def crauth(): if self.pwdcache: p = self.pwdcache elif self.pwdfile: fp = file(self.pwdfile) s = fp.read() fp.close() p = decrypt_passwd(s) elif not self.pwdcache: p = self.getpass() if not p: raise RFBError('Auth cancelled') # from pyvncviewer self.request_update(0) challange = self.recv_relay(16) self.finish_update(0) if self.debug: print >>stderr, 'challange: %r' % challange response = generate_response(p, challange) if self.debug: print >>stderr, 'response: %r' % response self.send(response) # recv: security result self.request_update(0) (result,) = unpack('>L', self.recv_relay(4)) self.finish_update(0) return (p, result)
def crauth_1(self, challange): if self.debug: print >>sys.stderr, "challange: %r" % challange if not self.pwdcache: raise RFBError("Auth cancelled") p = self.pwdcache.getpass() response = generate_response(p, challange) if self.debug: print >>sys.stderr, "response: %r" % response self.send(response) return (4, self.crauth_2)
def crauth_1(self, challange): if self.debug: print >>sys.stderr, 'challange: %r' % challange if not self.pwdcache: raise RFBError('Auth cancelled') p = self.pwdcache.getpass() response = generate_response(p, challange) if self.debug: print >>sys.stderr, 'response: %r' % response self.send(response) return (4, self.crauth_2)
def crauth_1(self, challange): if self.logger: self.logger.debug('challange: %r' % challange) if not self.pwdcache: raise RFBError('Auth cancelled') p = self.pwdcache.getpass() response = generate_response(p, challange) if self.logger: self.logger.debug('response: %r' % response) self.send(response) return (4, self.crauth_2)
def crauth(): if self.pwdcache: p = self.pwdcache elif self.pwdfile: fp = file(self.pwdfile) s = fp.read() fp.close() p = decrypt_passwd(s) elif not self.pwdcache: p = self.getpass() if not p: raise RFBError('Auth cancelled') # from pyvncviewer challange = self.recv(16) if self.debug: print >>stderr, 'challange: %r' % challange response = generate_response(p, challange) if self.debug: print >>stderr, 'response: %r' % response self.send(response) # recv: security result (result,) = unpack('>L', self.recv(4)) return (p, result)
def check_password(challenge, response, password): return d3des.generate_response((password + "\0" * 8)[:8], challenge) == response
def datareceived(self, data): # Receive protocol version, send protocol version if self.state == 0: logging.debug('%s received protocol [%s] from vncserver ' % (self, data)) if data == rfb.protocolVersion(): logging.debug('%s sending protocol [%s] to vncserver ' % (self, rfb.protocolVersion())) self.buffersize = 1 self.request.sendall(rfb.protocolVersion()) self.state += 10 else: logging.debug('%s Closed connection due to invalid version.' % self) self.closeConnection() # Receive security type count, choose one and send it back elif self.state == 10: self.securityTypeCount = unpack('!B', data) logging.debug('%s about to receive [%s] security types from vncserver' % (self, self.securityTypeCount)) if (self.securityTypeCount > 0): self.buffersize = self.securityTypeCount[0] self.state = 11 else: self.closeConnection() # Receive "self.securityTypeCount" security types, then pick one elif self.state == 11: logging.debug('%s received security types [%s] from vncserver ' % (self, hexlify(data))) logging.debug('%s sending choice [%s] to vncserver ' % (self, hexlify(rfb.securityType(self.secType)))) self.request.sendall(rfb.securityType(self.secType)) self.buffersize = 4 self.state = 30 # Do authentification, this is skipped when choosing security type None elif self.state == 20: response = generate_response(self.password, data) logging.debug('%s received auth challenge [%s]: ' % (self, hexlify(data))) logging.debug('%s sending encrypted response [%s]: ' % (self, hexlify(response))) self.request.sendall(rfb.vncAuthResponse(response)) # do auth based of chosen method self.state = 30 # Receive security result, send client init elif self.state == 30: secResult = unpack('!I', data) if