calculate
/
calculate-utils-3-console
6
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Refactoring

Browse Source
master-3.5
Хирецкий Михаил 8 years ago
parent 3c99855268
commit c193eee22b
12 changed files with 677 additions and 560 deletions
Show Stats Download Patch File Download Diff File

266
pym/console/application/cert_func.py
Unescape View File

@ -1,4 +1,4 @@
#-*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org # Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org
# #
@ -14,13 +14,18 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
import os, pwd import os
import sys, subprocess import pwd
import socket, time import sys
import subprocess
import socket
import time
import urllib2 import urllib2
from calculate.console.application.function import _print
from function import get_ip_mac_type from function import get_ip_mac_type
from calculate.console.application.sid_func import get_sid from calculate.console.application.sid_func import get_sid
import OpenSSL, hashlib import OpenSSL
import hashlib
from client_class import HTTPSClientCertTransport from client_class import HTTPSClientCertTransport
from cert_verify import VerifyError from cert_verify import VerifyError
from calculate.core.datavars import DataVarsCore from calculate.core.datavars import DataVarsCore
@ -28,42 +33,47 @@ from calculate.core.server.methods_func import get_password
from calculate.lib.cl_lang import setLocalTranslate from calculate.lib.cl_lang import setLocalTranslate
from calculate.lib.utils.common import getpass from calculate.lib.utils.common import getpass
from calculate.lib.utils.files import listDirectory from calculate.lib.utils.files import listDirectory
setLocalTranslate('cl_console3',sys.modules[__name__])
_ = lambda x: x
setLocalTranslate('cl_console3', sys.modules[__name__])
VERSION = 0.11 VERSION = 0.11
def client_post_cert (client, clVars, show_info = False):
def client_post_cert(client, clVars, show_info=False):
""" send a certificate server for check """ """ send a certificate server for check """
sid = get_sid(client.SID_FILE) sid = get_sid(client.SID_FILE)
lang = os.environ['LANG'][:2] lang = os.environ['LANG'][:2]
_result_post_cert, _result_sid = client.service.init_session(sid, lang) _result_post_cert, _result_sid = client.service.init_session(sid, lang)
result_post_cert = _result_post_cert[1].integer result_post_cert = _result_post_cert[1].integer
result_sid = _result_sid[1].integer result_sid = _result_sid[1].integer
if os.environ.get("DEBUG"): if os.environ.get("DEBUG"):
print _("The client uses certificate %s (server ID %s)") %(client.CERT_FILE, result_post_cert[0]) print _("The client uses certificate %s (server ID %s)") % (
client.CERT_FILE, result_post_cert[0])
if result_post_cert[0] == -4: if result_post_cert[0] == -4:
print _("Certificate not found on the server") print _("Certificate not found on the server")
print _("the client uses certificate %s") %client.CERT_FILE print _("the client uses certificate %s") % client.CERT_FILE
print _('You can generate a new certificate using options --gen-cert-by and '\ print _('You can generate a new certificate '
'using options --gen-cert-by and '
'--get-cert-from') '--get-cert-from')
raise Exception(3) raise Exception(3)
# client_sid(sid, client, cert_id = results[0][0], clVars = clVars) # client_sid(sid, client, cert_id = results[0][0], clVars = clVars)
if result_post_cert[0] == -3: if result_post_cert[0] == -3:
print _("Certificate not sent!") print _("Certificate not sent!")
elif result_post_cert[0] == -2: elif result_post_cert[0] == -2:
print _("Using the upstream certificate") print _("Using the upstream certificate")
else: else:
if show_info: if show_info:
print _(" Your certifitate ID = %d") %(result_post_cert[0]) print _(" Your certifitate ID = %d") % (result_post_cert[0])
try: try:
if result_post_cert[1] == -2: if result_post_cert[1] == -2:
print _("The certificate has expired") print _("The certificate has expired")
elif result_post_cert[1] > 0: elif result_post_cert[1] > 0:
if show_info: if show_info:
print _("The certificate expires after %d days") \ print _("The certificate expires after %d days") \
%(result_post_cert[1]) % (result_post_cert[1])
except: except:
pass pass
@ -75,27 +85,30 @@ def client_post_cert (client, clVars, show_info = False):
if show_info: if show_info:
if result_sid[1] == 1: if result_sid[1] == 1:
print _(" New Session") print _(" New Session")
else: print _(" Old Session") else:
print _(" Your session ID = %s") %sid print _(" Old Session")
print _(" Your session ID = %s") % sid
#Creation of secret key of the client
def new_key_req(key, cert_path, server_host_name, private_key_passwd = None, \
auto = False): # Creation of secret key of the client
from create_cert import generateRSAKey, makePKey, makeRequest,\ def new_key_req(key, cert_path, server_host_name, private_key_passwd=None,
passphrase_callback auto=False):
from create_cert import generateRSAKey, makePKey, makeRequest, \
passphrase_callback
rsa = generateRSAKey() rsa = generateRSAKey()
rsa.save_key(key+'_pub', cipher=None, callback = lambda *unused: None) rsa.save_key(key + '_pub', cipher=None, callback=lambda *unused: None)
pkey = makePKey(rsa) pkey = makePKey(rsa)
if not passphrase_callback(private_key_passwd): if not passphrase_callback(private_key_passwd):
pkey.save_key(key, cipher = None, callback = lambda *unused: None) pkey.save_key(key, cipher=None, callback=lambda *unused: None)
else: else:
pkey.save_key(key, callback= lambda *unused: str(private_key_passwd)) pkey.save_key(key, callback=lambda *unused: str(private_key_passwd))
req = makeRequest(rsa, pkey, server_host_name, auto) req = makeRequest(rsa, pkey, server_host_name, auto)
crtreq = req.as_pem() crtreq = req.as_pem()
req_file = cert_path + '/%s.csr' %server_host_name req_file = cert_path + '/%s.csr' % server_host_name
crtfile = open(req_file, 'w') crtfile = open(req_file, 'w')
crtfile.write(crtreq) crtfile.write(crtreq)
crtfile.close() crtfile.close()
@ -104,13 +117,14 @@ def new_key_req(key, cert_path, server_host_name, private_key_passwd = None, \
try: try:
pwdObj = pwd.getpwnam(user_name) pwdObj = pwd.getpwnam(user_name)
except KeyError, e: except KeyError, e:
_print (e) _print(e)
return None return None
os.chown(key, pwdObj.pw_uid, pwdObj.pw_gid) os.chown(key, pwdObj.pw_uid, pwdObj.pw_gid)
os.chmod(key, 0600) os.chmod(key, 0600)
return req_file return req_file
def delete_old_cert(client): def delete_old_cert(client):
try: try:
os.unlink(client.CERT_FILE) os.unlink(client.CERT_FILE)
@ -118,15 +132,16 @@ def delete_old_cert(client):
os.unlink(client.PKEY_FILE) os.unlink(client.PKEY_FILE)
os.unlink(client.PubKEY_FILE) os.unlink(client.PubKEY_FILE)
except OSError, e: except OSError, e:
_print (e.message) _print(e.message)
def client_post_request (cert_path, args):
def client_post_request(cert_path, args):
if os.path.exists(cert_path + 'req_id'): if os.path.exists(cert_path + 'req_id'):
print \ print \
_("You already sent a certificate signature request.") _("You already sent a certificate signature request.")
_print (_("Request ID = %s") %open(cert_path + 'req_id', 'r').read()) _print(_("Request ID = %s") % open(cert_path + 'req_id', 'r').read())
ans = raw_input (_("Send a new request? y/[n]: ")) ans = raw_input(_("Send a new request? y/[n]: "))
if not ans.lower() in ['y','yes']: if not ans.lower() in ['y', 'yes']:
return 0 return 0
clVars = DataVarsCore() clVars = DataVarsCore()
clVars.importCore() clVars.importCore()
@ -134,49 +149,51 @@ def client_post_request (cert_path, args):
port = args.port or clVars.Get('core.cl_core_port') port = args.port or clVars.Get('core.cl_core_port')
url = "https://%s:%s/?wsdl" %(args.by_host, port) url = "https://%s:%s/?wsdl" % (args.by_host, port)
print '%s\n'% url, _("connecting...") print '%s\n' % url, _("connecting...")
from client_class import Client_suds from client_class import Client_suds
try: try:
client = Client_suds(url, transport = HTTPSClientCertTransport \ client = Client_suds(url, transport=HTTPSClientCertTransport \
(None, None, cert_path)) (None, None, cert_path))
except (KeyboardInterrupt, urllib2.URLError), e: except (KeyboardInterrupt, urllib2.URLError), e:
print '\n'+_("Closing. Connection error.") print '\n' + _("Closing. Connection error.")
_print (_("Error: %s") %e) _print(_("Error: %s") % e)
return 0 return 0
client.wsdl.services[0].setlocation(url) client.wsdl.services[0].setlocation(url)
server_host_name = client.service.get_server_host_name() server_host_name = client.service.get_server_host_name()
key = os.path.join(cert_path, server_host_name + '.key') key = os.path.join(cert_path, server_host_name + '.key')
csr_file = os.path.join(cert_path, server_host_name +'.csr') csr_file = os.path.join(cert_path, server_host_name + '.csr')
if os.path.exists(key) and os.path.exists(csr_file): if os.path.exists(key) and os.path.exists(csr_file):
print _("the private key and request now exist") print _("the private key and request now exist")
ask = raw_input(_("Create a new private key and request? y/[n]: ")) ask = raw_input(_("Create a new private key and request? y/[n]: "))
if ask.lower() in ['y','yes']: if ask.lower() in ['y', 'yes']:
passwd = get_password() passwd = get_password()
new_key_req(key, cert_path, server_host_name, new_key_req(key, cert_path, server_host_name,
private_key_passwd = passwd) private_key_passwd=passwd)
else: else:
passwd = get_password() passwd = get_password()
new_key_req(key, cert_path, server_host_name, new_key_req(key, cert_path, server_host_name,
private_key_passwd = passwd) private_key_passwd=passwd)
ip, mac, client_type = get_ip_mac_type() ip, mac, client_type = get_ip_mac_type()
data = open(csr_file).read() data = open(csr_file).read()
res = client.service.post_client_request(request = data, ip = ip,\ res = client.service.post_client_request(request=data, ip=ip,
mac = mac, client_type = client_type) mac=mac, client_type=client_type)
if int(res) < 0: if int(res) < 0:
print _("The server has not signed the certificate!") print _("The server has not signed the certificate!")
return 1 return 1
fc = open(os.path.join(cert_path, 'req_id'), 'w') fc = open(os.path.join(cert_path, 'req_id'), 'w')
fc.write(res) fc.write(res)
fc.close() fc.close()
_print (_("Your request ID = %s") %res + '.\n', _print(_("Your request ID = %s") % res + '.\n',
_("To submit the certificate request on the server use command") + \ _("To submit the certificate request on the server use command") + \
'\n'+'cl-core --sign-client ID_CLIENT_REQUEST') '\n' + 'cl-core --sign-client ID_CLIENT_REQUEST')
return 0 return 0
def client_get_cert(cert_path, args): def client_get_cert(cert_path, args):
clVars = DataVarsCore() clVars = DataVarsCore()
clVars.importCore() clVars.importCore()
@ -184,35 +201,38 @@ def client_get_cert(cert_path, args):
if not os.path.exists(os.path.join(cert_path, 'req_id')): if not os.path.exists(os.path.join(cert_path, 'req_id')):
print _("Request not sent or file %s deleted") \ print _("Request not sent or file %s deleted") \
%(os.path.join(cert_path, 'req_id')) % (os.path.join(cert_path, 'req_id'))
return 1 return 1
fc = open(os.path.join(cert_path, 'req_id'), 'r') fc = open(os.path.join(cert_path, 'req_id'), 'r')
req_id = fc.read() req_id = fc.read()
fc.close() fc.close()
port = args.port or clVars.Get('core.cl_core_port') port = args.port or clVars.Get('core.cl_core_port')
url = "https://%s:%s/?wsdl" %(args.from_host, port) url = "https://%s:%s/?wsdl" % (args.from_host, port)
print '%s\n' %url, _("connecting...") print '%s\n' % url, _("connecting...")
from client_class import Client_suds from client_class import Client_suds
try: try:
client = Client_suds(url, \ client = Client_suds(url,
transport = HTTPSClientCertTransport(None, None, cert_path)) transport=HTTPSClientCertTransport(None, None,
cert_path))
except KeyboardInterrupt: except KeyboardInterrupt:
