def clientEnabler(request, idService, idTransport): # Maybe we could even protect this even more by limiting referer to own server /? (just a meditation..) url = '' error = _('Service not ready. Please, try again in a while.') try: res = getService(request, idService, idTransport, doTest=False) if res is not None: scrambler = cryptoManager().randomString(32) password = cryptoManager().xor(webPassword(request), scrambler) _x, ads, _x, trans, _x = res data = { 'service': 'A' + ads.uuid, 'transport': trans.uuid, 'user': request.user.uuid, 'password': password } ticket = TicketStore.create(data) error = '' url = html.udsLink(request, ticket, scrambler) except Exception as e: error = six.text_type(e) # Not ready, show message and return to this page in a while return HttpResponse('{{ "url": "{}", "error": "{}" }}'.format(url, error), content_type='application/json')
def getLink(self, userService, transport, ip, os, user, password, request): ci = self.processUserPassword(userService, user, password) username, password, domain = ci['username'], ci['password'], ci['domain'] if domain != '': username = domain + '\\' + username # Build params dict params = { 'protocol': 'rdp', 'hostname': ip, 'username': username, 'password': password, 'ignore-cert': 'true' } if self.enableAudio.isTrue() is False: params['disable-audio'] = 'true' if self.enablePrinting.isTrue() is True: params['enable-printing'] = 'true' logger.debug('RDP Params: {0}'.format(params)) ticket = TicketStore.create(params) return HttpResponseRedirect("{}/transport/?{}&{}".format(self.guacamoleServer.value, ticket, request.build_absolute_uri(reverse('Index'))))
def authCallback(request: HttpRequest, authName: str) -> HttpResponse: """ This url is provided so external SSO authenticators can get an url for redirecting back the users. This will invoke authCallback of the requested idAuth and, if this represents an authenticator that has an authCallback """ try: authenticator = Authenticator.objects.get(name=authName) params = request.GET.copy() params.update(request.POST) logger.debug('Auth callback for %s with params %s', authenticator, params.keys()) ticket = TicketStore.create({ 'params': params, 'auth': authenticator.uuid }) return HttpResponseRedirect( reverse('page.auth.callback_stage2', args=[ticket])) except Exception as e: # No authenticator found... return errors.exceptionView(request, e)
def getUDSTransportScript(self, userService, transport, ip, os, user, password, request): prefs = user.prefs('nx') username = user.getUsernameForAuth() proc = username.split('@') username = proc[0] if self._fixedName is not '': username = self._fixedName if self._fixedPassword is not '': password = self._fixedPassword if self._useEmptyCreds is True: username, password = '', '' tunpass = ''.join(random.choice(string.letters + string.digits) for _i in range(12)) tunuser = TicketStore.create(tunpass) sshServer = self._tunnelServer if ':' not in sshServer: sshServer += ':443' sshHost, sshPort = sshServer.split(':') logger.debug('Username generated: {0}, password: {1}'.format(tunuser, tunpass)) width, height = CommonPrefs.getWidthHeight(prefs) # Fix username/password acording to os manager username, password = userService.processUserPassword(username, password) m = { 'ip': ip, 'tunUser': tunuser, 'tunPass': tunpass, 'tunHost': sshHost, 'tunPort': sshPort, 'password': password, 'port': self._listenPort } r = NXFile(username=username, password=password, width=width, height=height) r.host = '{address}' r.port = '{port}' r.connection = self._connection r.desktop = self._session r.cachedisk = self._cacheDisk r.cachemem = self._cacheMem os = { OsDetector.Windows: 'windows', OsDetector.Linux: 'linux', OsDetector.Macintosh: 'macosx' }.get(os['OS']) if os is None: return super(TSNXTransport, self).getUDSTransportScript(self, userService, transport, ip, os, user, password, request) return self.getScript('scripts/{}/tunnel.py'.format(os)).format( r=r, m=DictAsObj(m), )