secResult == (0,): # SUCCESS logging.debug('%s send client init message to vncserver' % self) self.request.sendall(rfb.clientInit(True)) self.buffersize = 24 self.state = 40 else: # FAILURE self.buffersize = secResult[0] self.state = 31 # Received auth failure reason elif self.state == 31: logging.debug('%s received security result [%s] from vncserver ' % (self, hexlify(data))) if data == rfb.securityResult(False): logging.debug('Closed connection due to invalid auth.') self.closeConnection() else: logging.debug('%s send client init message to vncserver' % self) self.request.sendall(rfb.clientInit(True)) self.buffersize = 24 self.state = 40 # Receive server init, start sending client messages elif self.state == 40: self.serverInit = unpack('!HHBBBBHHHBBBBBBI', data) logging.debug('%s received server init [%s] len %d hostlen %d' % (self, self.serverInit, len(self.serverInit), self.serverInit[15])) self.buffersize = self.serverInit[15] self.state = 41 # Receive server name, send pixelformat and encodings elif self.state == 41: hostname = data self.migraId = generate_response(hostname, rfb.vncAuthChallenge()) logging.info('[hostname=%s] [migraid=%s]' % (hostname, hexlify(self.migraId))) # Set pixel and set encodings self.request.sendall(rfb.setPixelFormat(32, 24, False, True, 255, 255, 255, 16, 8, 0)) self.request.sendall(rfb.setEncodings()) self.buffersize = 1024 self.state = 50 elif self.state == 50: # The first byte off all request are the messageType # Determine client request and based on policy: forward, local, drop the message. messageType = data[0:1] knownMessageType = False for messageTypesName, messageTypeValue in rfb.clientMessages.iteritems(): if messageTypeValue == messageType: knownMessageType = True logging.debug('%s Received message type [%s] from vncserver' % (self, messageTypesName)) # Forward request to client logging.debug("%s [clients=%d] >>" % (self, len(self.vnc_clients))) # Try to find a client connection if len(self.vnc_clients) == 0: logging.debug("%s Trying to find a matching vncclient" % self) self.lock.acquire() for t in self.threads: if t.__class__.__name__ == 'VncClientHandler' and \ t.migraId == self.migraId and \ t.migraId != None: logging.debug("%s found %s migraIds:[\n %s,\n %s]" % (self, t, hexlify(t.migraId), hexlify(self.migraId))) self.vnc_clients.append(t) self.lock.release() # Forward to client(s) if len(self.vnc_clients) > 0: for client in self.vnc_clients: logging.debug("%s [forwarding=%s,\n to client=%s\n from server %s]" % (self, hexlify(messageType), hexlify(client.migraId), hexlify(self.migraId))) try: client.request.sendall(data) except: self.vnc_clients.remove(client) logging.exception("%s client disconnected %s" % (self, hexlify(client.migraId))) logging.debug("%s client disconnected %s" % (self, hexlify(client.migraId))) logging.debug("%s <<" % self) else: logging.debug('%s Closed connection due to invalid/unknown state.' % self) self.closeConnection()
def check_password(challenge, response, password): return d3des.generate_response((password + '\0' * 8)[:8], challenge) == response
def handle(self): logging.debug('%s MIP Server is here!' % self) keep_running = True identifier = None proxyHost = None try: self.request.settimeout(900) data = self.request.recv(1) except: logging.debug('%s Proxy Agent Request timeout!' % self) data = -1 if data == mip.messages['HANDSHAKE']: try: logging.debug('%s Data-raw [%s] ' % (self, repr(data))) handshake = self.request.recv(5) logging.debug('%s Init-raw [%s] ' % (self, repr(handshake))) initMessage = unpack('!BI', handshake) # Grab the proxys handshake logging.debug('%s Init [%s] ' % (self, initMessage)) identifier = self.request.recv(initMessage[1]) # Transform identifier to user inputable representation, vnc style identifier = \ hexlify(generate_response(vnc_jobid(identifier), rfb.vncAuthChallenge())) logging.debug('%s Ident [%s] ' % (self, identifier)) proxyHost = mip.ServerInfo(self.request, self.client_address, initMessage[1], identifier) logging.debug('%s