def _onCallFailed(self, failure, *argv, **kwargs):
log.error("onCallFailed")
log.debug(failure)
if 'message' in kwargs:
message = kwargs['message']
result = (2, '', failure, 0)
self._onCallFinished(result, message)
def _rsa_verify(self, text, signature, command, sender):
def _emsa_pkcs1_v1_5_encode(M, emLen):
# for PKCS1_V1_5 signing:
SHA1DER = '\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14'
SHA1DERLEN = len(SHA1DER) + 0x14
H = SHA.new(M).digest()
T = SHA1DER + H
if emLen < (SHA1DERLEN + 11):
log.error('[RSA CHECK: Error] intended encoded message length too short (%s)' % emLen)
return
ps = '\xff' * (emLen - SHA1DERLEN - 3)
if len(ps) < 8:
log.error('[RSA CHECK: Error] ps length too short')
return
return '\x00\x01' + ps + '\x00' + T
signature = base64.b64decode(signature)
em = _emsa_pkcs1_v1_5_encode(text, len(signature))
if em:
signature = number.bytes_to_long(signature)
if self.public_key.verify(em, (signature,)):
log.info("[RSA CHECK: OK] command: %s - from: %s" % (command, sender))
return True
log.error("[RSA CHECK: Error] %s - from: %s" % (command, sender))
return False
def _onCallFailed(self, failure, *argv, **kwargs):
log.error("onCallFailed")
log.info(failure)
if 'message' in kwargs:
message = kwargs['message']
result = (2, '', failure, 0)
del self.running_commands[message.command_name]
self.num_running_commands -= 1
self._onCallFinished(result, message)
def parse_meta_data(self, json_data):
meta_data = None
try:
meta_data = json.loads(json_data)
_tmp = meta_data['uuid']
except:
log.error('Invalid configuration received, will try later')
meta_data = None
return meta_data
def _add_command(self, data, **kwargs):
(exit_code, stdout, stderr, timeout_called) = data
if exit_code == 0:
for line in stdout.splitlines():
self._commands[line.split()[0]] = kwargs['filename']
log.debug("Command %s added" % line.split()[0])
else:
log.error('Error adding commands from %s: %s'
% (kwargs['filename'], data))
def _emsa_pkcs1_v1_5_encode(M, emLen):
H = SHA.new(M).digest()
T = SHA1DER + H
if emLen < (SHA1DERLEN + 11):
log.error('[RSA CHECK: Error] intended encoded message length too short (%s)' % emLen)
return
ps = '\xff' * (emLen - SHA1DERLEN - 3)
if len(ps) < 8:
log.error('[RSA CHECK: Error] ps length too short')
return
return '\x00\x01' + ps + '\x00' + T
def _emsa_pkcs1_v1_5_encode(M, emLen):
# for PKCS1_V1_5 signing:
SHA1DER = '\x30\x21\x30\x09\x06\x05\x2b\x0e\x03\x02\x1a\x05\x00\x04\x14'
SHA1DERLEN = len(SHA1DER) + 0x14
H = SHA.new(M).digest()
T = SHA1DER + H
if emLen < (SHA1DERLEN + 11):
log.error('[RSA CHECK: Error] intended encoded message length too short (%s)' % emLen)
return
ps = '\xff' * (emLen - SHA1DERLEN - 3)
if len(ps) < 8:
log.error('[RSA CHECK: Error] ps length too short')
return
return '\x00\x01' + ps + '\x00' + T
def check_uuid(self):
mac = self._get_mac()
# Always generate a new password if not is set
if not self['XMPP']['password']:
self['XMPP']['password'] = hex(random.getrandbits(128))[2:-1]
if mac:
if str(mac) == str(self._getStoredMAC()):
log.debug("MAC has not changed. Skip UUID check")
else:
# Try to get uuid
uuid = None
for i in range(30):
try:
uuid = yield self._getUUID()
if uuid:
break
except:
pass
sleep(20)
if not uuid:
log.error("ERROR: Could not obtain UUID. please set up XMPP manually in %s" % self.filename)
returnValue(False)
if str(uuid) == str(self._getStoredUUID()):
log.debug("UUID has not changed.")
