Example #1
0
    def check_auth_publickey(self, username, key):
        pubkey = key.get_base64()
        addr = self.sock_addr[0]

        if username == "sshproxy-IPC":
            try:
                hostkey_file = get_config('sshproxy').get('hostkey_file')
                hostkey = paramiko.DSSKey(filename=hostkey_file).get_base64()

                auth_keys_file = get_config('sipc')['authorized_keys']
                if os.path.isfile(auth_keys_file):
                    authorized_keys = open(auth_keys_file).readlines()
                else:
                    authorized_keys = []

                authorized_keys.append(hostkey)
                if not len([ k for k in authorized_keys if pubkey in k ]):
                    log.error("ATTENTION: unauthorized attempt to connect "
                              "on IPC channel from %s@%s" % (username, addr))
                    return paramiko.AUTH_FAILED

            except:
                log.exception("SIPC: exception in check_auth_pubkey")
                return paramiko.AUTH_FAILED

            self.username = username
            return paramiko.AUTH_SUCCESSFUL

        log.error("ATTENTION: unauthorized attempt to connect "
                  "on IPC channel from %s@%s" % (username, addr))
        return paramiko.AUTH_FAILED
Example #2
0
    def do_shell_session(self):
        site = self.args[0]
        if not self.authorize(site, need_login=True):
            self.chan.send(chanfmt(_(u"ERROR: %s does not exist in "
                                        "your scope\n") % site))
            return False

        kind = self.get_ns_tag('site', 'kind', '')
        if not kind == 'telnet':
            return Server.do_shell_session(self)
        else:
            site = self.args.pop(0)

        if not self.check_acl('telnet_session'):
            self.chan.send(chanfmt("ERROR: You are not allowed to"
                                    " open a telnet session on %s"
                                    "\n" % site))
            return False
        self.update_ns('client', {
                            'type': 'telnet_session'
                            })
        log.info("Connecting to %s (telnet)", site)
        conn = TelnetProxy(self.chan, self.connect_telnet(), self.monitor)
        try:
            self.exit_status = conn.loop()
        except KeyboardInterrupt:
            return True
        except Exception, e:
            self.chan.send("\r\n ERROR: It seems you found a bug."
                           "\r\n Please report this error "
                           "to your administrator.\r\n"
                           "Exception class: <%s>\r\n\r\n"
                                    % e.__class__.__name__)
            log.exception("An unknown exception occured")
            raise
Example #3
0
    def check_auth_publickey(self, username, key):
        pubkey = key.get_base64()
        addr = self.sock_addr[0]

        if username == "sshproxy-IPC":
            try:
                hostkey_file = get_config('sshproxy').get('hostkey_file')
                hostkey = paramiko.DSSKey(filename=hostkey_file).get_base64()

                auth_keys_file = get_config('sipc')['authorized_keys']
                if os.path.isfile(auth_keys_file):
                    authorized_keys = open(auth_keys_file).readlines()
                else:
                    authorized_keys = []

                authorized_keys.append(hostkey)
                if not len([k for k in authorized_keys if pubkey in k]):
                    log.error("ATTENTION: unauthorized attempt to connect "
                              "on IPC channel from %s@%s" % (username, addr))
                    return paramiko.AUTH_FAILED

            except:
                log.exception("SIPC: exception in check_auth_pubkey")
                return paramiko.AUTH_FAILED

            self.username = username
            return paramiko.AUTH_SUCCESSFUL

        log.error("ATTENTION: unauthorized attempt to connect "
                  "on IPC channel from %s@%s" % (username, addr))
        return paramiko.AUTH_FAILED
Example #4
0
    def report_failure(self, reason, *args, **kwargs):
        """Reporting error
        
        @param reason: reason of failure"""
        from datetime import datetime

        cfg = get_config('email_notifier')

        tpldict = {}
        
        tpldict['reason'] = reason
        if len(args) > 0:
            tpldict['msg'] = args[0]
        else:
            tpldict['msg'] = "No additional message."
        
        
        tpldict['client'] = self.username
        tpldict['site'] = self.g_site
        tpldict['when'] = datetime.now()
        tpldict['conntype'] = self.g_conn_type
        tpldict['sshproxy_id'] = cfg['smtp_sender'] # ?


        server = cfg['smtp_server']
        try:
            port = cfg['smtp_port']
        except ValueError:
            port = 25
            
        login = cfg['smtp_login']
        password = cfg['smtp_password']
        
        admin_email = cfg['admin_email']
        sender = cfg['smtp_sender']

        tls = istrue(cfg["smtp_tls"])
        
        msg = cfg['message_template'] % tpldict

        if admin_email != "" and "@" in admin_email:
            email = Email(server, port, login, password, tls=tls)
            
            email.new(admin_email, sender, "Failure Report", msg)
            
            try:
                email.send_email()
            except smtplib.SMTPException, e:
                log.exception(e)
Example #5
0
    def report_failure(self, reason, *args, **kwargs):
        """Reporting error
        
        @param reason: reason of failure"""
        from datetime import datetime

        cfg = get_config('email_notifier')

        tpldict = {}

        tpldict['reason'] = reason
        if len(args) > 0:
            tpldict['msg'] = args[0]
        else:
            tpldict['msg'] = "No additional message."

        tpldict['client'] = self.username
        tpldict['site'] = self.g_site
        tpldict['when'] = datetime.now()
        tpldict['conntype'] = self.g_conn_type
        tpldict['sshproxy_id'] = cfg['smtp_sender']  # ?

        server = cfg['smtp_server']
        try:
            port = cfg['smtp_port']
        except ValueError:
            port = 25

        login = cfg['smtp_login']
        password = cfg['smtp_password']

        admin_email = cfg['admin_email']
        sender = cfg['smtp_sender']

        tls = istrue(cfg["smtp_tls"])

        msg = cfg['message_template'] % tpldict

        if admin_email != "" and "@" in admin_email:
            email = Email(server, port, login, password, tls=tls)

            email.new(admin_email, sender, "Failure Report", msg)

            try:
                email.send_email()
            except smtplib.SMTPException, e:
                log.exception(e)
Example #6
0
    def do_shell_session(self):
        site = self.args[0]
        if not self.authorize(site, need_login=True):
            self.chan.send(
                chanfmt(
                    _(u"ERROR: %s does not exist in "
                      "your scope\n") % site))
            return False

        kind = self.get_ns_tag('site', 'kind', '')
        if not kind == 'telnet':
            return Server.do_shell_session(self)
        else:
            site = self.args.pop(0)

        if not self.check_acl('telnet_session'):
            self.chan.send(
                chanfmt("ERROR: You are not allowed to"
                        " open a telnet session on %s"
                        "\n" % site))
            return False
        self.update_ns('client', {'type': 'telnet_session'})
        log.info("Connecting to %s (telnet)", site)
        conn = TelnetProxy(self.chan, self.connect_telnet(), self.monitor)
        try:
            self.exit_status = conn.loop()
        except KeyboardInterrupt:
            return True
        except Exception, e:
            self.chan.send("\r\n ERROR: It seems you found a bug."
                           "\r\n Please report this error "
                           "to your administrator.\r\n"
                           "Exception class: <%s>\r\n\r\n" %
                           e.__class__.__name__)
            log.exception("An unknown exception occured")
            raise