Ejemplo n.º 1
0
    def __set_required_variables(self):
        host_data = self.host_data

        # 设置 connection 插件连接方式
        self.set_variable('ansible_connection',
                          settings.ANSIBLE_CONNECTION_TYPE)

        # ssh 连接参数,提升速度, 仅到连接插件为 ssh 时生效,paramiko 模式下不生效
        if settings.ANSIBLE_CONNECTION_TYPE == 'ssh':
            self.set_variable(
                'ansible_ssh_args',
                '-C -o ControlMaster=auto -o ControlPersist=60s')

        # self.set_variable('ansible_host_key_checking', False)
        self.set_variable('ansible_ssh_host_key_checking', False)
        self.set_variable('ansible_host', host_data['ip'])
        self.set_variable('ansible_port', host_data['port'])

        if host_data.get('username'):
            self.set_variable('ansible_user', host_data['username'])

        # 添加密码和秘钥
        if host_data.get('password'):
            self.set_variable('ansible_ssh_pass',
                              decrypt(host_data['password']))
        if host_data.get('private_key'):
            self.set_variable('ansible_ssh_private_key_file',
                              host_data['private_key'])

        if settings.ANSIBLE_CONNECTION_TYPE == 'ssh':
            self.set_variable('ansible_ssh_pipelining', True)

        # 添加become支持
        become = host_data.get('become', False)
        if become:
            self.set_variable('ansible_become', True)
            self.set_variable('ansible_become_method',
                              become.get('method', 'sudo'))
            if become.get('method', 'sudo') == 'sudo':
                if settings.ANSIBLE_CONNECTION_TYPE == 'ssh':
                    # ansible_ssh_pipelining 可以加快执行速度,但是不兼容 sudo,仅到连接插件为 ssh 时生效,paramiko 不生效
                    self.set_variable('ansible_ssh_pipelining', False)
            self.set_variable('ansible_become_user',
                              become.get('user', 'root'))
            self.set_variable('ansible_become_pass',
                              decrypt(become.get('pass', '')))
        else:
            self.set_variable('ansible_become', False)
Ejemplo n.º 2
0
 def set_ssh_args(self, hostid):
     # 准备proxy_client ==>> ssh_server连接参数,用于后续SSH、SFTP
     # remote_host = RemoteUserBindHost.objects.get(id=hostid, enabled=True)
     if self.user_role and self.http_user == 'admin':
         hosts = RemoteUserBindHost.objects.filter(pk=hostid, enabled=True)
     else:
         hosts = RemoteUserBindHost.objects.filter(
             Q(user__username=self.http_user) | Q(group__user__username=self.http_user),
             pk=hostid,
             enabled=True
         ).distinct()
     if not hosts:
         raise Exception("不存在的主机")
     else:
         remote_host = hosts[0]
     self.hostname = remote_host.hostname
     self.superusername = remote_host.remote_user.superusername
     self.superpassword = decrypt(remote_host.remote_user.superpassword)
     host = remote_host.ip
     port = remote_host.port
     user = remote_host.remote_user.username
     passwd = decrypt(remote_host.remote_user.password)
     # self.ssh_args = ('192.168.223.112', 22, 'root', '123456')
     self.ssh_args = (host, port, user, passwd)
Ejemplo n.º 3
0
    def subscription(self, zmq_message):
        try:
            action, encrypted_message = zmq_message;

            #decrypt the message here
            zmq_iv = encrypted_message[0:12]
            zmq_cipher = encrypted_message[12:-16] 
            zmq_tag = encrypted_message[-16:]        
            zmq_decrypted = decrypt(self.hashed_key, "", zmq_iv, zmq_cipher, zmq_tag)
    
            message = zmq_decrypted 
            #logging.debug("decrypted message: %s"%message)
            return self.process_received_message(action, message);
        except:
            logging.error("Invalid message: %s"%zmq_message)
            return False
Ejemplo n.º 4
0
def load(filename, password=None, zip=True):
    """
    Load previously (compressed if ``zip``) SessionLog XML data from
    ``filename`` and return an SessionLogRO instance for it. A ``password`` can
    optionally be passed if data was written in an encrypted fashion. (For
    information about the XML structure see the documentation for the
    SeesionLog class).