print _("Closing. Connection error.") print _("Closing. Connection error.")
return 1
client.wsdl.services[0].setlocation(url) client.wsdl.services[0].setlocation(url)
server_host_name = client.service.get_server_host_name() server_host_name = client.service.get_server_host_name()
if not os.path.exists(os.path.join(cert_path, server_host_name + '.csr')): if not os.path.exists(os.path.join(cert_path, server_host_name + '.csr')):
print _("Request %s not found on the client's side") \ print _("Request %s not found on the client's side") \
%(os.path.join(cert_path, server_host_name + '.csr')) % (os.path.join(cert_path, server_host_name + '.csr'))
return 1 return 1
request = open(os.path.join(cert_path, server_host_name + '.csr')).read() request = open(os.path.join(cert_path, server_host_name + '.csr')).read()
md5 = hashlib.md5() md5 = hashlib.md5()
md5.update(request) md5.update(request)
md5sum = md5.hexdigest() md5sum = md5.hexdigest()
result = client.service.get_client_cert(req_id, md5sum) result = client.service.get_client_cert(req_id, md5sum)
cert = result[0][0] cert = result[0][0]
try: try:
@ -224,9 +244,9 @@ def client_get_cert(cert_path, args):
return 1 return 1
elif cert == '2': elif cert == '2':
print _("Signature request not examined yet.") print _("Signature request not examined yet.")
print _("Your request ID = %s") %req_id + '.\n',\ print _("Your request ID = %s") % req_id + '.\n', \
_("To submit the certificate request on the server use command") + \ _("To submit the certificate request on the server use command") + \
'\n'+'cl-core --sign-client ID_CLIENT_REQUEST' '\n' + 'cl-core --sign-client ID_CLIENT_REQUEST'
return 1 return 1
elif cert == '3': elif cert == '3':
print _("Request or signature not matching earlier data.") print _("Request or signature not matching earlier data.")
@ -241,13 +261,13 @@ def client_get_cert(cert_path, args):
try: try:
os.unlink(cert_path + 'req_id') os.unlink(cert_path + 'req_id')
except OSError, e: except OSError, e:
_print (e.message) _print(e.message)
print _('Certificate saved. Your certificate ID: %s') %req_id print _('Certificate saved. Your certificate ID: %s') % req_id
user_name = pwd.getpwuid(os.getuid()).pw_name user_name = pwd.getpwuid(os.getuid()).pw_name
try: try:
pwdObj = pwd.getpwnam(user_name) pwdObj = pwd.getpwnam(user_name)
except KeyError, e: except KeyError, e:
_print (e) _print(e)
return None return None
os.chown(cert_file, pwdObj.pw_uid, pwdObj.pw_gid) os.chown(cert_file, pwdObj.pw_uid, pwdObj.pw_gid)
os.chmod(cert_file, 0600) os.chmod(cert_file, 0600)
@ -261,7 +281,7 @@ def client_get_cert(cert_path, args):
cl_client_cert_dir = clVars.Get('core.cl_client_cert_dir') cl_client_cert_dir = clVars.Get('core.cl_client_cert_dir')
homePath = clVars.Get('ur_home_path') homePath = clVars.Get('ur_home_path')
cl_client_cert_dir = cl_client_cert_dir.replace("~",homePath) cl_client_cert_dir = cl_client_cert_dir.replace("~", homePath)
root_cert_md5 = os.path.join(cl_client_cert_dir, "ca/cert_list") root_cert_md5 = os.path.join(cl_client_cert_dir, "ca/cert_list")
md5 = hashlib.md5() md5 = hashlib.md5()
@ -271,7 +291,7 @@ def client_get_cert(cert_path, args):
print "md5sum = ", md5sum print "md5sum = ", md5sum
if not os.path.exists(root_cert_md5): if not os.path.exists(root_cert_md5):
fc = open(root_cert_md5,"w") fc = open(root_cert_md5, "w")
fc.close() fc.close()
filename = None filename = None
@ -280,32 +300,31 @@ def client_get_cert(cert_path, args):
# for each line # for each line
for line in t.splitlines(): for line in t.splitlines():
# Split string into a words list # Split string into a words list
words = line.split(' ',1) words = line.split(' ', 1)
if words[0] == md5sum: if words[0] == md5sum:
filename = words[1] filename = words[1]
if not filename: if not filename:
certobj = OpenSSL.crypto.load_certificate \ certobj = OpenSSL.crypto.load_certificate \
(OpenSSL.SSL.FILETYPE_PEM, ca_root) (OpenSSL.SSL.FILETYPE_PEM, ca_root)
Issuer = certobj.get_issuer().get_components() Issuer = certobj.get_issuer().get_components()
for item in Issuer: for item in Issuer:
if item[0] == 'CN': if item[0] == 'CN':
filename = item[1] filename = item[1]
fc = open(root_cert_md5,"a") fc = open(root_cert_md5, "a")
fc.write('%s %s\n' %(md5sum, filename)) fc.write('%s %s\n' % (md5sum, filename))
fc.close() fc.close()
if not filename: if not filename:
print _('Field "CN" not found in the certificate!') print _('Field "CN" not found in the certificate!')
return 1 return 1
fd = open(os.path.join(cl_client_cert_dir, 'ca', filename), 'w') fd = open(os.path.join(cl_client_cert_dir, 'ca', filename), 'w')
fd.write(ca_root) fd.write(ca_root)
fd.close() fd.close()
user_root_cert = clVars.Get('core.cl_user_root_cert') user_root_cert = clVars.Get('core.cl_user_root_cert')
user_root_cert = user_root_cert.replace("~",homePath) user_root_cert = user_root_cert.replace("~", homePath)
fa = open(user_root_cert, 'a') fa = open(user_root_cert, 'a')
fa.write(ca_root) fa.write(ca_root)
fa.close() fa.close()
@ -314,94 +333,103 @@ def client_get_cert(cert_path, args):
else: else:
print _("The file containing the CA certificate now exists") print _("The file containing the CA certificate now exists")
return 0 return 0
def client_post_auth(client): def client_post_auth(client):
""" authorization client or post request """ """ authorization client or post request """
sid = get_sid(client.SID_FILE) sid = get_sid(client.SID_FILE)
client.sid = int(sid) client.sid = int(sid)
try: try:
if os.path.exists(client.CERT_FILE): if os.path.exists(client.CERT_FILE):
pass#client_post_cert(client) pass # client_post_cert(client)
else: else:
#client_post_request(client) # client_post_request(client)
print _("You do not have a certificate. Use option --gen-cert-by HOST to generate a new request or --get-cert-from HOST to get a new certificate from the server.") print _(
"You do not have a certificate. Use option --gen-cert-by HOST to generate a new request or --get-cert-from HOST to get a new certificate from the server.")
raise Exception(1) raise Exception(1)
# print client.service.versions(sid, VERSION) # print client.service.versions(sid, VERSION)
except VerifyError, e: except VerifyError, e:
print e.value print e.value
raise Exception(1) raise Exception(1)
########## Get password ########## Get password
def getRunProc(): def getRunProc():
"""List run program""" """List run program"""
def getCmd(procNum): def getCmd(procNum):
cmdLineFile = '/proc/%s/cmdline'%procNum cmdLineFile = '/proc/%s/cmdline' % procNum
try: try:
if os.path.exists(cmdLineFile): if os.path.exists(cmdLineFile):
return [open(cmdLineFile,'r').read().strip(), procNum] return [open(cmdLineFile, 'r').read().strip(), procNum]
except: except:
pass pass
return ["", procNum] return ["", procNum]
if not os.access('/proc',os.R_OK):
if not os.access('/proc', os.R_OK):
return [] return []
return map(getCmd, return map(getCmd,
filter(lambda x:x.isdigit(), filter(lambda x: x.isdigit(),
listDirectory('/proc'))) listDirectory('/proc')))
def owner(pid): def owner(pid):
UID = 1 UID = 1
for ln in open('/proc/%s/status' %pid): for ln in open('/proc/%s/status' % pid):
if ln.startswith('Uid:'): if ln.startswith('Uid:'):
uid = int(ln.split()[UID]) uid = int(ln.split()[UID])
return pwd.getpwuid(uid).pw_name return pwd.getpwuid(uid).pw_name
def create_socket(file_path, username): def create_socket(file_path, username):
host = '' # ip host = '' # ip
port = 5501 # порт port = 5501 # порт
find_proc = False find_proc = False
# if not file_path: # if not file_path:
# home_path = pwd.getpwuid(os.getuid()).pw_dir # home_path = pwd.getpwuid(os.getuid()).pw_dir
# file_path = os.path.join(home_path, '.calculate', 'passwd_daemon') # file_path = os.path.join(home_path, '.calculate', 'passwd_daemon')
# if not username: # if not username:
# username = pwd.getpwuid(os.getuid()).pw_name # username = pwd.getpwuid(os.getuid()).pw_name
for run_commands in filter(lambda x:'cl-consoled' in \ for run_commands in filter(lambda x: 'cl-consoled' in \
x[0],getRunProc()): x[0], getRunProc()):
if 'python' in run_commands[0]: if 'python' in run_commands[0]:
if username == owner(run_commands[1]): if username == owner(run_commands[1]):
#print 'YES' # print 'YES'
find_proc = True find_proc = True
if not find_proc: if not find_proc:
try: try:
os.unlink(file_path) os.unlink(file_path)
except OSError, e: except OSError, e:
_print (e.message) _print(e.message)
cmd = ['cl-consoled'] cmd = ['cl-consoled']
#print cmd # print cmd
subprocess.Popen(cmd, shell=True, stdin=subprocess.PIPE, subprocess.Popen(cmd, shell=True, stdin=subprocess.PIPE,
stdout = subprocess.PIPE, stderr=subprocess.PIPE) stdout=subprocess.PIPE, stderr=subprocess.PIPE)
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) s.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
while True: while True:
try: try:
s.bind((host,port)) # ассоциировать адрес с сокетом s.bind((host, port)) # ассоциировать адрес с сокетом
break break
except socket.error: except socket.error:
port += 1 port += 1
return s return s
def set_password(s, req, size): def set_password(s, req, size):
password = getpass.getpass(_('Password: ')) password = getpass.getpass(_('Password: '))
msg = '%s,%s' %(req,password) msg = '%s,%s' % (req, password)
s.send(msg) s.send(msg)
resp = s.recv(size) resp = s.recv(size)
if resp.startswith('Error'): if resp.startswith('Error'):
_print (resp) _print(resp)
return password return password
def clear_password(server_host, server_port): def clear_password(server_host, server_port):
size = 1024 # размер данных size = 1024 # размер данных
username = pwd.getpwuid(os.getuid()).pw_name username = pwd.getpwuid(os.getuid()).pw_name
@ -417,18 +445,19 @@ def clear_password(server_host, server_port):
while connect_error < 10: while connect_error < 10:
if os.path.isfile(file_path): if os.path.isfile(file_path):
serv_port, hash_val = open(file_path, 'r').read().split() serv_port, hash_val = open(file_path, 'r').read().split()
break s.connect(('localhost', int(serv_port)))
req = 'delete,%s,%s,%s,%s' % (server_host, str(server_port),
username, hash_val)
s.send(req)
s.recv(size)
return
else: else:
connect_error += 1 connect_error += 1
time.sleep(0.3) time.sleep(0.3)
s.connect(('localhost', int(serv_port)))
break break
except socket.error: except socket.error:
time.sleep(0.3) time.sleep(0.3)
req = 'delete,%s,%s,%s,%s' %(server_host, str(server_port), username,
hash_val)
s.send(req)
resp = s.recv(size)
def socket_connect(s, file_path): def socket_connect(s, file_path):
connect_error = 0 connect_error = 0
@ -437,15 +466,15 @@ def socket_connect(s, file_path):
while connect_error < 10: while connect_error < 10:
if os.path.isfile(file_path): if os.path.isfile(file_path):
serv_port, hash_val = open(file_path, 'r').read().split() serv_port, hash_val = open(file_path, 'r').read().split()
break s.connect(('localhost', int(serv_port)))
return s, hash_val
else: else:
connect_error += 1 connect_error += 1
time.sleep(0.3) time.sleep(0.3)
s.connect(('localhost', int(serv_port)))
break break
except socket.error: except socket.error:
time.sleep(0.3) time.sleep(0.3)
return s, hash_val
def get_password_from_daemon(server_host, server_port, wait_thread): def get_password_from_daemon(server_host, server_port, wait_thread):
size = 1024 # размер данных size = 1024 # размер данных
@ -458,7 +487,8 @@ def get_password_from_daemon(server_host, server_port, wait_thread):
s = create_socket(file_path, username) s = create_socket(file_path, username)
s, hash_val = socket_connect(s, file_path) s, hash_val = socket_connect(s, file_path)
req = '%s,%s,%s,%s' %(server_host,str(server_port),username,hash_val) req = '%s,%s,%s,%s' % (
server_host, str(server_port), username, hash_val)
s.send(req) s.send(req)
resp = s.recv(size) resp = s.recv(size)
if resp.startswith('Error'): if resp.startswith('Error'):

