コード例 #1
0
ファイル: views.py プロジェクト: rvaughan/LookingGlass
def create_user(request):
        """
        This is the user finalizing their choices.
        Order is important!
        """
        PDB = setup.ipc_db.FileDB()

        for X in PDB.keys():
                if PDB[X] is None:
                        return 'Not so fast, turbo.'

        Me = addressbook.utils.my_address()

        # so we can get the cronjob running
        fh = file(TTS.PASSPHRASE_CACHE, 'w')
        os.chmod(TTS.PASSPHRASE_CACHE, S_IRUSR | S_IWUSR)
        fh.write(PDB['gpg.key'])
        fh.close()
        logger.debug('Created passphrase cache')

        # update user passwd
        TTU.popen_wrapper(['/usr/local/bin/LookingGlass/passwd_update.sh'])
        logger.debug('Updated pi user passwd')

	# default weechat nick to your covername
	TTU.popen_wrapper(['/bin/sed',
			   '--expression', 's|COVERNAME|%s|g' % Me.covername,
			   '/home/pi/.weechat/irc.conf'])

        Me.comment = 'accepted LUKS passphrase'
        Me.save()
        shutil.copyfile('%s/drive.key' % PDB.file_loc, TTS.LUKS['key_file'])
        logger.debug('Signal for LUKS passphrase update, squirrel away copy of LUKS passwd')

        Me.covername = PDB['covername']
        Domain = re.sub('.*@', '', Me.email)
        Me.email = '%s@%s' % (PDB['covername'].replace(' ', '.').upper(),
                              Domain.upper())
        Me.save()
        logger.debug('Updated user info in addressbook: %s' % Me)

        addressbook.queue.Queue.objects.create(address=Me,
                                               direction=addressbook.queue.Queue.TX,
                                               body='%s|%s' % (Me.covername, Me.email),
					       messageid=str(uuid4()),
                                               message_type=addressbook.queue.Queue.GPG_PK_PUSH)
        logger.debug('Queued PK push for %s' % Me.covername)

        R = addressbook.gpg.change_passphrase(old='1234', new=PDB['gpg.key'])
        logger.debug('Changed default password: %s' % R)
                
        R = addressbook.gpg.change_uid(passwd=PDB['gpg.key'])
        logger.debug('Update GPG DB to correct UID info: %s' % R)

        PDB.burn_notice()
        logger.debug('Removed on-disk temporary database')

        return HttpResponse(json.dumps({'comment':'awww yisss',
                                        'status':True}),
                            content_type='application/json')
コード例 #2
0
ファイル: update.py プロジェクト: 0xDEC0DE8/LookingGlass
    def alert_user_new_updates(self,
                               Version=None,
                               ChangeLog=None):
        if os.path.exists(TTS.UPSTREAM['update_lock']):
            logger.debug('update_lock exists - do not alert user')
            return
        Me = addressbook.utils.my_address()
        PL = """
        A newer version of LookingGlass is available!
        
        To install it, go to "Settings" in the navbar (next to LOCKDOWN).
        Open the "Updates" tab.
        Click "Update".
        ~CROSS YOUR FINGERS~
        ~WAIT FOR POSSIBLE REBOOT~
        ~DO NOT REMOVE POWER~
        ~BITE NAILS~
        Enjoy!"""
        if ChangeLog:
            PL += """\n\n\n\n\n\nCHANGELOG:
----------
%s
""" % ChangeLog
        emailclient.utils.submit_to_smtpd(
            # FIXME: need some way to |safe this.
            Payload=PL,
            Destination=Me.email,
            Subject='New update available: %s' % Version,
            From='Sysop <root>')
        TTUtil.popen_wrapper(['/bin/touch',
                               TTS.UPSTREAM['update_lock']],
                              sudo=False)
コード例 #3
0
def Update_Cache(
    Data_URI=None,
    Checksum_URI=None,
    Cache=None,
):
    """
    rsync tarball and checksum to cache directory
    return filename of data file