    NOTE: parse errors will be reported back as ``IOError`` to keep error
    handling clean and simple, detailed errors are useless since manual
    inspection needed anyways to determine cause of corruption.
    """
    if zip:
        data = gzip.open(filename, "rb").read()
    else:
        data = open(filename, "rt").read()
    if password:
        data = crypto.decrypt(data, password)
    try:
        return SessionLogRO(ET.fromstring(data))
    except Exception, e:
        raise IOError("Corrupt session log")
Ejemplo n.º 5
0
 def decrypt(self, data, data_iv, data_tag):
     return decrypt(self.db_encryption_key, "", data_iv, data, data_tag)
Ejemplo n.º 6
0
def session_download(request, pk):
    def file_iterator(file_name, chunk_size=8192):
        with open(file_name, 'rb') as f:
            while 1:
                c = f.read(chunk_size)
                if c:
                    yield c
                else:
                    break
        os.remove(file_name)
        terminal_log(
            username,
            remote_host.hostname,
            remote_host.ip,
            'sftp',
            remote_host.port,
            remote_host.remote_user.username,
            '下载文件 {}'.format(download_file),
            'nothing',
            request.META.get('REMOTE_ADDR', None),  # 客户端 ip
            request.META.get('HTTP_USER_AGENT', None),
            start_time,
        )

