burmatovan/openuds
1
0
Fork 0
forked from shaba/openuds
Code Issues Pull Requests Projects Releases Wiki Activity

refactoryzed cryptoManager access

Browse Source
This commit is contained in:
Adolfo Gómez García 2019-08-15 11:22:07 +02:00
parent 6e39c1a2dc
commit be7d177bdc
5 changed files with 23 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server/src/uds/core/managers/__init__.py
View File

@ -36,7 +36,7 @@ import typing
# Imports for type checking
if typing.TYPE_CHECKING:
from .CryptoManager import CryptoManager
from .crypto import CryptoManager
from .TaskManager import TaskManager
from .DownloadsManager import DownloadsManager
from .LogManager import LogManager
@ -44,7 +44,7 @@ if typing.TYPE_CHECKING:
from .UserServiceManager import UserServiceManager
def cryptoManager() -> 'CryptoManager':
from .CryptoManager import CryptoManager # pylint: disable=redefined-outer-name
from .crypto import CryptoManager # pylint: disable=redefined-outer-name
return CryptoManager.manager()

2
server/src/uds/core/managers/CryptoManager.py → server/src/uds/core/managers/crypto.py
View File

@ -112,7 +112,7 @@ class CryptoManager:
def AESCrypt(self, text: bytes, key: bytes, base64: bool = False) -> bytes:
# First, match key to 16 bytes. If key is over 16, create a new one based on key of 16 bytes length
cipher = AES.new(CryptoManager.AESKey(key, 16), AES.MODE_CBC, 'udsinitvectoruds')
rndStr = self.randomString(cipher.block_size)
rndStr = self.randomString(cipher.block_size).encode('utf8')
paddedLength = ((len(text) + 4 + 15) // 16) * 16
toEncode = struct.pack('>i', len(text)) + text + rndStr[:paddedLength - len(text) - 4]
encoded = cipher.encrypt(toEncode)

14
server/src/uds/core/util/Config.py
View File

@ -35,7 +35,7 @@ import logging
from django.conf import settings
from django.apps import apps
from uds.models.config import Config as DBConfig
from uds.core.managers.CryptoManager import CryptoManager
from uds.core.managers import cryptoManager
logger = logging.getLogger(__name__)
@ -78,7 +78,7 @@ class Config:
if crypt is False or not default:
self._default: str = default
else:
self._default = CryptoManager.manager().encrypt(default)
self._default = cryptoManager().encrypt(default)
self._data: typing.Optional[str] = None
@ -107,13 +107,13 @@ class Config:
except Exception:
# Not found
if self._default != '' and self._crypt:
self.set(CryptoManager.manager().decrypt(self._default))
self.set(cryptoManager().decrypt(self._default))
elif not self._crypt:
self.set(self._default)
self._data = self._default
if self._crypt is True:
return CryptoManager.manager().decrypt(typing.cast(str, self._data))
return cryptoManager().decrypt(typing.cast(str, self._data))
return typing.cast(str, self._data)
def setParams(self, params: typing.Any) -> None:
@ -159,7 +159,7 @@ class Config:
return
if self._crypt is True:
value = CryptoManager.manager().encrypt(value)
value = cryptoManager().encrypt(value)
# Editable here means that this configuration value can be edited by admin directly (generally, that this is a "clean text" value)
@ -220,7 +220,7 @@ class Config:
return False# Skip non writable elements
if cfg.crypt is True:
value = CryptoManager.manager().encrypt(value)
value = cryptoManager().encrypt(value)
cfg.value = value
cfg.save()
logger.debug('Updated value for %s.%s to %s', section, key, value)
@ -335,7 +335,7 @@ class GlobalConfig:
LOWERCASE_USERNAME: Config.Value = Config.section(SECURITY_SECTION).value('Convert username to lowercase', '1', type=Config.BOOLEAN_FIELD)
# Global UDS ID (common for all servers on the same cluster)
UDS_ID: Config.Value = Config.section(GLOBAL_SECTION).value('UDS ID', CryptoManager.manager().uuid(), type=Config.READ_FIELD)
UDS_ID: Config.Value = Config.section(GLOBAL_SECTION).value('UDS ID', cryptoManager().uuid(), type=Config.READ_FIELD)
_initDone = False

