def req_configure(self, request):
try:
document = minidom.parseString(request["data"])
rootNode = document.documentElement
if rootNode != "vm":
raise Exception("invalid root node")
except:
Logger.warn("Invalid input XML")
doc = Document()
rootNode = doc.createElement("error")
rootNode.setAttribute("id", "name")
doc.appendChild(rootNode)
return self.req_answer(doc)
vname = rootnode.getAttribute("id")
ram = rootNode.getAttribute("ram")
vcpus = rootNode.getAttribute("cpu")
self.role_instance.config(vname, vcpus, ram)
rootNode.setAttribute("status", "OK")
return self.req_answer(document)
def del_user(self, user):
if user not in self.ro_users and user not in self.rw_users:
return True
ret = True
if user in self.ro_users:
cmd = "deluser %s %s_ro"%(user, self.group)
else:
cmd = "deluser %s %s_rw"%(user, self.group)
p = System.execute(cmd)
if p.returncode is not 0:
ret = False
Logger.error("FS: unable to del user in group")
Logger.debug("FS: command '%s' return %d: %s"%(cmd, p.returncode, p.stdout.read().decode("UTF-8")))
htgroup = HTGroup(Config.dav_group_file)
if user in self.ro_users:
self.ro_users.remove(user)
htgroup.delete(user, self.group+"_ro")
if user in self.rw_users:
self.rw_users.remove(user)
htgroup.delete(user, self.group+"_rw")
if (len(self.ro_users) + len(self.rw_users)) == 0:
return self.disable()
return True
def mount_cifs(self, share, uri, dest):
mount_env = {}
if share.has_key("login") and share.has_key("password"):
cmd = "mount -t cifs -o 'uid=%s,gid=0,%s,iocharset=utf8' //%s%s %s" % (
self.session.user.name,
self.DEFAULT_PERMISSION,
uri.netloc,
uri.path,
dest,
)
mount_env["USER"] = share["login"]
mount_env["PASSWD"] = share["password"]
else:
cmd = "mount -t cifs -o 'guest,uid=%s,gid=0,%s,iocharset=utf8' //%s%s %s" % (
self.session.user.name,
self.DEFAULT_PERMISSION,
uri.netloc,
uri.path,
dest,
)
cmd = self.transformToLocaleEncoding(cmd)
Logger.debug("Profile, share mount command: '%s'" % (cmd))
p = System.execute(cmd, env=mount_env)
if p.returncode != 0:
Logger.debug("CIFS mount failed (status: %d) => %s" % (p.returncode, p.stdout.read()))
return False
return True
def init(infos):
if infos.has_key("thread_count"):
value = infos["thread_count"]
if value.lower() == "auto":
Config.thread_count = None
else:
try:
nbThread = int(value)
except ValueError:
Logger.error("Invalid int number for thread_count")
nbThread = 1
if nbThread <= 0:
Logger.error("thread_count must be greater than 0")
else:
Config.thread_count = nbThread
if infos.has_key("checkshell"):
Config.checkShell = (infos["checkshell"].lower() == "true")
if infos.has_key("clean_dump_archive"):
Config.clean_dump_archive = (
infos["clean_dump_archive"].lower() == True)
return True
def init(self):
Logger.info("Gateway init")
if version[0] != 2 or version[1] < 6 or (version[1] == 7 and version[2] in [1, 2]):
Logger.error("Gateway:: incompatibility with current Python machine '%d.%d.%d'" % version[:3])
return False
fpem = os.path.join(Config.general.conf_dir, "gateway.pem")
if os.path.exists(fpem):
self.ssl_ctx = SSL.Context(SSL.SSLv23_METHOD)
self.ssl_ctx.use_privatekey_file(fpem)
self.ssl_ctx.use_certificate_file(fpem)
self.ssl_ctx.load_verify_locations(fpem)
if Config.disable_sslv2:
self.ssl_ctx.set_options(SSL.OP_NO_SSLv2)
else:
Logger.error("Gateway role need a certificate (%s)" % fpem)
return False
addr = (Config.address, Config.port)
try:
GatewayTCPHandler.role = self
self.server = GatewayTCPServer(addr, GatewayTCPHandler, bind_and_activate=False)
self.server.allow_reuse_address = Config.general.server_allow_reuse_address
self.server.server_bind()
self.server.server_activate()
except socket.error:
Logger.exception("Gateway:: socket init")
return False
Logger.info('Gateway:: running on (%s, %d)' % addr)
return True
def handle(self):
self.role.kill_mutex.acquire()
best_proc = None
for pid, proc in self.role.processes.items():
ctrl = proc[0][1]
nb_conn = ctrl.send('nb_conn')
self.role.processes[pid][1] = nb_conn
if nb_conn < Config.max_connection:
best_proc = pid
break
if best_proc is None:
if len(self.role.processes) < Config.max_process:
best_proc = self.role.create_process()
else:
best_proc = min(self.role.processes,
key=lambda pid: self.role.processes[pid][1])
Logger.warn(
"WebApps service has reached the open connections limit")
ctrl = self.role.processes[best_proc][0][1]
pickled_sock = pickle.dumps(reduce_socket(self.request)[1])
ctrl.send(('socket', pickled_sock))
self.role.kill_mutex.release()
def req_user_logout(self, request):
try:
document = minidom.parseString(request["data"])
rootNode = document.documentElement
if rootNode.nodeName != "user":
raise Exception("invalid root node")
if not rootNode.hasAttribute("login"):
raise Exception("invalid root node")
login = rootNode.getAttribute("login")
except:
Logger.warn("Invalid xml input !!")
