burmatovan/openuds
1
0
Fork 0
forked from shaba/openuds
Code Issues Pull Requests Projects Releases Wiki Activity

Small spelling fixes

Browse Source
This commit is contained in:
Adolfo Gómez García 2021-07-19 01:16:18 +02:00
parent 91f90c8630
commit 51407b54ee
2 changed files with 99 additions and 74 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

167
actor/src/udsactor/rest.py
View File

@ -43,35 +43,45 @@ from .version import VERSION
LISTEN_PORT = 43910 LISTEN_PORT = 43910
# Default timeout # Default timeout
TIMEOUT = 5 # 5 seconds is more than enought TIMEOUT = 5 # 5 seconds is more than enought
# Constants # Constants
UNKNOWN = 'unknown' UNKNOWN = 'unknown'
class RESTError(Exception): class RESTError(Exception):
ERRCODE = 0 ERRCODE = 0
class RESTConnectionError(RESTError): class RESTConnectionError(RESTError):
ERRCODE = -1 ERRCODE = -1
# Errors ""raised"" from broker # Errors ""raised"" from broker
class RESTInvalidKeyError(RESTError): class RESTInvalidKeyError(RESTError):
ERRCODE = 1 ERRCODE = 1
class RESTUnmanagedHostError(RESTError): class RESTUnmanagedHostError(RESTError):
ERRCODE = 2 ERRCODE = 2
class RESTUserServiceNotFoundError(RESTError): class RESTUserServiceNotFoundError(RESTError):
ERRCODE = 3 ERRCODE = 3
class RESTOsManagerError(RESTError): class RESTOsManagerError(RESTError):
ERRCODE = 4 ERRCODE = 4
# For avoid proxy on localhost connections # For avoid proxy on localhost connections
NO_PROXY = { NO_PROXY = {
'http': None, 'http': None,
'https': None, 'https': None,
} }
UDS_BASE_URL = 'https://{}/uds/rest/'
# #
# Basic UDS Api # Basic UDS Api
# #
@ -79,6 +89,7 @@ class UDSApi: # pylint: disable=too-few-public-methods
""" """
Base for remote api accesses Base for remote api accesses
""" """
_host: str _host: str
_validateCert: bool _validateCert: bool
_url: str _url: str
@ -86,12 +97,12 @@ class UDSApi: # pylint: disable=too-few-public-methods
def __init__(self, host: str, validateCert: bool) -> None: def __init__(self, host: str, validateCert: bool) -> None:
self._host = host self._host = host
self._validateCert = validateCert self._validateCert = validateCert
self._url = "https://{}/uds/rest/".format(self._host) self._url = UDS_BASE_URL.format(self._host)
# Disable logging requests messages except for errors, ... # Disable logging requests messages except for errors, ...
logging.getLogger("requests").setLevel(logging.CRITICAL) logging.getLogger('request').setLevel(logging.CRITICAL)
logging.getLogger("urllib3").setLevel(logging.ERROR) logging.getLogger('urllib3').setLevel(logging.ERROR)
try: try:
warnings.simplefilter("ignore") # Disables all warnings warnings.simplefilter('ignore') # Disables all warnings
except Exception: except Exception:
pass pass
@ -99,19 +110,19 @@ class UDSApi: # pylint: disable=too-few-public-methods
def _headers(self) -> typing.MutableMapping[str, str]: def _headers(self) -> typing.MutableMapping[str, str]:
return { return {
'Content-Type': 'application/json', 'Content-Type': 'application/json',
'User-Agent': 'UDS Actor v{}'.format(VERSION) 'User-Agent': 'UDS Actor v{}'.format(VERSION),
} }
def _apiURL(self, method: str) -> str: def _apiURL(self, method: str) -> str:
raise NotImplementedError raise NotImplementedError
def _doPost( def _doPost(
self, self,
method: str, # i.e. 'initialize', 'ready', .... method: str, # i.e. 'initialize', 'ready', ....