def getUDSTransportScript(self, userService, transport, ip, os, user, password, request): prefs = user.prefs('nx') username = user.getUsernameForAuth() proc = username.split('@') username = proc[0] if self._fixedName is not '': username = self._fixedName if self._fixedPassword is not '': password = self._fixedPassword if self._useEmptyCreds is True: username, password = '', '' tunpass = ''.join(random.choice(string.letters + string.digits) for _i in range(12)) tunuser = TicketStore.create(tunpass) sshServer = self._tunnelServer if ':' not in sshServer: sshServer += ':443' sshHost, sshPort = sshServer.split(':') logger.debug('Username generated: {0}, password: {1}'.format(tunuser, tunpass)) width, height = CommonPrefs.getWidthHeight(prefs) # Fix username/password acording to os manager username, password = userService.processUserPassword(username, password) m = { 'ip': ip, 'tunUser': tunuser, 'tunPass': tunpass, 'tunHost': sshHost, 'tunPort': sshPort, 'password': password, 'port': self._listenPort } r = NXFile(username=username, password=password, width=width, height=height) r.host = '{address}' r.port = '{port}' r.connection = self._connection r.desktop = self._session r.cachedisk = self._cacheDisk r.cachemem = self._cacheMem os = { OsDetector.Windows: 'windows', OsDetector.Linux: 'linux', OsDetector.Macintosh: 'macosx' }.get(os['OS']) if os is None: return super(self.__class__, self).getUDSTransportScript(userService, transport, ip, os, user, password, request) return self.getScript('scripts/{}/tunnel.py'.format(os)).format( r=r, m=DictAsObj(m), )
def getLink(self, userService, transport, ip, os, user, password, request): ci = self.processUserPassword(userService, user, password) username, password, domain = ci['username'], ci['password'], ci[ 'domain'] if domain != '': username = domain + '\\' + username # Build params dict params = { 'protocol': 'rdp', 'hostname': ip, 'username': username, 'password': password, 'ignore-cert': 'true' } if self.enableAudio.isTrue() is False: params['disable-audio'] = 'true' if self.enablePrinting.isTrue() is True: params['enable-printing'] = 'true' logger.debug('RDP Params: {0}'.format(params)) ticket = TicketStore.create(params) return HttpResponseRedirect("{}/transport/?{}&{}".format( self.guacamoleServer.value, ticket, request.build_absolute_uri(reverse('Index'))))
def enableService(request: 'ExtendedHttpRequestWithUser', idService: str, idTransport: str) -> typing.Mapping[str, typing.Any]: # Maybe we could even protect this even more by limiting referer to own server /? (just a meditation..) logger.debug('idService: %s, idTransport: %s', idService, idTransport) url = '' error = ugettext('Service not ready. Please, try again in a while.') # If meta service, process and rebuild idService & idTransport try: res = userServiceManager().getService(request.user, request.os, request.ip, idService, idTransport, doTest=False) scrambler = cryptoManager().randomString(32) password = cryptoManager().symCrypt(webPassword(request), scrambler) userService, trans = res[1], res[3] typeTrans = trans.getType() error = '' # No error if typeTrans.ownLink: url = reverse('TransportOwnLink', args=('A' + userService.uuid, trans.uuid)) else: data = { 'service': 'A' + userService.uuid, 'transport': trans.uuid, 'user': request.user.uuid, 'password': password } ticket = TicketStore.create(data) url = html.udsLink(request, ticket, scrambler) except ServiceNotReadyError as e: logger.debug('Service not ready') # Not ready, show message and return to this page in a while # error += ' (code {0:04X})'.format(e.code) error = ugettext( 'Your service is being created, please, wait for a few seconds while we complete it.)' ) + '({}%)'.format(int(e.code * 25)) except MaxServicesReachedError: logger.info('Number of service reached MAX for service pool "%s"', idService) error = errors.errorString(errors.MAX_SERVICES_REACHED) except ServiceAccessDeniedByCalendar: logger.info('Access tried to a calendar limited access pool "%s"', idService) error = errors.errorString(errors.SERVICE_CALENDAR_DENIED) except Exception as e: logger.exception('Error') error = str(e) return {'url': str(url), 'error': str(error)}