    download_file = request.POST.get('real_download_file', None)
    if not download_file:
        error_message = '参数不正确!'
        return HttpResponse(error_message)
    username = request.session.get('username')
    if request.session['issuperuser'] and request.session['username'] == 'admin':
        hosts = RemoteUserBindHost.objects.filter(pk=pk, enabled=True)
    else:
        hosts = RemoteUserBindHost.objects.filter(
            Q(user__username=username) | Q(group__user__username=username),
            pk=pk,
            enabled=True
        ).distinct()
    if not hosts:
        error_message = '不存在的主机!'
        return JsonResponse({"code": 400, "error": error_message})
    try:
        start_time = timezone.now()
        remote_host = hosts[0]
        download_file_path = os.path.join(settings.MEDIA_ROOT, username, 'download', remote_host.ip)
        if not os.path.exists(download_file_path):
            os.makedirs(download_file_path, exist_ok=True)
        file_path, file_name = os.path.split(download_file)
        local_file = '{}/{}'.format(download_file_path, file_name)
        sftp = SFTP(
            remote_host.ip, remote_host.port, remote_host.remote_user.username, decrypt(remote_host.remote_user.password)
        )
        downloaded = sftp.download_file(download_file, local_file)
        if not downloaded:
            error_message = '下载文件错误!'
            return HttpResponse(error_message)
        if os.path.getsize(local_file) == 0:
            os.remove(local_file)
            error_message = '下载文件错误!'
            return HttpResponse(error_message)
        # response = FileResponse(open(local_file, 'rb'))  # 使用FileResponse,会占用大内存
        response = FileResponse(file_iterator(local_file))  # 使用FileResponse, 并且使用迭代器,不占内存,还可以根据chunk_size控制带宽
        response['Content-Type'] = 'application/octet-stream'
        response['Content-Disposition'] = 'attachment;filename="{0}"'.format(urlquote(file_name))    # url 编码中文
        return response
    except Exception:
        error_message = '下载文件错误!'
        return HttpResponse(error_message)
Ejemplo n.º 7
0
def session_upload(request, pk):
    username = request.session.get('username')
    if request.session['issuperuser'] and request.session['username'] == 'admin':
        hosts = RemoteUserBindHost.objects.filter(pk=pk, enabled=True)
    else:
        hosts = RemoteUserBindHost.objects.filter(
            Q(user__username=username) | Q(group__user__username=username),
            pk=pk,
            enabled=True
        ).distinct()
    if not hosts:
        error_message = '不存在的主机!'
        return JsonResponse({"code": 400, "error": error_message})
    try:
        remote_host = hosts[0]
        # upload_file = request.FILES.get('upload_file')
        upload_file = request.FILES.get('fileBlob')
        file_name = request.POST.get('fileName')
        # 使用md5后的文件名保存分段,防止合并时因为文件名的原因出错
        file_name_md5 = hashlib.md5(file_name.encode(encoding='UTF-8')).hexdigest()
        file_chunk_count = request.POST.get('chunkCount')
        file_chunk_index = request.POST.get('chunkIndex')
        file_size = request.POST.get('fileSize')
        upload_file_path = os.path.join(settings.MEDIA_ROOT, username, 'upload', remote_host.ip)
        if not os.path.exists(upload_file_path):
            os.makedirs(upload_file_path, exist_ok=True)
        local_file = '{}/{}'.format(upload_file_path, '{}_{}_{}'.format(
            file_name_md5, file_chunk_count, int(file_chunk_index) + 1)
        )
        with open(local_file, 'wb') as f:
            for chunk in upload_file.chunks():
                f.write(chunk)
        complete = file_combine(int(file_size), int(file_chunk_count), upload_file_path, file_name, file_name_md5)
        uploaded = False
        remote_path = None
        if complete:
            start_time = timezone.now()
            sftp = SFTP(
                remote_host.ip, remote_host.port, remote_host.remote_user.username, decrypt(remote_host.remote_user.password)
            )
            uploaded, remote_path = sftp.upload_file(file_name, upload_file_path)
            os.remove('{}/{}'.format(upload_file_path, file_name))
            terminal_log(
                username,
                remote_host.hostname,
                remote_host.ip,
                'sftp',
                remote_host.port,
                remote_host.remote_user.username,
                '上传文件 {}/{}'.format(remote_path, file_name),
                'nothing',
                request.META.get('REMOTE_ADDR', None),  # 客户端 ip
                request.META.get('HTTP_USER_AGENT', None),
                start_time,
            )
        mess = {
            "code": 200,
            "chunkIndex": file_chunk_index,
            "filename": file_name,
            "complete": complete,
            "uploaded": uploaded,
            "remote_path": remote_path
        }
        return JsonResponse(mess)      # fileinput 分片上传
    except Exception:
        error_message = '上传文件错误!'
        return JsonResponse({"code": 401, "error": error_message})
Ejemplo n.º 8
0
    def connect(self):
        """
        打开 websocket 连接, 通过前端传入的参数尝试连接 ssh 主机
        :return:
        """
        self.accept()
        async_to_sync(self.channel_layer.group_add)(self.group,
                                                    self.channel_name)  # 加入组
        self.start_time = timezone.now()
        self.session = self.scope.get('session', None)
        if not self.session.get('islogin', None):  # 未登录直接断开 websocket 连接
            self.message['status'] = 2
            self.message['message'] = 'You are not login in...'
            message = json.dumps(self.message)
            if self.send_flag == 0:
                self.send(message)
            elif self.send_flag == 1:
                async_to_sync(self.channel_layer.group_send)(self.group, {
                    "type": "chat.message",
                    "text": message,
                })
            self.close(3001)

        if 'webssh终端' not in self.session[
                settings.INIT_PERMISSION]['titles']:  # 判断权限
            self.message['status'] = 2
            self.message['message'] = '无权限'
            message = json.dumps(self.message)
            if self.send_flag == 0:
                self.send(message)
            elif self.send_flag == 1:
                async_to_sync(self.channel_layer.group_send)(self.group, {
                    "type": "chat.message",
                    "text": message,
                })
            self.close(3001)