    FIXME: this should be made file agnostic, and just process a list - bug #90652295
    """
    if not Data_URI:
        return False
    if not Cache:
        Cache = TTS.UPSTREAM['update_cache']
    if not Checksum_URI:
        Checksum_URI = re.sub('\.tar\.bz2$', '.sum.asc', Data_URI)
    if not os.path.exists(Cache):
        TTU.popen_wrapper(['/bin/mkdir', '--parents', Cache], sudo=True)
    for GetFile in [Data_URI, Checksum_URI]:
        SO, SE = TTU.popen_wrapper(['/usr/bin/rsync', GetFile, Cache],
                                   sudo=False)
        if (SO, SE) != ('', ''):
            raise TTE.DownloadException(SE)
    return '%s/%s' % (Cache,
                      re.sub('^.*LookingGlass_', 'LookingGlass_', Data_URI))
コード例 #4
0
ファイル: updater.py プロジェクト: 0xDEC0DE8/LookingGlass
def Update_Cache(Data_URI=None,
                 Checksum_URI=None,
                 Cache=None,
                 ):
    """
    rsync tarball and checksum to cache directory
    return filename of data file

    FIXME: this should be made file agnostic, and just process a list - bug #90652295
    """
    if not Data_URI:
        return False
    if not Cache:
        Cache = TTS.UPSTREAM['update_cache']
    if not Checksum_URI:
        Checksum_URI = re.sub('\.tar\.bz2$', '.sum.asc', Data_URI)
    if not os.path.exists(Cache):
        TTU.popen_wrapper(['/bin/mkdir',
                           '--parents',
                           Cache],
                          sudo=True)
    for GetFile in [Data_URI, Checksum_URI]:
        SO, SE = TTU.popen_wrapper(['/usr/bin/rsync',
                                    GetFile,
                                    Cache],
                                   sudo=False)
        if (SO, SE) != ('', ''):
            raise TTE.DownloadException(SE)
    return '%s/%s' % (Cache, re.sub('^.*LookingGlass_', 'LookingGlass_', Data_URI))
コード例 #5
0
    def alert_user_new_updates(self, Version=None, ChangeLog=None):
        if os.path.exists(TTS.UPSTREAM['update_lock']):
            logger.debug('update_lock exists - do not alert user')
            return
        Me = addressbook.utils.my_address()
        PL = """
        A newer version of LookingGlass is available!
        
        To install it, go to "Settings" in the navbar (next to LOCKDOWN).
        Open the "Updates" tab.
        Click "Update".
        ~CROSS YOUR FINGERS~
        ~WAIT FOR POSSIBLE REBOOT~
        ~DO NOT REMOVE POWER~
        ~BITE NAILS~
        Enjoy!"""
        if ChangeLog:
            PL += """\n\n\n\n\n\nCHANGELOG:
----------
%s
""" % ChangeLog
        emailclient.utils.submit_to_smtpd(
            # FIXME: need some way to |safe this.
            Payload=PL,
            Destination=Me.email,
            Subject='New update available: %s' % Version,
            From='Sysop <root>')
        TTUtil.popen_wrapper(['/bin/touch', TTS.UPSTREAM['update_lock']],
                             sudo=False)
コード例 #6
0
def Unpack(Data_File=None):
    Preinst = '%s/%s' % (TTS.UPSTREAM['update_script_dir'], 'preinst')
    Postinst = '%s/%s' % (TTS.UPSTREAM['update_script_dir'], 'postinst')

    if not Data_File:
        Data_File = __data_file()
    if not Data_File or not os.path.exists(Data_File):
        raise TTE.UnpackException("Can't find Data_File %s" % Data_File)

    # check for control.tar section
    Control_Files = False
    File_List, Errors = TTU.popen_wrapper(['/bin/tar', '-tf', Data_File],
                                          sudo=False)
    if re.search('(?m)^control.tar', File_List):
        Control_Files = True

    if Control_Files:
        __open_control(Data_File)
        __run_control(Preinst)

    # unpack the data.tar into root
    File_List, Errors = TTU.tar_pipeline(
        arglist1=[
            '/bin/tar',
            '--directory',
            '/tmp',
            '-xvOf',
            Data_File,  # O to stdout
            'data.tar'
        ],
        arglist2=[
            '/usr/bin/sudo',
            '-u',
            'root',  # well, this is like handing the user a gun...
            '/bin/tar',
            '--directory',
            '/',
            '--no-overwrite-dir',  # so we don't accidentally hose up directory perms
            '-xvf',
            '-'
        ],
    )
    submit_to_smtpd(
        Destination='root@localhost',
        Payload=File_List,
        Subject='Installed files from update to %s' % Version(Data_File),
        From='Sysop <root>',
    )
    # FIXME: email the file list to the admin?
    if Errors and not re.search('Removing\ leading', Errors):
        raise TTE.UnpackException('data.tar unpacking problem: %s' % Errors)

    if Control_Files:
        __run_control(Postinst)

