Merge pull request #2 from mzsombor/feature_source_address

wip: try source address
mzsombor · Jan 9, 2023 · 984c282 · 984c282
2 parents 04bd859 + fc7e19d
commit 984c282
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 2 deletions.
diff --git a/webssh/handler.py b/webssh/handler.py
@@ -377,6 +377,12 @@ def get_port(self):
             raise InvalidValueError('Invalid port: {}'.format(value))
         return port
 
+    def get_source_address(self):
+        value = self.get_value('source_address')
+        if not is_valid_ip_address(value):
+            raise InvalidValueError('Invalid source ip address: {}'.format(value))
+        return value
+
     def lookup_hostname(self, hostname, port):
         key = hostname if port == 22 else '[{}]:{}'.format(hostname, port)
 
@@ -395,6 +401,7 @@ def get_args(self):
         privatekey, filename = self.get_privatekey()
         passphrase = self.get_argument('passphrase', u'')
         totp = self.get_argument('totp', u'')
+        source_address = self.get_source_address()
 
         if isinstance(self.policy, paramiko.RejectPolicy):
             self.lookup_hostname(hostname, port)
@@ -404,8 +411,19 @@ def get_args(self):
         else:
             pkey = None
 
+        if source_address:
+            logging.info("Binding socket for source ip {}".format(source_address))
+            sock = socket.socket()
+            sock.settimeout(options.timeout)  # Set a timeout on blocking socket operations
+            try:
+                sock.bind((source_address, 0))
+            except OSError:
+                raise InvalidValueError('Unable to bind source address {} socket'.format(source_address))
+        else:
+            sock = None
+
         self.ssh_client.totp = totp
-        args = (hostname, port, username, password, pkey)
+        args = (hostname, port, username, password, pkey, sock)
         logging.debug(args)
 
         return args
@@ -451,6 +469,14 @@ def ssh_connect(self, args):
         dst_addr = args[:2]
         logging.info('Connecting to {}:{}'.format(*dst_addr))
 
+        sock = args[5]
+        if sock:
+            logging.info('Connecting source address socket')
+            try:
+                sock.connect(dst_addr)
+            except socket.error:
+                raise ValueError('Unable to connect source address socket to {}:{}'.format(*dst_addr))
+
         try:
             ssh.connect(*args, timeout=options.timeout)
         except socket.error:
@@ -600,4 +626,4 @@ def on_close(self):
 
         worker = self.worker_ref() if self.worker_ref else None
         if worker:
-            worker.close(reason=self.close_reason)
+            worker.close(reason=self.close_reason)
diff --git a/webssh/templates/index.html b/webssh/templates/index.html
@@ -77,6 +77,8 @@
             <input class="form-control" type="password" id="totp" name="totp" value="">
           </div>
           <div class="col">
+            <label for="source_address">Source Address (optional)</label>
+            <input class="form-control" type="text" id="source_address" name="source_address" value="">
           </div>
         </div>
         <input type="hidden" id="term" name="term" value="xterm-256color">