def check_cert_sid (self, sid, server):
import threading
curThread = threading.currentThread()
cert = curThread.client_cert
from cert_cmd import find_cert_id
cert_id = find_cert_id(cert, server.data_path, server.certbase)
cert_id = int(cert_id)
if cert_id == 0:
return 0
# session file
if not os.path.exists(server.sids):
os.system('mkdir %s' %server.sids)
if not os.path.isfile(server.sids_file):
open(server.sids_file, 'w')
fd = open(server.sids_file, 'r')
while 1:
try:
# read all on one record
list_sid = pickle.load(fd)
except Exception:
break
# find session id in sids file
if cert_id == int(list_sid[1]):
if int(sid) == int(list_sid[0]):
return 1
return 0
def check_sid_cert(self, sid):
curThread = threading.currentThread()
certificate = curThread.client_cert
cert_id = find_cert_id(certificate, self.data_path, self.certbase)
# if certificate not found in database
if cert_id == 0:
return -1
# check, This certificate is launched session
# Data taken from sid.db
flag = 0
# create, if file not exists
if not os.path.exists(self.sids_file):
return 0
# temp = open(self.sids_file, 'w')
# temp.close()
fd = open(self.sids_file, 'r')
while 1:
try:
# read all on one record
list_sid = pickle.load(fd)
except:
break
# when session id equal readable...
if int(sid) == int(list_sid[0]):
# ... and certificate id equal launched this session...
if int(cert_id) == int(list_sid[1]):
# ... set flag
flag = 1
fd.close()
# if validation fails
return flag
def serv_get_methods(self, client_type):
curThread = threading.currentThread()
certificate = curThread.client_cert
from cert_cmd import find_cert_id
cert_id = find_cert_id (certificate, self.data_path, self.certbase)
rights = self.serv_view_cert_right(cert_id, self.data_path,client_type)
return_list = []
if client_type == "console":
for meth in self.return_conMethod():
right_flag = True
for right in Dec.rightsMethods[meth[1]]:
if not right in rights:
right_flag = False
if right_flag:
return_list.append(meth)
if not len(return_list):
return [['0','0']]
return return_list
else:
curThread = threading.currentThread()
for meth in self.return_guiMethod():
right_flag = True
for right in Dec.rightsMethods[meth[1]]:
if not right in rights:
right_flag = False
if right_flag:
return_list.append(meth)
if not len(return_list):
return [['0','0']]
return return_list
def check_cert_pid (self, sid, pid):
import threading
curThread = threading.currentThread()
cert = curThread.client_cert
from cert_cmd import find_cert_id
cert_id = find_cert_id(cert, self.data_path, self.certbase)
cert_id = int(cert_id)
if cert_id == 0:
return 0
# session file
if not os.path.exists(self.sids):
os.system('mkdir %s' %self.sids)
check = 0
fd = open(self.sids_file, 'r')
while 1:
try:
# read all on one record
list_sid = pickle.load(fd)
except:
break
# find session id in sids file
if cert_id == int(list_sid[1]):
if sid == int(list_sid[0]):
check = 1
if check == 0:
return 0
fd = open(self.sids_pids, 'r')
while 1:
try:
#read out on 1 record
list_pid = pickle.load(fd)
except:
break
if sid == int(list_pid[0]):
if pid == int(list_pid[1]):
fd.close()
return 1
fd.close()
return 0
def serv_post_cert (self) :
""" transfer the client certificate """
curThread = threading.currentThread()
certificate = curThread.client_cert
if certificate == None:
return [-3]
checked_id = find_cert_id(certificate, self.data_path, self.certbase)
try:
if int(checked_id) < 1:
return [-2]
except:
return [-4]
results = []
with open(self.certbase) as fd:
t = fd.read()
# See each line
for line in t.splitlines():
# and each word in line
words = line.split()
# if in line present certificate id
if len(words) > 3:
if words[0] == checked_id:
results.append(checked_id)
date = datetime.datetime.strptime \
(words[2]+' '+words[3], '%Y-%m-%d %H:%M:%S.%f')
d = datetime.datetime.now() - date
v = DAY_CERT - d.days # How many days left certificate
if v < 0:
#Method deleted certificate
v = -2 # expiry date has passed
elif v > 60: # For a long time, is not displayed to the client
v = -1
results.append (v)
return results
return [-4]
def serv_init_session(self, sid, lang):
DAY_CERT = 600
curThread = threading.currentThread()
certificate = curThread.client_cert
results = []
if certificate == None:
return ([-3], [0])
checked_id = find_cert_id(certificate, self.data_path, self.certbase)
try:
if int(checked_id) < 1:
return ([-4], [0])
except:
return ([-4], [0])
# client_cert_file = self.data_path + '/client_certs/' + str(checked_id)
results = []
cert_id = checked_id
with open(self.certbase) as fd:
t = fd.read()
# See each line
for line in t.splitlines():
# and each word in line
words = line.split()
# if in line present certificate id
if len(words) > 3:
if words[0] == checked_id:
results.append(checked_id)
date = datetime.datetime.strptime \
(words[2]+' '+words[3], '%Y-%m-%d %H:%M:%S.%f')
d = datetime.datetime.now() - date
v = DAY_CERT - d.days # How many days left certificate
if v < 0:
#Method deleted certificate
v = -2 # expiry date has passed
elif v > 60: # For a long time, is not displayed to
# the client
v = -1
results.append (v)
#return results
if not results:
return ([-4], [0])
if sid < 0 or sid > self.max_sid:
sid = 0
session = 1
flag = 1
# if session is new
if sid == 0:
while flag == 1:
# generation number
new_sid = random.randint(1, self.max_sid)
# Check there is already the number
flag = self.find_sid_in_file(sid)
# add session id
self.add_sid_in_file(new_sid, cert_id, lang)
sid = new_sid
# if session is old
else:
# find number in file registered
# if not registered
if not self.find_sid_in_file(sid):
# add session id in file
self.add_sid_in_file(sid, cert_id, lang)
else:
self.set_sid_lang(sid, lang)
# set - old session
session = 0
# session id and flad (new or old) session
result = []
result.append(sid)
result.append(session)
return (results, result)
