coco:
         self.replay_recorder_class = None
         self.command_recorder_class = None
         self._task_handler = None
+        register_app(self)
 
     @property
     def name(self):
@@ -79,12 +80,13 @@ class Coco:
     def service(self):
         if self._service is None:
             self._service = AppService(self)
+            register_service(self._service)
         return self._service
 
     @property
     def sshd(self):
         if self._sshd is None:
-            self._sshd = SSHServer(self)
+            self._sshd = SSHServer()
         return self._sshd
 
     @property

coco/ctx.py

+# -*- coding: utf-8 -*-
+#
+
+current_app = []
+current_service = []

coco/httpd.py

@@ -5,15 +5,13 @@ import os
 import socket
 import uuid
 import traceback
-from flask_socketio import SocketIO, Namespace, join_room, leave_room
+from flask_socketio import SocketIO, Namespace, join_room
 from flask import Flask, request, current_app, redirect
-from copy import deepcopy
 
 from .models import Request, Client, WSProxy
 from .proxy import ProxyServer
 from .utils import get_logger
 
-__version__ = '0.5.0'
 BASE_DIR = os.path.dirname(os.path.dirname(__file__))
 
 logger = get_logger(__file__)

coco/recorder.py

@@ -8,30 +8,16 @@ import time
 import os
 import gzip
 import json
-import shutil
 
 import jms_storage
 
-from .utils import get_logger
+from .utils import get_logger, Singleton
 from .alignment import MemoryQueue
 
 logger = get_logger(__file__)
 BUF_SIZE = 1024
 
 
-class Singleton(type):
-    def __init__(cls, *args, **kwargs):
-        cls.__instance = None
-        super().__init__(*args, **kwargs)
-
-    def __call__(cls, *args, **kwargs):
-        if cls.__instance is None:
-            cls.__instance = super().__call__(*args, **kwargs)
-            return cls.__instance
-        else:
-            return cls.__instance
-
-
 class ReplayRecorder(metaclass=abc.ABCMeta):
     def __init__(self, app, session=None):
         self.app = app

coco/sftp.py

@@ -34,7 +34,7 @@ class SFTPServer(paramiko.SFTPServerInterface):
                 self._sftp[host] = sftp
                 return sftp
             else:
-                raise OSError("Can not connect asset sftp server")
+                raise OSError("Can not connect asset sftp server: {}".format(msg))
         else:
             return self._sftp[host]
 

coco/sshd.py

@@ -5,9 +5,12 @@
 import os
 import socket
 import threading
+import random
 import paramiko
+from multiprocessing.reduction import recv_handle, send_handle
+from multiprocessing import Process, Pipe
 
-from .utils import ssh_key_gen, get_logger
+from .utils import ssh_key_gen, get_logger, get_app
 from .interface import SSHInterface
 from .interactive import InteractiveServer
 from .models import Client, Request
@@ -19,11 +22,15 @@ BACKLOG = 5
 
 class SSHServer:
 
-    def __init__(self, app):
-        self.app = app
+    def __init__(self):
         self.stop_evt = threading.Event()
-        self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
         self.host_key_path = os.path.join(self.app.root_path, 'keys', 'host_rsa_key')
+        self.workers = []
+        self.pipe = None
+
+    @property
+    def app(self):
+        return get_app()
 
     @property
     def host_key(self):
@@ -36,22 +43,45 @@ class SSHServer:
         with open(self.host_key_path, 'w') as f:
             f.write(ssh_key)
 
-    def run(self):
+    def start_worker(self, in_pipe, out_pipe):
+        print("APP: {}".format(self.app))
+        print("APP sessions: {}".format(self.app))
+        out_pipe.close()
+        while not self.stop_evt.is_set():
+            fd = recv_handle(in_pipe)
+            sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, fileno=fd)
+            addr = sock.getpeername()
+            thread = threading.Thread(target=self.handle_connection, args=(sock, addr))
+            thread.daemon = True
+            thread.start()
+
+    def start_server(self, in_pipe, out_pipe, workers):
+        in_pipe.close()
         host = self.app.config["BIND_HOST"]
         port = self.app.config["SSHD_PORT"]
         print('Starting ssh server at {}:{}'.format(host, port))
-        self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
-        self.sock.bind((host, port))
-        self.sock.listen(BACKLOG)
+        sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+        sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
+        sock.bind((host, port))
+        sock.listen(BACKLOG)
+
         while not self.stop_evt.is_set():
-            try:
-                sock, addr = self.sock.accept()
-                logger.info("Get ssh request from {}: {}".format(addr[0], addr[1]))
-                thread = threading.Thread(target=self.handle_connection, args=(sock, addr))
-                thread.daemon = True
-                thread.start()
-            except Exception as e:
-                logger.error("Start SSH server error: {}".format(e))
+            client, addr = sock.accept()
+            logger.info("Get ssh request from {}".format(addr))
+            send_handle(out_pipe, client.fileno(), random.choice(workers).pid)
+            client.close()
+
+    def run(self):
+        in_pipe, out_pipe = Pipe()
+        self.pipe = (in_pipe, out_pipe)
+        workers = []
+        for i in range(4):
+            worker = Process(target=self.start_worker, args=(in_pipe, out_pipe))
+            worker.start()
+            workers.append(worker)
+        self.start_server(in_pipe, out_pipe, workers)
+        in_pipe.close()
+        out_pipe.close()
 
     def handle_connection(self, sock, addr):
         transport = paramiko.Transport(sock, gss_kex=False)

coco/utils.py

@@ -15,10 +15,24 @@ import paramiko
 import pyte
 
 from . import char
+from .ctx import current_app, current_service
 
 BASE_DIR = os.path.abspath(os.path.dirname(os.path.dirname(__file__)))
 
 
+class Singleton(type):
+    def __init__(cls, *args, **kwargs):
+        cls.__instance = None
+        super().__init__(*args, **kwargs)
+
+    def __call__(cls, *args, **kwargs):
+        if cls.__instance is None:
+            cls.__instance = super().__call__(*args, **kwargs)
+            return cls.__instance
+        else:
+            return cls.__instance
+
+
 def ssh_key_string_to_obj(text, password=None):
     key = None
     try:
@@ -355,4 +369,26 @@ def net_input(client, prompt='Opt> ', sensitive=False):
             input_data.append(data)
 
 
+def register_app(app):
+    current_app.insert(0, app)
+
+
+def register_service(service):
+    current_service.insert(0, service)
+
+
+def get_app():
+    if current_app:
+        return current_app[0]
+    else:
+        raise ValueError("App not found")
+
+
+def get_service():
+    if current_service:
+        return current_app[0]
+    else:
+        raise ValueError("Service not found")
+
+
 ugettext = _gettext()

cocod

@@ -126,7 +126,7 @@ if __name__ == '__main__':
     parser.add_argument(
         'action', type=str, default='start',
         choices=("start", "stop", "restart", "status"),
-        help="Action to run"
+        help="Action to start_worker"
     )
 
     parser.add_argument('-d', '--daemon', nargs="?", const=1)

requirements/requirements.txt

@@ -28,7 +28,7 @@ psutil==5.4.1
 pyasn1==0.4.2
 pycparser==2.18
 PyNaCl==1.2.1
-pyte==0.7.0
+pyte==0.8.0
 python-dateutil==2.6.1
 python-engineio==2.1.0
 python-gssapi==0.6.4