179
pym/console/application/cert_verify.py
Unescape View File

@ -1,4 +1,4 @@
#-*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org # Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org
# #
@ -14,35 +14,41 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
import os, re, glob, sys import os
import re
import sys
import OpenSSL import OpenSSL
from calculate.console.application.function import _print
from calculate.core.datavars import DataVarsCore from calculate.core.datavars import DataVarsCore
from calculate.lib.cl_lang import setLocalTranslate from calculate.lib.cl_lang import setLocalTranslate
setLocalTranslate('cl_console3',sys.modules[__name__])
_ = lambda x: x
setLocalTranslate('cl_console3', sys.modules[__name__])
class VerifyError(Exception): class VerifyError(Exception):
def __init__(self, value): def __init__(self, value):
self.value = value self.value = value
def __str__(self): def __str__(self):
return repr(self.value) return repr(self.value)
# check recall of server certificate # check recall of server certificate
def verify(server_cert, crl_path, flag): def verify(server_cert, crl_path, flag):
certobj = OpenSSL.crypto.load_certificate(
certobj = OpenSSL.crypto.load_certificate \ OpenSSL.SSL.FILETYPE_PEM, server_cert)
(OpenSSL.SSL.FILETYPE_PEM, server_cert)
serverSerial = certobj.get_serial_number() serverSerial = certobj.get_serial_number()
Issuer = certobj.get_issuer().get_components() Issuer = certobj.get_issuer().get_components()
CN, L = None, None CN, L = None, None
for i in Issuer: for i in Issuer:
if i[0] == 'CN': if i[0] == 'CN':
CN = i[1] CN = i[1]
elif i[0] == 'L': elif i[0] == 'L':
L = i[1] L = i[1]
if CN and len(CN) > 2: if CN and len(CN) > 2:
crl_file = crl_path + CN crl_file = crl_path + CN
elif L: elif L:
@ -55,31 +61,30 @@ def verify(server_cert, crl_path, flag):
crl_file = crl_path + host crl_file = crl_path + host
else: else:
if not flag: if not flag:
print _( "fields CN and L in the CA certificate are incorrect!") print _("fields CN and L in the CA certificate are incorrect!")
return 0 return 0
if not os.path.exists(crl_file): if not os.path.exists(crl_file):
if not flag: if not flag:
pass pass
# print _("This certificate can not be verified in the CRL.") # print _("This certificate can not be verified in the CRL.")
return 0 return 0
with open(crl_file, 'r') as _crl_file: with open(crl_file, 'r') as _crl_file:
crl = "".join(_crl_file.readlines()) crl = "".join(_crl_file.readlines())
if crl == '': if crl == '':
return 0 return 0
crl_object = OpenSSL.crypto.load_crl(OpenSSL.crypto.FILETYPE_PEM, crl) crl_object = OpenSSL.crypto.load_crl(OpenSSL.crypto.FILETYPE_PEM, crl)
revoked_objects = crl_object.get_revoked() revoked_objects = crl_object.get_revoked()
for rvk in revoked_objects: for rvk in revoked_objects:
if serverSerial == int(rvk.get_serial(), 16): if serverSerial == int(rvk.get_serial(), 16):
print _("This certificate has been revoked!") print _("This certificate has been revoked!")
print _("Serial")+ _(': %s\n') %rvk.get_serial() + _("Revoke date") + \ print _("Serial") + _(': %s\n') % rvk.get_serial() + _(
_(': %s') %rvk.get_rev_date() "Revoke date") + _(': %s') % rvk.get_rev_date()
raise VerifyError('CRL Exception') raise VerifyError('CRL Exception')
return 0 return 0
@ -95,100 +100,105 @@ def get_CRL(path_to_cert):
try: try:
os.makedirs(path_to_cert) os.makedirs(path_to_cert)
except OSError: except OSError:
print _("Failed to create directory %s") %path_to_cert print _("Failed to create directory %s") % path_to_cert
raise Exception(1) raise Exception(1)
try: try:
os.makedirs(os.path.join(path_to_cert, 'ca')) os.makedirs(os.path.join(path_to_cert, 'ca'))
except OSError: except OSError:
print _("Failed to create directory %s") \ print _("Failed to create directory %s") % (
%(os.path.join(path_to_cert, 'ca')) os.path.join(path_to_cert, 'ca'))
raise Exception(1) raise Exception(1)
os.makedirs(CRL_path) os.makedirs(CRL_path)
clVars = DataVarsCore() clVars = DataVarsCore()
clVars.importCore() clVars.importCore()
clVars.flIniFile() clVars.flIniFile()
# user and system ca and root certificates # user and system ca and root certificates
user_root_cert = clVars.Get('core.cl_user_root_cert') user_root_cert = clVars.Get('core.cl_user_root_cert')
homePath = clVars.Get('ur_home_path') homePath = clVars.Get('ur_home_path')
user_root_cert = user_root_cert.replace("~",homePath) user_root_cert = user_root_cert.replace("~", homePath)
glob_root_cert = clVars.Get('core.cl_glob_root_cert') glob_root_cert = clVars.Get('core.cl_glob_root_cert')
if os.path.exists(user_root_cert): if os.path.exists(user_root_cert):
user_ca_certs = open(user_root_cert, 'r').read() user_ca_certs = open(user_root_cert, 'r').read()
else: user_ca_certs = '' else:
user_ca_certs = ''
if os.path.exists(glob_root_cert): if os.path.exists(glob_root_cert):
glob_ca_certs = open(glob_root_cert, 'r').read() glob_ca_certs = open(glob_root_cert, 'r').read()
else: glob_ca_certs = '' else:
glob_ca_certs = ''
# get certificates list fron text # get certificates list fron text
p = re.compile('[-]+[\w ]+[-]+\n+[\w\n\+\\=/]+[-]+[\w ]+[-]+\n?') p = re.compile('[-]+[\w ]+[-]+\n+[\w\n\+\\=/]+[-]+[\w ]+[-]+\n?')
user_ca_certs_list = p.findall(user_ca_certs) user_ca_certs_list = p.findall(user_ca_certs)
glob_ca_certs_list = p.findall(glob_ca_certs) glob_ca_certs_list = p.findall(glob_ca_certs)
# association in one list # association in one list
all_ca_certs_list = user_ca_certs_list + glob_ca_certs_list all_ca_certs_list = user_ca_certs_list + glob_ca_certs_list
for ca in all_ca_certs_list: for ca in all_ca_certs_list:
certobj = OpenSSL.crypto.load_certificate \ certobj = OpenSSL.crypto.load_certificate(OpenSSL.SSL.FILETYPE_PEM, ca)
(OpenSSL.SSL.FILETYPE_PEM, ca)
# get url from certificates # get url from certificates
url = None url = None
CN = None CN = None
Subject = certobj.get_subject().get_components() Subject = certobj.get_subject().get_components()
last_subj = ""
for subj in Subject: for subj in Subject:
if subj[0] == 'L': if subj[0] == 'L':
url = "https://" + subj[1] +"/?wsdl" url = "https://" + subj[1] + "/?wsdl"
if subj[0] == 'CN': if subj[0] == 'CN':
CN = subj[1] CN = subj[1]
last_subj = subj
if url: if url:
new_crl = None
from client_class import Client_suds from client_class import Client_suds
from client_class import HTTPSClientCertTransport from client_class import HTTPSClientCertTransport
# connect to ca server (url get from certificates) # connect to ca server (url get from certificates)
client = None
try: try:
client = Client_suds(url,\ client = Client_suds(
transport = HTTPSClientCertTransport(None, None, \ url, transport=HTTPSClientCertTransport(None, None,
path_to_cert)) path_to_cert))
client.set_parameters (path_to_cert, None, None) client.set_parameters(path_to_cert, None, None)
new_crl = client.service.get_crl() new_crl = client.service.get_crl()
except VerifyError, e: except VerifyError, e:
_print (e.value) _print(e.value)
#rm_ca_from_trusted(ca) # rm_ca_from_trusted(ca)
raise Exception(1) raise Exception(1)
except: except:
pass pass
client.wsdl.services[0].setlocation(url) client.wsdl.services[0].setlocation(url)
if 'new_crl' in locals(): if new_crl:
if new_crl: if CN and len(CN) > 2:
if CN and len(CN) > 2: CRL_file = CRL_path + CN
CRL_file = CRL_path + CN else:
else: host = last_subj[1].split(':')[0]
host = subj[1].split(':')[0] CRL_file = CRL_path + host
CRL_file = CRL_path + host if new_crl == ' ':
if new_crl == ' ': open(CRL_file, 'w')
open(CRL_file, 'w') # if os.path.exists(CRL_file):
#if os.path.exists(CRL_file): # os.unlink(CRL_file)
#os.unlink(CRL_file) continue
if os.path.exists(CRL_file):
if open(CRL_file, 'r').read() == new_crl:
continue continue
if os.path.exists(CRL_file):
if open(CRL_file, 'r').read() == new_crl: fd = open(CRL_file, 'w')
continue fd.write(new_crl)
fd.close()
fd = open(CRL_file, 'w') print _("CRL added")
fd.write(new_crl) find_ca_in_crl(CRL_path, all_ca_certs_list)
fd.close()
print _("CRL added")
find_ca_in_crl (CRL_path, all_ca_certs_list) def find_ca_in_crl(CRL_path, all_ca_certs_list):
def find_ca_in_crl (CRL_path, all_ca_certs_list):
CRL_name_list = glob.glob(CRL_path + '*')
for ca in all_ca_certs_list: for ca in all_ca_certs_list:
certobj = OpenSSL.crypto.load_certificate \ certobj = OpenSSL.crypto.load_certificate(
(OpenSSL.SSL.FILETYPE_PEM, ca) OpenSSL.SSL.FILETYPE_PEM, ca)
Issuer = certobj.get_issuer().get_components() Issuer = certobj.get_issuer().get_components()
CN = ""
for item in Issuer: for item in Issuer:
if item[0] == 'CN': if item[0] == 'CN':
CN = item[1] CN = item[1]
@ -196,13 +206,13 @@ def find_ca_in_crl (CRL_path, all_ca_certs_list):
CRL = CRL_path + CN CRL = CRL_path + CN
if not os.path.exists(CRL): if not os.path.exists(CRL):
continue continue
with open(CRL, 'r') as _crl_file: with open(CRL, 'r') as _crl_file:
crl = "".join(_crl_file.readlines()) crl = "".join(_crl_file.readlines())
try: try:
crl_object = OpenSSL.crypto.load_crl \ crl_object = OpenSSL.crypto.load_crl(
(OpenSSL.crypto.FILETYPE_PEM, crl) OpenSSL.crypto.FILETYPE_PEM, crl)
except: except:
continue continue
revoked_objects = crl_object.get_revoked() revoked_objects = crl_object.get_revoked()
@ -211,30 +221,33 @@ def find_ca_in_crl (CRL_path, all_ca_certs_list):
if serverSerial == int(rvk.get_serial(), 16): if serverSerial == int(rvk.get_serial(), 16):
rm_ca_from_trusted(ca) rm_ca_from_trusted(ca)
def rm_ca_from_trusted(ca_cert): def rm_ca_from_trusted(ca_cert):
clVars = DataVarsCore() clVars = DataVarsCore()
clVars.importCore() clVars.importCore()
clVars.flIniFile() clVars.flIniFile()
user_ca_dir = clVars.Get('core.cl_client_cert_dir') user_ca_dir = clVars.Get('core.cl_client_cert_dir')
homePath = clVars.Get('ur_home_path') homePath = clVars.Get('ur_home_path')
user_ca_dir = user_ca_dir.replace("~",homePath) user_ca_dir = user_ca_dir.replace("~", homePath)
user_ca_dir = os.path.join(user_ca_dir, 'ca') user_ca_dir = os.path.join(user_ca_dir, 'ca')
user_ca_list = os.path.join(user_ca_dir, 'cert_list') user_ca_list = os.path.join(user_ca_dir, 'cert_list')
user_ca_db = clVars.Get('core.cl_user_root_cert') user_ca_db = clVars.Get('core.cl_user_root_cert')
homePath = clVars.Get('ur_home_path') homePath = clVars.Get('ur_home_path')
user_ca_db = user_ca_db.replace("~",homePath) user_ca_db = user_ca_db.replace("~", homePath)
system_ca_dir = clVars.Get('core.cl_core_cert_path') system_ca_dir = clVars.Get('core.cl_core_cert_path')
system_ca_list = os.path.join(system_ca_dir, 'cert_list') system_ca_list = os.path.join(system_ca_dir, 'cert_list')
system_ca_db = clVars.Get('core.cl_glob_root_cert') system_ca_db = clVars.Get('core.cl_glob_root_cert')
import hashlib import hashlib
md5 = hashlib.md5() md5 = hashlib.md5()
md5.update(ca_cert) md5.update(ca_cert)
md5sum = md5.hexdigest() md5sum = md5.hexdigest()
# search ca certificate in user ca list # search ca certificate in user ca list
newfile = ''
with open(user_ca_list) as fd: with open(user_ca_list) as fd:
t = fd.read() t = fd.read()
# See each line # See each line
@ -248,52 +261,52 @@ def rm_ca_from_trusted(ca_cert):
try: try:
os.unlink(filename) os.unlink(filename)
except OSError, e: except OSError, e:
_print (e.message) _print(e.message)
else: else:
newfile += (line + '\n') newfile += (line + '\n')
else: else:
newfile += (line + '\n') newfile += (line + '\n')
fd.close() fd.close()
fn = open(user_ca_list, 'w') fn = open(user_ca_list, 'w')
fn.write(newfile) fn.write(newfile)
fn.close() fn.close()
p = re.compile('[-]+[\w ]+[-]+\n+[\w\n\+\\=/]+[-]+[\w ]+[-]+\n?') p = re.compile('[-]+[\w ]+[-]+\n+[\w\n\+\\=/]+[-]+[\w ]+[-]+\n?')
# open, write and split user ca certificates # open, write and split user ca certificates
user_ca_certs = open(user_ca_db, 'r').read() user_ca_certs = open(user_ca_db, 'r').read()
user_ca_certs_list = p.findall(user_ca_certs) user_ca_certs_list = p.findall(user_ca_certs)
if ca_cert in user_ca_certs_list: if ca_cert in user_ca_certs_list:
new_user_ca_certs = [] new_user_ca_certs = []
for cert in user_ca_certs_list: for cert in user_ca_certs_list:
if ca_cert != cert: if ca_cert != cert:
new_user_ca_certs.append(cert) new_user_ca_certs.append(cert)
else: else:
print _("CA certificate deleted from the list of user " \ print _("CA certificate deleted from the list of user "
"trusted certificates") "trusted certificates")
fd = open(user_ca_db, 'w') fd = open(user_ca_db, 'w')
for cert in new_user_ca_certs: for cert in new_user_ca_certs:
fd.write(cert) fd.write(cert)
fd.close() fd.close()
if not os.path.exists(system_ca_db): if not os.path.exists(system_ca_db):
open(system_ca_db, 'w') open(system_ca_db, 'w')
system_ca_certs = open(system_ca_db, 'r').read() system_ca_certs = open(system_ca_db, 'r').read()
system_ca_certs_list = p.findall(system_ca_certs) system_ca_certs_list = p.findall(system_ca_certs)
if ca_cert in system_ca_certs_list: if ca_cert in system_ca_certs_list:
new_system_ca_certs = [] new_system_ca_certs = []
for cert in system_ca_certs_list: for cert in system_ca_certs_list:
if ca_cert != cert: if ca_cert != cert:
new_system_ca_certs.append(cert) new_system_ca_certs.append(cert)
else: else:
print _("CA certificate deleted from the list of system " \ print _("CA certificate deleted from the list of system "
"trusted certificates") "trusted certificates")
fd = open(system_ca_db, 'w') fd = open(system_ca_db, 'w')
for cert in new_system_ca_certs: for cert in new_system_ca_certs:
fd.write(cert) fd.write(cert)