        self.check_login()
        query_string = self.scope.get('query_string').decode()
        ssh_args = QueryDict(query_string=query_string, encoding='utf-8')
        width = ssh_args.get('width')
        height = ssh_args.get('height')
        width = int(width)
        height = int(height)
        auth = None
        ssh_key_name = '123456'
        hostid = int(ssh_args.get('hostid'))
        try:
            if not self.session['issuperuser']:  # 普通用户判断是否有相关主机或者权限
                hosts = RemoteUserBindHost.objects.filter(
                    Q(id=hostid),
                    Q(enabled=True),
                    Q(user__username=self.session['username'])
                    | Q(group__user__username=self.session['username']),
                ).distinct()
            else:
                hosts = RemoteUserBindHost.objects.filter(
                    Q(id=hostid),
                    Q(enabled=True),
                ).distinct()
            if not hosts:
                self.message['status'] = 2
                self.message['message'] = 'Host is not exist...'
                message = json.dumps(self.message)
                if self.send_flag == 0:
                    self.send(message)
                elif self.send_flag == 1:
                    async_to_sync(self.channel_layer.group_send)(
                        self.group, {
                            "type": "chat.message",
                            "text": message,
                        })
                self.close(3001)
            self.remote_host = RemoteUserBindHost.objects.get(id=hostid)
        except Exception:
            print(traceback.format_exc())
            self.message['status'] = 2
            self.message['message'] = 'Host is not exist...'
            message = json.dumps(self.message)
            if self.send_flag == 0:
                self.send(message)
            elif self.send_flag == 1:
                async_to_sync(self.channel_layer.group_send)(self.group, {
                    "type": "chat.message",
                    "text": message,
                })
            self.close(3001)

        host = self.remote_host.ip
        port = self.remote_host.port
        user = self.remote_host.remote_user.username
        passwd = decrypt(self.remote_host.remote_user.password)
        timeout = 15
        self.ssh = SSH(websocker=self, message=self.message)
        ssh_connect_dict = {
            'host': host,
            'user': user,
            'port': port,
            'timeout': timeout,
            'pty_width': width,
            'pty_height': height,
            'password': passwd,
        }
        if auth == 'key':
            ssh_key_file = os.path.join(TMP_DIR, ssh_key_name)
            with open(ssh_key_file, 'r') as f:
                ssh_key = f.read()

            string_io = StringIO()
            string_io.write(ssh_key)
            string_io.flush()
            string_io.seek(0)
            ssh_connect_dict['ssh_key'] = string_io

            os.remove(ssh_key_file)

        self.ssh.connect(**ssh_connect_dict)
        if self.remote_host.remote_user.enabled:
            if self.remote_host.remote_user.superusername:
                if '登陆后su跳转超级用户' in self.session[
                        settings.INIT_PERMISSION]['titles']:  # 判断权限
                    self.ssh.su_root(
                        self.remote_host.remote_user.superusername,
                        decrypt(self.remote_host.remote_user.superpassword),
                        1,
                    )

        for i in self.scope['headers']:
            if i[0].decode('utf-8') == 'user-agent':
                self.user_agent = i[1].decode('utf-8')
                break

        for i in self.scope['headers']:
            if i[0].decode('utf-8') == 'x-real-ip':
                self.client = i[1].decode('utf-8')
                break
            if i[0].decode('utf-8') == 'x-forwarded-for':
                self.client = i[1].decode('utf-8').split(',')[0]
                break
            self.client = self.scope['client'][0]

        data = {
            'name': self.channel_name,
            'group': self.group,
            'user': self.session.get('username'),
            'host': host,
            'username': user,
            'protocol': self.remote_host.protocol,
            'port': port,
            'type': 1,  # 1 webssh
            'address': self.client,
            'useragent': self.user_agent,
        }
        TerminalSession.objects.create(**data)
Ejemplo n.º 9
0
    def connect(self):
        """
        打开 websocket 连接, 通过前端传入的参数尝试连接 telnet 主机
        :return:
        """
        self.accept()
        async_to_sync(self.channel_layer.group_add)(self.group,
                                                    self.channel_name)  # 加入组
        self.start_time = timezone.now()
        self.session = self.scope.get('session', None)
        if not self.session.get('islogin', None):  # 未登录直接断开 websocket 连接
            self.message['status'] = 2
            self.message['message'] = 'You are not login in...'
            message = json.dumps(self.message)
            self.send(message)
            self.close(3001)

        if 'webtelnet终端' not in self.session[
                settings.INIT_PERMISSION]['titles']:  # 判断权限
            self.message['status'] = 2
            self.message['message'] = '无权限'
            message = json.dumps(self.message)
            self.send(message)
            self.close(3001)

