def check_auth_publickey(self, username, key): pubkey = key.get_base64() addr = self.sock_addr[0] if username == "sshproxy-IPC": try: hostkey_file = get_config('sshproxy').get('hostkey_file') hostkey = paramiko.DSSKey(filename=hostkey_file).get_base64() auth_keys_file = get_config('sipc')['authorized_keys'] if os.path.isfile(auth_keys_file): authorized_keys = open(auth_keys_file).readlines() else: authorized_keys = [] authorized_keys.append(hostkey) if not len([ k for k in authorized_keys if pubkey in k ]): log.error("ATTENTION: unauthorized attempt to connect " "on IPC channel from %s@%s" % (username, addr)) return paramiko.AUTH_FAILED except: log.exception("SIPC: exception in check_auth_pubkey") return paramiko.AUTH_FAILED self.username = username return paramiko.AUTH_SUCCESSFUL log.error("ATTENTION: unauthorized attempt to connect " "on IPC channel from %s@%s" % (username, addr)) return paramiko.AUTH_FAILED
def do_shell_session(self): site = self.args[0] if not self.authorize(site, need_login=True): self.chan.send(chanfmt(_(u"ERROR: %s does not exist in " "your scope\n") % site)) return False kind = self.get_ns_tag('site', 'kind', '') if not kind == 'telnet': return Server.do_shell_session(self) else: site = self.args.pop(0) if not self.check_acl('telnet_session'): self.chan.send(chanfmt("ERROR: You are not allowed to" " open a telnet session on %s" "\n" % site)) return False self.update_ns('client', { 'type': 'telnet_session' }) log.info("Connecting to %s (telnet)", site) conn = TelnetProxy(self.chan, self.connect_telnet(), self.monitor) try: self.exit_status = conn.loop() except KeyboardInterrupt: return True except Exception, e: self.chan.send("\r\n ERROR: It seems you found a bug." "\r\n Please report this error " "to your administrator.\r\n" "Exception class: <%s>\r\n\r\n" % e.__class__.__name__) log.exception("An unknown exception occured") raise
def check_auth_publickey(self, username, key): pubkey = key.get_base64() addr = self.sock_addr[0] if username == "sshproxy-IPC": try: hostkey_file = get_config('sshproxy').get('hostkey_file') hostkey = paramiko.DSSKey(filename=hostkey_file).get_base64() auth_keys_file = get_config('sipc')['authorized_keys'] if os.path.isfile(auth_keys_file): authorized_keys = open(auth_keys_file).readlines() else: authorized_keys = [] authorized_keys.append(hostkey) if not len([k for k in authorized_keys if pubkey in k]): log.error("ATTENTION: unauthorized attempt to connect " "on IPC channel from %s@%s" % (username, addr)) return paramiko.AUTH_FAILED except: log.exception("SIPC: exception in check_auth_pubkey") return paramiko.AUTH_FAILED self.username = username return paramiko.AUTH_SUCCESSFUL log.error("ATTENTION: unauthorized attempt to connect " "on IPC channel from %s@%s" % (username, addr)) return paramiko.AUTH_FAILED
def report_failure(self, reason, *args, **kwargs): """Reporting error @param reason: reason of failure""" from datetime import datetime cfg = get_config('email_notifier') tpldict = {} tpldict['reason'] = reason if len(args) > 0: tpldict['msg'] = args[0] else: tpldict['msg'] = "No additional message." tpldict['client'] = self.username tpldict['site'] = self.g_site tpldict['when'] = datetime.now() tpldict['conntype'] = self.g_conn_type tpldict['sshproxy_id'] = cfg['smtp_sender'] # ? server = cfg['smtp_server'] try: port = cfg['smtp_port'] except ValueError: port = 25 login = cfg['smtp_login'] password = cfg['smtp_password'] admin_email = cfg['admin_email'] sender = cfg['smtp_sender'] tls = istrue(cfg["smtp_tls"]) msg = cfg['message_template'] % tpldict if admin_email != "" and "@" in admin_email: email = Email(server, port, login, password, tls=tls) email.new(admin_email, sender, "Failure Report", msg) try: email.send_email() except smtplib.SMTPException, e: log.exception(e)
def do_shell_session(self): site = self.args[0] if not self.authorize(site, need_login=True): self.chan.send( chanfmt( _(u"ERROR: %s does not exist in " "your scope\n") % site)) return False kind = self.get_ns_tag('site', 'kind', '') if not kind == 'telnet': return Server.do_shell_session(self) else: site = self.args.pop(0) if not self.check_acl('telnet_session'): self.chan.send( chanfmt("ERROR: You are not allowed to" " open a telnet session on %s" "\n" % site)) return False self.update_ns('client', {'type': 'telnet_session'}) log.info("Connecting to %s (telnet)", site) conn = TelnetProxy(self.chan, self.connect_telnet(), self.monitor) try: self.exit_status = conn.loop() except KeyboardInterrupt: return True except Exception, e: self.chan.send("\r\n ERROR: It seems you found a bug." "\r\n Please report this error " "to your administrator.\r\n" "Exception class: <%s>\r\n\r\n" % e.__class__.__name__) log.exception("An unknown exception occured") raise