def getUDSTransportScript( # pylint: disable=too-many-locals self, userService: 'models.UserService', transport: 'models.Transport', ip: str, os: typing.Dict[str, str], user: '******', password: str, request: 'HttpRequest' ) -> typing.Tuple[str, str, typing.Dict[str, typing.Any]]: userServiceInstance: typing.Any = userService.getInstance() # Spice connection con = userServiceInstance.getConsoleConnection() port: str = con['port'] or '-1' secure_port: str = con['secure_port'] or '-1' # Ticket tunpass = ''.join(random.SystemRandom().choice(string.letters + string.digits) for _i in range(12)) tunuser = TicketStore.create(tunpass) sshHost, sshPort = self.tunnelServer.value.split(':') r = RemoteViewerFile('127.0.0.1', '{port}', '{secure_port}', con['ticket']['value'], self.serverCertificate.value.strip(), con['cert_subject'], fullscreen=self.fullScreen.isTrue()) r.usb_auto_share = self.usbShare.isTrue() r.new_usb_auto_share = self.autoNewUsbShare.isTrue() r.smartcard = self.smartCardRedirect.isTrue() osName = { OsDetector.Windows: 'windows', OsDetector.Linux: 'linux', OsDetector.Macintosh: 'macosx' }.get(os['OS']) if osName is None: return super().getUDSTransportScript(userService, transport, ip, os, user, password, request) # if sso: # If SSO requested, and when supported by platform # userServiceInstance.desktopLogin(user, password, '') sp = { 'as_file': r.as_file, 'as_file_ns': r.as_file_ns, 'tunUser': tunuser, 'tunPass': tunpass, 'tunHost': sshHost, 'tunPort': sshPort, 'ip': con['address'], 'port': port, 'secure_port': secure_port } return self.getScript('scripts/{}/tunnel.py', osName, sp)
def userServiceEnabler(request, idService, idTransport): # Maybe we could even protect this even more by limiting referer to own server /? (just a meditation..) logger.debug('idService: {}, idTransport: {}'.format( idService, idTransport)) url = '' error = _('Service not ready. Please, try again in a while.') # If meta service, process and rebuild idService & idTransport try: res = userServiceManager().getService(request.user, request.os, request.ip, idService, idTransport, doTest=False) scrambler = cryptoManager().randomString(32) password = cryptoManager().symCrypt(webPassword(request), scrambler) _x, userService, _x, trans, _x = res data = { 'service': 'A' + userService.uuid, 'transport': trans.uuid, 'user': request.user.uuid, 'password': password } ticket = TicketStore.create(data) error = '' url = html.udsLink(request, ticket, scrambler) except ServiceNotReadyError as e: logger.debug('Service not ready') # Not ready, show message and return to this page in a while error += ' (code {0:04X})'.format(e.code) except MaxServicesReachedError: logger.info( 'Number of service reached MAX for service pool "{}"'.format( idService)) error = errors.errorString(errors.MAX_SERVICES_REACHED) except ServiceAccessDeniedByCalendar: logger.info( 'Access tried to a calendar limited access pool "{}"'.format( idService)) error = errors.errorString(errors.SERVICE_CALENDAR_DENIED) except Exception as e: logger.exception('Error') error = str(e) return HttpResponse(json.dumps({ 'url': str(url), 'error': str(error) }), content_type='application/json')