        self.check_login()

        query_string = self.scope.get('query_string')
        telnet_args = QueryDict(query_string=query_string, encoding='utf-8')
        hostid = int(telnet_args.get('hostid'))
        try:
            if not self.session['issuperuser']:  # 普通用户判断是否有相关主机或者权限
                hosts = RemoteUserBindHost.objects.filter(
                    Q(id=hostid),
                    Q(enabled=True),
                    Q(user__username=self.session['username'])
                    | Q(group__user__username=self.session['username']),
                ).distinct()
            else:
                hosts = RemoteUserBindHost.objects.filter(
                    Q(id=hostid),
                    Q(enabled=True),
                ).distinct()
            if not hosts:
                self.message['status'] = 2
                self.message['message'] = 'Host is not exist...'
                message = json.dumps(self.message)
                if self.send_flag == 0:
                    self.send(message)
                elif self.send_flag == 1:
                    async_to_sync(self.channel_layer.group_send)(
                        self.group, {
                            "type": "chat.message",
                            "text": message,
                        })
                self.close(3001)
            self.remote_host = RemoteUserBindHost.objects.get(id=hostid)
        except Exception:
            print(traceback.format_exc())
            self.message['status'] = 2
            self.message['message'] = 'Host is not exist...'
            message = json.dumps(self.message)
            if self.send_flag == 0:
                self.send(message)
            elif self.send_flag == 1:
                async_to_sync(self.channel_layer.group_send)(self.group, {
                    "type": "chat.message",
                    "text": message,
                })
            self.close(3001)

        host = self.remote_host.ip
        port = self.remote_host.port
        user = self.remote_host.remote_user.username
        passwd = decrypt(self.remote_host.remote_user.password)
        timeout = 15
        self.telnet = Telnet(websocker=self, message=self.message)
        telnet_connect_dict = {
            'host': host,
            'user': user,
            'port': port,
            'password': passwd,
            'timeout': timeout,
        }

        self.telnet.connect(**telnet_connect_dict)
        if self.remote_host.remote_user.enabled:
            if self.session.get('issuperuser', None):  # 超级管理员才能使用 su 跳转功能
                if self.remote_host.remote_user.superusername:
                    self.telnet.su_root(
                        self.remote_host.remote_user.superusername,
                        decrypt(self.remote_host.remote_user.superpassword),
                        1,
                    )
        for i in self.scope['headers']:
            if i[0].decode('utf-8') == 'user-agent':
                self.user_agent = i[1].decode('utf-8')
                break

        for i in self.scope['headers']:
            if i[0].decode('utf-8') == 'x-real-ip':
                self.client = i[1].decode('utf-8')
                break
            if i[0].decode('utf-8') == 'x-forwarded-for':
                self.client = i[1].decode('utf-8').split(',')[0]
                break
            self.client = self.scope['client'][0]
        data = {
            'name': self.channel_name,
            'group': self.group,
            'user': self.session.get('username'),
            'host': host,
            'username': user,
            'protocol': self.remote_host.protocol,
            'port': port,
            'type': 5,  # 5 webtelnet
            'address': self.client,
            'useragent': self.user_agent,
        }
        TerminalSession.objects.create(**data)
Ejemplo n.º 10
0
    def connect(self):
        self.accept('guacamole')
        async_to_sync(self.channel_layer.group_add)(self.group, self.channel_name)  # 加入组
        self.session = self.scope.get('session', None)
        if not self.session.get('islogin', None):    # 未登录直接断开 websocket 连接
            self.close(3001)

        if 'webguacamole终端' not in self.session[settings.INIT_PERMISSION]['titles']:    # 判断权限
            self.close(3001)

        if not self.session['issuperuser']:
            hosts = RemoteUserBindHost.objects.filter(
                Q(id=self.hostid),
                Q(enabled=True),
                Q(user__username=self.session['username']) | Q(group__user__username=self.session['username']),
            ).distinct()
        else:
            hosts = RemoteUserBindHost.objects.filter(
                Q(id=self.hostid),
                Q(enabled=True),
            ).distinct()
        if not hosts:
            self.close(3001)

        self.remote_host = RemoteUserBindHost.objects.get(id=self.hostid)

