From 16ad4e776feab656a5ce5066658882dcf410af63 Mon Sep 17 00:00:00 2001 From: tkucherera Date: Fri, 26 Jan 2024 12:39:25 -0500 Subject: [PATCH 1/2] opening web ui using default ip --- confluent_server/confluent/httpapi.py | 47 ++++++++++++++++++++++++++- 1 file changed, 46 insertions(+), 1 deletion(-) diff --git a/confluent_server/confluent/httpapi.py b/confluent_server/confluent/httpapi.py index f36f2c73..4688ddd5 100644 --- a/confluent_server/confluent/httpapi.py +++ b/confluent_server/confluent/httpapi.py @@ -618,6 +618,31 @@ def resourcehandler(env, start_response): yield '500 - ' + str(e) return +def targ_ip_family(targip, first_pass=True): + # check ipv4 + try: + socket.inet_aton(targip) + return 'is_ipv4' + except socket.error: + pass + # check ipv6 + try: + check_ip = targip + if '%' in targip: + check_ip = targip.split('%')[0] + socket.inet_pton(socket.AF_INET6, check_ip) + return 'is_ipv6' + except socket.error: + # at this point we now know its not both ipv6 or ipv4 so we check if its hostname + if first_pass: + try: + ip_address = socket.gethostbyname(targip) + return targ_ip_family(ip_address, False) + except socket.gaierror: + return 'Cant figure that guy' + else: + return 'Cant figure it out' + def resourcehandler_backend(env, start_response): """Function to handle new wsgi requests @@ -728,7 +753,13 @@ def resourcehandler_backend(env, start_response): elif (env['PATH_INFO'].endswith('/forward/web') and env['PATH_INFO'].startswith('/nodes/')): prefix, _, _ = env['PATH_INFO'].partition('/forward/web') - _, _, nodename = prefix.rpartition('/') + #_, _, nodename = prefix.rpartition('/') + default = False + if 'default' in env['PATH_INFO']: + default = True + _,_,nodename,_ = prefix.split('/') + else: + _, _, nodename = prefix.rpartition('/') hm = cfgmgr.get_node_attributes(nodename, 'hardwaremanagement.manager') targip = hm.get(nodename, {}).get( 'hardwaremanagement.manager', {}).get('value', None) @@ -737,6 +768,20 @@ def resourcehandler_backend(env, start_response): yield 'No hardwaremanagement.manager defined for node' return targip = targip.split('/', 1)[0] + if default: + # understand targip + ip_family = targ_ip_family(targip) + if ip_family == 'is_ipv4': + url = 'https://{0}'.format(targip) + elif ip_family == 'is_ipv6': + url = 'https://[{0}]'.format(targip) + else: + start_response('404 Not Found', headers) + yield 'Cant figure out the hardwaremanagenent.manager attribute ip' + return + start_response('302', [('Location', url)]) + yield 'Our princess is in another castle!' + return funport = forwarder.get_port(targip, env['HTTP_X_FORWARDED_FOR'], authorized['sessionid']) host = env['HTTP_X_FORWARDED_HOST'] From fcb3d917db33d08d512b156b3d5e5ac5b986d9a2 Mon Sep 17 00:00:00 2001 From: tkucherera Date: Fri, 26 Jan 2024 17:14:04 -0500 Subject: [PATCH 2/2] use socket.getaddrinfo --- confluent_server/confluent/httpapi.py | 51 +++++++++------------------ 1 file changed, 17 insertions(+), 34 deletions(-) diff --git a/confluent_server/confluent/httpapi.py b/confluent_server/confluent/httpapi.py index 4688ddd5..e30df36d 100644 --- a/confluent_server/confluent/httpapi.py +++ b/confluent_server/confluent/httpapi.py @@ -618,32 +618,6 @@ def resourcehandler(env, start_response): yield '500 - ' + str(e) return -def targ_ip_family(targip, first_pass=True): - # check ipv4 - try: - socket.inet_aton(targip) - return 'is_ipv4' - except socket.error: - pass - # check ipv6 - try: - check_ip = targip - if '%' in targip: - check_ip = targip.split('%')[0] - socket.inet_pton(socket.AF_INET6, check_ip) - return 'is_ipv6' - except socket.error: - # at this point we now know its not both ipv6 or ipv4 so we check if its hostname - if first_pass: - try: - ip_address = socket.gethostbyname(targip) - return targ_ip_family(ip_address, False) - except socket.gaierror: - return 'Cant figure that guy' - else: - return 'Cant figure it out' - - def resourcehandler_backend(env, start_response): """Function to handle new wsgi requests """ @@ -769,15 +743,24 @@ def resourcehandler_backend(env, start_response): return targip = targip.split('/', 1)[0] if default: - # understand targip - ip_family = targ_ip_family(targip) - if ip_family == 'is_ipv4': - url = 'https://{0}'.format(targip) - elif ip_family == 'is_ipv6': - url = 'https://[{0}]'.format(targip) - else: + try: + ip_info = socket.getaddrinfo(targip, 0, 0, socket.SOCK_STREAM) + except socket.gaierror: start_response('404 Not Found', headers) - yield 'Cant figure out the hardwaremanagenent.manager attribute ip' + yield 'hardwaremanagement.manager definition could not be resolved' + return + # this is just to future proof just in case the indexes of the address family change in future + for i in range(len(ip_info)): + if ip_info[i][0] == socket.AF_INET: + url = 'https://{0}/'.format(ip_info[i][-1][0]) + start_response('302', [('Location', url)]) + yield 'Our princess is in another castle!' + return + elif ip_info[i][0] == socket.AF_INET6: + url = 'https://[{0}]/'.format(ip_info[i][-1][0]) + if url.startswith('https://[fe80'): + start_response('405 Method Not Allowed', headers) + yield 'link local ipv6 address cannot be used in browser' return start_response('302', [('Location', url)]) yield 'Our princess is in another castle!'