def getUDSTransportScript(self, userService, transport, ip, os, user, password, request): userServiceInstance = userService.getInstance() # Spice connection con = userServiceInstance.getConsoleConnection() port, secure_port = con['port'], con['secure_port'] port = -1 if port is None else port secure_port = -1 if secure_port is None else secure_port # Ticket tunpass = ''.join(random.SystemRandom().choice(string.letters + string.digits) for _i in range(12)) tunuser = TicketStore.create(tunpass) sshHost, sshPort = self.tunnelServer.value.split(':') r = RemoteViewerFile('127.0.0.1', '{port}', '{secure_port}', con['ticket']['value'], self.serverCertificate.value, con['cert_subject'], fullscreen=self.fullScreen.isTrue()) r.usb_auto_share = self.usbShare.isTrue() r.new_usb_auto_share = self.autoNewUsbShare.isTrue() r.smartcard = self.smartCardRedirect.isTrue() m = tools.DictAsObj({ 'r': r, 'tunUser': tunuser, 'tunPass': tunpass, 'tunHost': sshHost, 'tunPort': sshPort, 'ip': con['address'], 'port': port, 'secure_port': secure_port }) os = { OsDetector.Windows: 'windows', OsDetector.Linux: 'linux', OsDetector.Macintosh: 'macosx' }.get(os.OS) if os is None: return super(self.__class__, self).getUDSTransportScript(userService, transport, ip, os, user, password, request) return self.getScript('scripts/{}/tunnel.py'.format(os)).format(m=m)
def getLink(self, userService, transport, ip, os, user, password, request): ci = self.processUserPassword(userService, user, password) username, password, domain = ci['username'], ci['password'], ci[ 'domain'] if domain != '': username = domain + '\\' + username scrambler = cryptoManager().randomString(32) passwordCrypted = cryptoManager().symCrypt(password, scrambler) # Build params dict params = { 'protocol': 'rdp', 'hostname': ip, 'username': username, 'password': passwordCrypted, 'ignore-cert': 'true', 'security': self.security.value, 'drive-path': '/share/{}'.format(user.uuid), 'create-drive-path': 'true' } if self.enableFileSharing.isTrue(): params['enable-drive'] = 'true' if self.serverLayout.value != '-': params['server-layout'] = self.serverLayout.value if self.enableAudio.isTrue() is False: params['disable-audio'] = 'true' if self.enablePrinting.isTrue() is True: params['enable-printing'] = 'true' if self.wallpaper.isTrue() is True: params['enable-wallpaper'] = 'true' if self.desktopComp.isTrue() is True: params['enable-desktop-composition'] = 'true' if self.smooth.isTrue() is True: params['enable-font-smoothing'] = 'true' logger.debug('RDP Params: {0}'.format(params)) ticket = TicketStore.create(params, validity=self.ticketValidity.num()) return HttpResponseRedirect("{}/transport/?{}.{}&{}".format( self.guacamoleServer.value, ticket, scrambler, request.build_absolute_uri(reverse('Index'))))
def getLink(self, userService, transport, ip, os, user, password, request): ci = self.processUserPassword(userService, user, password) username, password, domain = ci['username'], ci['password'], ci['domain'] if domain != '': username = domain + '\\' + username scrambler = cryptoManager().randomString(32) passwordCrypted = cryptoManager().symCrypt(password, scrambler) # Build params dict params = { 'protocol': 'rdp', 'hostname': ip, 'username': username, 'password': passwordCrypted, 'ignore-cert': 'true', 'security': self.security.value, 'drive-path': '/share/{}'.format(user.uuid), 'create-drive-path': 'true' } if self.enableFileSharing.isTrue(): params['enable-drive'] = 'true' if self.serverLayout.value != '-': params['server-layout'] = self.serverLayout.value if self.enableAudio.isTrue() is False: params['disable-audio'] = 'true' if self.enablePrinting.isTrue() is True: params['enable-printing'] = 'true' if self.wallpaper.isTrue() is True: params['enable-wallpaper'] = 'true' if self.desktopComp.isTrue() is True: params['enable-desktop-composition'] = 'true' if self.smooth.isTrue() is True: params['enable-font-smoothing'] = 'true' logger.debug('RDP Params: {0}'.format(params)) ticket = TicketStore.create(params, validity=self.ticketValidity.num()) return HttpResponseRedirect("{}/transport/?{}.{}&{}".format(self.guacamoleServer.value, ticket, scrambler, request.build_absolute_uri(reverse('utility.closer'))))