        _type = 7
        if self.remote_host.get_protocol_display() == 'vnc':    # vnc 登陆不需要账号
            _type = 8

        self.guacamoleclient = Client(websocker=self)
        self.guacamoleclient.connect(
            protocol=self.remote_host.get_protocol_display(),
            hostname=self.remote_host.ip,
            port=self.remote_host.port,
            username=self.remote_host.remote_user.username,
            password=decrypt(self.remote_host.remote_user.password),
            width=self.width,
            height=self.height,
            dpi=self.dpi,
        )

        for i in self.scope['headers']:
            if i[0].decode('utf-8') == 'user-agent':
                self.user_agent = i[1].decode('utf-8')
                break

        for i in self.scope['headers']:
            if i[0].decode('utf-8') == 'x-real-ip':
                self.client = i[1].decode('utf-8')
                break
            if i[0].decode('utf-8') == 'x-forwarded-for':
                self.client = i[1].decode('utf-8').split(',')[0]
                break
            self.client = self.scope['client'][0]

        data = {
            'name': self.channel_name,
            'group': self.group,
            'user': self.session.get('username'),
            'host': self.remote_host.ip,
            'username': self.remote_host.remote_user.username,
            'protocol': self.remote_host.protocol,
            'port': self.remote_host.port,
            'type': _type,  # 7 webrdp  8 webvnc
            'address': self.client,
            'useragent': self.user_agent,
        }
        TerminalSession.objects.create(**data)
        t = threading.Thread(target=self.check_timeout)
        t.daemon = True
        t.start()
Ejemplo n.º 11
0
    def connect(self):
        self.accept('guacamole')
        async_to_sync(self.channel_layer.group_add)(self.group,
                                                    self.channel_name)  # 加入组
        self.session = self.scope.get('session', None)
        if not self.session.get('islogin', None):  # 未登录直接断开 websocket 连接
            self.close(3001)

        if 'webguacamole终端' not in self.session[
                settings.INIT_PERMISSION]['titles']:  # 判断权限
            self.close(3001)

        if not self.session['issuperuser']:
            hosts = RemoteUserBindHost.objects.filter(
                Q(id=self.hostid),
                Q(enabled=True),
                Q(user__username=self.session['username'])
                | Q(group__user__username=self.session['username']),
            ).distinct()
        else:
            hosts = RemoteUserBindHost.objects.filter(
                Q(id=self.hostid),
                Q(enabled=True),
            ).distinct()
        if not hosts:
            self.close(3001)

        self.remote_host = RemoteUserBindHost.objects.get(id=self.hostid)

        _type = 7
        if self.remote_host.get_protocol_display() == 'vnc':  # vnc 登陆不需要账号
            _type = 8

        # guacamole 连接性能参数设置
        # enable_wallpaper    如果设置为true,则开启桌面壁纸渲染。默认为不开启
        # enable_theming    如果设置为true,则开启窗口和控件的主题。默认为不开启
        # enable_font_smoothing 如果设置为“true”,文本将以平滑的边缘呈现。默认情况下,RDP上的文本粗体呈现,因为这减少了文本使用的颜色数量,从而减少了连接所需的带宽。
        # enable_full_window_drag   如果设置为“true”,窗口的内容将随着窗口的移动而显示。默认情况下,RDP服务器将仅在窗口拖动时绘制窗口边框。
        # enable_desktop_composition    如果设置为“true”,则允许使用透明窗口和阴影等图形效果。默认情况下,此类效果(如果可用)被禁用。
        # enable_menu_animations    如果设置为“true”,菜单开启和关闭动画将被允许。默认情况下禁用菜单动画。

