19166: Move args from headers to post form, add no_forward flag.

Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom@curii.com>

diff --git a/lib/controller/localdb/container_gateway.go b/lib/controller/localdb/container_gateway.go
index fcfa599e4db81c5ae64a8f720a7afd30dcbc3ca3..79812465477d152c02618b57f57a5d3210d42618 100644 (file)
--- a/lib/controller/localdb/container_gateway.go
+++ b/lib/controller/localdb/container_gateway.go
@@ -147,14 +147,21 @@ func (conn *Conn) ContainerSSH(ctx context.Context, opts arvados.ContainerSSHOpt
                Host:   ctr.GatewayAddress,
                Path:   "/ssh",
        }
+       postform := url.Values{
+               "uuid":           {opts.UUID},
+               "detach_keys":    {opts.DetachKeys},
+               "login_username": {opts.LoginUsername},
+               "no_forward":     {"true"},
+       }
+       postdata := postform.Encode()
        bufw.WriteString("POST " + u.String() + " HTTP/1.1\r\n")
        bufw.WriteString("Host: " + u.Host + "\r\n")
        bufw.WriteString("Upgrade: ssh\r\n")
-       bufw.WriteString("X-Arvados-Target-Uuid: " + opts.UUID + "\r\n")
        bufw.WriteString("X-Arvados-Authorization: " + requestAuth + "\r\n")
-       bufw.WriteString("X-Arvados-Detach-Keys: " + opts.DetachKeys + "\r\n")
-       bufw.WriteString("X-Arvados-Login-Username: " + opts.LoginUsername + "\r\n")
+       bufw.WriteString("Content-Type: application/x-www-form-urlencoded\r\n")
+       fmt.Fprintf(bufw, "Content-Length: %d\r\n", len(postdata))
        bufw.WriteString("\r\n")
+       bufw.WriteString(postdata)
        bufw.Flush()
        resp, err := http.ReadResponse(bufr, &http.Request{Method: "GET"})
        if err != nil {

diff --git a/lib/crunchrun/container_gateway.go b/lib/crunchrun/container_gateway.go
index 49eb68c0f50ba263667ba49429dee83a91bd6c5b..ba52f8ab43cd6f49a107777b0d28f9c14fec92ab 100644 (file)
--- a/lib/crunchrun/container_gateway.go
+++ b/lib/crunchrun/container_gateway.go
@@ -267,7 +267,8 @@ func (gw *Gateway) handleSSH(w http.ResponseWriter, req *http.Request) {
                http.Error(w, "path not found", http.StatusNotFound)
                return
        }
-       if want := req.Header.Get("X-Arvados-Target-Uuid"); want != gw.ContainerUUID {
+       req.ParseForm()
+       if want := req.Form.Get("uuid"); want != gw.ContainerUUID {
                http.Error(w, fmt.Sprintf("misdirected request: meant for %q but received by crunch-run %q", want, gw.ContainerUUID), http.StatusBadGateway)
                return
        }
@@ -275,8 +276,8 @@ func (gw *Gateway) handleSSH(w http.ResponseWriter, req *http.Request) {
                http.Error(w, "bad X-Arvados-Authorization header", http.StatusUnauthorized)
                return
        }
-       detachKeys := req.Header.Get("X-Arvados-Detach-Keys")
-       username := req.Header.Get("X-Arvados-Login-Username")
+       detachKeys := req.Form.Get("detach_keys")
+       username := req.Form.Get("login_username")
        if username == "" {
                username = "root"
        }

diff --git a/sdk/go/arvados/api.go b/sdk/go/arvados/api.go
index 1b303ffb414c893d0f6ada0622e12af3d34f75bb..8a41cb851c059b8ae498c647093a100910bff0a1 100644 (file)
--- a/sdk/go/arvados/api.go
+++ b/sdk/go/arvados/api.go
@@ -97,6 +97,7 @@ type ContainerSSHOptions struct {
        UUID          string `json:"uuid"`
        DetachKeys    string `json:"detach_keys"`
        LoginUsername string `json:"login_username"`
+       NoForward     bool   `json:"no_forward"`
 }
 
 type ContainerSSHConnection ConnectionResponse