def Validate(self):
super(AFF4ObjectLabel, self).Validate()
if not self.name:
raise type_info.TypeValueError("Label name cannot be empty.")
if not re.match("^[\\w./:\\- ]+$", self.name):
raise type_info.TypeValueError("Label name can only contain: "
"a-zA-Z0-9_./:- but got: '%s'" % self.name)
def Validate(self):
super(AFF4ObjectLabel, self).Validate()
if not re.match("^[\\w./:\\-]+$", self.name):
raise type_info.TypeValueError("Label name can only contain: "
"a-zA-Z0-9_./:-, but got: %s" %
self.name)
if not self.owner:
raise type_info.TypeValueError("Label has to have an owner set.")
def Validate(self, value):
value = super(PathTypeInfo, self).Validate(value)
if self.must_exist and not os.access(value, os.R_OK):
raise type_info.TypeValueError("Path %s does not exist for %s" %
(value, self.name))
return value
def ParseFromString(self, value):
super(RegularExpression, self).ParseFromString(value)
# Check that this is a valid regex.
try:
self._regex = re.compile(self._value, flags=re.I | re.S | re.M)
except re.error:
raise type_info.TypeValueError("Not a valid regular expression.")
def __init__(self, initializer=None, age=None):
if isinstance(initializer, rdfvalue.RDFURN):
# pylint: disable=protected-access
if not self.Validate(initializer._string_urn):
raise type_info.TypeValueError("Client urn malformed: %s" %
initializer)
# pylint: enable=protected-access
super(ClientURN, self).__init__(initializer=initializer, age=age)
def GetPublicKey(self):
try:
bio = BIO.MemoryBuffer(self._value)
rsa = RSA.load_pub_key_bio(bio)
if rsa.check_key() != 1:
raise RSA.RSAError("RSA.check_key() did not succeed.")
return rsa
except RSA.RSAError as e:
raise type_info.TypeValueError("Public key invalid: %s" % e)
def ParseFromString(self, pem_string):
try:
self._value = serialization.load_pem_private_key(
pem_string, password=None, backend=openssl.backend)
return
except (TypeError, ValueError, exceptions.UnsupportedAlgorithm) as e:
if "private key is encrypted" not in str(e):
raise type_info.TypeValueError("Private key invalid: %s" % e)
# pylint: disable=g-explicit-bool-comparison, g-equals-none
# The private key is passphrase protected, we need to see if we are
# allowed to ask the user.
#
# If allow_prompt is False, we are explicitly told that we are not.
if self.allow_prompt == False:
raise type_info.TypeValueError("Private key invalid: %s" % e)
# allow_prompt was not set, we use the context we are in to see if it
# makes sense to ask.
elif self.allow_prompt == None:
# TODO(user): dependency loop with grr/config/client.py.
# pylint: disable=protected-access
if "Commandline Context" not in config_lib._CONFIG.context:
raise type_info.TypeValueError("Private key invalid: %s" %
e)
# pylint: enable=protected-access
# pylint: enable=g-explicit-bool-comparison, g-equals-none
try:
# The private key is encrypted and we can ask the user for the passphrase.
password = utils.PassphraseCallback()
self._value = serialization.load_pem_private_key(
pem_string, password=password, backend=openssl.backend)
except (TypeError, ValueError, exceptions.UnsupportedAlgorithm) as e:
raise type_info.TypeValueError("Unable to load private key: %s" %
e)
def DataRefreshRequired(self, path=None, last=None):
"""True if we need to update this path from the client.
Args:
path: The path relative to the root to check freshness of.
last: An aff4:last attribute to check freshness of.
At least one of path or last must be supplied.
Returns:
True if the path hasn't been updated in the last
self.max_age_before_refresh seconds, else False.
Raises:
type_info.TypeValueError: If no arguments are supplied.
"""
# If we didn't get given a last attribute, use the path to get one from the
# object.
if last is None:
if path is None:
# If we didn't get a path either, we can't do anything.
raise type_info.TypeValueError("Either 'path' or 'last' must"
" be supplied as an argument.")
else:
fd = aff4.FACTORY.Open(
self.root.Add(path),
token=self.token,
ignore_cache=True)
# We really care about the last time the stat was updated, so we use
# this instead of the LAST attribute, which is the last time anything
# was updated about the object.
stat_obj = fd.Get(fd.Schema.STAT)
if stat_obj:
last = stat_obj.age
else:
last = rdfvalue.RDFDatetime(0)
# If the object doesn't even have a LAST attribute by this point,
# we say it hasn't been accessed within the cache expiry time.
if last is None:
return True
last = last.AsDatetime()
# Remember to use UTC time, since that's what the datastore uses.
if datetime.datetime.utcnow() - last > self.max_age_before_refresh:
return True
return False
def ParseFromString(self, value):
"""Parse a string into a client URN.
Convert case so that all URNs are of the form C.[0-9a-f].
Args:
value: string value to parse
"""
value = value.strip()
super(ClientURN, self).ParseFromString(value)
match = self.CLIENT_ID_RE.match(self._string_urn)
if not match:
raise type_info.TypeValueError("Client urn malformed: %s" % value)
clientid = match.group("clientid")
clientid_correctcase = "".join((clientid[0].upper(), clientid[1:].lower()))
self._string_urn = self._string_urn.replace(
clientid, clientid_correctcase, 1)
def __init__(self, initializer=None, age=None):
if isinstance(initializer, rdfvalue.RDFURN):
if not self.Validate(initializer.Path()):
raise type_info.TypeValueError("Client urn malformed: %s" %
initializer)
super(ClientURN, self).__init__(initializer=initializer, age=age)
def Validate(self):
try:
rsa = self.GetPrivateKey()
rsa.check_key()
except RSA.RSAError as e:
raise type_info.TypeValueError("Private key invalid: %s" % e)
def ParseFromString(self, pem_string):
try:
self._value = serialization.load_pem_public_key(
pem_string, backend=openssl.backend)
except (TypeError, ValueError, exceptions.UnsupportedAlgorithm) as e:
raise type_info.TypeValueError("Public key invalid: %s" % e)
def ParseFromString(self, value):
if not self.Validate(value):
raise type_info.TypeValueError("Client urn malformed: %s" % value)
return super(ClientURN, self).ParseFromString(value)
def ParseFromString(self, value):
super(FilterString, self).ParseFromString(value)
try:
self.query_parser_cls(self._value).Parse()
except lexer.ParseError, e:
raise type_info.TypeValueError("Malformed filter: %s" % (e))
