GitHub user mike-jumper opened a pull request:
https://github.com/apache/guacamole-server/pull/187
GUACAMOLE-622: Withhold first SSH/telnet frame until connection is verified
These changes add a new function, `guac_terminal_start()`, which must be
called before the terminal emulator will send the `sync` messages which define
frame boundaries. SSH and telnet have been modified to call this function only
when the connection has actually been successful.
By withholding frames until the underlying connection is complete, the
"Connected. Waiting for response..." status notification becomes an accurate
reflection of the connection state. In addition, server-side handling of
connection errors via `FailoverGuacamoleSocket` becomes possible, as the
instruction filtering code that searches for errors also uses that first `sync`
as a sign of success.
As telnet does define an authentication mechanism, there is no standard way
to detect whether authentication has succeeded, however these changes define
two additional regex parameters which allow success/failure to be detected
heuristically. If a username, password, and these two regex are provided, the
initial frame is withheld until final success/failure has been determined.
You can merge this pull request into a Git repository by running:
$ git pull https://github.com/mike-jumper/guacamole-server ssh-telnet-error
Alternatively you can review and apply these changes as the patch at:
https://github.com/apache/guacamole-server/pull/187.patch
To close this pull request, make a commit to your master/trunk branch
with (at least) the following in the commit message:
This closes #187
----
commit 61a51df1b29695f6464193b18dd4f24809ef07df
Author: Michael Jumper <mjumper@...>
Date: 2018-08-30T17:01:41Z
GUACAMOLE-622: Require guac_terminal_start() to be invoked before the
terminal will render frames or accept user input.
commit 0b39b0fc5fa9846ff350cc443b8f432efb4678ee
Author: Michael Jumper <mjumper@...>
Date: 2018-08-30T17:06:20Z
GUACAMOLE-622: Implicitly invoke guac_terminal_start() if prompting is
required.
commit 4606607309761cca9f69dbd8e15be2376950dac3
Author: Michael Jumper <mjumper@...>
Date: 2018-08-30T17:08:30Z
GUACAMOLE-622: Start terminal for SSH only after SSH connection succeeds.
commit 286cbf32a7a178cd6483a52983a33d486edc9129
Author: Michael Jumper <mjumper@...>
Date: 2018-09-02T04:26:37Z
GUACAMOLE-622: Ensure connection to guacd is kept alive even if the SSH
daemon is taking its time responding. Lengthy connect times due to DNS
verification, PAM, etc. are not uncommon.
commit 1178b475dad6b8c567041dda8e3fabd34a584f75
Author: Michael Jumper <mjumper@...>
Date: 2018-09-02T04:41:13Z
GUACAMOLE-622: Do not allow STDIN to be redirected if the terminal is not
yet started.
commit ab1ca03f9b6dc98fd9dbe614162f6f87641d3f3c
Author: Michael Jumper <mjumper@...>
Date: 2018-09-02T21:32:05Z
GUACAMOLE-622: Start terminal for telnet only after login status is known
(if login success/failure detection enabled).
commit 55ac0c5b323d8c36d6b09bd99c2d5bc2cd0d043b
Author: Michael Jumper <mjumper@...>
Date: 2018-09-03T05:59:18Z
GUACAMOLE-622: Match each line against all regexes.
----
---