    return True
コード例 #7
0
ファイル: updater.py プロジェクト: 0xDEC0DE8/LookingGlass
def ChangeLog(Filename=None):
    if not Filename:
        Filename = __data_file()
    ChangeLog, STE = TTU.popen_wrapper(['/bin/tar',
                                        '-xOf', Filename, # O to stdout
                                        'ChangeLog'],
                                       sudo=False)
    if ((ChangeLog == '') or (STE != '')):
        logger.info('No ChangeLog')
        return False
    else:
        return ChangeLog
コード例 #8
0
ファイル: updater.py プロジェクト: 0xDEC0DE8/LookingGlass
def Scan(Server=None):
    """
    rsync scan the update server
    return highest patch > current, with checksum
    """
    Biggest = "%02d%02d%02d" % TTS.LOOKINGGLASS_VERSION
    Current = "%02d%02d%02d" % TTS.LOOKINGGLASS_VERSION
    Checksum = True
    Tarball = True
    Exact = None
    
    FNRE = re.compile(
        'LookingGlass_(?P<Major>[0-9]+)\.(?P<Minor>[0-9]+)\.(?P<Patch>[0-9]+)_(?P<Target>rpi|all).(?P<Type>sum.asc|tar.bz2|deb)$')
    if Server:
        SO, SE = TTU.popen_wrapper(['/usr/bin/rsync',
                                    '%s/Upgrade' % Server],
                                   sudo=False)
    if re.search('closed', SE):
        raise TTE.ScanException('Cannot connect to %s' % Server)
    
    for Line in sorted(SO.split('\n')):
        Z = FNRE.search(Line)
        if not Z: continue
        Version = "%02d%02d%02d" % (
            int(Z.group('Major')),
            int(Z.group('Minor')),
            int(Z.group('Patch')),
            )
        if Version > Biggest:
            Biggest = Version
            Checksum = False
            Tarball = False

        if ((Version == Biggest) and (Biggest != Current)):
            if Z.group('Type') == 'sum.asc':
                Checksum = True
            elif Z.group('Type') == 'tar.bz2':
                Tarball = True
                Filename = re.sub('^.*LookingGlass_',
                                  'LookingGlass_',
                                  Line)
                Exact = '%s/Upgrade/%s' % (Server,
                                           Filename)

    if Exact and Checksum and Tarball:
        return Exact
    else:
        return None
コード例 #9
0
def ChangeLog(Filename=None):
    if not Filename:
        Filename = __data_file()
    ChangeLog, STE = TTU.popen_wrapper(
        [
            '/bin/tar',
            '-xOf',
            Filename,  # O to stdout
            'ChangeLog'
        ],
        sudo=False)
    if ((ChangeLog == '') or (STE != '')):
        logger.info('No ChangeLog')
        return False
    else:
        return ChangeLog
コード例 #10
0
ファイル: updater.py プロジェクト: 0xDEC0DE8/LookingGlass
def Cleanup():
    logger.debug('cache cleanup')
    TTU.popen_wrapper(['/bin/rm', '-rf',
                       TTS.UPSTREAM['update_cache']
                       ], sudo=False, debug=False)
    TTU.popen_wrapper(['/bin/rm', '-rf',
                       '%s/postinst' % TTS.UPSTREAM['update_script_dir']
                       ], sudo=False, debug=False)
    TTU.popen_wrapper(['/bin/rm', '-rf',
                       '%s/preinst' % TTS.UPSTREAM['update_script_dir']
                       ], sudo=False, debug=False)
コード例 #11
0
ファイル: updater.py プロジェクト: 0xDEC0DE8/LookingGlass
def Unpack(Data_File=None):
    Preinst  = '%s/%s' % (TTS.UPSTREAM['update_script_dir'], 'preinst')
    Postinst = '%s/%s' % (TTS.UPSTREAM['update_script_dir'], 'postinst')

    if not Data_File:
        Data_File = __data_file()
    if not Data_File or not os.path.exists(Data_File):
        raise TTE.UnpackException("Can't find Data_File %s" % Data_File)

    # check for control.tar section
    Control_Files = False
    File_List, Errors = TTU.popen_wrapper(['/bin/tar', '-tf', Data_File],
                                          sudo=False)
    if re.search('(?m)^control.tar', File_List):
        Control_Files = True

    if Control_Files:
        __open_control(Data_File)
        __run_control(Preinst)