doc = Document()
rootNode = doc.createElement('error')
rootNode.setAttribute("id", "usage")
doc.appendChild(rootNode)
return self.req_answer(doc)
session = self.role_instance.get_session_from_login(login)
if session is None:
doc = Document()
rootNode = doc.createElement('error')
rootNode.setAttribute("id", "unknown user")
doc.appendChild(rootNode)
return self.req_answer(doc)
self.role_instance.spool_action("logoff", session.id)
return self.req_answer(document)
def process(self, request):
path = request["path"]
if request["method"] == "GET":
Logger.debug("do_GET "+path)
if path == "/configuration":
return self.req_server_conf(request)
elif path == "/monitoring":
return self.req_server_monitoring(request)
elif path == "/status":
return self.req_server_status(request)
elif path.startswith("/logs"):
since = 0
extra = path[len("/logs"):]
if extra.startswith("/since/"):
since_str = extra[len("/since/"):]
if since_str.isdigit():
since = int(since_str)
elif len(extra) > 0:
return None
return self.req_server_logs(request, since)
return None
elif request["method"] == "POST":
return None
return None
def __init__(self, args):
win32serviceutil.ServiceFramework.__init__(self, args)
# Give the multiprocessing module a python interpreter to run
if sys.argv[0].endswith("exe"):
basedir = os.path.dirname(sys.argv[0])
multiprocessing.set_executable(os.path.join(basedir, "ulteo-ovd-slaveserver.exe"))
# Init the logger instance
Win32Logger.initialize("OVD", Config.log_level, None)
ConfigModule.report_error = WinReport_error
config_file = os.path.join(Platform.System.get_default_config_dir(), "slaveserver.conf")
if not Config.read(config_file):
Logger.error("invalid configuration file '%s'"%(config_file))
sys.exit(1)
if not Config.is_valid():
Logger.error("invalid config")
sys.exit(1)
Win32Logger.initialize("OVD", Config.log_level, Config.log_file)
SlaveServer.__init__(self, Communication)
self.hWaitStop = win32event.CreateEvent(None, 0, 0, None)
def init(self):
Logger.info("FileServer init")
if not Config.init_role():
return False
if not self.FSBackend.start():
Logger.error("FileServer: failed to initialize FSBackend")
self.FSBackend.stop()
return False
if not self.cleanup_samba():
Logger.error("FileServer: unable to cleanup samba")
return False
if not self.purgeGroup():
Logger.error("FileServer: unable to cleanup users")
return False
if not self.cleanup_repository():
Logger.error("FileServer: unable to cleanup users")
return False
self.shares = self.get_existing_shares()
return True
def create(self):
userData = {}
userData['name'] = self.name
if self.infos.has_key("displayName"):
userData['full_name'] = self.infos["displayName"]
if self.infos.has_key("password"):
userData['password'] = self.infos["password"]
userData['flags'] = win32netcon.UF_DONT_EXPIRE_PASSWD
userData['flags'] |= win32netcon.UF_NORMAL_ACCOUNT
userData['flags'] |= win32netcon.UF_PASSWD_CANT_CHANGE
userData['flags'] |= win32netcon.UF_SCRIPT
userData['priv'] = win32netcon.USER_PRIV_USER
userData['primary_group_id'] = ntsecuritycon.DOMAIN_GROUP_RID_USERS
userData['password_expired'] = 0 # password never expire
userData['acct_expires'] = win32netcon.TIMEQ_FOREVER
if self.infos.has_key("locale"):
userData['country_code'] = Langs.getLCID(self.infos["locale"])
try:
win32net.NetUserAdd(None, 3, userData)
except Exception:
Logger.exception("unable to create user")
return False
self.post_create()
return True
def get_by_id(cls, app_id):
if cls._instance is None:
Logger.error('[WebApps] using not initialized ApplicationsRepository')
for app_def in cls._instance.process('_list'):
if app_def.id == app_id:
return app_def
def req_debian_id(self, req):
try:
(rid, request) = req.split("/", 2)
req = self.role_instance.apt.get(rid)
if req is None:
req = Apt.Request()
req.status = "unknown"
return self.req_answer(self.debian_request2xml(rid, req))
if request == "status":
return self.req_answer(self.debian_request2xml(rid, req))
elif request in ["stdout", "stderr"]:
response = {}
response["code"] = httplib.OK
response["Content-Type"] = "text/plain"
response["data"] = req.getLog(request)
return response
else:
raise Exception("usage")
except Exception, err:
Logger.warn("Invalid xml input: "+str(err))
doc = Document()
rootNode = doc.createElement('error')
rootNode.setAttribute("id", "usage")
doc.appendChild(rootNode)
return self.req_answer(doc)
def req_debian(self, request):
try:
document = minidom.parseString(request["data"])
rootNode = document.documentElement
if rootNode.nodeName != "debian":
raise Exception("invalid root node")
request = rootNode.getAttribute("request")
if request not in ["upgrade", "install", "remove", "available"]:
raise Exception("usage")