239
pym/console/application/cl_client.py
Unescape View File

@ -1,4 +1,4 @@
#-*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org # Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org
# #
@ -20,12 +20,16 @@ from sudsds.transport import TransportError
from client_class import Client_suds from client_class import Client_suds
import traceback as tb import traceback as tb
import time, logging import time
import os, sys import logging
import threading, urllib2 import os
import sys
import threading
import urllib2
from pid_information import client_list_methods from pid_information import client_list_methods
from cert_func import client_post_auth, client_post_request, client_get_cert,\ from cert_func import (client_post_auth, client_post_request, client_get_cert,
client_post_cert, get_password_from_daemon, clear_password client_post_cert, get_password_from_daemon,
clear_password)
from sid_func import session_clean, client_session_info, client_session_list from sid_func import session_clean, client_session_info, client_session_list
from cert_verify import get_CRL, VerifyError from cert_verify import get_CRL, VerifyError
@ -33,11 +37,13 @@ import M2Crypto, OpenSSL
from calculate.core.datavars import DataVarsCore from calculate.core.datavars import DataVarsCore
from client_class import HTTPSClientCertTransport from client_class import HTTPSClientCertTransport
from methods_func import call_method, get_method_argparser, parse, get_view from methods_func import call_method, get_method_argparser, parse, get_view
from function import MessageReceiver, MessageDispatcher, clear, _print, \ from function import (MessageReceiver, MessageDispatcher, clear, _print,
get_view_params get_view_params)
from calculate.lib.utils.files import makeDirectory, readLinesFile from calculate.lib.utils.files import makeDirectory, readLinesFile
from calculate.lib.cl_lang import setLocalTranslate from calculate.lib.cl_lang import setLocalTranslate
setLocalTranslate('cl_console3',sys.modules[__name__])
_ = lambda x: x
setLocalTranslate('cl_console3', sys.modules[__name__])
def get_message_receiver(client): def get_message_receiver(client):
@ -48,6 +54,7 @@ def get_entire_message_receiver(client, pid):
return MessageReceiver.from_entire(client, pid, return MessageReceiver.from_entire(client, pid,
MessageDispatcher(Methods()), Display()) MessageDispatcher(Methods()), Display())
def client_signal(client): def client_signal(client):
Vars = DataVarsCore() Vars = DataVarsCore()
Vars.importCore() Vars.importCore()
@ -57,7 +64,7 @@ def client_signal(client):
except: except:
client_active = 15 client_active = 15
while True: while True:
if os.path.exists(client.SID_FILE) : if os.path.exists(client.SID_FILE):
fi = open(client.SID_FILE, 'r') fi = open(client.SID_FILE, 'r')
temp = fi.read() temp = fi.read()
fi.close() fi.close()
@ -71,6 +78,7 @@ def client_signal(client):
raise Exception(1) raise Exception(1)
time.sleep(float(client_active)) time.sleep(float(client_active))
class StoppableThread(threading.Thread): class StoppableThread(threading.Thread):
def __init__(self): def __init__(self):
super(StoppableThread, self).__init__() super(StoppableThread, self).__init__()
@ -79,8 +87,7 @@ class StoppableThread(threading.Thread):
self._paused = threading.Event() self._paused = threading.Event()
def run(self): def run(self):
l = ['|','/','-','\\','|','/','-','\\'] l = ['|', '/', '-', '\\', '|', '/', '-', '\\']
i = 0
while True: while True:
for i in l: for i in l:
sys.stdout.write("\r\r" + i) sys.stdout.write("\r\r" + i)
@ -92,7 +99,6 @@ class StoppableThread(threading.Thread):
sys.stdout.write("\b") sys.stdout.write("\b")
sys.stdout.flush() sys.stdout.flush()
return 0 return 0
def pause(self): def pause(self):
self._pause.set() self._pause.set()
@ -113,6 +119,7 @@ class StoppableThread(threading.Thread):
def paused(self): def paused(self):
return self._pause.isSet() return self._pause.isSet()
def connect_with_cert(cert, path_to_cert, url, args, wait_thread, clVarsCore, def connect_with_cert(cert, path_to_cert, url, args, wait_thread, clVarsCore,
crypto_Error, Connect_Error): crypto_Error, Connect_Error):
flag_thread_start = False flag_thread_start = False
@ -121,50 +128,53 @@ def connect_with_cert(cert, path_to_cert, url, args, wait_thread, clVarsCore,
CERT_KEY = os.path.join(path_to_cert, cert_name + '.key') CERT_KEY = os.path.join(path_to_cert, cert_name + '.key')
if not os.path.isfile(CERT_FILE) or not os.path.isfile(CERT_KEY): if not os.path.isfile(CERT_FILE) or not os.path.isfile(CERT_KEY):
Connect_Error = 1 Connect_Error = 1
return (None, 1, crypto_Error, False, None) return None, 1, crypto_Error, False, None
client = None client = None
bio = M2Crypto.BIO.openfile(CERT_KEY) bio = M2Crypto.BIO.openfile(CERT_KEY)
rsa = M2Crypto.m2.rsa_read_key(bio._ptr(),lambda *unused: None) rsa = M2Crypto.m2.rsa_read_key(bio._ptr(), lambda *unused: None)
store_passwd = None
if not rsa: if not rsa:
port = args.port or clVarsCore.Get('core.cl_core_port') port = args.port or clVarsCore.Get('core.cl_core_port')
store_passwd = get_password_from_daemon(args.host, args.port, store_passwd = get_password_from_daemon(args.host, port, wait_thread)
wait_thread) key_passwd = store_passwd
if 'store_passwd' in locals(): er = None
key_passwd = store_passwd
else:
key_passwd = None
try: try:
ca_certs = os.path.join(path_to_cert, 'ca/ca_root.crt') ca_certs = os.path.join(path_to_cert, 'ca/ca_root.crt')
client = Client_suds(url, transport=HTTPSClientCertTransport \ client = Client_suds(
(CERT_KEY, CERT_FILE, path_to_cert, password=key_passwd, url, transport=HTTPSClientCertTransport(
ca_certs = ca_certs, wait_thread = wait_thread)) CERT_KEY, CERT_FILE, path_to_cert, password=key_passwd,
ca_certs=ca_certs, wait_thread=wait_thread))
if not wait_thread.isAlive(): if not wait_thread.isAlive():
wait_thread = StoppableThread() wait_thread = StoppableThread()
flag_thread_start = True flag_thread_start = True
wait_thread.start() wait_thread.start()
client.wsdl.services[0].setlocation(url) client.wsdl.services[0].setlocation(url)
client.set_parameters (path_to_cert, CERT_FILE, CERT_KEY) client.set_parameters(path_to_cert, CERT_FILE, CERT_KEY)
wait_thread.stop() wait_thread.stop()
client_post_cert(client, clVarsCore) client_post_cert(client, clVarsCore)
Connect_Error = 0 Connect_Error = 0
except VerifyError, e: except VerifyError, e:
Connect_Error = 1 Connect_Error = 1
er = e
except OpenSSL.crypto.Error, e: except OpenSSL.crypto.Error, e:
Connect_Error = 1 Connect_Error = 1
crypto_Error = 1 crypto_Error = 1
er = e
except urllib2.URLError, e: except urllib2.URLError, e:
Connect_Error = 1 Connect_Error = 1
except Exception, e: er = e
except Exception as e:
er = e
if e.message == 3: if e.message == 3:
wait_thread.stop() wait_thread.stop()
sys.exit(1) sys.exit(1)
Connect_Error = 1 Connect_Error = 1
if flag_thread_start: if flag_thread_start:
wait_thread.stop() wait_thread.stop()
return (client, Connect_Error, crypto_Error, return (client, Connect_Error, crypto_Error,
True if 'store_passwd' in locals() else False, True if store_passwd is not None else False, er)
e if 'e' in locals() else None)
def get_server_hostname(host, path_to_cert): def get_server_hostname(host, path_to_cert):
compliance_file = os.path.join(path_to_cert, 'compliance_server_names') compliance_file = os.path.join(path_to_cert, 'compliance_server_names')
@ -172,11 +182,12 @@ def get_server_hostname(host, path_to_cert):
fd = open(compliance_file, 'w') fd = open(compliance_file, 'w')
fd.close() fd.close()
for line in readLinesFile(compliance_file): for line in readLinesFile(compliance_file):
adress, server_hostname = line.split(' ',1) adress, server_hostname = line.split(' ', 1)
if adress == host: if adress == host:
return server_hostname return server_hostname
return None return None
def add_server_hostname(host, path_to_cert, server_hostname): def add_server_hostname(host, path_to_cert, server_hostname):
try: try:
compliance_file = os.path.join(path_to_cert, 'compliance_server_names') compliance_file = os.path.join(path_to_cert, 'compliance_server_names')
@ -186,14 +197,14 @@ def add_server_hostname(host, path_to_cert, server_hostname):
temp_file = '' temp_file = ''
find_flag = False find_flag = False
for line in readLinesFile(compliance_file): for line in readLinesFile(compliance_file):
adress, temp_server_hostname = line.split(' ',1) adress, temp_server_hostname = line.split(' ', 1)
if adress == host: if adress == host:
temp_file += "%s %s\n" %(adress, server_hostname) temp_file += "%s %s\n" % (adress, server_hostname)
find_flag = True find_flag = True
else: else:
temp_file += line+'\n' temp_file += line + '\n'
if not find_flag: if not find_flag:
temp_file += "%s %s\n" %(host, server_hostname) temp_file += "%s %s\n" % (host, server_hostname)
fd = open(compliance_file, 'w') fd = open(compliance_file, 'w')
fd.write(temp_file) fd.write(temp_file)
fd.close() fd.close()
@ -202,23 +213,10 @@ def add_server_hostname(host, path_to_cert, server_hostname):
print e print e
return False return False
def https_server(client, args, unknown_args, url, clVarsCore, wait_thread): def https_server(client, args, unknown_args, url, clVarsCore, wait_thread):
client_post_auth(client) client_post_auth(client)
# sym_link = os.path.basename(sys.argv[0])
# if sym_link != 'cl-console':
# wait_thread.stop()
# results = client.service.get_methods(client.sid, 'console')
# find_flag = False
# if hasattr (results, 'stringArray'):
# for _array in results.stringArray:
# if _array.string[0] == sym_link:
# args.method = _array.string[1]
# find_flag = True
# break
# if not find_flag:
# _print (_('Method not found for %s') %sym_link)
if args.stop_consoled: if args.stop_consoled:
wait_thread.stop() wait_thread.stop()
os.system('cl-consoled --stop') os.system('cl-consoled --stop')
@ -242,9 +240,11 @@ def https_server(client, args, unknown_args, url, clVarsCore, wait_thread):
wait_thread.stop() wait_thread.stop()
if args.dump: if args.dump:
from pid_information import client_pid_info from pid_information import client_pid_info
client_pid_info(client) client_pid_info(client)
else: else:
from pid_information import client_list_pid from pid_information import client_list_pid
client_list_pid(client) client_list_pid(client)
return 0 return 0
@ -267,6 +267,7 @@ def https_server(client, args, unknown_args, url, clVarsCore, wait_thread):
if args.pid_kill: if args.pid_kill:
wait_thread.stop() wait_thread.stop()
from pid_information import client_pid_kill from pid_information import client_pid_kill
return client_pid_kill(client, args.pid_kill) return client_pid_kill(client, args.pid_kill)
retCode = 0 retCode = 0
@ -289,7 +290,8 @@ def https_server(client, args, unknown_args, url, clVarsCore, wait_thread):
_unknown_args = method_parser.fixBoolVariables(unknown_args) _unknown_args = method_parser.fixBoolVariables(unknown_args)
_args, _unknown_args = method_parser.parse_known_args(_unknown_args) _args, _unknown_args = method_parser.parse_known_args(
_unknown_args)
if dispatch_usenew == _args.no_questions: if dispatch_usenew == _args.no_questions:
method_parser.print_help() method_parser.print_help()
@ -308,16 +310,16 @@ def https_server(client, args, unknown_args, url, clVarsCore, wait_thread):
client.no_progress = args.no_progress client.no_progress = args.no_progress
try: try:
mr.analysis(method_result) mr.analysis(method_result)
#analysis(client, client.sid, method_result) # analysis(client, client.sid, method_result)
except urllib2.URLError, e: except urllib2.URLError, e:
_print (e) _print(e)
except KeyboardInterrupt: except KeyboardInterrupt:
try: try:
print print
mess = method_result[0][0] mess = method_result[0][0]
pid = int(mess.message) pid = int(mess.message)
result = client.service.pid_kill(pid, client.sid) result = client.service.pid_kill(pid, client.sid)
if result in [0,2]: if result in [0, 2]:
print _('Process terminated') print _('Process terminated')
elif result == -1: elif result == -1:
print _("Certificate not found on the server") print _("Certificate not found on the server")
@ -334,14 +336,15 @@ def https_server(client, args, unknown_args, url, clVarsCore, wait_thread):
pid = int(mess.message) pid = int(mess.message)
except: except:
return 1 return 1
retCode = \ retCode = 1 if int(
1 if int(client.service.pid_info(client.sid,pid)[0][1]) else 0 client.service.pid_info(client.sid, pid)[0][1]) else 0
if not args.keep_result: if not args.keep_result:
client.service.clear_pid_cache(client.sid, pid) client.service.clear_pid_cache(client.sid, pid)
client.service.clear_method_cache(client.sid, args.method) client.service.clear_method_cache(client.sid, args.method)
wait_thread.stop() wait_thread.stop()
return retCode return retCode
def main(wait_thread): def main(wait_thread):
parser = parse() parser = parse()
args, unknown_args = parser.parse_known_args() args, unknown_args = parser.parse_known_args()
@ -361,6 +364,7 @@ def main(wait_thread):
cl_wsdl = ob.Get('cl_wsdl_available') cl_wsdl = ob.Get('cl_wsdl_available')
# создать симлинки на команды # создать симлинки на команды
from calculate.core.server.func import initialization from calculate.core.server.func import initialization
initialization(cl_wsdl) initialization(cl_wsdl)
ob.close() ob.close()
if sym_link in loaded_methods.LoadedMethods.conMethods.keys(): if sym_link in loaded_methods.LoadedMethods.conMethods.keys():
@ -398,7 +402,7 @@ def main(wait_thread):
path_to_cert = args.path_to_cert path_to_cert = args.path_to_cert
if not path_to_cert: if not path_to_cert:
path_to_cert = clVarsCore.Get('core.cl_client_cert_dir') path_to_cert = clVarsCore.Get('core.cl_client_cert_dir')
path_to_cert = path_to_cert.replace("~",homePath) path_to_cert = path_to_cert.replace("~", homePath)
for dirs in ['', 'ca', 'trusted']: for dirs in ['', 'ca', 'trusted']:
dir_path = os.path.join(path_to_cert, dirs) dir_path = os.path.join(path_to_cert, dirs)
@ -407,12 +411,12 @@ def main(wait_thread):
wait_thread.stop() wait_thread.stop()
sys.stdout.write('\r') sys.stdout.write('\r')
sys.stdout.flush() sys.stdout.flush()
print _("Failed to create directory %s") %dir_path print _("Failed to create directory %s") % dir_path
return 1 return 1
if args.update_crl: if args.update_crl:
wait_thread.stop() wait_thread.stop()
getCRL = threading.Thread(target=get_CRL, args = (path_to_cert, )) getCRL = threading.Thread(target=get_CRL, args=(path_to_cert,))
getCRL.start() getCRL.start()
getCRL.join() getCRL.join()
print 'CRL updated' print 'CRL updated'
@ -420,24 +424,26 @@ def main(wait_thread):
if args.by_host: if args.by_host:
wait_thread.stop() wait_thread.stop()
client_post_request (path_to_cert, args) client_post_request(path_to_cert, args)
return 0 return 0
if args.from_host: if args.from_host:
wait_thread.stop() wait_thread.stop()
client_get_cert (path_to_cert, args) client_get_cert(path_to_cert, args)
return 0 return 0
url = "https://%s:%s/?wsdl" %(host, port) url = "https://%s:%s/?wsdl" % (host, port)
clear() clear()
serv_hostname = get_server_hostname(host, path_to_cert) serv_hostname = get_server_hostname(host, path_to_cert)
get_name_flag = False get_name_flag = False
client = None
if serv_hostname: if serv_hostname:
Connect_Error = 1 Connect_Error = 1
crypto_Error = 0 crypto_Error = 0
client, Connect_Error, crypto_Error, passwd_flag, e = \ client, Connect_Error, crypto_Error, passwd_flag, e = \
connect_with_cert (serv_hostname, path_to_cert, url, args, connect_with_cert(serv_hostname, path_to_cert, url, args,
wait_thread, clVarsCore, crypto_Error, Connect_Error) wait_thread, clVarsCore, crypto_Error,
Connect_Error)
if not wait_thread.isAlive(): if not wait_thread.isAlive():
wait_thread = StoppableThread() wait_thread = StoppableThread()
wait_thread.start() wait_thread.start()
@ -457,62 +463,64 @@ def main(wait_thread):
get_name_flag = False get_name_flag = False
if get_name_flag: if get_name_flag:
try: if client:
client.port = port
return_val = 1
try: try:
return_val = https_server(client, args, unknown_args, url, \ client.port = port
clVarsCore, wait_thread) return_val = 1
except urllib2.URLError, e: try:
print _('Error: '), e return_val = https_server(client, args, unknown_args, url,
clVarsCore, wait_thread)
except urllib2.URLError, e:
print _('Error: '), e
except KeyboardInterrupt:
wait_thread.stop()
red = '\n' + '\033[31m * \033[0m'
print red + _("Manually interrupted")
except Exception, e:
wait_thread.stop()
if type(e.message) != int:
if e.message:
print e.message
elif e.args:
print e
return 1
wait_thread.stop()
return return_val
except WebFault, f:
print _("Exception: %s") % f
_print(f.fault)
except TransportError, te:
print _("Exception: %s") % te
except KeyboardInterrupt: except KeyboardInterrupt:
wait_thread.stop() wait_thread.stop()
red = '\n'+'\033[31m * \033[0m' red = '\n' + '\033[31m * \033[0m'
print red + _("Manually interrupted") print red + _("Manually interrupted")
except Exception, e: except Exception, e:
wait_thread.stop() print _("Exception: %s") % e
if type(e.message) != int: tb.print_exc()
if e.message:
print e.message
elif e.args:
print e
# tb.print_exc()
return 1
wait_thread.stop()
return return_val
except WebFault, f:
print _("Exception: %s") %f
_print (f.fault)
except TransportError, te:
print _("Exception: %s") %te
except KeyboardInterrupt:
wait_thread.stop()
red = '\n'+'\033[31m * \033[0m'
print red + _("Manually interrupted")
except Exception, e:
print _("Exception: %s") %e
tb.print_exc()
wait_thread.stop() wait_thread.stop()
server_host_name = ""
try: try:
client = Client_suds(url, \ client = Client_suds(
transport = HTTPSClientCertTransport(None,None, path_to_cert)) url, transport=HTTPSClientCertTransport(None, None, path_to_cert))
client.wsdl.services[0].setlocation(url) client.wsdl.services[0].setlocation(url)
server_host_name = client.service.get_server_host_name() server_host_name = client.service.get_server_host_name()
if not add_server_hostname(host, path_to_cert, server_host_name): if not add_server_hostname(host, path_to_cert, server_host_name):
print 'compliance_file write error!' print 'compliance_file write error!'
del (client) del client
except urllib2.URLError, e: except urllib2.URLError, e:
wait_thread.stop() wait_thread.stop()
print '\b' + _('Failed to connect')+':', e print '\b' + _('Failed to connect') + ':', e
return 1 return 1
except KeyboardInterrupt: except KeyboardInterrupt:
wait_thread.stop() wait_thread.stop()
red = '\n'+'\033[31m * \033[0m' red = '\n' + '\033[31m * \033[0m'
print red + _("Manually interrupted") print red + _("Manually interrupted")
try: try:
import glob import glob
all_cert_list = glob.glob(os.path.join(path_to_cert, '*.crt')) all_cert_list = glob.glob(os.path.join(path_to_cert, '*.crt'))
fit_cert_list = [] fit_cert_list = []
for client_cert_path in all_cert_list: for client_cert_path in all_cert_list:
@ -520,16 +528,18 @@ def main(wait_thread):
client_cert_name = client_cert.replace('.crt', '') client_cert_name = client_cert.replace('.crt', '')
if server_host_name.endswith(client_cert_name): if server_host_name.endswith(client_cert_name):
fit_cert_list.append(client_cert_name) fit_cert_list.append(client_cert_name)
fit_cert_list.sort(key = len) fit_cert_list.sort(key=len)
Connect_Error = 1 Connect_Error = 1
crypto_Error = 0 crypto_Error = 0
e = None e = None
passwd_flag = False
for i in range (0, len(fit_cert_list)): for i in range(0, len(fit_cert_list)):
cert_name = fit_cert_list.pop() cert_name = fit_cert_list.pop()
client, Connect_Error, crypto_Error, passwd_flag, e = \ client, Connect_Error, crypto_Error, passwd_flag, e = \
connect_with_cert (cert_name, path_to_cert, url, args, connect_with_cert(cert_name, path_to_cert, url, args,
wait_thread, clVarsCore, crypto_Error, Connect_Error) wait_thread, clVarsCore, crypto_Error,
Connect_Error)
if not wait_thread.isAlive(): if not wait_thread.isAlive():
wait_thread = StoppableThread() wait_thread = StoppableThread()
wait_thread.start() wait_thread.start()
@ -537,7 +547,7 @@ def main(wait_thread):
if Connect_Error == 0: if Connect_Error == 0:
break break
#If the certificate file misses # If the certificate file misses
if Connect_Error: if Connect_Error:
if crypto_Error and passwd_flag: if crypto_Error and passwd_flag:
wait_thread.stop() wait_thread.stop()
@ -555,21 +565,22 @@ def main(wait_thread):
CERT_FILE = None CERT_FILE = None
CERT_KEY = None CERT_KEY = None
client = Client_suds(url, transport = HTTPSClientCertTransport \ client = Client_suds(
(CERT_KEY, CERT_FILE, path_to_cert)) url, transport=HTTPSClientCertTransport(CERT_KEY, CERT_FILE,
path_to_cert))
client.wsdl.services[0].setlocation(url) client.wsdl.services[0].setlocation(url)
client.set_parameters (path_to_cert, CERT_FILE, CERT_KEY) client.set_parameters(path_to_cert, CERT_FILE, CERT_KEY)
client.port = port client.port = port
return_val = 1 return_val = 1
try: try:
return_val = https_server(client, args, unknown_args, url, \ return_val = https_server(client, args, unknown_args, url,
clVarsCore, wait_thread) clVarsCore, wait_thread)
except urllib2.URLError, e: except urllib2.URLError, e:
print _('Error: '), e print _('Error: '), e
except KeyboardInterrupt: except KeyboardInterrupt:
wait_thread.stop() wait_thread.stop()
red = '\n'+'\033[31m * \033[0m' red = '\n' + '\033[31m * \033[0m'
print red + _("Manually interrupted") print red + _("Manually interrupted")
except Exception, e: except Exception, e:
wait_thread.stop() wait_thread.stop()
@ -578,21 +589,21 @@ def main(wait_thread):
print e.message print e.message
elif e.args: elif e.args:
print e print e
# tb.print_exc() # tb.print_exc()
return 1 return 1
wait_thread.stop() wait_thread.stop()
return return_val return return_val
#---------------------------------------------------- # ----------------------------------------------------
except WebFault, f: except WebFault, f:
print _("Exception: %s") %f print _("Exception: %s") % f
_print (f.fault) _print(f.fault)
except TransportError, te: except TransportError, te:
print _("Exception: %s") %te print _("Exception: %s") % te
except KeyboardInterrupt: except KeyboardInterrupt:
wait_thread.stop() wait_thread.stop()
red = '\n'+'\033[31m * \033[0m' red = '\n' + '\033[31m * \033[0m'
print red + _("Manually interrupted") print red + _("Manually interrupted")
except Exception, e: except Exception, e:
print _("Exception: %s") %e print _("Exception: %s") % e
tb.print_exc() tb.print_exc()
wait_thread.stop() wait_thread.stop()

