T~dZddlmZddlmZddlmZddlZddlZddlZddlZddl m Z ddl m Z ddlmZdd lmZdd lmZdd lmZddlZdd lmZd ZdZdZdZdZdZdZGddej<ZGddej<Z Gddej<Z!Gddej<Z"Gddej<Z#Gddej<Z$Gd d!ej<Z%Gd"d#ej<Z&Gd$d%ej<Z'Gd&d'ej<Z(Gd(d)e)Z*y)*z8WebSocket connection class for tunneling with Cloud IAP.)absolute_import)division)unicode_literalsN)iap_tunnel_websocket_helper)iap_tunnel_websocket_utils) exceptions)log) properties)retry)queue<i Ni  ic eZdZy)SendAckNotificationN__name__ __module__ __qualname__:lib/googlecloudsdk/api_lib/compute/iap_tunnel_websocket.pyrr-rrc eZdZy)ConnectionCreationErrorNrrrrrr1rrrc eZdZy)ConnectionReconnectTimeoutNrrrrrr5rrrc eZdZy) StoppingErrorNrrrrr r 9rrr c eZdZy)SubprotocolEarlyAckErrorNrrrrr"r"=rrr"c eZdZy)SubprotocolEarlyDataErrorNrrrrr$r$Arrr$c eZdZy)!SubprotocolExtraConnectSuccessSidNrrrrr&r&Errr&c eZdZy)#SubprotocolExtraReconnectSuccessAckNrrrrr(r(Irrr(c eZdZy)SubprotocolInvalidAckErrorNrrrrr*r*Mrrr*c eZdZy)SubprotocolOutOfOrderAckErrorNrrrrr,r,Qrrr,ceZdZdZ ddZdZdZdZdZdZ dZ d Z d Z d Z d Zd ZdZdZdZdZdZdZdZdZdZdZdZdZdZdZy)IapTunnelWebSocketzCloud IAP WebSocket class for tunnelling connections. It takes in local data (via Send()) which it sends over the websocket. It takes data from the websocket and gives it to data_handler_callback. c||_||_||_||_||_||_d|_d|_d|_d|_ d|_ d|_ d|_ tj|_tj|_d|_d|_d|_t)j*t,|_t1j2|_t)j*|_||_y)NFr)maxsize)_tunnel_target_get_access_token_callback_data_handler_callback_close_handler_callback _ignore_certs _user_agent_websocket_helper_connect_msg_received_connection_sid _stopping_close_message_sent_send_and_reconnect_thread _input_eof threadingEvent _sent_all_cant_send_ack_total_bytes_confirmed_total_bytes_received_total_bytes_received_and_ackedr QueueMAX_UNSENT_QUEUE_LENGTH _unsent_data collectionsdeque_unconfirmed_data_data_to_resend_conn_id)self tunnel_targetget_access_token_callbackdata_handler_callbackclose_handler_callback user_agentconn_id ignore_certss r__init__zIapTunnelWebSocket.__init__\s(D&?D#"7D#9D %D!D!D!&DDDN$D&*D#DO__&DN#//+D"#D!"D+,D( ,CDD(..0D!;;=DDMrcR|jr|jjyyN)r7CloserMs r__del__zIapTunnelWebSocket.__del__~s"  ""$rc(d|_|jjt |j |j rH|j s!|j jd|_|j jyy#YYxYw)z5Close down local connection and WebSocket connection.TN) r:rGputr r4r7r; SendCloserXrYs rrXzIapTunnelWebSocket.ClosesDN -(  ""$   % % ((*#'  ""$   s B Bc`tj|jtj|j|j |j tj|j|_ d|j_ |jjy)z"Initiate the WebSocket connection.)targetTN) utilsCheckPythonVersionr5ValidateParametersr1_StartNewWebSocket_WaitForOpenOrRaiseErrorr>Thread_SendDataAndReconnectWebSocketr<daemonstartrYs rInitiateConnectionz%IapTunnelWebSocket.InitiateConnections~ T//0 T001!!#&/&6&622'4D#-1D##*##))+rc|r=|dtj}|tjd}|r|j||r>  : ;;rctjtdt} |j |t y#tj $r:tjd|jtd|jYywxYw)z*Attempt to reconnect with a new WebSocket.g?) max_wait_msexponential_sleep_multiplierwait_ceiling_ms)funcsleep_msz'[%d] Unable to reconnect within [%d] msTexc_infoN) r RetryerMAX_RECONNECT_WAIT_TIME_MSMAX_RECONNECT_SLEEP_TIME_MSRetryOnExceptionRECONNECT_INITIAL_SLEEP_MSRetryExceptionr warningrL_StopConnectionAsync)rMreconnect_funcrs r_AttemptReconnectz$IapTunnelWebSocket._AttemptReconnectsv  "<36&A CA"n"<>   " kk;--!;dL !"s:A BBc0tjtdz z}tj|kr|jsv |jj |t t jtjk(r.t jd|jt||ddy|jr tdt!