packageNodes = rootNode.getElementsByTagName("package")
if request in ["install", "remove"] and len(packageNodes)==0:
raise Exception("usage")
packages = []
for packageNode in packageNodes:
packages.append(packageNode.getAttribute("name"))
except Exception, err:
Logger.warn("Invalid xml input: "+str(err))
doc = Document()
rootNode = doc.createElement('error')
rootNode.setAttribute("id", "usage")
doc.appendChild(rootNode)
return self.req_answer(doc)
def process(self, request):
path = request["path"]
if request["method"] == "GET":
Logger.debug("do_GET " + path)
if path == "/status":
return self.req_status()
elif request["method"] == "POST":
Logger.debug("do_POST " + path)
if path == "/vm/destroy":
return self.req_delete(request)
if path == "/vm/create":
return self.req_create(request)
if path == "/vm/manage":
return self.req_manage(request)
if path == "/vm/name":
return self.req_name(request)
if path == "/vm/configure":
return self.req_configure(request)
return None
def handle_read(self):
# Read data in buffer
SecureServerCommunicator.handle_read(self)
# Fetch the Http request from parent communicator
if (self.http_communicator is None) and (len(
self.communicator.http_history) > 0):
self.http_communicator = self.communicator.http_history.pop(0)
if self.http_communicator.path in Config.force_buffering:
Logger.debug("Force buffering : " +
self.http_communicator.path)
self.http.force_full_buffering = True
if not self.http.is_ready():
# Parse it until ready
if self.make_http_message():
# Now it is ready
self._buffer = self.process() # Stream it
self.http_communicator = None
else:
# Data is streamed "on-the-fly"
self._buffer = self._buffer # Stream it
if self.http.is_complete():
self.http = HttpMessage(self)
def destroy_user(self, user):
Logger.info("SessionManagement::destroy_user %s" % (user.name))
if user.infos.has_key("tsid"):
self.logoff_user(user)
user.destroy()
def rewrite_xml(self, body):
try:
session = parser.XML(body)
if session.tag.lower() != 'session':
raise Exception("not a 'session' XML response")
except Exception:
Logger.exception("Gateway:: parsing XML session failed")
return None
session.set('mode_gateway', 'on')
for server in session.findall('server'):
port = Protocol.RDP
if server.attrib.has_key("port"):
try:
port = int(server.attrib["port"])
except ValueError, err:
Logger.warn(
"Gateway:: Invalid protocol: server port attribute is not a digit (%s)"
% (server.attrib["port"]))
token = self.f_ctrl.send(
('insert_token', (server.attrib['fqdn'], port)))
server.set('token', token)
del server.attrib['fqdn']
if server.attrib.has_key("port"):
del server.attrib["port"]
def del_user(self, user):
if user not in self.ro_users and user not in self.rw_users:
return True
ret = True
if user in self.ro_users:
cmd = "deluser %s %s_ro" % (user, self.group)
else:
cmd = "deluser %s %s_rw" % (user, self.group)
p = System.execute(cmd)
if p.returncode is not 0:
ret = False
Logger.error("FS: unable to del user in group")
Logger.debug("FS: command '%s' return %d: %s" %
(cmd, p.returncode, p.stdout.read().decode("UTF-8")))
htgroup = HTGroup(Config.dav_group_file)
if user in self.ro_users:
self.ro_users.remove(user)
htgroup.delete(user, self.group + "_ro")
if user in self.rw_users:
self.rw_users.remove(user)
htgroup.delete(user, self.group + "_rw")
if (len(self.ro_users) + len(self.rw_users)) == 0:
return self.disable()
return True
def groupMember(name_):
try:
(users, _, _) = win32net.NetLocalGroupGetMembers(None, name_, 1)
except win32net.error, e:
Logger.error("groupMember: '%s'"%(str(e)))
return None
def req_debian_id(self, req):
try:
(rid, request) = req.split("/", 2)
req = self.role_instance.apt.get(rid)
if req is None:
req = Apt.Request()
req.status = "unknown"
return self.req_answer(self.debian_request2xml(rid, req))
if request == "status":
return self.req_answer(self.debian_request2xml(rid, req))
elif request in ["stdout", "stderr"]:
response = {}
response["code"] = httplib.OK
response["Content-Type"] = "text/plain"
response["data"] = req.getLog(request)
return response
else:
raise Exception("usage")
except Exception:
Logger.exception("Invalid xml input")
doc = Document()
rootNode = doc.createElement('error')
rootNode.setAttribute("id", "usage")
doc.appendChild(rootNode)
return self.req_answer(doc)
def userRemove(user_):
try:
win32net.NetUserDel(None, user_)
except win32net.error, e:
Logger.error("userRemove: '%s'"%(str(e)))
return False
def run(self):
self.synchronizer.restore()
Logger._instance.setQueue(self.logging_queue, False)
global loop
loop = True
Platform.System.prepareForSessionActions()
# Prevent the process to be stop by a keyboard interruption
def quit(machin, truc):