229
pym/console/application/client_class.py
Unescape View File

@ -1,4 +1,4 @@
#-*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org # Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org
# #
@ -15,41 +15,51 @@
# limitations under the License. # limitations under the License.
import urllib2 as u2 import urllib2 as u2
if hasattr(u2,"ssl"):
if hasattr(u2, "ssl"):
u2.ssl._create_default_https_context = u2.ssl._create_unverified_context u2.ssl._create_default_https_context = u2.ssl._create_unverified_context
import os, sys import os
import socket, ssl import sys
import OpenSSL, hashlib, M2Crypto import socket
import ssl
import OpenSSL
import hashlib
import M2Crypto
from calculate.core.datavars import DataVarsCore from calculate.core.datavars import DataVarsCore
from calculate.lib.datavars import DataVars from calculate.lib.datavars import DataVars
from sudsds.client import Client from sudsds.client import Client
from cert_verify import verify, get_CRL from cert_verify import verify, get_CRL
from sudsds.transport.http import HttpTransport, SUDSHTTPRedirectHandler, \ from sudsds.transport.http import (HttpTransport, SUDSHTTPRedirectHandler,
CheckingHTTPSConnection, CheckingHTTPSHandler, \ CheckingHTTPSConnection,
PYOPENSSL_AVAILABLE, PyOpenSSLSocket CheckingHTTPSHandler,
PYOPENSSL_AVAILABLE, PyOpenSSLSocket)
from sudsds.transport import Transport from sudsds.transport import Transport
from sudsds.properties import Unskin from sudsds.properties import Unskin
from cookielib import CookieJar, DefaultCookiePolicy from cookielib import CookieJar, DefaultCookiePolicy
from logging import getLogger from logging import getLogger
from calculate.console.datavars import DataVarsConsole from calculate.console.datavars import DataVarsConsole
from calculate.lib.cl_lang import setLocalTranslate from calculate.lib.cl_lang import setLocalTranslate
setLocalTranslate('cl_console3',sys.modules[__name__])
_ = lambda x: x
setLocalTranslate('cl_console3', sys.modules[__name__])
log = getLogger(__name__) log = getLogger(__name__)
flag = 0 flag = 0
class Client_suds(Client): class Client_suds(Client):
def set_parameters (self, path_to_cert, CERT_FILE, PKEY_FILE): def set_parameters(self, path_to_cert, CERT_FILE, PKEY_FILE):
self.path_to_cert = path_to_cert self.path_to_cert = path_to_cert
if not CERT_FILE: if not CERT_FILE:
CERT_FILE = '' CERT_FILE = ''
self.CERT_FILE = CERT_FILE self.CERT_FILE = CERT_FILE
self.REQ_FILE = path_to_cert + 'client.csr' self.REQ_FILE = path_to_cert + 'client.csr'
self.PKEY_FILE = PKEY_FILE self.PKEY_FILE = PKEY_FILE
self.SID_FILE = path_to_cert + 'sid.int' self.SID_FILE = path_to_cert + 'sid.int'
self.CRL_PATH = path_to_cert + 'ca/crl/' self.CRL_PATH = path_to_cert + 'ca/crl/'
if not os.path.exists(self.CRL_PATH): if not os.path.exists(self.CRL_PATH):
os.makedirs(self.CRL_PATH) os.makedirs(self.CRL_PATH)
class CheckingClientHTTPSConnection(CheckingHTTPSConnection): class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
"""based on httplib.HTTPSConnection code - extended to support """based on httplib.HTTPSConnection code - extended to support
server certificate verification and client certificate authorization""" server certificate verification and client certificate authorization"""
@ -63,14 +73,14 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
""" """
CheckingHTTPSConnection.__init__(self, host, ca_certs, cert_verifier, CheckingHTTPSConnection.__init__(self, host, ca_certs, cert_verifier,
keyobj, certobj, **kw) keyobj, certobj, **kw)
# self.ClientObj = ClientObj # self.ClientObj = ClientObj
self.cert_path = cert_path self.cert_path = cert_path
self.ca_certs = ca_certs self.ca_certs = ca_certs
self.CRL_PATH = os.path.join(cert_path, 'ca/crl/') self.CRL_PATH = os.path.join(cert_path, 'ca/crl/')
self.wait_thread = wait_thread self.wait_thread = wait_thread
# get filename store cert server # get filename store cert server
def cert_list (self, host, ca_certs, server_cert): def cert_list(self, host, ca_certs, server_cert):
if host == '127.0.0.1': if host == '127.0.0.1':
host = 'localhost' host = 'localhost'
if not os.path.exists(self.trusted_path): if not os.path.exists(self.trusted_path):
@ -79,7 +89,7 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
except OSError: except OSError:
pass pass
if not os.path.exists(ca_certs): if not os.path.exists(ca_certs):
fc = open(ca_certs,"w") fc = open(ca_certs, "w")
fc.close() fc.close()
filename = None filename = None
try: try:
@ -107,13 +117,13 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
except: except:
print _("Failed to open the file"), self.trusted_path, filename print _("Failed to open the file"), self.trusted_path, filename
return None return None
def add_all_ca_cert(self, list_ca_certs): def add_all_ca_cert(self, list_ca_certs):
# so root cert be first, ca after # so root cert be first, ca after
clVarsCore = DataVarsCore() clVarsCore = DataVarsCore()
clVarsCore.importCore() clVarsCore.importCore()
clVarsCore.flIniFile() clVarsCore.flIniFile()
list_ca_certs.reverse() list_ca_certs.reverse()
system_ca_db = clVarsCore.Get('core.cl_glob_root_cert') system_ca_db = clVarsCore.Get('core.cl_glob_root_cert')
@ -121,11 +131,11 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
clVars.flIniFile() clVars.flIniFile()
homePath = clVars.Get('ur_home_path') homePath = clVars.Get('ur_home_path')
cl_client_cert_dir = clVarsCore.Get('core.cl_client_cert_dir') cl_client_cert_dir = clVarsCore.Get('core.cl_client_cert_dir')
cl_client_cert_dir = cl_client_cert_dir.replace("~",homePath) cl_client_cert_dir = cl_client_cert_dir.replace("~", homePath)
root_cert_md5 = os.path.join(cl_client_cert_dir, "ca/cert_list") root_cert_md5 = os.path.join(cl_client_cert_dir, "ca/cert_list")
user_root_cert = clVarsCore.Get('core.cl_user_root_cert') user_root_cert = clVarsCore.Get('core.cl_user_root_cert')
user_root_cert = user_root_cert.replace("~",homePath) user_root_cert = user_root_cert.replace("~", homePath)
for cert in list_ca_certs: for cert in list_ca_certs:
if os.path.exists(system_ca_db): if os.path.exists(system_ca_db):
@ -141,40 +151,41 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
md5sum = md5.hexdigest() md5sum = md5.hexdigest()
print "\n=================================================" print "\n================================================="
print "md5sum = ", md5sum print "md5sum = ", md5sum
if not os.path.exists(root_cert_md5): if not os.path.exists(root_cert_md5):
fc = open(root_cert_md5,"w") fc = open(root_cert_md5, "w")
fc.close() fc.close()
filename = None filename = None
with open(root_cert_md5) as fd: with open(root_cert_md5) as fd:
t = fd.read() t = fd.read()
# for each line # for each line
for line in t.splitlines(): for line in t.splitlines():
# Split string into a words list # Split string into a words list
words = line.split(' ',1) words = line.split(' ', 1)
if words[0] == md5sum: if words[0] == md5sum:
filename = words[1] filename = words[1]
if not filename: if not filename:
certobj = OpenSSL.crypto.load_certificate \ certobj = OpenSSL.crypto.load_certificate(
(OpenSSL.SSL.FILETYPE_PEM, cert) OpenSSL.SSL.FILETYPE_PEM, cert)
Issuer = certobj.get_issuer().get_components() Issuer = certobj.get_issuer().get_components()
for item in Issuer: for item in Issuer:
if item[0] == 'CN': if item[0] == 'CN':
filename = item[1] filename = item[1]
fc = open(root_cert_md5,"a") fc = open(root_cert_md5, "a")
fc.write('%s %s\n' %(md5sum, filename)) fc.write('%s %s\n' % (md5sum, filename))
fc.close() fc.close()
if not filename: if not filename:
print _('Field "CN" not found in the certificate!') print _('Field "CN" not found in the certificate!')
return 1 return 1
fd = open(os.path.join(cl_client_cert_dir,'ca/',filename),'w') fd = open(os.path.join(cl_client_cert_dir, 'ca/', filename),
'w')
fd.write(cert) fd.write(cert)
fd.close() fd.close()
fa = open(user_root_cert, 'a') fa = open(user_root_cert, 'a')
fa.write(cert) fa.write(cert)
fa.close() fa.close()
@ -185,9 +196,9 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
get_CRL(cl_client_cert_dir) get_CRL(cl_client_cert_dir)
def add_ca_cert(self, cert, list_ca_certs): def add_ca_cert(self, cert, list_ca_certs):
url = 'https://%s:%s/?wsdl' %(self.host, self.port) url = 'https://%s:%s/?wsdl' % (self.host, self.port)
client = Client_suds(url, transport = HTTPSClientCertTransport \ client = Client_suds(
(None, None, self.cert_path)) url, transport=HTTPSClientCertTransport(None, None, self.cert_path))
client.wsdl.services[0].setlocation(url) client.wsdl.services[0].setlocation(url)
cert = client.service.get_ca() cert = client.service.get_ca()
if cert == '1': if cert == '1':
@ -197,10 +208,10 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
if cert == '2': if cert == '2':
print _("CA certificate not found on the server") print _("CA certificate not found on the server")
raise Exception(1) raise Exception(1)
try: try:
certobj = OpenSSL.crypto.load_certificate \ certobj = OpenSSL.crypto.load_certificate(
(OpenSSL.SSL.FILETYPE_PEM, cert) OpenSSL.SSL.FILETYPE_PEM, cert)
except: except:
print _("Error. Certificate not added to trusted") print _("Error. Certificate not added to trusted")
raise Exception(1) raise Exception(1)
@ -209,13 +220,13 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
Issuer = certobj.get_issuer().get_components() Issuer = certobj.get_issuer().get_components()
print '\n', _("Issuer") print '\n', _("Issuer")
for i in Issuer: for i in Issuer:
print "%s : %s" %(i[0], i[1]) print "%s : %s" % (i[0], i[1])
Subject = certobj.get_subject().get_components() Subject = certobj.get_subject().get_components()
print '\n', _("Subject") print '\n', _("Subject")
for subj in Subject: for subj in Subject:
print "%s : %s" %(subj[0], subj[1]) print "%s : %s" % (subj[0], subj[1])
ans = raw_input (_("Add the CA certificate to trusted? y/[n]:")) ans = raw_input(_("Add the CA certificate to trusted? y/[n]:"))
if ans.lower() in ['y','yes']: if ans.lower() in ['y', 'yes']:
list_ca_certs.append(cert) list_ca_certs.append(cert)
self.add_all_ca_cert(list_ca_certs) self.add_all_ca_cert(list_ca_certs)
else: else:
@ -225,35 +236,36 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
def add_server_cert(self, cert): def add_server_cert(self, cert):
self.wait_thread.stop() self.wait_thread.stop()
print _("Untrusted server certificate!") print _("Untrusted server certificate!")
certobj = OpenSSL.crypto.load_certificate \ certobj = OpenSSL.crypto.load_certificate(
(OpenSSL.SSL.FILETYPE_PEM, cert) OpenSSL.SSL.FILETYPE_PEM, cert)
print '\n' + _("Fingerprint = %s") % certobj.digest('SHA1') print '\n' + _("Fingerprint = %s") % certobj.digest('SHA1')
print _("Serial Number = "), certobj.get_serial_number() print _("Serial Number = "), certobj.get_serial_number()
Issuer = certobj.get_issuer().get_components() Issuer = certobj.get_issuer().get_components()
print '\n' + _("Issuer") print '\n' + _("Issuer")
for i in Issuer: for i in Issuer:
print "%s : %s" %(i[0], i[1]) print "%s : %s" % (i[0], i[1])
Subject = certobj.get_subject().get_components() Subject = certobj.get_subject().get_components()
print '\n' + _("Subject") print '\n' + _("Subject")
for item in Subject: for item in Subject:
print "%s : %s" %(item[0], item[1]) print "%s : %s" % (item[0], item[1])
print '\n' + _('Add this server certificate to trusted (s) or') print '\n' + _('Add this server certificate to trusted (s) or')
print _('Try to add the CA and root certificates to trusted (c) or') print _('Try to add the CA and root certificates to trusted (c) or')
choice = raw_input (_("Quit (q)? s/c/[q]: ")) choice = raw_input(_("Quit (q)? s/c/[q]: "))
if choice.lower() in ['s', 'c']: if choice.lower() in ['s', 'c']:
#self.sock = ssl.wrap_socket(sock) # self.sock = ssl.wrap_socket(sock)
ca_certs = os.path.join(self.trusted_path, "cert.list") ca_certs = os.path.join(self.trusted_path, "cert.list")
if not os.path.exists(ca_certs): if not os.path.exists(ca_certs):
fc = open(ca_certs,"w") fc = open(ca_certs, "w")
fc.close() fc.close()