#tj$rYnwxYwtj|ksR|jsՌ`)aAdd bytes to the queue; block waiting for reconnect if queue is full. Args: bytes_to_send: The local bytes to send over the websocket. At most utils.SUBPROTOCOL_MAX_DATA_FRAME_SIZE. Raises: ConnectionReconnectTimeout: If something is preventing data from being sent. ConnectionCreationError: If the connection was closed and no more reconnect retries will be performed. g@@timeoutz3[%d] ENQUEUED data_len [%d] bytes_to_send[:20] [%r]NzAUnexpected error while reconnecting. Check logs for more details.)timerr:rGr\ MAX_WEBSOCKET_SEND_WAIT_TIME_SECr GetVerbosityloggingDEBUGdebugrLlenr Fullrr)rMrmend_times rrlz4IapTunnelWebSocket._EnqueueBytesWithWaitForReconnectsyy{7&@@H ))+   m>  @     . ))IMM3}#5}Sb7I K  ~~ #%D EE $ &&ZZ    ))+ sA4CC/.C/c|jS)z.Returns true if we received a connect message.)r8rYs r _HasConnectedz IapTunnelWebSocket._HasConnecteds  % %%rc|jxr|jjxs)|jxr|jj SrW)r7IsClosedr<is_aliverYs r _IsClosedzIapTunnelWebSocket._IsClosedsL  # # I(>(>(G(G(I =  , ,<0099; ;>rc d|jzg}tjd|j|jtj j jj}|r |d|zgz }|jr|d|jzgz }tjd|j|jrYtj|j|j|jd}tjd|j|nBtj |jd}tjd |j|d |_t%j&|||j(|jj*|j,|j.d|j |_|j0j3y ) z=Start a new WebSocket and thread to listen for incoming data.z User-Agent: z[%d] user-agent [%s]zX-Goog-Request-Reason: zAuthorization: Bearer z [%d] Using new websocket libraryT)should_use_new_websocketz[%d] Reconnecting with URL [%r]z[%d] Connecting with URL [%r]F)rrSN)r6r rrLr VALUEScorerequest_reasonGetr2r9r`CreateWebSocketReconnectUrlr1rCinfoCreateWebSocketConnectUrlr8helperIapTunnelWebSocketHelperr5 proxy_info_OnData_OnCloser7StartReceivingThread)rMheadersrurls rrcz%IapTunnelWebSocket._StartNewWebSockets 0 001GII$dmmT5E5EF&&++::>>@N +n<==g && *T-L-L-NNOOgII0$--@   - -        $ $#'  )c  hh0$--E  + +    >c hh. sC!&D#<<   &&  !% D //1rcZ|j|jkDr_|j} tj|}|jj |||_|jj!yy#t j$rt$r>}tjd|jtj|Yd}~qd}~w|js$tjd|j|dnYxYw#|jj!wxYw)zSend an ACK back to server.z&[%d] Unable to send WebSocket ack [%s]Nz-[%d] Error while attempting to ack [%d] bytesTr})rCrDr`CreateSubprotocolAckFramer7rorWebSocketConnectionClosedEnvironmentErrorr rrLsix text_typerrAclear)rMbytes_receivedack_dataes r_SendAckzIapTunnelWebSocket._SendAck-s !!D$H$HH11n$22>B ##H-/=, !!#'I  - - 2 9 a 0 2 2~~ ((B==.4 A  A !!#s)7A::D 4C D:D  DD*c|jjry|j}|j}tj }||z d|zkDr:|jj |jjtyy)z3Decide if an ACK should be sent back to the server.Nr ) rAis_setrCrDr`rksetrGr\r)rM total_bytesbytes_recv_and_ackd window_sizes r _MaybeSendAckz IapTunnelWebSocket._MaybeSendAckDs{ !!# ,,K>>77K((1{?:  /0 ;rc^fd}fd} js |jsjy#t$rO}tjdjt j |j|Yd}~qd}~wwxYw#jwxYw)z,Main function for send_and_reconnect_thread.c`js!jjyyrW)r:_SendQueuedDatarrYsrSendDatazCIapTunnelWebSocket._SendDataAndReconnectWebSocket..SendDataWs$ ^^  rc`js!jjyyrW)r:rcrdrYsr ReconnectzDIapTunnelWebSocket._SendDataAndReconnectWebSocket..Reconnect\s' ^^ ! %%'rz7[%d] Error while sending data, trying to reconnect [%s]N) r: Exceptionr rrLrrrrX)rMrrrs` rrfz1IapTunnelWebSocket._SendDataAndReconnectWebSocketUs (  , * jjl  , ))MMM3==#3 5   + + ,  jjls2 B? B BAB BBBB,c  |js|j |jjs|jj }n |j j t }|tus|turd|_|turd|_nq|tur|j!