global loop
loop = False
signal.signal(signal.SIGINT, signal.SIG_IGN)
signal.signal(signal.SIGTERM, quit)
Logger.debug("Starting SessionManager process")
while loop:
try:
(request, obj) = self.queue2.get_nowait()
except Queue.Empty:
try:
(request, obj) = self.queue.get(True, 4)
except Queue.Empty, e:
continue
except IOError, e:
if e.errno == 4:
break
else:
raise e
def _create(self, data):
sess_id = data.pop('id')
Logger.info('[WebApps] creating session id={0} for user {1}'.format(sess_id, data.get('login')))
data.setdefault('cookies', {})
session = Session(sess_id, data, self.debug)
self.sessions[sess_id] = session
return session
def uninstall_client(self):
if not self.succefully_initialized:
return
self.archive_shell_dump()
if self.profile is not None and self.profile.hasProfile():
if not self.profile.mount():
Logger.warn(
"Unable to mount profile at uninstall_client of session " +
self.id)
else:
self.profile.copySessionStop()
desktop_path = os.path.join(self.profile.mountPoint,
self.profile.DesktopDir)
self.cleanupShortcut(desktop_path)
for shortcut in self.installedShortcut:
dstFile = os.path.join(self.profile.mountPoint,
self.profile.DesktopDir, shortcut)
if os.path.exists(dstFile):
os.remove(dstFile)
if not self.profile.umount():
Logger.error(
"Unable to umount profile at uninstall_client of session "
+ self.id)
self.domain.onSessionEnd()
return True
def disconnect_session(self, session):
Logger.info("SessionManagement::disconnect %s"%(session.id))
if session.user.created or not session.domain.manage_user():
# Doesn't have to disconnect the session if the user was never created
try:
sessid = TS.getSessionID(session.user.name)
except Exception:
Logger.exception("RDP server dialog failed ... ")
return False
try:
status = TS.getState(sessid)
except Exception:
Logger.exception("RDP server dialog failed ... ")
return
if status in [TS.STATUS_LOGGED]:
Logger.info("must disconnect ts session %s user %s"%(sessid, session.user.name))
try:
TS.disconnect(sessid)
except Exception:
Logger.exception("RDP server dialog failed ... ")
return
session.switch_status(Session.SESSION_STATUS_INACTIVE)
def clone(srcFile, dstFile, path, args):
pythoncom.CoInitialize()
shortcut_src = pythoncom.CoCreateInstance(shell.CLSID_ShellLink, None, pythoncom.CLSCTX_INPROC_SERVER, shell.IID_IShellLink)
shortcut_src.QueryInterface(pythoncom.IID_IPersistFile).Load(srcFile)
iconLocation = shortcut_src.GetIconLocation()[0]
if len(iconLocation) == 0:
iconLocation = shortcut_src.GetPath(0)[0]
workingDirectory = shortcut_src.GetWorkingDirectory()
description = shortcut_src.GetDescription()
shortcut_dst = pythoncom.CoCreateInstance(shell.CLSID_ShellLink, None, pythoncom.CLSCTX_INPROC_SERVER, shell.IID_IShellLink)
try:
shortcut_dst.SetPath(path)
except:
Logger.warn("LnkFile::clone: unable to setPath. Check that the following command is available on the system: '%s'"%(path))
return False
shortcut_dst.SetArguments(args)
shortcut_dst.SetIconLocation(iconLocation, 0)
shortcut_dst.SetWorkingDirectory(workingDirectory)
shortcut_dst.SetDescription(description)
shortcut_dst.QueryInterface(pythoncom.IID_IPersistFile).Save(dstFile, 0)
return True
def main(self):
self.synchronizer.restore()
Logger._instance.setQueue(self.logging_queue, False)
System.prepareForSessionActions()
# Prevent the process to be stop by a keyboard interruption
signal.signal(signal.SIGINT, signal.SIG_IGN)
signal.signal(signal.SIGTERM, signal.SIG_IGN)
Logger.debug("Starting SessionManager process")
while True:
self.current_session_id.value = ""
try:
(request, obj) = self.queue2.get_nowait()
except Queue.Empty:
try:
(request, obj) = self.queue.get(True, 4)
except Queue.Empty, e:
continue
except IOError, e:
if e.errno == 4:
break
else:
raise e
def order_stop(self):
Logger.info("%s role::stop"%(self.getName()))
if self.status == Role.STATUS_INIT:
self.status = Role.STATUS_STOP
return
self.status = Role.STATUS_STOPPING
def getTargetFromShortcut(self, path):
szShortcutTarget = ctypes.c_wchar_p(path)
szProductCode = ctypes.create_unicode_buffer(4096)
szFeatureId = ctypes.create_unicode_buffer(4096)
szComponentCode = ctypes.create_unicode_buffer(4096)
status = self.dll.MsiGetShortcutTargetW(szShortcutTarget,
ctypes.byref(szProductCode),
ctypes.byref(szFeatureId),
ctypes.byref(szComponentCode))
if status != self.SUCCESS:
Logger.debug3("MsiGetShortcutTargetW return %d on '%s'" %
(status, path))
return None
path_len = ctypes.c_uint(4096)
path_buffer = ctypes.create_unicode_buffer(4096)
status = self.dll.MsiGetComponentPathW(szProductCode.value,
szComponentCode.value,
ctypes.byref(path_buffer),
ctypes.byref(path_len))
if status != self.INSTALLSTATE_LOCAL:
Logger.debug2("MsiGetComponentPathW return %d on '%s'" %
(status, path))
return None
return path_buffer.value
def req_manage(self, request):
try:
document = minidom.parseString(request["data"])
rootNode = document.documentElement
if rootNode.nodeName != "vm":
raise Exception("invalid root node")
except:
Logger.warn("Invalid xml input !!")
doc = Document()
rootNode = doc.createElement('error')
rootNode.setAttribute("id", "name")
doc.appendChild(rootNode)
return self.req_answer(doc)
vname = rootNode.getAttribute("id")
action = rootNode.getAttribute("action")
ret = self.role_instance.manage("ulteo_ovd_" + vname, action)
doc = Document()
rootNode = doc.createElement("vm")
rootNode.setAttribute("status", ret)
doc.appendChild(rootNode)
return self.req_answer(doc)
def process(self, request):
path = request["path"]
if request["method"] == "GET":
Logger.debug("do_GET " + path)
if path == "/configuration":
return self.req_server_conf(request)
elif path == "/monitoring":
return self.req_server_monitoring(request)
elif path == "/status":
return self.req_server_status(request)
elif path.startswith("/logs"):
since = 0
extra = path[len("/logs"):]
if extra.startswith("/since/"):
since_str = extra[len("/since/"):]
if since_str.isdigit():
since = int(since_str)
elif len(extra) > 0:
return None
return self.req_server_logs(request, since)
return None
elif request["method"] == "POST":
return None
return None
def disconnect_session(self, session):
Logger.info("SessionManagement::disconnect %s" % (session.id))
if session.user.created or not session.domain.manage_user():
# Doesn't have to disconnect the session if the user was never created
try:
sessid = TS.getSessionID(session.user.name)
except Exception:
Logger.exception("RDP server dialog failed ... ")
return False
try:
status = TS.getState(sessid)
except Exception:
Logger.exception("RDP server dialog failed ... ")
return
if status in [TS.STATUS_LOGGED]:
Logger.info("must disconnect ts session %s user %s" %
(sessid, session.user.name))
try:
TS.disconnect(sessid)
except Exception:
Logger.exception("RDP server dialog failed ... ")
return
session.switch_status(Session.SESSION_STATUS_INACTIVE)
def readable(self):
if time.time() - self.lastPacketTime > Config.connection_timeout:
Logger.error("ProtocolDetectDispatcher::connection timeout")
self.handle_close()
return False
return True
def main(self):
self.synchronizer.restore()
Logger._instance.setQueue(self.logging_queue, False)
System.prepareForSessionActions()
# Prevent the process to be stop by a keyboard interruption
signal.signal(signal.SIGINT, signal.SIG_IGN)
signal.signal(signal.SIGTERM, signal.SIG_IGN)
Logger.debug("Starting SessionManager process")
while True:
self.current_session_id.value = ""
try:
(request, obj) = self.queue2.get_nowait()
except Queue.Empty:
try:
(request, obj) = self.queue.get(True, 4)
except Queue.Empty, e:
continue
except IOError, e:
if e.errno == 4:
break
else:
raise e
def uninstall_client(self):
if not self.succefully_initialized:
return
self.archive_shell_dump()
if self.profile is not None and self.profile.hasProfile():
if not self.profile.mount():
Logger.warn("Unable to mount profile at uninstall_client of session " + self.id)
else:
self.profile.copySessionStop()
desktop_path = os.path.join(self.profile.mountPoint, self.profile.DesktopDir)
self.cleanupShortcut(desktop_path)
for shortcut in self.installedShortcut:
dstFile = os.path.join(self.profile.mountPoint, self.profile.DesktopDir, shortcut)
if os.path.exists(dstFile):
os.remove(dstFile)
if not self.profile.umount():
Logger.error("Unable to umount profile at uninstall_client of session " + self.id)
self.domain.onSessionEnd()
return True
def init_role(cls):
try:
infos = pwd.getpwnam(cls.user)
except KeyError, err:
Logger.info("FileServer Config failed: no such user '%s'" %
(cls.user))
return False
def createShortcut(self, application_):
lines = []
lines.append("[Desktop Entry]")
lines.append("Type=Application")
lines.append("Terminal=false")
lines.append("Version=1.0")
lines.append("Icon=%s" %
(os.path.join(self.spool, application_["id"] + ".png")))
lines.append("Name=%s" % (application_["name"]))
lines.append("Comment=%s" % (application_["description"]))
lines.append("Exec=%s" % (application_["command"]))
lines.append("MimeType=%s" % (";".join(application_["mimetypes"])))
#parser = ConfigParser.ConfigParser()
#parser.add_section("Desktop Entry")
#parser.set("Desktop Entry", "Type", "Application")
#parser.set("Desktop Entry", "Version", "1.0")
#parser.set("Desktop Entry", "Terminal", "false")
#parser.set("Desktop Entry", "Icon", os.path.join(self.spool, application_["id"]+".png"))