    # unpack the data.tar into root
    File_List, Errors = TTU.tar_pipeline(
        arglist1=['/bin/tar',
                  '--directory', '/tmp',
                  '-xvOf', Data_File, # O to stdout
                  'data.tar'],
        arglist2=['/usr/bin/sudo', '-u', 'root', # well, this is like handing the user a gun...
                  '/bin/tar',
                  '--directory', '/',
                  '--no-overwrite-dir', # so we don't accidentally hose up directory perms
                  '-xvf', '-'],
        )
    submit_to_smtpd(
        Destination='root@localhost',
        Payload=File_List,
        Subject='Installed files from update to %s' % Version(Data_File),
        From='Sysop <root>',
        )
    # FIXME: email the file list to the admin?
    if Errors and not re.search('Removing\ leading', Errors):
        raise TTE.UnpackException('data.tar unpacking problem: %s' % Errors)

    if Control_Files:
        __run_control(Postinst)

    return True
コード例 #12
0
def Scan(Server=None):
    """
    rsync scan the update server
    return highest patch > current, with checksum
    """
    Biggest = "%02d%02d%02d" % TTS.LOOKINGGLASS_VERSION
    Current = "%02d%02d%02d" % TTS.LOOKINGGLASS_VERSION
    Checksum = True
    Tarball = True
    Exact = None

    FNRE = re.compile(
        'LookingGlass_(?P<Major>[0-9]+)\.(?P<Minor>[0-9]+)\.(?P<Patch>[0-9]+)_(?P<Target>rpi|all).(?P<Type>sum.asc|tar.bz2|deb)$'
    )
    if Server:
        SO, SE = TTU.popen_wrapper(
            ['/usr/bin/rsync', '%s/Upgrade' % Server], sudo=False)
    if re.search('closed', SE):
        raise TTE.ScanException('Cannot connect to %s' % Server)

    for Line in sorted(SO.split('\n')):
        Z = FNRE.search(Line)
        if not Z: continue
        Version = "%02d%02d%02d" % (
            int(Z.group('Major')),
            int(Z.group('Minor')),
            int(Z.group('Patch')),
        )
        if Version > Biggest:
            Biggest = Version
            Checksum = False
            Tarball = False

        if ((Version == Biggest) and (Biggest != Current)):
            if Z.group('Type') == 'sum.asc':
                Checksum = True
            elif Z.group('Type') == 'tar.bz2':
                Tarball = True
                Filename = re.sub('^.*LookingGlass_', 'LookingGlass_', Line)
                Exact = '%s/Upgrade/%s' % (Server, Filename)

    if Exact and Checksum and Tarball:
        return Exact
    else:
        return None
コード例 #13
0
def Cleanup():
    logger.debug('cache cleanup')
    TTU.popen_wrapper(['/bin/rm', '-rf', TTS.UPSTREAM['update_cache']],
                      sudo=False,
                      debug=False)
    TTU.popen_wrapper(
        ['/bin/rm', '-rf',
         '%s/postinst' % TTS.UPSTREAM['update_script_dir']],
        sudo=False,
        debug=False)
    TTU.popen_wrapper(
        ['/bin/rm', '-rf',
         '%s/preinst' % TTS.UPSTREAM['update_script_dir']],
        sudo=False,
        debug=False)
コード例 #14
0
def Validate(Data_File=None, Checksum_File=None, Debug=True):
    """
    Verify that Checksum is the same, and that signature comes from a system_use key

    First do all the parsing of the 'remote' checksum, including GPG validate
    Then, based on the checksum algo, execute local checksum and compare
    """
    if not Data_File:
        Data_File = __data_file()
    if not Checksum_File:
        Checksum_File = __checksum_file()
    if not Data_File or not os.path.exists(Data_File):
        logger.warning("Data file %s doesn't exist" % Data_File)
        return False
    if not Checksum_File or not os.path.exists(Checksum_File):
        logger.warning("Checksum file %s doesn't exist" % Checksum_File)
        return False

    # signed checksums shouldn't be much bigger than 1000 bytes
    Clearsign = file(Checksum_File, 'r').read(1000)
    Signer_FP = addressbook.gpg.verify_clearsign(Clearsign)
    if not Signer_FP:
        raise TTE.SignatureException('Bogus or enormous fingerprint')
    Signer_FP = Signer_FP.pubkey_fingerprint
    A = addressbook.address.Address.objects.filter(fingerprint=Signer_FP,
                                                   system_use=True)
    if A.count() != 1:
        raise TTE.SignatureException("Package signed by unknown FP: %s" %
                                     Signer_FP)
    if Debug:
        logger.debug('Package signed by %s' % A[0].email)
    Clearsign_Sum = re.search('(?m)^(?P<Checksum>[a-f0-9]+)\W+LookingGlass_',
                              Clearsign)
    if not Clearsign_Sum:
        raise TTE.ChecksumException("Can't parse checksum: %s" % Clearsign)
    Clearsign_Sum = Clearsign_Sum.group('Checksum')