|j"j%|t'j(|}|j*j-||js|jrQ|jjr6|j jr|j.j1yyyy#tj$r#|jrtjYwxYw#|jrQ|jjr6|j jr|j.j1wwwwxYw)z3Send data that is sitting in the unsent data queue.rTN)r:rrKemptygetrGrr Emptyrrrrqr r=rrrJappendr`CreateSubprotocolDataFramer7ror@r)rMdata send_datas rrz"IapTunnelWebSocket._SendQueuedDatals3  %%++-''++-D$$(()I)KD 8 t}4$. X "DO  & & --/  %%d+44T:  ##I.]` //d2288:    ! ! #  $;/I{{  ^^ 22 2   H //d2288:    ! ! #  $;/s1F#AE*4BF#*3F F#F  F##AHcd|_y)NT)r:rYs rrz'IapTunnelWebSocket._StopConnectionAsyncs DNrcnttdzD];}|jrn)|jryt j d=|j r|j jr|j jrd}|j jjdrd}nB|j jjdrd|jjz}d |j jd |}t|td ) zOC e((( !!*- )) )   , 99 9 ..z: ;; ; 00< iiJCPrc|js|jtdtj|\}}|j ||r+t jd|jt|yy)zHandle Subprotocol ACK Frame.zReceived ACK before connected.z5[%d] Discarding [%d] extra bytes after processing ACKN) rrr"r`ExtractSubprotocolAck _ConfirmDatar rrLr)rMrbytes_confirmedrs rrz(IapTunnelWebSocket._HandleSubprotocolAcksm     ! $%E FF"'"="=k"JOZo& iiG s:0rc|jr|jtdtj|\}}||_d|_|r+tjd|jt|yy)z-Handle Subprotocol CONNECT_SUCCESS_SID Frame.z5Received CONNECT_SUCCESS_SID after already connected.TzE[%d] Discarding [%d] extra bytes after processing CONNECT_SUCCESS_SIDN) rrr&r`#ExtractSubprotocolConnectSuccessSidr9r8r rrLrrMrrrs rrz6IapTunnelWebSocket._HandleSubprotocolConnectSuccessSidsz  ! - A CC@@MD*D!%D ii !%JArc|jD]}|jj|tj|_yrW)rJrKr\rHrI)rMrs r!_AddUnconfirmedDataBackToTheQueuez4IapTunnelWebSocket._AddUnconfirmedDataBackToTheQueues7&& t$'(..0Drc|jr|jtdtj|\}}||j z }|j |tjd|j|t|j|jd|_ |r+tjd|jt|yy)z/Handle Subprotocol RECONNECT_SUCCESS_ACK Frame.z7Received RECONNECT_SUCCESS_ACK after already connected.zE[%d] Reconnecting: confirming [%d] bytes and resending [%d] messages.TzG[%d] Discarding [%d] extra bytes after processing RECONNECT_SUCCESS_ACKN)rrr(r`%ExtractSubprotocolReconnectSuccessAckrBrr rrLrrJrr8r)rMrrrbytes_being_confirmeds rrz8IapTunnelWebSocket._HandleSubprotocolReconnectSuccessAcks  ! / C EE 33K@ OZ+d.I.IIo&HHO ,c$2H2H.IK **,!%D ii "#'==#j/Crc|js|jtdtj|\}}|xj t |z c_|j |j||r+tjd|jt |yy#|jxYw)zHandle Subprotocol DATA Frame.zReceived DATA before connected.z6[%d] Discarding [%d] extra bytes after processing DATAN) rrr$r`ExtractSubprotocolDatarCrrr3r rrLrs rrz)IapTunnelWebSocket._HandleSubprotocolData s     ! %&G HH33K@D*#d)+  !!$' iiH s:0  ! s 3B22Cc$||jkr|jtd|z||jz }|r|jr|jj }t ||kDr4|jj ||d|xj|z c_n|xjt |z c_||jz }|r |jr|r,|jtd|d|jdy)zCDiscard data that has been confirmed via ACKs received from server.z)Received out-of-order Ack for [%d] bytes.NzBytes confirmed [z] were larger than bytes sent [r)rBrr,rJpopleftr appendleftr*)rMrbytes_to_confirm data_chunks rrzIapTunnelWebSocket._ConfirmDatas444 ! ) 5 G II')D)DD t55))113j Z+ + ))*5E5F*GH ##'77# ##s:6#(4+F+FF t55 ! & D77 9 ::rN)rF)rrr__doc__rUrZrXrirorrrvrrlrrrcrrrfrrrdrrrrrrrrrrrr.r.Us49 D%% ,> $<& "$'L&> $2L$.1".5n<6  Q 0 A1 C*0$:rr.)+r __future__rrrrHrr>rgooglecloudsdk.api_lib.computerrrr`googlecloudsdk.corerr r googlecloudsdk.core.utilr r six.movesr rrrrrFrurErrorrrrr r"r$r&r(r*r,objectr.rrrrs# ?&' PN*#** #$ #% '+ !***j..!1!1J$$z// 0 0 (8(8**:*:!1!1J$4$4[:[:r