#parser.set("Desktop Entry", "Name", application_["name"])
#parser.set("Desktop Entry", "Comment", application_["description"])
#parser.set("Desktop Entry", "Exec", application_["command"])
#parser.set("Desktop Entry", "MimeType", ";".join(application_["mimetypes"]))
path = os.path.join(self.spool, application_["id"] + ".desktop")
try:
f = file(path, "w")
except:
Logger.error("Unable to open file '%s'" % (path))
return False
f.writelines([s + "\n" for s in lines])
#parser.write(f)
f.close()
return True
def req_user_loggedin(self, request):
try:
document = minidom.parseString(request["data"])
rootNode = document.documentElement
if rootNode.nodeName != "user":
raise Exception("invalid root node")
if not rootNode.hasAttribute("login"):
raise Exception("invalid root node")
login = rootNode.getAttribute("login")
except:
Logger.warn("Invalid xml input !!")
doc = Document()
rootNode = doc.createElement('error')
rootNode.setAttribute("id", "usage")
doc.appendChild(rootNode)
return self.req_answer(doc)
try:
ret = TS.getSessionID(login)
except Exception:
Logger.exception("RDP server dialog failed ... ")
doc = Document()
rootNode = doc.createElement('error')
rootNode.setAttribute("id", "internalerror")
doc.appendChild(rootNode)
return self.req_answer(doc)
rootNode.setAttribute("loggedin", str((ret is not None)).lower())
return self.req_answer(document)
def readable(self):
if time.time() - self.lastPacketTime > Config.connection_timeout:
Logger.error("HttpProtocolDetectDispatcher::connection timeout")
self.handle_close()
return False
return True
def req_debian(self, request):
try:
document = minidom.parseString(request["data"])
rootNode = document.documentElement
if rootNode.nodeName != "debian":
raise Exception("invalid root node")
request = rootNode.getAttribute("request")
if request not in ["upgrade", "install", "remove", "available"]:
raise Exception("usage")
packageNodes = rootNode.getElementsByTagName("package")
if request in ["install", "remove"] and len(packageNodes)==0:
raise Exception("usage")
packages = []
for packageNode in packageNodes:
packages.append(packageNode.getAttribute("name"))
except Exception:
Logger.exception("Invalid xml input")
doc = Document()
rootNode = doc.createElement('error')
rootNode.setAttribute("id", "usage")
doc.appendChild(rootNode)
return self.req_answer(doc)
if request == "available":
req = Apt.Request_Available()
else:
req = Apt.Request_Packages(request, packages)
req_id = self.role_instance.apt.add(req)
return self.req_answer(self.debian_request2xml(req_id, req))
def create(self):
userData = {}
userData['name'] = self.name
if self.infos.has_key("displayName"):
userData['full_name'] = self.infos["displayName"]
if self.infos.has_key("password"):
userData['password'] = self.infos["password"]
userData['flags'] = win32netcon.UF_DONT_EXPIRE_PASSWD
userData['flags'] |= win32netcon.UF_NORMAL_ACCOUNT
userData['flags'] |= win32netcon.UF_PASSWD_CANT_CHANGE
userData['flags'] |= win32netcon.UF_SCRIPT
userData['priv'] = win32netcon.USER_PRIV_USER
userData['primary_group_id'] = ntsecuritycon.DOMAIN_GROUP_RID_USERS
userData['password_expired'] = 0 # password never expire
userData['acct_expires'] = win32netcon.TIMEQ_FOREVER
if self.infos.has_key("locale"):
userData['country_code'] = Langs.getLCID(self.infos["locale"])
try:
win32net.NetUserAdd(None, 3, userData)
except Exception, e:
Logger.error("unable to create user: " + str(e))
return False
def getUsersGroup():
try:
sid = win32security.ConvertStringSidToSid("S-1-5-32-555")
name, _, _ = win32security.LookupAccountSid(None, sid)
except Exception, err:
Logger.error("TS::getUsersGroup unable to found remote users group replacing by default name")
return "Remote Desktop Users"
def req_configure(self, request):
try:
document = minidom.parseString(request["data"])
rootNode = document.documentElement
if rootNode != "vm" :
raise Exception("invalid root node")
except:
Logger.warn("Invalid input XML")
doc = Document()
rootNode = doc.createElement("error")
rootNode.setAttribute("id", "name")
doc.appendChild(rootNode)
return self.req_answer(doc)
vname = rootnode.getAttribute("id")
ram = rootNode.getAttribute("ram")
vcpus = rootNode.getAttribute("cpu")
self.role_instance.config(vname, vcpus, ram)
rootNode.setAttribute("status", "OK")
return self.req_answer(document)
def destroy_user(self, user):
Logger.info("SessionManagement::destroy_user %s"%(user.name))
if user.infos.has_key("tsid"):
self.logoff_user(user)
user.destroy()
def req_manage(self, request):
try:
document = minidom.parseString(request["data"])
rootNode = document.documentElement
if rootNode.nodeName != "vm":
raise Exception("invalid root node")
except:
Logger.warn("Invalid xml input !!")
