TheArchive/tailscale
1
0
Fork 0
mirror of https://github.com/tailscale/tailscale.git synced 2025-04-18 20:51:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

ssh/tailssh: add ssh session recording failed event type

Browse Source 
This change introduces a SSHSessionRecordingFailed event type
that is used when a session recording fails to start or fails during a
session, and the on failure indicates that it should fail open.

Updates tailscale/corp#9967

Signed-off-by: Charlotte Brandhorst-Satzkorn <charlotte@tailscale.com>
This commit is contained in:
Charlotte Brandhorst-Satzkorn 2023-05-06 10:27:10 -07:00 committed by Maisem Ali
parent 745ee97973
commit 4e86857313
2 changed files with 27 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
ssh/tailssh/tailssh.go
View File

@ -1607,7 +1607,11 @@ func (ss *sshSession) startNewRecording() (_ *recording, err error) {
rec.out, attempts, errChan, err = ss.connectToRecorder(ctx, recorders) rec.out, attempts, errChan, err = ss.connectToRecorder(ctx, recorders)
if err != nil { if err != nil {
if onFailure != nil && onFailure.NotifyURL != "" && len(attempts) > 0 { if onFailure != nil && onFailure.NotifyURL != "" && len(attempts) > 0 {
ss.notifyControl(ctx, nodeKey, tailcfg.SSHSessionRecordingRejected, attempts, onFailure.NotifyURL) eventType := tailcfg.SSHSessionRecordingFailed
if onFailure.RejectSessionWithMessage != "" {
eventType = tailcfg.SSHSessionRecordingRejected
}
ss.notifyControl(ctx, nodeKey, eventType, attempts, onFailure.NotifyURL)
} }
if onFailure != nil && onFailure.RejectSessionWithMessage != "" { if onFailure != nil && onFailure.RejectSessionWithMessage != "" {
@ -1630,7 +1634,12 @@ func (ss *sshSession) startNewRecording() (_ *recording, err error) {
lastAttempt := attempts[len(attempts)-1] lastAttempt := attempts[len(attempts)-1]
lastAttempt.FailureMessage = err.Error() lastAttempt.FailureMessage = err.Error()
ss.notifyControl(ctx, nodeKey, tailcfg.SSHSessionRecordingTerminated, attempts, onFailure.NotifyURL) eventType := tailcfg.SSHSessionRecordingFailed
if onFailure.TerminateSessionWithMessage != "" {
eventType = tailcfg.SSHSessionRecordingTerminated
}
ss.notifyControl(ctx, nodeKey, eventType, attempts, onFailure.NotifyURL)
} }
if onFailure != nil && onFailure.TerminateSessionWithMessage != "" { if onFailure != nil && onFailure.TerminateSessionWithMessage != "" {
ss.logf("recording: error uploading recording (closing session): %v", err) ss.logf("recording: error uploading recording (closing session): %v", err)

14
tailcfg/tailcfg.go
View File

@ -2111,8 +2111,22 @@ type SSHEventType int
const ( const (
UnspecifiedSSHEventType SSHEventType = 0 UnspecifiedSSHEventType SSHEventType = 0
// SSHSessionRecordingRejected is the event that
// defines when a SSH session cannot be started
// because no recorder is available for session
// recording, and the SSHRecorderFailureAction
// RejectSessionWithMessage is not empty.
SSHSessionRecordingRejected SSHEventType = 1 SSHSessionRecordingRejected SSHEventType = 1
// SSHSessionRecordingTerminated is the event that
// defines when session recording has failed
// during the session and the SSHRecorderFailureAction
// TerminateSessionWithMessage is not empty.
SSHSessionRecordingTerminated SSHEventType = 2 SSHSessionRecordingTerminated SSHEventType = 2
// SSHSessionRecordingFailed is the event that
// defines when session recording is unavailable and
// the SSHRecorderFailureAction RejectSessionWithMessage
// or TerminateSessionWithMessage is empty.
SSHSessionRecordingFailed SSHEventType = 3
) )
// SSHRecordingAttempt is a single attempt to start a recording. // SSHRecordingAttempt is a single attempt to start a recording.