payLoad: typing.MutableMapping[str, typing.Any], payLoad: typing.MutableMapping[str, typing.Any],
headers: typing.Optional[typing.MutableMapping[str, str]] = None, headers: typing.Optional[typing.MutableMapping[str, str]] = None,
disableProxy: bool = False disableProxy: bool = False,
) -> typing.Any: ) -> typing.Any:
headers = headers or self._headers headers = headers or self._headers
try: try:
result = requests.post( result = requests.post(
@ -120,7 +131,9 @@ class UDSApi: # pylint: disable=too-few-public-methods
headers=headers, headers=headers,
verify=self._validateCert, verify=self._validateCert,
timeout=TIMEOUT, timeout=TIMEOUT,
proxies=NO_PROXY if disableProxy else None # if not proxies wanted, enforce it proxies=NO_PROXY
if disableProxy
else None, # if not proxies wanted, enforce it
) )
if result.ok: if result.ok:
@ -139,6 +152,7 @@ class UDSApi: # pylint: disable=too-few-public-methods
raise RESTError(data) raise RESTError(data)
# #
# UDS Broker API access # UDS Broker API access
# #
@ -148,7 +162,12 @@ class UDSServerApi(UDSApi):
def enumerateAuthenticators(self) -> typing.Iterable[types.AuthenticatorType]: def enumerateAuthenticators(self) -> typing.Iterable[types.AuthenticatorType]:
try: try:
result = requests.get(self._url + 'auth/auths', headers=self._headers, verify=self._validateCert, timeout=4) result = requests.get(
self._url + 'auth/auths',
headers=self._headers,
verify=self._validateCert,
timeout=4,
)
if result.ok: if result.ok:
for v in sorted(result.json(), key=lambda x: x['priority']): for v in sorted(result.json(), key=lambda x: x['priority']):
yield types.AuthenticatorType( yield types.AuthenticatorType(
@ -157,7 +176,7 @@ class UDSServerApi(UDSApi):
auth=v['auth'], auth=v['auth'],
type=v['type'], type=v['type'],
priority=v['priority'], priority=v['priority'],
isCustom=v['isCustom'] isCustom=v['isCustom'],
) )
except Exception: except Exception:
pass pass
@ -173,7 +192,7 @@ class UDSServerApi(UDSApi):
preCommand: str, preCommand: str,
runOnceCommand: str, runOnceCommand: str,
postCommand: str, postCommand: str,
logLevel: int logLevel: int,
) -> str: ) -> str:
""" """
Raises an exception if could not register, or registers and returns the "authorization token" Raises an exception if could not register, or registers and returns the "authorization token"
@ -186,7 +205,7 @@ class UDSServerApi(UDSApi):
'pre_command': preCommand, 'pre_command': preCommand,
'run_once_command': runOnceCommand, 'run_once_command': runOnceCommand,
'post_command': postCommand, 'post_command': postCommand,
'log_level': logLevel 'log_level': logLevel,
} }
# First, try to login to REST api # First, try to login to REST api
@ -194,13 +213,23 @@ class UDSServerApi(UDSApi):
# First, try to login # First, try to login
authInfo = {'auth': auth, 'username': username, 'password': password} authInfo = {'auth': auth, 'username': username, 'password': password}
headers = self._headers headers = self._headers
result = requests.post(self._url + 'auth/login', data=json.dumps(authInfo), headers=headers, verify=self._validateCert) result = requests.post(
self._url + 'auth/login',
data=json.dumps(authInfo),
headers=headers,
verify=self._validateCert,
)
if not result.ok or result.json()['result'] == 'error': if not result.ok or result.json()['result'] == 'error':
raise Exception() # Invalid credentials raise Exception() # Invalid credentials
headers['X-Auth-Token'] = result.json()['token'] headers['X-Auth-Token'] = result.json()['token']
result = requests.post(self._apiURL('register'), data=json.dumps(data), headers=headers, verify=self._validateCert) result = requests.post(
self._apiURL('register'),
data=json.dumps(data),
headers=headers,
verify=self._validateCert,
)
if result.ok: if result.ok:
return result.json()['result'] return result.json()['result']
except requests.ConnectionError as e: except requests.ConnectionError as e:
@ -212,13 +241,18 @@ class UDSServerApi(UDSApi):
raise RESTError(result.content.decode()) raise RESTError(result.content.decode())
def initialize(self, token: str, interfaces: typing.Iterable[types.InterfaceInfoType], actor_type: typing.Optional[str]) -> types.InitializationResultType: def initialize(
self,
token: str,
interfaces: typing.Iterable[types.InterfaceInfoType],
actor_type: typing.Optional[str],
) -> types.InitializationResultType:
# Generate id list from netork cards # Generate id list from netork cards
payload = { payload = {
'type': actor_type or types.MANAGED, 'type': actor_type or types.MANAGED,
'token': token, 'token': token,
'version': VERSION, 'version': VERSION,
'id': [{'mac': i.mac, 'ip': i.ip} for i in interfaces] 'id': [{'mac': i.mac, 'ip': i.ip} for i in interfaces],
} }
r = self._doPost('initialize', payload) r = self._doPost('initialize', payload)
os = r['os'] os = r['os']