doc = Document()
rootNode = doc.createElement('error')
rootNode.setAttribute("id", "name")
doc.appendChild(rootNode)
return self.req_answer(doc)
vname = rootNode.getAttribute("id")
action = rootNode.getAttribute("action")
ret = self.role_instance.manage("ulteo_ovd_"+vname,action)
doc = Document()
rootNode = doc.createElement("vm")
rootNode.setAttribute("status",ret)
doc.appendChild(rootNode)
return self.req_answer(doc)
def run(self):
self.updateApplications()
self.has_run = True
Logger._instance.lock.acquire()
Logger._instance.close()
for thread in self.threads:
thread.start()
Logger._instance.lock.release()
t0_update_app = time.time()
self.status = Role.STATUS_RUNNING
while self.thread.thread_continue():
while True:
try:
session = self.sessions_sync.get_nowait()
except Queue.Empty, e:
break
except (EOFError, socket.error):
Logger.debug("Role stopping")
return
if not self.sessions.has_key(session.id):
Logger.warn("Session %s do not exist, session information are ignored"%(session.id))
continue
if session.status != self.sessions[session.id].status:
self.manager.session_switch_status(session, session.status)
if session.status == RolePlatform.Session.SESSION_STATUS_DESTROYED:
del(self.sessions[session.id])
else:
self.sessions[session.id] = session
def process(self, request):
path = request["path"]
if request["method"] == "GET":
Logger.debug("do_GET "+path)
if path == "/status" :
return self.req_status()
elif request["method"] == "POST":
Logger.debug("do_POST "+path)
if path == "/vm/destroy":
return self.req_delete(request)
if path == "/vm/create":
return self.req_create(request)
if path == "/vm/manage":
return self.req_manage(request)
if path == "/vm/name":
return self.req_name(request)
if path == "/vm/configure":
return self.req_configure(request)
return None
def init(self):
Logger.info("FileServer init")
if not Config.init_role():
return False
if not self.FSBackend.start():
Logger.error("FileServer: failed to initialize FSBackend")
self.FSBackend.stop()
return False
if not self.cleanup_samba():
Logger.error("FileServer: unable to cleanup samba")
return False
if not self.purgeGroup():
Logger.error("FileServer: unable to cleanup users")
return False
if not self.cleanup_repository():
Logger.error("FileServer: unable to cleanup users")
return False
self.shares = self.get_existing_shares()
return True
def clone(srcFile, dstFile, path, args):
pythoncom.CoInitialize()
shortcut_src = pythoncom.CoCreateInstance(shell.CLSID_ShellLink, None,
pythoncom.CLSCTX_INPROC_SERVER,
shell.IID_IShellLink)
shortcut_src.QueryInterface(pythoncom.IID_IPersistFile).Load(srcFile)
iconLocation = shortcut_src.GetIconLocation()[0]
if len(iconLocation) == 0:
iconLocation = shortcut_src.GetPath(0)[0]
workingDirectory = shortcut_src.GetWorkingDirectory()
description = shortcut_src.GetDescription()
shortcut_dst = pythoncom.CoCreateInstance(shell.CLSID_ShellLink, None,
pythoncom.CLSCTX_INPROC_SERVER,
shell.IID_IShellLink)
try:
shortcut_dst.SetPath(path)
except:
Logger.warn(
"LnkFile::clone: unable to setPath. Check that the following command is available on the system: '%s'"
% (path))
return False
shortcut_dst.SetArguments(args)
shortcut_dst.SetIconLocation(iconLocation, 0)
shortcut_dst.SetWorkingDirectory(workingDirectory)
shortcut_dst.SetDescription(description)
shortcut_dst.QueryInterface(pythoncom.IID_IPersistFile).Save(dstFile, 0)
return True
def req_sendip(self, request):
try:
document = minidom.parseString(request["data"])
rootNode = document.documentElement
if rootNode.nodeName != "vm":
raise Exception("invalid root node")
except:
Logger.error("Invalid input XML")
doc = Document()
rootNode = doc.createElement("error")
rootNode.setAttribute("reason", "Invalid input XML")
doc.appendChild(rootNode)
response = self.send_packet("/vm/info", document)
if response is False:
Logger.warn(
"DialogHypVM::send_ip unable to send request to the session manager"
)
return False
return self.req_answer(document)
def getIcon(self, id_):
doc = Document()