if self.host == '127.0.0.1': if self.host == '127.0.0.1':
host = 'localhost' host = 'localhost'
else: host = self.host else:
host = self.host
filename = host filename = host
fc = open(self.trusted_path + filename,"w") fc = open(self.trusted_path + filename, "w")
fc.write(cert) fc.write(cert)
fc.close() fc.close()
with open(ca_certs) as fd: with open(ca_certs) as fd:
@ -267,7 +279,7 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
if words[0] == host: if words[0] == host:
return 0 return 0
# Open file with compliance server certificates and server hostname # Open file with compliance server certificates and server hostname
fcl = open(ca_certs,"a") fcl = open(ca_certs, "a")
fcl.write(host + ' ' + filename + '\n') fcl.write(host + ' ' + filename + '\n')
fcl.close() fcl.close()
if choice.lower() != 'c': if choice.lower() != 'c':
@ -278,26 +290,26 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
clVars.flIniFile() clVars.flIniFile()
cl_client_cert_dir = clVars.Get('core.cl_client_cert_dir') cl_client_cert_dir = clVars.Get('core.cl_client_cert_dir')
homePath = clVars.Get('ur_home_path') homePath = clVars.Get('ur_home_path')
cl_client_cert_dir = cl_client_cert_dir.replace("~",homePath) cl_client_cert_dir = cl_client_cert_dir.replace("~", homePath)
root_cert_dir = os.path.join(cl_client_cert_dir, "ca") root_cert_dir = os.path.join(cl_client_cert_dir, "ca")
if not os.path.exists(root_cert_dir): if not os.path.exists(root_cert_dir):
try: try:
os.makedirs(root_cert_dir) os.makedirs(root_cert_dir)
except OSError: except OSError:
print _("Failed to create directory %s") %root_cert_dir print _("Failed to create directory %s") % root_cert_dir
raise Exception(1) raise Exception(1)
print '\n' + _("Add the CA and root certificates") print '\n' + _("Add the CA and root certificates")
self.list_ca_certs = [] self.list_ca_certs = []
self.add_ca_cert(cert, self.list_ca_certs) self.add_ca_cert(cert, self.list_ca_certs)
return 3 return 3
elif not choice.lower() in ['c','s']: elif not choice.lower() in ['c', 's']:
return 4 return 4
def connect_trusted_root(self, sock, root_cert, crl_certs): def connect_trusted_root(self, sock, root_cert, crl_certs):
self.ca_path = self.cert_path + "ca/" self.ca_path = self.cert_path + "ca/"
server_cert = ssl.get_server_certificate(addr = (self.host, self.port)) server_cert = ssl.get_server_certificate(addr=(self.host, self.port))
global flag global flag
if self.cert_file: if self.cert_file:
@ -308,6 +320,7 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
raise Exception(1) raise Exception(1)
else: else:
import time import time
time.sleep(0.1) time.sleep(0.1)
try: try:
@ -333,7 +346,7 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
def connect_trusted_server(self, sock, crl_certs): def connect_trusted_server(self, sock, crl_certs):
self.trusted_path = self.cert_path + "trusted/" self.trusted_path = self.cert_path + "trusted/"
ca_cert_list = self.trusted_path + "cert.list" ca_cert_list = self.trusted_path + "cert.list"
server_cert = ssl.get_server_certificate(addr = (self.host, self.port)) server_cert = ssl.get_server_certificate(addr=(self.host, self.port))
global flag global flag
if self.cert_file: if self.cert_file:
f = verify(server_cert, crl_certs, flag) f = verify(server_cert, crl_certs, flag)
@ -341,10 +354,10 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
flag = 1 flag = 1
elif f == 1: elif f == 1:
raise Exception(1) raise Exception(1)
#if not hasattr(HTTPSClientCertTransport, 'filename') or \ # if not hasattr(HTTPSClientCertTransport, 'filename') or \
#HTTPSClientCertTransport.filename == None: # HTTPSClientCertTransport.filename == None:
HTTPSClientCertTransport.filename = self.cert_list \ HTTPSClientCertTransport.filename = self.cert_list(
(self.host, ca_cert_list, server_cert) self.host, ca_cert_list, server_cert)
if HTTPSClientCertTransport.filename: if HTTPSClientCertTransport.filename:
try: try:
if self.FORCE_SSL_VERSION: if self.FORCE_SSL_VERSION:
@ -365,7 +378,6 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
return 0 return 0
except Exception: except Exception:
# print (e)
HTTPSClientCertTransport.filename = None HTTPSClientCertTransport.filename = None
return 1 return 1
else: else:
@ -382,47 +394,51 @@ class CheckingClientHTTPSConnection(CheckingHTTPSConnection):
self.Vars.flIniFile() self.Vars.flIniFile()
user_root_cert = self.Vars.Get('core.cl_user_root_cert') user_root_cert = self.Vars.Get('core.cl_user_root_cert')
homePath = self.Vars.Get('ur_home_path') homePath = self.Vars.Get('ur_home_path')
user_root_cert = user_root_cert.replace("~",homePath) user_root_cert = user_root_cert.replace("~", homePath)
result_user_root = 1 result_user_root = 1
while True: while True:
if os.path.exists(user_root_cert): if os.path.exists(user_root_cert):
result_user_root = self.connect_trusted_root(sock, \ result_user_root = self.connect_trusted_root(sock,
user_root_cert, self.CRL_PATH) user_root_cert,
self.CRL_PATH)
if result_user_root == 1: if result_user_root == 1:
glob_root_cert = self.Vars.Get('core.cl_glob_root_cert') glob_root_cert = self.Vars.Get('core.cl_glob_root_cert')
result_root_con = 1 result_root_con = 1
if os.path.exists(glob_root_cert): if os.path.exists(glob_root_cert):
sock = socket.create_connection((self.host, self.port), sock = socket.create_connection((self.host, self.port),
self.timeout, self.source_address) self.timeout,
self.source_address)
if self._tunnel_host: if self._tunnel_host:
self.sock = sock self.sock = sock
self._tunnel() self._tunnel()
result_root_con = self.connect_trusted_root(sock, \ result_root_con = self.connect_trusted_root(sock,
glob_root_cert, self.CRL_PATH) glob_root_cert,
self.CRL_PATH)
if result_root_con == 1: if result_root_con == 1:
sock = socket.create_connection((self.host, self.port), sock = socket.create_connection((self.host, self.port),
self.timeout, self.source_address) self.timeout,
self.source_address)
if self._tunnel_host: if self._tunnel_host:
self.sock = sock self.sock = sock
self._tunnel() self._tunnel()
result_server_con = self.connect_trusted_server \ result_server_con = self.connect_trusted_server(
(sock, self.CRL_PATH) sock, self.CRL_PATH)
if result_server_con in [1,2]: if result_server_con in [1, 2]:
raise Exception (1) raise Exception(1)
elif result_server_con == 3: elif result_server_con == 3:
continue continue
elif result_server_con == 4: elif result_server_con == 4:
print _('This server is not trusted') print _('This server is not trusted')
self.wait_thread.stop() self.wait_thread.stop()
sys.exit(1) sys.exit(1)
# raise Exception (_('This server is not trusted'))
elif result_root_con == 2: elif result_root_con == 2:
raise Exception (1) raise Exception(1)
elif result_user_root == 2: elif result_user_root == 2:
raise Exception (1) raise Exception(1)
break break
class CheckingClientHTTPSHandler(CheckingHTTPSHandler): class CheckingClientHTTPSHandler(CheckingHTTPSHandler):
def __init__(self, cert_path, ca_certs=None, cert_verifier=None, def __init__(self, cert_path, ca_certs=None, cert_verifier=None,
client_certfile=None, client_keyfile=None, client_certfile=None, client_keyfile=None,
@ -431,9 +447,9 @@ class CheckingClientHTTPSHandler(CheckingHTTPSHandler):
"""cert_verifier is a function returning either True or False """cert_verifier is a function returning either True or False
based on whether the certificate was found to be OK""" based on whether the certificate was found to be OK"""
CheckingHTTPSHandler.__init__(self, ca_certs, cert_verifier, CheckingHTTPSHandler.__init__(self, ca_certs, cert_verifier,
client_keyfile, client_certfile, client_keyfile, client_certfile,
client_keyobj, client_certobj) client_keyobj, client_certobj)
# self.ClientObj = ClientObj # self.ClientObj = ClientObj
self.cert_path = cert_path self.cert_path = cert_path
self.wait_thread = wait_thread self.wait_thread = wait_thread
@ -448,58 +464,63 @@ class CheckingClientHTTPSHandler(CheckingHTTPSHandler):
new_kw.update(kw) new_kw.update(kw)
return CheckingClientHTTPSConnection(self.cert_path, return CheckingClientHTTPSConnection(self.cert_path,
*args, **new_kw) *args, **new_kw)
return self.do_open(open, req) return self.do_open(open, req)
https_request = u2.AbstractHTTPHandler.do_request_ https_request = u2.AbstractHTTPHandler.do_request_
class HTTPSClientCertTransport(HttpTransport): class HTTPSClientCertTransport(HttpTransport):
def __init__(self, key, cert, path_to_cert, password = None, def __init__(self, key, cert, path_to_cert, password=None,
ca_certs=None, cert_verifier=None, ca_certs=None, cert_verifier=None,
client_keyfile=None, client_certfile=None, client_keyfile=None, client_certfile=None,
client_keyobj=None, client_certobj=None, client_keyobj=None, client_certobj=None,
cookie_callback=None, user_agent_string=None, cookie_callback=None, user_agent_string=None,
wait_thread=None, **kwargs): wait_thread=None, **kwargs):
Transport.__init__(self) Transport.__init__(self)
# self.ClientObj = parent # self.ClientObj = parent
self.key = key self.key = key
self.cert = cert self.cert = cert
self.cert_path = path_to_cert self.cert_path = path_to_cert
if key: if key:
client_certobj = OpenSSL.crypto.load_certificate \ client_certobj = OpenSSL.crypto.load_certificate(
(OpenSSL.SSL.FILETYPE_PEM, file(cert).read()) OpenSSL.SSL.FILETYPE_PEM, file(cert).read())
if password: if password:
client_keyobj = OpenSSL.crypto.load_privatekey \ client_keyobj = OpenSSL.crypto.load_privatekey(
(OpenSSL.SSL.FILETYPE_PEM, file(key).read(), OpenSSL.SSL.FILETYPE_PEM, file(key).read(), str(password))
str(password))
else: else:
bio = M2Crypto.BIO.openfile(key) bio = M2Crypto.BIO.openfile(key)
rsa = M2Crypto.m2.rsa_read_key(bio._ptr(),lambda *unused:None) rsa = M2Crypto.m2.rsa_read_key(bio._ptr(), lambda *unused: None)
if not rsa: if not rsa:
raise OpenSSL.crypto.Error raise OpenSSL.crypto.Error
client_keyobj = OpenSSL.crypto.load_privatekey \ client_keyobj = OpenSSL.crypto.load_privatekey(
(OpenSSL.SSL.FILETYPE_PEM, file(key).read()) OpenSSL.SSL.FILETYPE_PEM, file(key).read())
Unskin(self.options).update(kwargs) Unskin(self.options).update(kwargs)
self.cookiejar = CookieJar(DefaultCookiePolicy()) self.cookiejar = CookieJar(DefaultCookiePolicy())
self.cookie_callback = cookie_callback self.cookie_callback = cookie_callback
self.user_agent_string = user_agent_string self.user_agent_string = user_agent_string
log.debug("Proxy: %s", self.options.proxy) log.debug("Proxy: %s", self.options.proxy)
from dslib.network import ProxyManager from dslib.network import ProxyManager
proxy_handler = ProxyManager.HTTPS_PROXY.create_proxy_handler() proxy_handler = ProxyManager.HTTPS_PROXY.create_proxy_handler()
proxy_auth_handler = \ proxy_auth_handler = \
ProxyManager.HTTPS_PROXY.create_proxy_auth_handler() ProxyManager.HTTPS_PROXY.create_proxy_auth_handler()
if ca_certs or (client_keyfile and client_certfile) \ if (ca_certs or (client_keyfile and client_certfile)
or (client_keyobj and client_certobj): or (client_keyobj and client_certobj)):
https_handler = CheckingClientHTTPSHandler(cert_path=path_to_cert, https_handler = CheckingClientHTTPSHandler(
ca_certs=ca_certs, cert_verifier=cert_verifier, cert_path=path_to_cert,
client_keyfile=client_keyfile, client_certfile = \ ca_certs=ca_certs,
client_certfile, client_keyobj=client_keyobj, cert_verifier=cert_verifier,
client_certobj=client_certobj, client_keyfile=client_keyfile,
wait_thread=wait_thread) client_certfile=client_certfile,
client_keyobj=client_keyobj,
client_certobj=client_certobj,
wait_thread=wait_thread)
else: else:
https_handler = u2.HTTPSHandler() https_handler = u2.HTTPSHandler()
self.urlopener = u2.build_opener(SUDSHTTPRedirectHandler(), self.urlopener = u2.build_opener(SUDSHTTPRedirectHandler(),
u2.HTTPCookieProcessor(self.cookiejar), u2.HTTPCookieProcessor(self.cookiejar),
https_handler) https_handler)
if proxy_handler: if proxy_handler:
self.urlopener.add_handler(proxy_handler) self.urlopener.add_handler(proxy_handler)
if proxy_auth_handler: if proxy_auth_handler:

60
pym/console/application/create_cert.py
Unescape View File

@ -1,4 +1,4 @@
#-*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org # Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org
# #
@ -19,22 +19,28 @@ import socket
from M2Crypto import RSA, X509, EVP, m2 from M2Crypto import RSA, X509, EVP, m2
from calculate.lib.datavars import DataVars from calculate.lib.datavars import DataVars
from calculate.lib.cl_lang import setLocalTranslate from calculate.lib.cl_lang import setLocalTranslate
setLocalTranslate('cl_console3',sys.modules[__name__])
_ = lambda x: x
setLocalTranslate('cl_console3', sys.modules[__name__])
def passphrase_callback(v): def passphrase_callback(v):
if type(v) == int or not v: if type(v) == int or not v:
return None return None
return str(v) return str(v)
def generateRSAKey(): def generateRSAKey():
return RSA.gen_key(2048, m2.RSA_F4) return RSA.gen_key(2048, m2.RSA_F4)
def makePKey(key): def makePKey(key):
pkey = EVP.PKey() pkey = EVP.PKey()
pkey.assign_rsa(key) pkey.assign_rsa(key)
return pkey return pkey
def makeRequest(pubkey, pkey, serv_host, auto = False):
def makeRequest(pubkey, pkey, serv_host, auto=False):
""" create query to the signing on server """ """ create query to the signing on server """
req = X509.Request() req = X509.Request()
# Seems to default to 0, but we can now set it as well, so just API test # Seems to default to 0, but we can now set it as well, so just API test
@ -44,11 +50,11 @@ def makeRequest(pubkey, pkey, serv_host, auto = False):
if auto: if auto:
c = 'n' c = 'n'
else: else:
c = raw_input (_("Enter the certificate data manually? y/[n]: ")) c = raw_input(_("Enter the certificate data manually? y/[n]: "))
# Get HostName # Get HostName
host_name = socket.getfqdn() host_name = socket.getfqdn()
list_host_name = host_name.split('.') list_host_name = host_name.split('.')
result_host_name = list_host_name[0]+"@"+serv_host result_host_name = list_host_name[0] + "@" + serv_host
# Get username # Get username
clVars = DataVars() clVars = DataVars()
clVars.flIniFile() clVars.flIniFile()
@ -56,36 +62,36 @@ def makeRequest(pubkey, pkey, serv_host, auto = False):
# Get language # Get language
lang = clVars.Get('os_locale_locale')[:2] lang = clVars.Get('os_locale_locale')[:2]
if c.lower() in ['y', 'yes']: if c.lower() in ['y', 'yes']:
#if serv_host in host_name: # if serv_host in host_name:
#host_name = host_name.replace('.'+serv_host, '') # host_name = host_name.replace('.'+serv_host, '')
#list_host_name = host_name.split('.') # list_host_name = host_name.split('.')
#result_host_name = \ # result_host_name = \
#list_host_name[len(list_host_name)-1]+"@"+serv_host # list_host_name[len(list_host_name)-1]+"@"+serv_host
#else: # else:
#host_name = socket.getfqdn() # host_name = socket.getfqdn()
name.CN = raw_input (_('Host Name [%s]: ') %result_host_name) name.CN = raw_input(_('Host Name [%s]: ') % result_host_name)
if name.CN in ['', None]: if name.CN in ['', None]:
name.CN = result_host_name name.CN = result_host_name
name.OU = raw_input (_('User Name [%s]: ') %username) name.OU = raw_input(_('User Name [%s]: ') % username)
if name.OU in ['', None]: if name.OU in ['', None]:
name.OU = username name.OU = username
name.O = raw_input (_('Organization Name: ')) name.O = raw_input(_('Organization Name: '))
name.L = raw_input (_('Network address (hostname or IP) [%s]: ')\ name.L = raw_input(_('Network address (hostname or IP) [%s]: ')
%host_name) % host_name)
name.ST = raw_input (_('City: ')) name.ST = raw_input(_('City: '))
name.C = raw_input (_('Country (2 characters): [%s]') %lang) name.C = raw_input(_('Country (2 characters): [%s]') % lang)
if not name.C: if not name.C:
name.C = lang name.C = lang
else: else:
name.CN = result_host_name # Имя сертификата (Common Name); name.CN = result_host_name # Имя сертификата (Common Name);
name.OU = username # Название отдела (Organization Unit); name.OU = username # Название отдела (Organization Unit);
name.O = 'My Company'# Название организации (Organization Name); name.O = 'My Company' # Название организации (Organization Name);
name.L = host_name # Название города (Locality Name); name.L = host_name # Название города (Locality Name);
name.ST = 'My State'# Название региона (State Name); name.ST = 'My State' # Название региона (State Name);
name.C = lang # Двухсимвольный код страны (Country); name.C = lang # Двухсимвольный код страны (Country);
req.set_subject_name(name) req.set_subject_name(name)
ext1 = X509.new_extension('Comment', 'Auto Generated') ext1 = X509.new_extension('Comment', 'Auto Generated')
extstack = X509.X509_Extension_Stack() extstack = X509.X509_Extension_Stack()
extstack.push(ext1) extstack.push(ext1)

57
pym/console/application/function.py
Unescape View File

@ -1,4 +1,4 @@
#-*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org # Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org
# #
@ -30,28 +30,32 @@ from sudsds import MethodNotFound
from calculate.console.application.sid_func import get_sid from calculate.console.application.sid_func import get_sid
_ = lambda x: x
setLocalTranslate('cl_console3', sys.modules[__name__]) setLocalTranslate('cl_console3', sys.modules[__name__])
def _print(*args): def _print(*args):
print " ".join(map(lambda x: unicode(x).encode('utf-8'), args)) print " ".join(map(lambda x: unicode(x).encode('utf-8'), args))
# get list of certificate and session id # get list of certificate and session id
def clear (): def clear():
""" delete caching suds file """ """ delete caching suds file """
try: try:
import glob import glob
for filename in glob.glob("/tmp/suds/suds-*"): for filename in glob.glob("/tmp/suds/suds-*"):
#print "delete", filename # print "delete", filename
try: try:
os.unlink (filename) os.unlink(filename)
except OSError as e: except OSError as e:
_print(e.message) _print(e.message)
except: except Exception:
print _("Failed to clear the cache! ") print _("Failed to clear the cache! ")
return 1 return 1
def get_ip_global(): def get_ip_global():
import urllib2 import urllib2
@ -62,22 +66,16 @@ def get_ip_global():
f.close() f.close()
return outerIP return outerIP
def get_ip_mac_type(client_type = None):
results = [] def get_ip_mac_type(client_type=None):
#try: results = [getIpLocal(), getHwAddr()]
results.append ( getIpLocal() )
#except:
#results.append ('no_ip')
#try:
results.append ( getHwAddr())
#except:
#results.append ('no_mac')
if client_type: if client_type:
results.append (client_type) results.append(client_type)
else: else:
results.append ('console') results.append('console')
return results return results
def print_brief(view, brief_label): def print_brief(view, brief_label):
for Group in view.groups.GroupField: for Group in view.groups.GroupField:
if Group.name: if Group.name:
@ -86,7 +84,7 @@ def print_brief(view, brief_label):
print_brief_group(Group.fields.Field, Group.name) print_brief_group(Group.fields.Field, Group.name)
def _return_revoked_serials(self, crlfile): def _return_revoked_serials(crlfile):
try: try:
serials = [] serials = []
crltext = open(crlfile, 'r').read() crltext = open(crlfile, 'r').read()
@ -99,7 +97,8 @@ def _return_revoked_serials(self, crlfile):
call = '/usr/bin/openssl crl -text -noout -in %s' % crlfile call = '/usr/bin/openssl crl -text -noout -in %s' % crlfile
call = shlex.split(call) call = shlex.split(call)
serials = [] serials = []
(res,err)=subprocess.Popen(call, stdout=subprocess.PIPE).communicate() (res, err) = subprocess.Popen(call,
stdout=subprocess.PIPE).communicate()
for line in res.split('\n'): for line in res.split('\n'):
if line.find('Serial Number:') == -1: if line.find('Serial Number:') == -1:
continue continue
@ -109,18 +108,20 @@ def _return_revoked_serials(self, crlfile):
serials.append(serial) serials.append(serial)
return serials return serials
def _create_obj(client, method): def _create_obj(client, method):
try: try:
view_params = create_obj(client, method) view_params = create_obj(client, method)
except MethodNotFound: except MethodNotFound:
if method.endswith('_view'): if method.endswith('_view'):
method = method[:-5] method = method[:-5]
_print (_('Method not found: ') + method) _print(_('Method not found: ') + method)
raise Exception(1) raise Exception(1)
return view_params return view_params
def get_view_params(client, method, step = None, expert = None, brief = None,
onlyhelp = False, dispatch_usenew = False): def get_view_params(client, method, step=None, expert=None, brief=None,
onlyhelp=False, dispatch_usenew=False):
view_params = _create_obj(client, method) view_params = _create_obj(client, method)
view_params.step = step view_params.step = step
view_params.expert = expert view_params.expert = expert
@ -135,7 +136,8 @@ class MessageReceiver(object):
Объект организует цикл получения сообщений от WsdlServer и передает их на Объект организует цикл получения сообщений от WsdlServer и передает их на
обработку MessageDispatcher обработку MessageDispatcher
""" """
class States:
class States(object):
Messages = 0 Messages = 0
Progress = 1 Progress = 1
Finish = 2 Finish = 2
@ -159,7 +161,7 @@ class MessageReceiver(object):
sid = get_sid(client.SID_FILE) sid = get_sid(client.SID_FILE)
list_pid = client.service.list_pid(sid=sid) list_pid = client.service.list_pid(sid=sid)
if hasattr(list_pid, 'integer'): if hasattr(list_pid, 'integer'):
if not pid in list_pid.integer: if pid not in list_pid.integer:
display.print_error( display.print_error(
_("The process does not exist or does not belong to " _("The process does not exist or does not belong to "
"your session")) "your session"))
@ -185,6 +187,7 @@ class MessageReceiver(object):
self.get_messages() self.get_messages()
except Exception as e: except Exception as e:
import traceback import traceback
traceback.print_exc() traceback.print_exc()
elif message.type == 'error': elif message.type == 'error':
self.display.print_error(message.message) self.display.print_error(message.message)
@ -208,7 +211,7 @@ class MessageReceiver(object):
if self.state == self.States.Messages: if self.state == self.States.Messages:
current_frame = self.get_client_frame() current_frame = self.get_client_frame()
while current_frame in [None, [], ""]: while current_frame in [None, [], ""]:
time.sleep(float(self.client.frame_period)/10) time.sleep(float(self.client.frame_period) / 10)
current_frame = self.get_client_frame() current_frame = self.get_client_frame()
for item in current_frame[0]: for item in current_frame[0]:
self.message_dispatcher.dispatch_message(item) self.message_dispatcher.dispatch_message(item)
@ -244,6 +247,7 @@ class MessageDispatcher(object):
В дальнейшем взаимодействует с parent через методы get_progress, get_table, В дальнейшем взаимодействует с parent через методы get_progress, get_table,
send_message, поле State send_message, поле State
""" """
def __init__(self, methods=None): def __init__(self, methods=None):
""" """
@param methods: Common @param methods: Common
@ -333,4 +337,3 @@ class MessageDispatcher(object):
def ask_password(self, message): def ask_password(self, message):
answer = self.methods.askPassword(message.message, message.id == 2) answer = self.methods.askPassword(message.message, message.id == 2)
self.parent.send_message(answer) self.parent.send_message(answer)

67
pym/console/application/methods_func.py
Unescape View File

@ -1,4 +1,4 @@
#-*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org # Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org
# #
@ -14,24 +14,26 @@
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
import argparse, sys import argparse
import sys
from calculate.core.server.api_types import ViewInfoAdapter from calculate.core.server.api_types import ViewInfoAdapter
from calculate.core.server.local_call import Methods, has_force_arg from calculate.core.server.local_call import Methods, has_force_arg
from function import _create_obj, get_view_params, print_brief, _print from function import _create_obj, get_view_params, print_brief, _print
from calculate.lib.cl_lang import setLocalTranslate from calculate.lib.cl_lang import setLocalTranslate
_ = lambda x: x
setLocalTranslate('cl_console3', sys.modules[__name__]) setLocalTranslate('cl_console3', sys.modules[__name__])
import urllib2 import urllib2
from calculate.core.server.methods_func import get_method_argparser, \ from calculate.core.server.methods_func import get_method_argparser, \
collect_object, RawAndDefaultsHelpFormatter, \ collect_object, RawAndDefaultsHelpFormatter, \
check_result_msg, get_param_pwd, display_error check_result_msg, get_param_pwd, display_error
def parse(): def parse():
parser = argparse.ArgumentParser(add_help=False, parser = argparse.ArgumentParser(
formatter_class=RawAndDefaultsHelpFormatter) add_help=False, formatter_class=RawAndDefaultsHelpFormatter)
# parser = argparse.ArgumentParser(add_help=False) # parser = argparse.ArgumentParser(add_help=False)
parser.add_argument( parser.add_argument(
'-h', '--help', action='store_true', default=False, '-h', '--help', action='store_true', default=False,
dest='help', help=_("show this help message and exit")) dest='help', help=_("show this help message and exit"))
@ -44,33 +46,32 @@ def parse():
'--port', type=int, dest='port', '--port', type=int, dest='port',
help=_('port number')) help=_('port number'))
parser.add_argument( parser.add_argument(
'--host', type=str, default = 'localhost', dest='host', '--host', type=str, default='localhost', dest='host',
help=_('destination host')) help=_('destination host'))
parser.add_argument( parser.add_argument(
'--gen-cert-by', type=str, dest='by_host', metavar = 'HOST', '--gen-cert-by', type=str, dest='by_host', metavar='HOST',
help = \ help=_('send a certificate signature request to the server'))
_('send a certificate signature request to the server'))
parser.add_argument( parser.add_argument(
'--get-cert-from', type=str, dest='from_host', metavar = 'HOST', '--get-cert-from', type=str, dest='from_host', metavar='HOST',
help=_('get the signed certificate from the server')) help=_('get the signed certificate from the server'))
parser.add_argument( parser.add_argument(
'--cert-path', type=str, dest='path_to_cert', metavar = 'PATH', '--cert-path', type=str, dest='path_to_cert', metavar='PATH',
help=_('path to the cert and key files')) help=_('path to the cert and key files'))
parser.add_argument( parser.add_argument(
'--list-pid', action='store_true', default=False, '--list-pid', action='store_true', default=False,
dest='list_pid', help=_("view the list of running processes")) dest='list_pid', help=_("view the list of running processes"))
parser.add_argument( parser.add_argument(
'--dump', action='store_true', default=False, dest = 'dump', '--dump', action='store_true', default=False, dest='dump',
help=_('dump (to be used with option --list-pid)')) help=_('dump (to be used with option --list-pid)'))
parser.add_argument( parser.add_argument(
'--pid-result', type=int, metavar = 'PID', '--pid-result', type=int, metavar='PID',
dest='pid_res', help=_("view the result of the process")) dest='pid_res', help=_("view the result of the process"))
parser.add_argument( parser.add_argument(
'--keep-result', action='store_true', default=False, '--keep-result', action='store_true', default=False,
dest='keep_result', help=_("keep the cache of the " dest='keep_result', help=_("keep the cache of the "
"process results")) "process results"))
parser.add_argument( parser.add_argument(
'--pid-kill', type=int, metavar = 'PID', '--pid-kill', type=int, metavar='PID',
dest='pid_kill', help=_("kill the selected process")) dest='pid_kill', help=_("kill the selected process"))
parser.add_argument( parser.add_argument(
'--session-clean', action='store_true', default=False, '--session-clean', action='store_true', default=False,
@ -79,7 +80,7 @@ def parse():
'--session-info', action='store_true', default=False, '--session-info', action='store_true', default=False,
dest='session_info', help=_("view the session information")) dest='session_info', help=_("view the session information"))
parser.add_argument( parser.add_argument(
'--session-num-info', type=int, metavar = 'SID', '--session-num-info', type=int, metavar='SID',
dest='session_num_info', dest='session_num_info',
help=_("view information about session = SID")) help=_("view information about session = SID"))
parser.add_argument( parser.add_argument(
@ -94,21 +95,23 @@ def parse():
dest='stop_consoled', help=_("stop cl-consoled")) dest='stop_consoled', help=_("stop cl-consoled"))
parser.add_argument( parser.add_argument(
'--no-progress', action='store_true', default=False, '--no-progress', action='store_true', default=False,
dest = 'no_progress', help=_('do not display the progress bar')) dest='no_progress', help=_('do not display the progress bar'))
parser.add_argument( parser.add_argument(
'--stdin-passwords', action='store_true', default=False, '--stdin-passwords', action='store_true', default=False,
dest = 'stdin_passwd', dest='stdin_passwd',
help=_("use passwords from standard input for users accounts")) help=_("use passwords from standard input for users accounts"))
return parser return parser
def get_view(client, method, sid, view_params): def get_view(client, method, sid, view_params):
try: try:
view = client.service[0][method + '_view'](client.sid, view_params) view = client.service[0][method + '_view'](client.sid, view_params)
except urllib2.URLError, e: except urllib2.URLError, e:
_print (_('Failed to connect')+':', e) _print(_('Failed to connect') + ':', e)
raise Exception(1) raise Exception(1)
return view return view
def call_method(client, args, unknown_args, wait_thread): def call_method(client, args, unknown_args, wait_thread):
method = args.method method = args.method
stdin_passwd = args.stdin_passwd stdin_passwd = args.stdin_passwd
@ -157,25 +160,27 @@ def call_method(client, args, unknown_args, wait_thread):
wait_thread.stop() wait_thread.stop()
sys.stdout.write('\r') sys.stdout.write('\r')
sys.stdout.flush() sys.stdout.flush()
_print (_('Unknown parameter'), i) _print(_('Unknown parameter'), i)
raise Exception(1) raise Exception(1)
if view.groups is not None: if view.groups is not None:
param_object, steps = collect_object(client, param_object, view, args, param_object, steps = collect_object(client, param_object, view, args,
wait_thread,stdin_passwd=stdin_passwd) wait_thread,
if steps.label and hasattr (param_object, 'CheckOnly'): stdin_passwd=stdin_passwd)
if steps.label and hasattr(param_object, 'CheckOnly'):
param_object['CheckOnly'] = True param_object['CheckOnly'] = True
check_res = {} check_res = {}
while True: while True:
method_result = client.service[0][method](client.sid,param_object) method_result = client.service[0][method](client.sid,
param_object)
if not method_result: if not method_result:
print _('Method not available') print _('Method not available')
return None return None
if method_result.ReturnedMessage[0].type and \ if (method_result.ReturnedMessage[0].type and
method_result.ReturnedMessage[0].type != "pid": method_result.ReturnedMessage[0].type != "pid"):
wait_thread.stop() wait_thread.stop()
check_res = check_result_msg(method_result, view, check_res = check_result_msg(method_result, view,
check_res,args) check_res, args)
if not check_res: if not check_res:
return None return None
else: else:
@ -184,8 +189,8 @@ def call_method(client, args, unknown_args, wait_thread):
else: else:
break break
view_params = get_view_params(client, method + '_view', step = None, \ view_params = get_view_params(client, method + '_view', step=None,
expert = True, brief = True) expert=True, brief=True)
view = get_view(client, method, client.sid, view_params) view = get_view(client, method, client.sid, view_params)
wait_thread.stop() wait_thread.stop()
sys.stdout.write('\r') sys.stdout.write('\r')
@ -207,8 +212,8 @@ def call_method(client, args, unknown_args, wait_thread):
if not method_result: if not method_result:
print _('Method not available') print _('Method not available')
return None return None
if method_result.ReturnedMessage[0].type and \ if (method_result.ReturnedMessage[0].type and
method_result.ReturnedMessage[0].type != "pid": method_result.ReturnedMessage[0].type != "pid"):
view = ViewInfoAdapter(view) view = ViewInfoAdapter(view)
for error in method_result.ReturnedMessage: for error in method_result.ReturnedMessage:
display_error(error, args, view.groups) display_error(error, args, view.groups)