        self.guacamoleclient = Client(websocker=self)
        if 'webguacamole终端文件上传下载' not in self.session[
                settings.INIT_PERMISSION]['titles']:  # 判断权限
            self.guacamoleclient.connect(
                protocol=self.remote_host.get_protocol_display(),
                hostname=self.remote_host.ip,
                port=self.remote_host.port,
                username=self.remote_host.remote_user.username,
                password=decrypt(self.remote_host.remote_user.password),
                width=self.width,
                height=self.height,
                dpi=self.dpi,
                enable_font_smoothing="true",
            )
        else:
            self.guacamoleclient.connect(
                protocol=self.remote_host.get_protocol_display(),
                hostname=self.remote_host.ip,
                port=self.remote_host.port,
                username=self.remote_host.remote_user.username,
                password=decrypt(self.remote_host.remote_user.password),
                width=self.width,
                height=self.height,
                dpi=self.dpi,
                enable_drive="true",
                drive_name="filesystem",
                drive_path="/fs/{}".format(self.group),
                create_drive_path="true",

                # enable_wallpaper="true",
                # enable_theming="true",
                enable_font_smoothing="true",  # 字体平滑开启就可以了
                # enable_full_window_drag="true",
                # enable_desktop_composition="true",
                # enable_menu_animations="true",
            )

        for i in self.scope['headers']:
            if i[0].decode('utf-8') == 'user-agent':
                self.user_agent = i[1].decode('utf-8')
                break

        for i in self.scope['headers']:
            if i[0].decode('utf-8') == 'x-real-ip':
                self.client = i[1].decode('utf-8')
                break
            if i[0].decode('utf-8') == 'x-forwarded-for':
                self.client = i[1].decode('utf-8').split(',')[0]
                break
            self.client = self.scope['client'][0]

        data = {
            'name':
            self.channel_name,
            'group':
            self.group,
            'user':
            self.session.get('username'),
            'host':
            self.remote_host.ip,
            'username':
            self.remote_host.remote_user.username,
            'protocol':
            self.remote_host.protocol,
            'port':
            self.remote_host.port,
            'type':
            _type,  # 7 webrdp  8 webvnc
            'address':
            self.client,
            'useragent':
            self.user_agent,
            'connect_info':
            '{0}_{1}_{2}_{3}'.format(self.width, self.height, self.dpi,
                                     self.guacamoleclient.guacamoleclient.id)
        }
        TerminalSession.objects.create(**data)
        t = threading.Thread(target=self.check_timeout)
        t.daemon = True
        t.start()
        # 给客户端发送组信息,用于web页面上传文件,需要在 guacamole/js/all.js 中自定义 group 的处理处理方法
        self.send('5.group,10.group_name,{0}.{1};'.format(
            len(self.group), self.group))
Ejemplo n.º 12
0
 def decrypt(self, data, data_iv, data_tag):
     return decrypt(self.db_encryption_key, "", data_iv, data, data_tag)
Ejemplo n.º 13
0
def decrypt_passwd(passwd):
    return decrypt(passwd)
Ejemplo n.º 14
0
    b = '37fbd0f8f39a462e39fef72852061f35'
    print(_de.decrypt(b))

    a = 'WAF@ADmin#Sql$719'
    print(_de.encrypt(a))

    # 使用django配置文件进行设置
    os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'devops.settings')
    # 让django初始化
    import django
    django.setup()
    from util.crypto import encrypt, decrypt
    passwd = '1213'
    en = encrypt(passwd)
    print(en)
    print(decrypt(en))

    x = 'gAAAAABduSzufr3De6SKUdjF44QSU8khLWO1V2n7et1if5pYjUsJ6hxn30sYlXEfiP-JWt5ADjtrx6vI_tE7ZNCwniBX0xWSjQ=='
    print(decrypt(x))

    x = 'gAAAAABduSzujDu0XLd0sy1FvNgd2Ttf9id_YKTG4P2XySMxRM9CFk6qOiAKEnMY1PMByervIGUoDVcK1HuxYIOHYOWU7T115w=='
    print(decrypt(x))

    hosts = {
        'k8s1': '192.168.223.111',
        'k8s2': '192.168.223.111',
        'k8s3': '192.168.223.111',
        'k8s4': '192.168.223.111',
        'k8s5': '192.168.223.111',
        'k8s6': '192.168.223.111',
        'k8s7': '192.168.223.111',