# Update mac
self['XMPP']['mac'] = mac
self.write()
else:
log.info("UUID has changed, reconfiguring XMPP user/pass")
self['XMPP']['user'] = '******'.join((uuid, self['XMPP']['host']))
self['XMPP']['mac'] = mac
self.write()
returnValue(True)
else:
log.error("ERROR: Could not obtain MAC. please set up XMPP manually in %s" % self.filename)
returnValue(False)
def __init__(self, elem=None):
if elem:
try:
if elem.name != 'iq':
raise Exception("Message is not an IQ")
el_ecm_message = elem.firstChildElement()
self.version = el_ecm_message['version']
if int(self.version) > AGENT_VERSION_PROTOCOL:
raise Exception(
"Message format (%s) is greater than supported version (%s)" % (self.version, AGENT_VERSION_PROTOCOL))
self.type = elem['type']
self.id = elem['id']
self.to = elem['to']
self.from_ = elem['from']
self.resource = elem['to'].split("/")
if len(self.resource) > 1:
self.resource = self.resource[-1]
else:
self.resource = None
el_command = el_ecm_message.firstChildElement()
self.command = el_command['name']
el_args = el_command.firstChildElement()
self.command_args = el_args.attributes
self.signature = el_command['signature']
except Exception:
log.error("Error parsing IQ message: %s" % elem.toXml())
pass
else:
self.type = ''
self.id = ''
self.from_ = ''
self.to = ''
self.resource = ''
# Clean
del elem
def check_uuid(self):
unique_id = self._get_unique_id()
if unique_id:
if str(unique_id) == str(self._get_stored_unique_id()):
log.debug("UNIQUE ID has not changed. Skip UUID check")
else:
# Try to get uuid (one hour and a half loop: 360x15)
uuid = None
for i in range(360):
try:
uuid = yield self._get_uuid()
if uuid:
break
except Exception:
pass
sleep(15)
if not uuid:
log.error("ERROR: Could not obtain UUID. please set up XMPP manually in %s" % self.filename)
raise Exception("Could not obtain UUID")
if str(uuid) == str(self._get_stored_uuid()):
log.debug("UUID has not changed.")
self["XMPP"]["unique_id"] = unique_id
self.write()
else:
log.info("UUID has changed, reconfiguring XMPP user/pass")
self["XMPP"]["user"] = "******".join((uuid, self["XMPP"]["host"]))
self["XMPP"]["unique_id"] = unique_id
self.write()
returnValue(True)
else:
log.error("ERROR: Could not obtain UNIQUE_ID. please set up XMPP manually in %s" % self.filename)
raise Exception("Could not obtain UUID")
def check_config(self):
uuid = self._get_stored_uuid()
account_id = self.get_stored_account()
if not uuid and not account_id:
# Is not an update and no account is set
log.error('Please configure agent with ./configure --account=XXXXX')
raise Exception('Please configure agent with ./configure --account=XXXXX')
unique_id = self._get_unique_id()
if not unique_id:
log.error('Could not obtain UNIQUE_ID. Please set up XMPP manually')
raise Exception('Could not obtain UNIQUE_ID. Please set up XMPP manually')
# Check all data valid for v3
if uuid and not '@' in uuid and account_id and self.is_unique_id_same(unique_id):
log.debug('UNIQUE ID has not changed. Skip UUID check')
else:
# Try to get uuid (one hour and a half loop: 360x15)
json_data = None
for i in range(360):
log.info("Trying to get UUID via URL (meta-data v2)")
json_data = yield self._get_config(unique_id)
if json_data:
break
sleep(15)
# Decode metadata
meta_data = self.parse_meta_data(json_data)
if not meta_data:
log.error('Could not obtain UUID. Please set up XMPP manually')
raise Exception('Could not obtain UUID. Please set up XMPP manually')
if not self['XMPP'].get('password'):
self['XMPP']['password'] = hex(random.getrandbits(256))[2:-1]
# Updates from v2 to v3 write account info
if not account_id and meta_data.get('account'):
self['XMPP']['account'] = meta_data.get('account')
self['XMPP']['user'] = meta_data['uuid']
self['XMPP']['unique_id'] = unique_id
self.write()
returnValue(True)