rootNode = doc.createElement('application')
rootNode.setAttribute("id", id_)
doc.appendChild(rootNode)
response = self.communictionInstance.send_packet("/application/icon", doc)
if response is False or not response.headers.has_key("Content-Type"):
return False
contentType = response.headers["Content-Type"].split(";")[0]
if not contentType == "image/png":
Logger.error("content type: %s"%(contentType))
print response.read()
return None
data = response.read()
path = os.path.join(self.spool, id_+".png")
try:
f= file(path, "wb")
except:
Logger.error("Unable to open file '%s'"%(path))
return False
f.write(data)
f.close()
return True
def send_server_status(self, status):
doc = Document()
rootNode = doc.createElement('server')
rootNode.setAttribute("status", status)
doc.appendChild(rootNode)
response = self.send_packet("/server/status", doc)
if response is False:
Logger.warn("SMRequest::send_server_status Unable to send packet")
return False
document = self.get_response_xml(response)
if document is None:
Logger.warn("SMRequest::send_server_status response not XML")
return False
rootNode = document.documentElement
if rootNode.nodeName != "server":
Logger.error("SMRequest::send_server_status response not valid %s"%(rootNode.toxml()))
return False
if not rootNode.hasAttribute("name") or rootNode.getAttribute("name") != self.name:
Logger.error("SMRequest::send_server_status response invalid name")
return False
if not rootNode.hasAttribute("status") or rootNode.getAttribute("status") != status:
Logger.error("SMRequest::send_server_status response invalid status")
return False
return True
def onSessionCreate(self):
if not self.session.user.exists():
Logger.error(
"Unable to create session for user '%s': user doesn't not exists and use local users ..."
% (self.session.user.name))
return False
self.groups_before_ovd_session = self.session.user.get_groups()
if self.groups_before_ovd_session is None:
return False
groups = set(self.ovd_session_required_groups +
self.groups_before_ovd_session)
if not self.session.user.set_groups(groups):
Logger.error("Failed to customize groups of the user %s" %
(self.session.user.name))
return False
if self.force_local_password:
if Config.override_password_method is Config.OVERRIDE_PASSWORD_METHOD_CUSTOM:
ret = self.session.user.set_custom_password()
else:
ret = self.session.user.set_password()
if not ret:
return False
if not self.session.install_client():
return False
return True
def create(self):
userData = {}
userData['name'] = self.name
if self.infos.has_key("displayName"):
userData['full_name'] = self.infos["displayName"]
if self.infos.has_key("password"):
userData['password'] = self.infos["password"]
userData['flags'] = win32netcon.UF_DONT_EXPIRE_PASSWD
userData['flags'] |= win32netcon.UF_NORMAL_ACCOUNT
userData['flags'] |= win32netcon.UF_PASSWD_CANT_CHANGE
userData['flags'] |= win32netcon.UF_SCRIPT
userData['priv'] = win32netcon.USER_PRIV_USER
userData['primary_group_id'] = ntsecuritycon.DOMAIN_GROUP_RID_USERS
userData['password_expired'] = 0 # password never expire
userData['acct_expires'] = win32netcon.TIMEQ_FOREVER
try:
win32net.NetUserAdd(None, 3, userData)
except Exception, e:
Logger.error("unable to create user: "+str(e))
raise e
def put_headers(self):
headers, separator, body = self.communicator._buffer.partition("\r\n\r\n")
if separator is '':
# No or incomplete header chunk
return None
self.headers = headers + "\r\n"
first_line = self.headers.split('\r\n', 1)[0]
# Get requested service
res = HttpMessage.http_req_ptn.search(first_line)
if res is not None:
self.path = res.group("url")
self.service = Service.get(self.path)
# Get Transfert encoding
TE = self.get_header('Transfer-Encoding')
if TE is not None and TE in 'chunked':
self.TE = HttpMessage.CHUNKED
else:
self.TE = HttpMessage.DEFLATE
len_body = self.get_header('Content-Length')
if len_body is not None:
self.len_body = int(len_body)
if self.path is not '':
Logger.debug("Gateway:: HTTP request: " + self.path)
self.communicator._buffer = body
return body;