def userServiceEnabler(request, idService, idTransport): # Maybe we could even protect this even more by limiting referer to own server /? (just a meditation..) logger.debug('idService: {}, idTransport: {}'.format(idService, idTransport)) url = '' error = _('Service not ready. Please, try again in a while.') # If meta service, process and rebuild idService & idTransport try: res = userServiceManager().getService(request.user, request.os, request.ip, idService, idTransport, doTest=False) scrambler = cryptoManager().randomString(32) password = cryptoManager().symCrypt(webPassword(request), scrambler) _x, userService, _x, trans, _x = res data = { 'service': 'A' + userService.uuid, 'transport': trans.uuid, 'user': request.user.uuid, 'password': password } ticket = TicketStore.create(data) error = '' url = html.udsLink(request, ticket, scrambler) except ServiceNotReadyError as e: logger.debug('Service not ready') # Not ready, show message and return to this page in a while error += ' (code {0:04X})'.format(e.code) except MaxServicesReachedError: logger.info('Number of service reached MAX for service pool "{}"'.format(idService)) error = errors.errorString(errors.MAX_SERVICES_REACHED) except ServiceAccessDeniedByCalendar: logger.info('Access tried to a calendar limited access pool "{}"'.format(idService)) error = errors.errorString(errors.SERVICE_CALENDAR_DENIED) except Exception as e: logger.exception('Error') error = str(e) return HttpResponse( json.dumps({ 'url': str(url), 'error': str(error) }), content_type='application/json' )
def processUserPassword(self, service, username, password): if service.getProperty('sso_available') == '1': # Generate a ticket, store it and return username with no password domain = '' if '@' in username: username, domain = username.split('@') elif '\\' in username: username, domain = username.split('\\') creds = { 'username': username, 'password': password, 'domain': domain } ticket = TicketStore.create(creds, validator=None, validity=300) # , owner=SECURE_OWNER, secure=True) return ticket, '' else: return osmanagers.OSManager.processUserPassword(self, service, username, password)
def getUDSTransportScript(self, userService, transport, ip, os, user, password, request): userServiceInstance = userService.getInstance() # Spice connection con = userServiceInstance.getConsoleConnection() port, secure_port = con['port'], con['secure_port'] port = -1 if port is None else port secure_port = -1 if secure_port is None else secure_port # Ticket tunpass = ''.join(random.choice(string.letters + string.digits) for _i in range(12)) tunuser = TicketStore.create(tunpass) sshHost, sshPort = self.tunnelServer.value.split(':') r = RemoteViewerFile('127.0.0.1', '{port}', '{secure_port}', con['ticket']['value'], self.serverCertificate.value, con['cert_subject'], fullscreen=self.fullScreen.isTrue()) r.usb_auto_share = self.usbShare.isTrue() r.new_usb_auto_share = self.autoNewUsbShare.isTrue() r.smartcard = self.smartCardRedirect.isTrue() m = tools.DictAsObj({ 'r': r, 'tunUser': tunuser, 'tunPass': tunpass, 'tunHost': sshHost, 'tunPort': sshPort, 'ip': con['address'], 'port': port, 'secure_port': secure_port }) os = { OsDetector.Windows: 'windows', OsDetector.Linux: 'linux', OsDetector.Macintosh: 'macosx' }.get(os.OS) if os is None: return super(self.__class__, self).getUDSTransportScript(userService, transport, ip, os, user, password, request) return self.getScript('scripts/{}/tunnel.py'.format(os)).format(m=m)