21
server/src/uds/osmanagers/WindowsOsManager/WinDomainOsManager.py
View File

@ -8,22 +8,21 @@
"""
@author: Adolfo Gómez, dkmaster at dkmon dot com
"""
from __future__ import unicode_literals
import logging
import dns.resolver
import ldap
import six
from django.utils.translation import ugettext_noop as _
from uds.core.ui.UserInterface import gui
from uds.core.managers.CryptoManager import CryptoManager
from uds.core.managers import cryptoManager
from uds.core import osmanagers
from uds.core.util import log
from uds.core.util import encoders
from uds.core.util import ldaputil
import dns.resolver
import ldap
from .WindowsOsManager import WindowsOsManager
import logging
logger = logging.getLogger(__name__)
@ -90,7 +89,7 @@ class WinDomainOsManager(WindowsOsManager):
yield (self._serverHint, 389)
for server in reversed(sorted(dns.resolver.query('_ldap._tcp.' + self._domain, 'SRV'), key=lambda i: i.priority * 10000 + i.weight)):
yield (six.text_type(server.target)[:-1], server.port)
yield (str(server.target)[:-1], server.port)
def __connectLdap(self, servers=None):
"""
@ -174,7 +173,7 @@ class WinDomainOsManager(WindowsOsManager):
error = None
break
except dns.resolver.NXDOMAIN: # No domain found, log it and pass
logger.warning('Could not find _ldap._tcp.' + self._domain)
logger.warning('Could not find _ldap._tcp.%s', self._domain)
log.doLog(userService, log.WARN, "Could not remove machine from domain (_ldap._tcp.{0} not found)".format(self._domain), log.OSMANAGER)
except ldap.ALREADY_EXISTS: # @UndefinedVariable
# Already added this machine to this group, pass
@ -225,7 +224,7 @@ class WinDomainOsManager(WindowsOsManager):
raise Exception('Machine {} not found on AD (permissions?)'.format(service.friendly_name))
ldaputil.recursive_delete(l, res)
except IndexError:
logger.error('Error deleting {} from BASE {}'.format(service.friendly_name, self._ou))
logger.error('Error deleting %s from BASE %s', service.friendly_name, self._ou)
except Exception:
logger.exception('Deleting from AD: ')
@ -299,7 +298,7 @@ class WinDomainOsManager(WindowsOsManager):
return '\t'.join([
'v4',
self._domain, self._ou, self._account,
CryptoManager.manager().encrypt(self._password),
cryptoManager().encrypt(self._password),
encoders.encode(base, 'hex', asText=True),
self._group, self._serverHint, self._ssl, self._removeOnExit]
).encode('utf8')
@ -310,7 +309,7 @@ class WinDomainOsManager(WindowsOsManager):
self._domain = data[1]
self._ou = data[2]
self._account = data[3]
self._password = CryptoManager.manager().decrypt(data[4])
self._password = cryptoManager().decrypt(data[4])
if data[0] in ('v2', 'v3', 'v4'):
self._group = data[6]

6
server/src/uds/osmanagers/WindowsOsManager/WinRandomPassOsManager.py
View File

@ -12,7 +12,7 @@ from __future__ import unicode_literals
from django.utils.translation import ugettext_noop as _
from uds.core.ui.UserInterface import gui
from uds.core.managers.CryptoManager import CryptoManager
from uds.core.managers import cryptoManager
from uds.core import osmanagers
from .WindowsOsManager import WindowsOsManager
from uds.core.util import log
@ -80,13 +80,13 @@ class WinRandomPassManager(WindowsOsManager):
'''
Serializes the os manager data so we can store it in database
'''
return '\t'.join(['v1', self._userAccount, CryptoManager.manager().encrypt(self._password), encoders.encode(base, 'hex', asText=True)]).encode('utf8')
return '\t'.join(['v1', self._userAccount, cryptoManager().encrypt(self._password), encoders.encode(base, 'hex', asText=True)]).encode('utf8')
def unmarshal(self, s):
data = s.decode('utf8').split('\t')
if data[0] == 'v1':
self._userAccount = data[1]
self._password = CryptoManager.manager().decrypt(data[2])
self._password = cryptoManager().decrypt(data[2])
super(WinRandomPassManager, self).unmarshal(encoders.decode(data[3], 'hex'))
def valuesDict(self):