@ -232,53 +266,55 @@ class UDSServerApi(UDSApi):
password=os.get('password'), password=os.get('password'),
new_password=os.get('new_password'), new_password=os.get('new_password'),
ad=os.get('ad'), ad=os.get('ad'),
ou=os.get('ou') ou=os.get('ou'),
) if r['os'] else None )
if r['os']
else None,
) )
def ready(self, own_token: str, secret: str, ip: str, port: int) -> types.CertificateInfoType: def ready(
payload = { self, own_token: str, secret: str, ip: str, port: int
'token': own_token, ) -> types.CertificateInfoType:
'secret': secret, payload = {'token': own_token, 'secret': secret, 'ip': ip, 'port': port}
'ip': ip,
'port': port
}
result = self._doPost('ready', payload) result = self._doPost('ready', payload)
return types.CertificateInfoType( return types.CertificateInfoType(
private_key=result['private_key'], private_key=result['private_key'],
server_certificate=result['server_certificate'], server_certificate=result['server_certificate'],
password=result['password'] password=result['password'],
) )
def notifyIpChange(self, own_token: str, secret: str, ip: str, port: int) -> types.CertificateInfoType: def notifyIpChange(
payload = { self, own_token: str, secret: str, ip: str, port: int
'token': own_token, ) -> types.CertificateInfoType:
'secret': secret, payload = {'token': own_token, 'secret': secret, 'ip': ip, 'port': port}
'ip': ip,
'port': port
}
result = self._doPost('ipchange', payload) result = self._doPost('ipchange', payload)
return types.CertificateInfoType( return types.CertificateInfoType(
private_key=result['private_key'], private_key=result['private_key'],
server_certificate=result['server_certificate'], server_certificate=result['server_certificate'],
password=result['password'] password=result['password'],
) )
def notifyUnmanagedCallback(self, master_token: str, secret: str, interfaces: typing.Iterable[types.InterfaceInfoType], port: int) -> types.CertificateInfoType: def notifyUnmanagedCallback(
self,
master_token: str,
secret: str,
interfaces: typing.Iterable[types.InterfaceInfoType],
port: int,
) -> types.CertificateInfoType:
payload = { payload = {
'id': [{'mac': i.mac, 'ip': i.ip} for i in interfaces], 'id': [{'mac': i.mac, 'ip': i.ip} for i in interfaces],
'token': master_token, 'token': master_token,
'secret': secret, 'secret': secret,
'port': port 'port': port,
} }
result = self._doPost('unmanaged', payload) result = self._doPost('unmanaged', payload)
return types.CertificateInfoType( return types.CertificateInfoType(
private_key=result['private_key'], private_key=result['private_key'],
server_certificate=result['server_certificate'], server_certificate=result['server_certificate'],
password=result['password'] password=result['password'],
) )
def login( def login(
@ -288,14 +324,11 @@ class UDSServerApi(UDSApi):
username: str, username: str,
sessionType: str, sessionType: str,
interfaces: typing.Iterable[types.InterfaceInfoType], interfaces: typing.Iterable[types.InterfaceInfoType],
secret: typing.Optional[str] secret: typing.Optional[str],
) -> types.LoginResultInfoType: ) -> types.LoginResultInfoType:
if not token: if not token:
return types.LoginResultInfoType( return types.LoginResultInfoType(
ip='0.0.0.0', ip='0.0.0.0', hostname=UNKNOWN, dead_line=None, max_idle=None
hostname=UNKNOWN,
dead_line=None,
max_idle=None
) )
payload = { payload = {
'type': actor_type or types.MANAGED, 'type': actor_type or types.MANAGED,
@ -310,7 +343,7 @@ class UDSServerApi(UDSApi):
ip=result['ip'], ip=result['ip'],
hostname=result['hostname'], hostname=result['hostname'],
dead_line=result['dead_line'], dead_line=result['dead_line'],
max_idle=result['max_idle'] max_idle=result['max_idle'],
) )
def logout( def logout(
@ -319,7 +352,7 @@ class UDSServerApi(UDSApi):
token: str, token: str,
username: str, username: str,
interfaces: typing.Iterable[types.InterfaceInfoType], interfaces: typing.Iterable[types.InterfaceInfoType],
secret: typing.Optional[str] secret: typing.Optional[str],
) -> None: ) -> None:
if not token: if not token:
return return
@ -328,19 +361,14 @@ class UDSServerApi(UDSApi):
'id': [{'mac': i.mac, 'ip': i.ip} for i in interfaces], 'id': [{'mac': i.mac, 'ip': i.ip} for i in interfaces],
'token': token, 'token': token,
'username': username, 'username': username,
'secret': secret or '' 'secret': secret or '',
} }
self._doPost('logout', payload) self._doPost('logout', payload)
def log(self, own_token: str, level: int, message: str) -> None: def log(self, own_token: str, level: int, message: str) -> None:
if not own_token: if not own_token:
return return
payLoad = { payLoad = {'token': own_token, 'level': level, 'message': message}
'token': own_token,
'level': level,
'message': message
}
self._doPost('log', payLoad) # Ignores result... self._doPost('log', payLoad) # Ignores result...