    # pick checksum used
    Checksum_Algo = None
    if len(Clearsign_Sum) == 64:
        Checksum_Algo = 'sha256sum'
    elif len(Clearsign_Sum) == 128:
        Checksum_Algo = 'sha512sum'
    else:
        raise TTE.ChecksumException(
            "I don't know what manner of checksum this is: %s" % Clearsign_Sum)
    if Debug:
        logger.debug('Detected %s checksum' % Checksum_Algo)

    # do local checksum
    SO, SE = TTU.popen_wrapper([Checksum_Algo, Data_File],
                               sudo=False,
                               debug=False)
    Local_Sum = re.search(
        '(?m)^(?P<Checksum>[a-f0-9]+)\W+/var/cache/LookingGlass/LookingGlass',
        SO)
    if not Local_Sum:
        raise TTE.ChecksumException("Can't parse checksum: %s/%s" % (SO, SE))
    Local_Sum = Local_Sum.group('Checksum')

    # now, finally, compare them
    if Local_Sum == Clearsign_Sum:
        return Local_Sum
    else:
        return False
コード例 #15
0
ファイル: updater.py プロジェクト: 0xDEC0DE8/LookingGlass
def Validate(Data_File=None,
             Checksum_File=None,
             Debug=True):
    """
    Verify that Checksum is the same, and that signature comes from a system_use key

    First do all the parsing of the 'remote' checksum, including GPG validate
    Then, based on the checksum algo, execute local checksum and compare
    """
    if not Data_File:
        Data_File = __data_file()
    if not Checksum_File:
        Checksum_File = __checksum_file()
    if not Data_File or not os.path.exists(Data_File):
        logger.warning("Data file %s doesn't exist" % Data_File)
        return False
    if not Checksum_File or not os.path.exists(Checksum_File):
        logger.warning("Checksum file %s doesn't exist" % Checksum_File)
        return False

    # signed checksums shouldn't be much bigger than 1000 bytes
    Clearsign = file(Checksum_File, 'r').read(1000)
    Signer_FP = addressbook.gpg.verify_clearsign(Clearsign)
    if not Signer_FP:
        raise TTE.SignatureException('Bogus or enormous fingerprint')
    Signer_FP = Signer_FP.pubkey_fingerprint
    A = addressbook.address.Address.objects.filter(fingerprint=Signer_FP,
                                                   system_use=True
                                                   )
    if A.count() != 1:
        raise TTE.SignatureException("Package signed by unknown FP: %s" % Signer_FP)
    if Debug:
        logger.debug('Package signed by %s' % A[0].email)
    Clearsign_Sum = re.search(
        '(?m)^(?P<Checksum>[a-f0-9]+)\W+LookingGlass_',
        Clearsign)
    if not Clearsign_Sum:
        raise TTE.ChecksumException("Can't parse checksum: %s" % Clearsign)
    Clearsign_Sum = Clearsign_Sum.group('Checksum')

    # pick checksum used
    Checksum_Algo = None
    if len(Clearsign_Sum) == 64:
        Checksum_Algo = 'sha256sum'
    elif len(Clearsign_Sum) == 128:
        Checksum_Algo = 'sha512sum'
    else:
        raise TTE.ChecksumException("I don't know what manner of checksum this is: %s" % Clearsign_Sum)
    if Debug:
        logger.debug('Detected %s checksum' % Checksum_Algo)

    # do local checksum
    SO, SE = TTU.popen_wrapper([Checksum_Algo,
                                Data_File],
                               sudo=False,
                               debug=False)
    Local_Sum = re.search(
        '(?m)^(?P<Checksum>[a-f0-9]+)\W+/var/cache/LookingGlass/LookingGlass',
        SO)
    if not Local_Sum:
        raise TTE.ChecksumException("Can't parse checksum: %s/%s" % (SO, SE))
    Local_Sum = Local_Sum.group('Checksum')

    # now, finally, compare them
    if Local_Sum == Clearsign_Sum:
        return Local_Sum
    else:
        return False