52
pym/console/application/pid_information.py
Unescape View File

@ -1,4 +1,4 @@
#-*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org # Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org
# #
@ -13,13 +13,17 @@
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and # See the License for the specific language governing permissions and
# limitations under the License. # limitations under the License.
from calculate.console.application.function import _print
from calculate.console.application.sid_func import get_sid from calculate.console.application.sid_func import get_sid
import sys import sys
_ = lambda x: x
from calculate.lib.cl_lang import setLocalTranslate from calculate.lib.cl_lang import setLocalTranslate
setLocalTranslate('cl_console3',sys.modules[__name__])
setLocalTranslate('cl_console3', sys.modules[__name__])
client_types = "console" client_types = "console"
#client_types = "gui"
def pid_inf(client, sid, pids): def pid_inf(client, sid, pids):
""" get and show information about process """ """ get and show information about process """
@ -32,9 +36,9 @@ def pid_inf(client, sid, pids):
print _("Permission denied") print _("Permission denied")
return 1 return 1
_print ('\n', _(u"Process name: %s") %s[0][4]) _print('\n', _(u"Process name: %s") % s[0][4])
print _(u"Process ID: %s") %s[0][0] print _(u"Process ID: %s") % s[0][0]
_print (_(u"%s: process started") %s[0][2]) _print(_(u"%s: process started") % s[0][2])
if s[0][1] == '1': if s[0][1] == '1':
print _(u"Process active") print _(u"Process active")
elif s[0][1] == '0': elif s[0][1] == '0':
@ -43,6 +47,7 @@ def pid_inf(client, sid, pids):
print _(u"Process killed") print _(u"Process killed")
return 0 return 0
def client_list_pid(client): def client_list_pid(client):
""" get all process id for this session """ """ get all process id for this session """
sid = get_sid(client.SID_FILE) sid = get_sid(client.SID_FILE)
@ -50,54 +55,58 @@ def client_list_pid(client):
red = '\033[31m * \033[0m' red = '\033[31m * \033[0m'
green = '\033[32m * \033[0m' green = '\033[32m * \033[0m'
try: try:
list_pid = client.service.list_pid(sid = sid) list_pid = client.service.list_pid(sid=sid)
if list_pid[0][0] == 0: if list_pid[0][0] == 0:
print red + _("PIDs not found for this session!") print red + _("PIDs not found for this session!")
return 0 return 0
else: else:
for i in list_pid[0]: for i in list_pid[0]:
print green + "pid - %d" %i print green + "pid - %d" % i
except: except Exception:
print red + _("Error fetching the PID list from the server") print red + _("Error fetching the PID list from the server")
return 1 return 1
return len(list_pid[0]) return len(list_pid[0])
def gen_pid_ls(client): def gen_pid_ls(client):
""" generation list with pid for this session """ """ generation list with pid for this session """
sid = get_sid(client.SID_FILE) sid = get_sid(client.SID_FILE)
pid_ls = [] pid_ls = []
try: try:
list_pid = client.service.list_pid(sid = sid) list_pid = client.service.list_pid(sid=sid)
if list_pid[0][0] == 0: if list_pid[0][0] == 0:
print _("PIDs not found for this session!") print _("PIDs not found for this session!")
return 0 return 0
else: else:
for i in list_pid[0]: for i in list_pid[0]:
pid_ls.append(i) pid_ls.append(i)
except: except Exception:
print _("Error fetching the PID list from the server") print _("Error fetching the PID list from the server")
return 0 return 0
return pid_ls return pid_ls
def client_pid_info(client): def client_pid_info(client):
""" get information about selected process (or about all) """ """ get information about selected process (or about all) """
# try: # try:
sid = get_sid(client.SID_FILE) sid = get_sid(client.SID_FILE)
pid_ls = gen_pid_ls(client) pid_ls = gen_pid_ls(client)
if pid_ls: if pid_ls:
pid_inf(client, sid, pid_ls) pid_inf(client, sid, pid_ls)
# except:
# except:
# print _("Error get data") # print _("Error get data")
# return 1 # return 1
# return 0 # return 0
def client_list_methods(client): def client_list_methods(client):
""" get & show all available methods for this certificate """ """ get & show all available methods for this certificate """
DAT = 0 # Access to data soap structure DAT = 0 # Access to data soap structure
RES = 0 # Access to result RES = 0 # Access to result
COM = 0 # Getting command line COM = 0 # Getting command line
METH = 1 # Getting method line METH = 1 # Getting method line
TR_METH = 3 # Translate method name TR_METH = 3 # Translate method name
results = client.service.get_methods(client.sid, client_types) results = client.service.get_methods(client.sid, client_types)
if not results: if not results:
print _('No methods available') print _('No methods available')
@ -111,15 +120,16 @@ def client_list_methods(client):
print _("Available methods:") print _("Available methods:")
group_dict = {} group_dict = {}
for group in results.stringArray: for group in results.stringArray:
if len (group.string) == 4: if len(group.string) == 4:
group_dict[group.string[METH]] = group.string[TR_METH] group_dict[group.string[METH]] = group.string[TR_METH]
if len (group.string) == 3: if len(group.string) == 3:
group_dict[group.string[METH]] = group.string[TR_METH-1] group_dict[group.string[METH]] = group.string[TR_METH - 1]
sort_keys = group_dict.keys() sort_keys = group_dict.keys()
sort_keys.sort() sort_keys.sort()
for key in sort_keys: for key in sort_keys:
print " %s - %s" % (key, group_dict[key]) print " %s - %s" % (key, group_dict[key])
def client_pid_kill(client, pid): def client_pid_kill(client, pid):
sid = get_sid(client.SID_FILE) sid = get_sid(client.SID_FILE)

60
pym/console/application/sid_func.py
Unescape View File

@ -16,8 +16,12 @@
import os import os
import sys import sys
_ = lambda x: x
from calculate.lib.cl_lang import setLocalTranslate from calculate.lib.cl_lang import setLocalTranslate
setLocalTranslate('cl_console3',sys.modules[__name__])
setLocalTranslate('cl_console3', sys.modules[__name__])
def client_del_sid(client): def client_del_sid(client):
""" delete this session """ """ delete this session """
@ -32,7 +36,7 @@ def client_del_sid(client):
print _("Failed to obtain certificate data!") print _("Failed to obtain certificate data!")
return -2 return -2
if s[0][0] == "Permission denied": if s[0][0] == "Permission denied":
_print (_("%s: permission denied") % s[1][1]) print _("%s: permission denied") % s[1][1]
return -3 return -3
if s[0][0] == '0': if s[0][0] == '0':
@ -40,11 +44,12 @@ def client_del_sid(client):
fi.write('0') fi.write('0')
fi.close() fi.close()
print _("SID deleted!") print _("SID deleted!")
except: except Exception:
print _("SID deletion error on the server") print _("SID deletion error on the server")
return 1 return 1
return 0 return 0
def sid_inf(client, sid): def sid_inf(client, sid):
red = '\033[31m * \033[0m' red = '\033[31m * \033[0m'
green = '\033[32m * \033[0m' green = '\033[32m * \033[0m'
@ -61,39 +66,41 @@ def sid_inf(client, sid):
return -3 return -3
print _('Session information: ') print _('Session information: ')
print green + _(u"Session number: %s") %sid print green + _(u"Session number: %s") % sid
print green + _(u"Certificate number: %s") %s[0][0] print green + _(u"Certificate number: %s") % s[0][0]
_print (green + _(u"Certificate issued on %s") %s[0][1]) print green + _(u"Certificate issued on %s") % s[0][1]
print green + "ip - %s" %s[0][2] print green + "ip - %s" % s[0][2]
print green + "MAC - %s\n" %s[0][3] print green + "MAC - %s\n" % s[0][3]
return 0 return 0
def client_session_info(client, sid = None):
def client_session_info(client, sid=None):
""" select session for get information """ """ select session for get information """
try: try:
select_sid = sid if sid else client.sid select_sid = sid if sid else client.sid
sid_inf(client, select_sid) sid_inf(client, select_sid)
except Exception, e: except Exception, e:
if type (e.message) == tuple and len(e.message) == 2 \ if type(e.message) == tuple and len(e.message) == 2 \
and e.message[1] == 'Forbidden': and e.message[1] == 'Forbidden':
print _("Access forbidden!") print _("Access forbidden!")
else: else:
print e print e
return 1 return 1
def client_session_list(client): def client_session_list(client):
red = '\033[31m * \033[0m' red = '\033[31m * \033[0m'
green = '\033[32m * \033[0m' green = '\033[32m * \033[0m'
try: try:
res = client.service.get_sessions(client.sid) res = client.service.get_sessions(client.sid)
except Exception, e: except Exception, e:
if type (e.message) == tuple and len(e.message) == 2 \ if type(e.message) == tuple and len(e.message) == 2 \
and e.message[1] == 'Forbidden': and e.message[1] == 'Forbidden':
print _("Access forbidden!") print _("Access forbidden!")
else: else:
print e print e
return 1 return 1
if hasattr (res, 'string'): if hasattr(res, 'string'):
if res.string: if res.string:
print _('Active sessions on the server: ') print _('Active sessions on the server: ')
for session_id in res.string: for session_id in res.string:
@ -102,29 +109,30 @@ def client_session_list(client):
return 0 return 0
print red + _('No active sessions on the server') print red + _('No active sessions on the server')
def session_clean(client): def session_clean(client):
try: try:
res = client.service.clear_session_cache(client.sid) res = client.service.clear_session_cache(client.sid)
except Exception, e: if res:
if type (e.message) == tuple and len(e.message) == 2 \ print _('Error clearing the session cache')
and e.message[1] == 'Forbidden': else:
print _('Session cache cleared')
except Exception as e:
if type(e.message) == tuple and len(e.message) == 2 \
and e.message[1] == 'Forbidden':
print _("Access forbidden!") print _("Access forbidden!")
else: else:
print e print e
if res:
print _('Error clearing the session cache')
else:
print _('Session cache cleared')
def get_sid (SID_FILE): def get_sid(sid_file):
if not os.path.exists(SID_FILE): if not os.path.exists(sid_file):
fi = open(SID_FILE, 'w') fi = open(sid_file, 'w')
fi.write('0') fi.write('0')
fi.close() fi.close()
sid = 0 sid = 0
else: else:
fi = open(SID_FILE, 'r') fi = open(sid_file, 'r')
sid = fi.read() sid = fi.read()
fi.close() fi.close()
return sid return sid

11
pym/console/console_main.py
Unescape View File

@ -1,5 +1,5 @@
#!/usr/bin/env python2 #!/usr/bin/env python2
#-*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org # Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org
# #
@ -19,19 +19,22 @@ def console_main():
import sys import sys
from calculate.console.application.cl_client import main, StoppableThread from calculate.console.application.cl_client import main, StoppableThread
from calculate.console.application.function import _print from calculate.console.application.function import _print
reload(sys) reload(sys)
sys.setdefaultencoding("utf-8") sys.setdefaultencoding("utf-8")
import __builtin__ import __builtin__
from calculate.lib.cl_lang import setLocalTranslate from calculate.lib.cl_lang import setLocalTranslate
setLocalTranslate('calculate_console',sys.modules[__name__])
_ = lambda x: x
setLocalTranslate('calculate_console', sys.modules[__name__])
__builtin__.__dict__['_print'] = _print __builtin__.__dict__['_print'] = _print
wait_thread = StoppableThread()
try: try:
wait_thread = StoppableThread()
sys.exit(main(wait_thread)) sys.exit(main(wait_thread))
except KeyboardInterrupt: except KeyboardInterrupt:
wait_thread.stop() wait_thread.stop()
red = '\033[31m * \033[0m' red = '\033[31m * \033[0m'
print '\n'+red+_('Interrupted by the user') print '\n' + red + _('Interrupted by the user')
sys.exit(1) sys.exit(1)

7
pym/console/datavars.py
Unescape View File

@ -1,4 +1,4 @@
#-*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org # Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org
# #
@ -19,11 +19,14 @@ __app__ = "Calculate Console"
from calculate.lib.datavars import DataVars from calculate.lib.datavars import DataVars
class DataVarsConsole(DataVars): class DataVarsConsole(DataVars):
"""Variable class for installation""" """Variable class for installation"""
def importConsole(self, **args): def importConsole(self, **args):
'''Заполнить конфигурацию переменных, для десктопа''' """
Заполнить конфигурацию переменных, для десктопа
"""
self.importVariables() self.importVariables()
self.importVariables('calculate.core.variables') self.importVariables('calculate.core.variables')
self.importVariables('calculate.console.variables') self.importVariables('calculate.console.variables')

10
pym/console/variables/console.py
Unescape View File

@ -1,4 +1,4 @@
#-*- coding: utf-8 -*- # -*- coding: utf-8 -*-
# Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org # Copyright 2012-2016 Mir Calculate. http://www.calculate-linux.org
# #
@ -18,7 +18,8 @@ import sys
from os import path from os import path
from calculate.lib.cl_lang import setLocalTranslate from calculate.lib.cl_lang import setLocalTranslate
setLocalTranslate('cl_console3',sys.modules[__name__])
setLocalTranslate('cl_console3', sys.modules[__name__])
class VariableClGuiData(Variable): class VariableClGuiData(Variable):
@ -27,12 +28,15 @@ class VariableClGuiData(Variable):
""" """
value = '/var/calculate/server' value = '/var/calculate/server'
class VariableClGuiDatabase(Variable): class VariableClGuiDatabase(Variable):
""" """
Variable store name files containing clients certificates Variable store name files containing clients certificates
""" """
def get(self): def get(self):
return path.join(self.Get('cl_gui_data'),"client_certs/Database") return path.join(self.Get('cl_gui_data'), "client_certs/Database")
class VariableClGuiImagePath(Variable): class VariableClGuiImagePath(Variable):
""" """

Write Preview
Loading…
Cancel
Save