Proxy Agent [%s] ' % (self, proxyHost)) except: # Handle premature close of request logging.exception('%s Error receiving data.' % self) if not data: logging.debug('%s Data empty' % self) pass logging.debug('%s Taking a lock' % self) MiGTCPServer.proxyLock.acquire() # Check if it already there ( in case of reconnect ) if identifier in MiGTCPServer.proxy_agents: del MiGTCPServer.proxy_agents[identifier] # Add proxy agent to list of agent MiGTCPServer.proxy_agents[identifier] = proxyHost MiGTCPServer.proxyLock.release() logging.debug('%s Thats it im done..' % self) elif data == mip.messages['SETUP_REQUEST']: # TODO: this is where daisy chaining stuff chould be added... logging.debug('%s setup request ' % self) elif data == mip.messages['SETUP_RESPONSE']: logging.debug('%s response request ' % self) (ticket, status) = unpack('!IB', self.request.recv(5)) logging.debug('%s ticket %s, status %s' % (self, ticket, status)) # handle vnc server self.vncServerStrategy() # Add proxy_agent to connection pool MiGTCPServer.connectionCondition.acquire() MiGTCPServer.connections[ticket] = \ mip.ServerInfo(self.request, self.client_address, 0, 3) MiGTCPServer.connectionCondition.notifyAll() MiGTCPServer.connectionCondition.release() else: logging.debug('%s Incorrect messagetype %s' % (self, repr(data))) keep_running = False # TODO: still relevant after we added timeout above and stop on error? # This is f*****g annoying! If the handler exited then the socket is # closed... so it must stay alive doing shit but consume resources... while keep_running: time.sleep(1000)
def handle(self): logging.debug('%s MIP Server is here!' % self) identifier = None proxyHost = None #try: # self.request.settimeout(30) data = self.request.recv(1) #except: # logging.debug('%s Proxy Agent Request timeout!' % self) # data = -1 if data == mip.messages['HANDSHAKE']: try: logging.debug('%s Data-raw [%s] ' % (self, repr(data))) handshake = self.request.recv(5) logging.debug('%s Init-raw [%s] ' % (self, repr(handshake))) initMessage = unpack('!BI', handshake) # Grab the proxys handshake logging.debug('%s Init [%s] ' % (self, initMessage)) identifier = self.request.recv(initMessage[1]) # Transform identifier to user inputable representation, vnc style identifier = hexlify(generate_response(vnc_jobid(identifier), rfb.vncAuthChallenge())) logging.debug('%s Ident [%s] ' % (self, identifier)) proxyHost = mip.ServerInfo(self.request, self.client_address, initMessage[1], identifier) logging.debug('%s Proxy Agent [%s] ' % (self, proxyHost)) except: # Handle premature close of request logging.exception('%s Error receiving data.' % self) if not data: logging.debug('%s Data empty' % self) pass logging.debug('%s Taking a lock' % self) MiGTCPServer.proxyLock.acquire() # Check if it already there ( in case of reconnect ) if identifier in MiGTCPServer.proxy_agents: del MiGTCPServer.proxy_agents[identifier] # Add proxy agent to list of agent MiGTCPServer.proxy_agents[identifier] = proxyHost MiGTCPServer.proxyLock.release() logging.debug('%s Thats it im done..' % self) # TODO: this is where daisy chaining stuff chould be added... elif data == mip.messages['SETUP_REQUEST']: logging.debug('%s setup request ' % self) elif data == mip.messages['SETUP_RESPONSE']: logging.debug('%s response request ' % self) (ticket,status) = unpack('!IB', self.request.recv(5)) logging.debug('%s ticket %s, status %s' % (self, ticket, status)) # handle vnc server self.vncServerStrategy() # Add proxy_agent to connection pool MiGTCPServer.connectionCondition.acquire() MiGTCPServer.connections[ticket] = mip.ServerInfo(self.request, self.client_address, 0, 3) MiGTCPServer.connectionCondition.notifyAll() MiGTCPServer.connectionCondition.release() else: logging.debug('%s Incorrect messagetype %s' % (self, repr(data))) # This is f*****g annoying! If the handler exited then the socket is closed... so it must stay alive doing shit but consume resources... while 1: time.sleep(1000)