15
15
# along with this program; if not, write to the Free Software
16
16
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
19
# Author: Matt Giuca, Tom Conway
18
# Author: Matt Giuca, Tom Conway, Will Grant
20
'''Python console RPC service.
22
Provides an HTTP RPC interface to a Python console process.
32
from common import (util, studpath, chat)
36
trampoline_path = os.path.join(conf.ivle_install_dir, "bin/trampoline")
37
python_path = "/usr/bin/python" # Within jail
38
console_dir = "/opt/ivle/scripts" # Within jail
39
console_path = "/opt/ivle/scripts/python-console" # Within jail
42
"""Handler for the Console Service AJAX backend application."""
43
if len(req.path) > 0 and req.path[-1] == os.sep:
47
# The path determines which "command" we are receiving
48
if req.path == "start":
50
elif req.path == "interrupt":
51
handle_chat(req, kind='interrupt')
52
elif req.path == "chat":
54
elif req.path == "block":
55
handle_chat(req, kind="block")
57
req.throw_error(req.HTTP_BAD_REQUEST)
59
def handle_start(req):
60
# Changes the state on the server - must be POST
61
if req.method != "POST":
62
req.throw_error(req.HTTP_BAD_REQUEST)
64
# See if we have been given extra params
65
fields = req.get_fieldstorage()
67
startdir = fields.getfirst("startdir").value
68
working_dir = os.path.join("/home", req.user.login, startdir)
69
except AttributeError:
70
working_dir = os.path.join("/home", req.user.login)
72
# Get the UID of the logged-in user
75
# Set request attributes
76
req.content_type = "text/plain"
77
req.write_html_head_foot = False
80
jail_path = os.path.join(conf.jail_base, req.user.login)
81
(host, port, magic) = start_console(uid, jail_path, working_dir)
83
# Assemble the key and return it.
84
key = cjson.encode({"host": host, "port": port, "magic": magic})
85
req.write(cjson.encode(key.encode("hex")))
87
def handle_chat(req, kind = "chat"):
88
# The request *should* have the following four fields:
89
# host, port, magic: Host and port where the console server lives,
90
# and the secret to use to digitally sign the communication with the
92
# text: Fields to pass along to the console server
93
# It simply acts as a proxy to the console server
94
if req.method != "POST":
95
req.throw_error(req.HTTP_BAD_REQUEST)
96
jail_path = os.path.join(conf.jail_base, req.user.login)
97
working_dir = os.path.join("/home", req.user.login) # Within jail
99
fields = req.get_fieldstorage()
101
key = cjson.decode(fields.getfirst("key").value.decode("hex"))
105
except AttributeError:
106
# Any of the getfirsts returned None
107
req.throw_error(req.HTTP_BAD_REQUEST)
108
# If text is None, it was probably just an empty line
110
text = fields.getfirst("text").value.decode('utf-8')
111
except AttributeError:
114
msg = {'cmd':kind, 'text':text}
116
response = chat.chat(host, port, msg, magic, decode = False)
118
# Snoop the response from python-console to check that it's valid
120
decoded_response = cjson.decode(response)
121
except cjson.DecodeError:
122
# Could not decode the reply from the python-console server
123
decoded_response = {"restart":
124
"Could not understand servers reply"}
125
if "restart" in decoded_response:
126
response = restart_console(uid, jail_path, working_dir,
127
decoded_response["restart"])
129
except socket.error, (enumber, estring):
130
if enumber == errno.ECONNREFUSED:
131
# Timeout: Restart the session
132
response = restart_console(uid, jail_path, working_dir,
133
"The IVLE console has timed out due to inactivity")
135
# Some other error - probably serious
136
raise socket.error, (enumber, estring)
138
req.content_type = "text/plain"
141
def start_console(uid, jail_path, working_dir):
142
"""Starts up a console service for user uid, inside chroot jail jail_path
143
with work directory of working_dir
144
Returns a tupple (host, port, magic)
147
# TODO: Figure out the host name the console server is running on.
148
host = socket.gethostname()
152
magic = md5.new(uuid.uuid4().bytes).digest().encode('hex')
154
# Try to find a free port on the server.
155
# Just try some random ports in the range [3000,8000)
156
# until we either succeed, or give up. If you think this
157
# sounds risky, it isn't:
158
# For N ports (e.g. 5000) with k (e.g. 100) in use, the
159
# probability of failing to find a free port in t (e.g. 5) tries
160
# is (k / N) ** t (e.g. 3.2*10e-9).
164
port = int(random.uniform(3000, 8000))
166
# Start the console server (port, magic)
167
# trampoline usage: tramp uid jail_dir working_dir script_path args
168
# console usage: python-console port magic
169
cmd = ' '.join([trampoline_path, str(uid), jail_path,
170
console_dir, python_path, console_path,
171
str(port), str(magic), working_dir])
181
# If we can't start the console after 5 attemps (can't find a free port
182
# during random probing, syntax errors, segfaults) throw an exception.
184
raise Exception, "unable to start console service!"
186
return (host, port, magic)
35
from ivle.webapp.base.views import JSONRESTView, named_operation
37
# XXX: Should be RPC view, with actions in URL?
38
class ConsoleServiceRESTView(JSONRESTView):
39
'''An RPC interface to a Python console.'''
41
def start(self, req, cwd=''):
42
working_dir = os.path.join("/home", req.user.login, cwd)
47
jail_path = os.path.join(ivle.conf.jail_base, req.user.login)
48
cons = ivle.console.Console(uid, jail_path, working_dir)
50
# Assemble the key and return it. Yes, it is double-encoded.
51
return {'key': cjson.encode({"host": cons.host,
53
"magic": cons.magic}).encode('hex')}
56
def chat(self, req, key, text='', kind="chat"):
57
# The request *should* have the following four fields:
58
# key: Hex JSON dict of host and port where the console server lives,
59
# and the secret to use to digitally sign the communication with the
61
# text: Fields to pass along to the console server
62
# It simply acts as a proxy to the console server
65
keydict = cjson.decode(key.decode('hex'))
66
host = keydict['host']
67
port = keydict['port']
68
magic = keydict['magic']
70
raise BadRequest("Invalid console key.")
72
jail_path = os.path.join(ivle.conf.jail_base, req.user.login)
73
working_dir = os.path.join("/home", req.user.login) # Within jail
76
msg = {'cmd':kind, 'text':text}
78
json_response = ivle.chat.chat(host, port, msg, magic,decode=False)
80
# Snoop the response from python-console to check that it's valid
82
response = cjson.decode(json_response)
83
except cjson.DecodeError:
84
# Could not decode the reply from the python-console server
85
response = {"terminate":
86
"Communication to console process lost"}
87
if "terminate" in response:
88
response = restart_console(uid, jail_path, working_dir,
89
response["terminate"])
90
except socket.error, (enumber, estring):
91
if enumber == errno.ECONNREFUSED:
92
# Timeout: Restart the session
93
response = restart_console(uid, jail_path, working_dir,
94
"The IVLE console has timed out due to inactivity")
95
elif enumber == errno.ECONNRESET:
96
# Communication issue: Restart the session
97
response = restart_console(uid, jail_path, working_dir,
98
"Connection with the console has been reset")
100
# Some other error - probably serious
101
raise socket.error, (enumber, estring)
188
105
def restart_console(uid, jail_path, working_dir, reason):
189
106
"""Tells the client that it must be issued a new console since the old
added
removed
ivle/webapp/console/service.py