def clientEnabler(request, idService, idTransport): # Maybe we could even protect this even more by limiting referer to own server /? (just a meditation..) logger.debug('idService: {}, idTransport: {}'.format(idService, idTransport)) url = '' error = _('Service not ready. Please, try again in a while.') try: res = userServiceManager().getService(request.user, request.ip, idService, idTransport, doTest=False) scrambler = cryptoManager().randomString(32) password = cryptoManager().xor(webPassword(request), scrambler) _x, userService, _x, trans, _x = res data = { 'service': 'A' + userService.uuid, 'transport': trans.uuid, 'user': request.user.uuid, 'password': password } ticket = TicketStore.create(data) error = '' url = html.udsLink(request, ticket, scrambler) except ServiceNotReadyError as e: logger.debug('Service not ready') # Not ready, show message and return to this page in a while error += ' (code {0:04X})'.format(e.code) except MaxServicesReachedError: logger.info('Number of service reached MAX for service pool "{}"'.format(idService)) error = errors.errorString(errors.MAX_SERVICES_REACHED) except Exception as e: logger.exception('Error') error = six.text_type(e) return HttpResponse( '{{ "url": "{}", "error": "{}" }}'.format(url, error), content_type='application/json' )
def put(self): """ Processes put requests, currently only under "create" """ logger.debug(self._args) # Parameters can only be theese for p in self._params: if p not in VALID_PARAMS: logger.debug('Parameter {} not in valid ticket parameters list'.format(p)) raise RequestError('Invalid parameters') if len(self._args) != 1 or self._args[0] not in ('create',): raise RequestError('Invalid method') if 'username' not in self._params or 'groups' not in self._params: raise RequestError('Invalid parameters') found = None for i in ('authId', 'authTag', 'auth', 'authSmallName'): if i in self._params: found = i break if found is None: raise RequestError('Invalid parameters (no auth)') force = self._params.get('force', '0') in ('1', 'true', 'True') userIp = self._params.get('userIp', None) try: authId = self._params.get('authId', None) authTag = self._params.get('authTag', self._params.get('authSmallName', None)) authName = self._params.get('auth', None) # Will raise an exception if no auth found if authId is not None: auth = Authenticator.objects.get(uuid=processUuid(authId.lower())) elif authName is not None: auth = Authenticator.objects.get(name=authName) else: auth = Authenticator.objects.get(small_name=authTag) username = self._params['username'] password = self._params.get('password', '') # Some machines needs password, depending on configuration groups = self._params['groups'] if isinstance(groups, (six.text_type, six.binary_type)): groups = (groups,) grps = [] for g in groups: try: grps.append(auth.groups.get(name=g).uuid) except Exception: logger.info('Group {} from ticket does not exists on auth {}, forced creation: {}'.format(g, auth, force)) if force: grps.append(auth.groups.create(name=g, comments='Autocreated form ticket by using force paratemeter').uuid) if len(grps) == 0: # No valid group in groups names raise Exception('Authenticator does not contain ANY of the requested groups') groups = grps time = int(self._params.get('time', 60)) time = 60 if time < 1 else time realname = self._params.get('realname', self._params['username']) servicePool = self._params.get('servicePool', None) transport = self._params.get('transport', None) if servicePool is not None: servicePool = DeployedService.objects.get(uuid=processUuid(servicePool)) # If forced that servicePool must honor groups if force: for addGrp in set(groups) - set(servicePool.assignedGroups.values_list('uuid', flat=True)): servicePool.assignedGroups.add(auth.groups.get(uuid=addGrp)) if transport is not None: transport = Transport.objects.get(uuid=processUuid(transport)) try: servicePool.validateTransport(transport) except Exception: logger.error('Transport {} is not valid for Service Pool {}'.format(transport.name, servicePool.name)) raise Exception('Invalid transport for Service Pool') else: if userIp is None: transport = tools.DictAsObj({'uuid': None}) else: transport = None for v in servicePool.transports.order_by('priority'): if v.validForIp(userIp): transport = v break if transport is None: logger.error('Service pool {} does not has valid transports for ip {}'.format(servicePool.name, userIp)) raise Exception('Service pool does not has any valid transports for ip {}'.format(userIp)) servicePool = servicePool.uuid transport = transport.uuid # pylint: disable=maybe-no-member except Authenticator.DoesNotExist: return Tickets.result(error='Authenticator does not exists') except DeployedService.DoesNotExist: return Tickets.result(error='Service pool does not exists') except Transport.DoesNotExist: return Tickets.result(error='Transport does not exists') except Exception as e: return Tickets.result(error=six.text_type(e)) data = { 'username': username, 'password': cryptoManager().encrypt(password), 'realname': realname, 'groups': groups, 'auth': auth.uuid, 'servicePool': servicePool, 'transport': transport, } ticket = TicketStore.create(data) return Tickets.result(ticket)
def getUDSTransportScript(self, userService, transport, ip, os, user, password, request): # We use helper to keep this clean # prefs = user.prefs('rdp') ci = self.getConnectionInfo(userService, user, password) username, password, domain = ci['username'], ci['password'], ci['domain'] # width, height = CommonPrefs.getWidthHeight(prefs) # depth = CommonPrefs.getDepth(prefs) width, height = self.screenSize.value.split('x') depth = self.colorDepth.value tunpass = ''.join(random.choice(string.letters + string.digits) for _i in range(12)) tunuser = TicketStore.create(tunpass) sshHost, sshPort = self.tunnelServer.value.split(':') logger.debug('Username generated: {0}, password: {1}'.format(tunuser, tunpass)) r = RDPFile(width == '-1' or height == '-1', width, height, depth, target=os['OS']) r.enablecredsspsupport = ci.get('sso', self.credssp.isTrue()) r.address = '{address}' r.username = username r.password = password r.domain = domain r.redirectPrinters = self.allowPrinters.isTrue() r.redirectSmartcards = self.allowSmartcards.isTrue() r.redirectDrives = self.allowDrives.isTrue() r.redirectHome = self.redirectHome.isTrue() r.redirectSerials = self.allowSerials.isTrue() r.enableClipboard = self.allowClipboard.isTrue() r.redirectAudio = self.allowAudio.isTrue() r.showWallpaper = self.wallpaper.isTrue() r.multimon = self.multimon.isTrue() r.desktopComposition = self.aero.isTrue() r.smoothFonts = self.smooth.isTrue() r.multimedia = self.multimedia.isTrue() r.alsa = self.alsa.isTrue() r.smartcardString = self.smartcardString.value r.printerString = self.printerString.value r.linuxCustomParameters = self.customParameters.value # data # data = { # 'os': os['OS'], # 'ip': ip, # 'tunUser': tunuser, # 'tunPass': tunpass, # 'tunHost': sshHost, # 'tunPort': sshPort, # 'tunWait': self.tunnelWait.num(), # 'username': username, # 'password': password, # 'hasCredentials': username != '' and password != '', # 'domain': domain, # 'width': width, # 'height': height, # 'depth': depth, # 'printers': self.allowPrinters.isTrue(), # 'smartcards': self.allowSmartcards.isTrue(), # 'drives': self.allowDrives.isTrue(), # 'serials': self.allowSerials.isTrue(), # 'compression': True, # 'wallpaper': self.wallpaper.isTrue(), # 'multimon': self.multimon.isTrue(), # 'fullScreen': width == -1 or height == -1, # 'this_server': request.build_absolute_uri('/'), # 'r': r, # } os = { OsDetector.Windows: 'windows', OsDetector.Linux: 'linux', OsDetector.Macintosh: 'macosx' }.get(os['OS']) if os is None: return super(self.__class__, self).getUDSTransportScript(userService, transport, ip, os, user, password, request) sp = { 'tunUser': tunuser, 'tunPass': tunpass, 'tunHost': sshHost, 'tunPort': sshPort, 'tunWait': self.tunnelWait.num(), 'ip': ip, 'password': password, 'this_server': request.build_absolute_uri('/'), } m = tools.DictAsObj(data) return self.getScript('scripts/{}/tunnel.py', os, sp)