def test(self, master_token: str, actorType: typing.Optional[str]) -> bool: def test(self, master_token: str, actorType: typing.Optional[str]) -> bool:
@ -359,26 +387,25 @@ class UDSClientApi(UDSApi):
def _apiURL(self, method: str) -> str: def _apiURL(self, method: str) -> str:
return self._url + method return self._url + method
def post( def post(
self, self,
method: str, # i.e. 'initialize', 'ready', .... method: str, # i.e. 'initialize', 'ready', ....
payLoad: typing.MutableMapping[str, typing.Any] payLoad: typing.MutableMapping[str, typing.Any],
) -> typing.Any: ) -> typing.Any:
return self._doPost(method=method, payLoad=payLoad, disableProxy=True) return self._doPost(method=method, payLoad=payLoad, disableProxy=True)
def register(self, callbackUrl: str) -> None: def register(self, callbackUrl: str) -> None:
payLoad = { payLoad = {'callback_url': callbackUrl}
'callback_url': callbackUrl
}
self.post('register', payLoad) self.post('register', payLoad)
def unregister(self, callbackUrl: str) -> None: def unregister(self, callbackUrl: str) -> None:
payLoad = { payLoad = {'callback_url': callbackUrl}
'callback_url': callbackUrl
}
self.post('unregister', payLoad) self.post('unregister', payLoad)
def login(self, username: str, sessionType: typing.Optional[str] = None) -> types.LoginResultInfoType: def login(
self, username: str, sessionType: typing.Optional[str] = None
) -> types.LoginResultInfoType:
payLoad = { payLoad = {
'username': username, 'username': username,
'session_type': sessionType or UNKNOWN, 'session_type': sessionType or UNKNOWN,
@ -388,13 +415,11 @@ class UDSClientApi(UDSApi):
ip=result['ip'], ip=result['ip'],
hostname=result['hostname'], hostname=result['hostname'],
dead_line=result['dead_line'], dead_line=result['dead_line'],
max_idle=result['max_idle'] max_idle=result['max_idle'],
) )
def logout(self, username: str) -> None: def logout(self, username: str) -> None:
payLoad = { payLoad = {'username': username}
'username': username
}
self.post('logout', payLoad) self.post('logout', payLoad)
def ping(self) -> bool: def ping(self) -> bool:

6
udsProxy/src/uds/udsproxy/udsproxy.go
View File

@ -32,7 +32,7 @@ var config struct {
IgnoreCertificates bool // If true, will ignore certificates (when requesting) IgnoreCertificates bool // If true, will ignore certificates (when requesting)
} }
func validOrigin(w http.ResponseWriter, r *http.Request) error { func validateOrigin(w http.ResponseWriter, r *http.Request) error {
ip := strings.Split(r.RemoteAddr, ":")[0] ip := strings.Split(r.RemoteAddr, ":")[0]
for _, v := range config.AllowFrom { for _, v := range config.AllowFrom {
if v == ip { if v == ip {
@ -46,7 +46,7 @@ func validOrigin(w http.ResponseWriter, r *http.Request) error {
// Test service // Test service
func testService(w http.ResponseWriter, r *http.Request) { func testService(w http.ResponseWriter, r *http.Request) {
if validOrigin(w, r) != nil { if validateOrigin(w, r) != nil {
return return
} }
@ -77,7 +77,7 @@ func testService(w http.ResponseWriter, r *http.Request) {
} }
func proxyRequest(w http.ResponseWriter, r *http.Request) { func proxyRequest(w http.ResponseWriter, r *http.Request) {
if validOrigin(w, r) != nil { if validateOrigin(w, r) != nil {
return return
} }
log.Print("Proxy Request from ", r.RemoteAddr) log.Print("Proxy Request from ", r.RemoteAddr)