From d9d3bc452c07f63eda080d989df879d7ab895b9d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adolfo=20G=C3=B3mez=20Garc=C3=ADa?= Date: Sat, 6 Aug 2022 20:19:23 +0200 Subject: [PATCH 1/3] fixed login/logout --- actor/src/udsactor/http/local.py | 2 +- actor/src/udsactor/service.py | 19 +++++++++---------- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/actor/src/udsactor/http/local.py b/actor/src/udsactor/http/local.py index 77a023b6..f9b0c46f 100644 --- a/actor/src/udsactor/http/local.py +++ b/actor/src/udsactor/http/local.py @@ -42,7 +42,7 @@ class LocalProvider(handler.Handler): return result._asdict() def post_logout(self) -> typing.Any: - self._service.logout(self._params['username']) + self._service.logout(self._params['username'], self._params['session_type']) return 'ok' def post_ping(self) -> typing.Any: diff --git a/actor/src/udsactor/service.py b/actor/src/udsactor/service.py index 7c94acd7..8e7b62f0 100644 --- a/actor/src/udsactor/service.py +++ b/actor/src/udsactor/service.py @@ -465,7 +465,7 @@ class CommonService: # pylint: disable=too-many-instance-attributes # Now check if every registered client is already there (if logged in OFC) if self._loggedIn and not self._clientsPool.ping(): - self.logout('client_unavailable') + self.logout('client_unavailable', '') except Exception as e: logger.error('Exception on main service loop: %s', e) @@ -488,8 +488,6 @@ class CommonService: # pylint: disable=too-many-instance-attributes result = types.LoginResultInfoType( ip='', hostname='', dead_line=None, max_idle=None ) - self._loggedIn = True - master_token = None secret = None # If unmanaged, do initialization now, because we don't know before this @@ -515,16 +513,16 @@ class CommonService: # pylint: disable=too-many-instance-attributes secret, ) - script = platform.store.invokeScriptOnLogin() - if script: - script += f'{username} {sessionType or "unknown"} {self._cfg.actorType}' - self.execute(script, 'Logon') + if result.logged_in: + self._loggedIn = True + script = platform.store.invokeScriptOnLogin() + if script: + script += f'{username} {sessionType or "unknown"} {self._cfg.actorType}' + self.execute(script, 'Logon') return result - def logout(self, username: str, sessionType: typing.Optional[str] = None) -> None: - self._loggedIn = False - + def logout(self, username: str, sessionType: typing.Optional[str]) -> None: master_token = self._cfg.master_token # Own token will not be set if UDS did not assigned the initialized VM to an user @@ -546,6 +544,7 @@ class CommonService: # pylint: disable=too-many-instance-attributes logger.info('Logout from %s ignored as required by uds broker', username) return + self._loggedIn = False self.onLogout(username) if not self.isManaged(): From 98826504d6de6fb1e4363a2a6b8abc7150dbe70c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adolfo=20G=C3=B3mez=20Garc=C3=ADa?= Date: Sun, 14 Aug 2022 21:52:06 +0200 Subject: [PATCH 2/3] fixing up sqlite --- server/src/uds/REST/methods/actor_v3.py | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/server/src/uds/REST/methods/actor_v3.py b/server/src/uds/REST/methods/actor_v3.py index 59f5fe4b..21932ad0 100644 --- a/server/src/uds/REST/methods/actor_v3.py +++ b/server/src/uds/REST/methods/actor_v3.py @@ -84,7 +84,7 @@ def checkBlockedIp(ip: str) -> None: def incFailedIp(ip: str) -> None: cache = Cache('actorv3') - fails = (cache.get(ip) or 0) + 1 + fails = cache.get(ip, 0) + 1 cache.put(ip, fails, GlobalConfig.LOGIN_BLOCK.getInt()) @@ -113,6 +113,7 @@ class ActorV3Action(Handler): try: return UserService.objects.get(uuid=self._params['token']) except UserService.DoesNotExist: + logger.error('User service not found (params: %s)', self._params) raise BlockAccess() def action(self) -> typing.MutableMapping[str, typing.Any]: @@ -120,13 +121,13 @@ class ActorV3Action(Handler): def post(self) -> typing.MutableMapping[str, typing.Any]: try: - checkBlockedIp(self._request.ip) # pylint: disable=protected-access + checkBlockedIp(self._request.ip) result = self.action() logger.debug('Action result: %s', result) return result except (BlockAccess, KeyError): # For blocking attacks - incFailedIp(self._request.ip) # pylint: disable=protected-access + incFailedIp(self._request.ip) except Exception as e: logger.exception('Posting %s: %s', self.__class__, e) @@ -181,6 +182,7 @@ class Register(ActorV3Action): actorToken.log_level = self._params['log_level'] actorToken.stamp = getSqlDatetime() actorToken.save() + logger.info('Registered actor %s', self._params) except Exception: actorToken = ActorToken.objects.create( username=self._user.pretty_name, @@ -453,8 +455,10 @@ class LoginLogout(ActorV3Action): else: service.processLogout(validId, remote_login=is_remote) - # All right, service notified... - except Exception: + # All right, service notified.. + except Exception as e : + # Log error and continue + logger.error('Error notifying service: %s (%s)', e, self._params) raise BlockAccess() From bc2328a239f069593d8d85f1cbfe97518d91e36d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adolfo=20G=C3=B3mez=20Garc=C3=ADa?= Date: Sun, 14 Aug 2022 21:52:24 +0200 Subject: [PATCH 3/3] fixing up sqlite --- server/src/uds/REST/methods/actor_v3.py | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/server/src/uds/REST/methods/actor_v3.py b/server/src/uds/REST/methods/actor_v3.py index 59f5fe4b..1c9fdeb5 100644 --- a/server/src/uds/REST/methods/actor_v3.py +++ b/server/src/uds/REST/methods/actor_v3.py @@ -66,7 +66,8 @@ class BlockAccess(Exception): # Helpers - +def fixIdsList(idsList: typing.List[str]) -> typing.List[str]: + return [i.upper() for i in idsList] + [i.lower() for i in idsList] def checkBlockedIp(ip: str) -> None: if GlobalConfig.BLOCK_ACTOR_FAILURES.getBool() is False: @@ -263,8 +264,8 @@ class Initialize(ActorV3Action): # Valid actor token, now validate access allowed. That is, look for a valid mac from the ones provided. try: - # Enforce lowecase ids for sqlite - idsList = [i.lower() for i in idsList] + # ensure idsLists has upper and lower versions for case sensitive databases + idsList = fixIdsList(idsList) # Set full filter dbFilter = dbFilter.filter( unique_id__in=idsList, @@ -433,8 +434,8 @@ class LoginLogout(ActorV3Action): x['mac'] for x in self._params['id'] ][:10] - # Enforce lowercase for idList - idsList = [x.lower() for x in idsList] + # ensure idsLists has upper and lower versions for case sensitive databases + idsList = fixIdsList(idsList) validId: typing.Optional[str] = service.getValidId(idsList) @@ -647,8 +648,8 @@ class Unmanaged(ActorV3Action): ][:10] validId: typing.Optional[str] = service.getValidId(idsList) - # enforce lowercase idsList - idsList = [i.lower() for i in idsList] + # ensure idsLists has upper and lower versions for case sensitive databases + idsList = fixIdsList(idsList) # Check if there is already an assigned user service # To notify it logout