def getUDSTransportScript(self, userService, transport, ip, os, user, password, request): # We use helper to keep this clean # prefs = user.prefs('rdp') ci = self.getConnectionInfo(userService, user, password) username, password, domain = ci['username'], ci['password'], ci['domain'] # width, height = CommonPrefs.getWidthHeight(prefs) # depth = CommonPrefs.getDepth(prefs) width, height = self.screenSize.value.split('x') depth = self.colorDepth.value tunpass = ''.join(random.choice(string.letters + string.digits) for _i in range(12)) tunuser = TicketStore.create(tunpass) sshHost, sshPort = self.tunnelServer.value.split(':') logger.debug('Username generated: {0}, password: {1}'.format(tunuser, tunpass)) r = RDPFile(width == '-1' or height == '-1', width, height, depth, target=os['OS']) r.enablecredsspsupport = ci.get('sso', self.credssp.isTrue()) r.address = '{address}' r.username = username r.password = password r.domain = domain r.redirectPrinters = self.allowPrinters.isTrue() r.redirectSmartcards = self.allowSmartcards.isTrue() r.redirectDrives = self.allowDrives.value r.redirectHome = self.redirectHome.isTrue() r.redirectSerials = self.allowSerials.isTrue() r.enableClipboard = self.allowClipboard.isTrue() r.redirectAudio = self.allowAudio.isTrue() r.showWallpaper = self.wallpaper.isTrue() r.multimon = self.multimon.isTrue() r.desktopComposition = self.aero.isTrue() r.smoothFonts = self.smooth.isTrue() r.multimedia = self.multimedia.isTrue() r.alsa = self.alsa.isTrue() r.smartcardString = self.smartcardString.value r.printerString = self.printerString.value r.linuxCustomParameters = self.customParameters.value # data # data = { # 'os': os['OS'], # 'ip': ip, # 'tunUser': tunuser, # 'tunPass': tunpass, # 'tunHost': sshHost, # 'tunPort': sshPort, # 'tunWait': self.tunnelWait.num(), # 'username': username, # 'password': password, # 'hasCredentials': username != '' and password != '', # 'domain': domain, # 'width': width, # 'height': height, # 'depth': depth, # 'printers': self.allowPrinters.isTrue(), # 'smartcards': self.allowSmartcards.isTrue(), # 'drives': self.allowDrives.isTrue(), # 'serials': self.allowSerials.isTrue(), # 'compression': True, # 'wallpaper': self.wallpaper.isTrue(), # 'multimon': self.multimon.isTrue(), # 'fullScreen': width == -1 or height == -1, # 'this_server': request.build_absolute_uri('/'), # 'r': r, # } os = { OsDetector.Windows: 'windows', OsDetector.Linux: 'linux', OsDetector.Macintosh: 'macosx' }.get(os['OS']) if os is None: return super(self.__class__, self).getUDSTransportScript(userService, transport, ip, os, user, password, request) sp = { 'tunUser': tunuser, 'tunPass': tunpass, 'tunHost': sshHost, 'tunPort': sshPort, 'tunWait': self.tunnelWait.num(), 'ip': ip, 'password': password, 'this_server': request.build_absolute_uri('/'), } m = tools.DictAsObj(data) return self.getScript('scripts/{}/tunnel.py', os, sp)
def getUDSTransportScript(self, userService, transport, ip, os, user, password, request): prefs = user.prefs('nx') ci = self.getConnectionInfo(userService, user, password) username = ci['username'] priv, pub = self.getAndPushKey(username, userService) width, height = CommonPrefs.getWidthHeight(prefs) logger.debug('') xf = x2gofile.getTemplate( speed=self.speed.value, pack=self.pack.value, quality=self.quality.value, sound=self.sound.isTrue(), soundSystem=self.sound.value, windowManager=self.desktopType.value, exports=self.exports.isTrue(), width=width, height=height, user=username ) tunpass = ''.join(random.choice(string.letters + string.digits) for _i in range(12)) tunuser = TicketStore.create(tunpass) sshHost, sshPort = self.tunnelServer.value.split(':') # data data = { 'os': os['OS'], 'ip': ip, 'port': 22, 'tunUser': tunuser, 'tunPass': tunpass, 'tunHost': sshHost, 'tunPort': sshPort, 'username': username, 'key': priv, 'width': width, 'height': height, 'printers': True, 'drives': self.exports.isTrue(), 'fullScreen': width == -1 or height == -1, 'this_server': request.build_absolute_uri('/'), 'xf': xf } m = tools.DictAsObj(data) os = { OsDetector.Windows: 'windows', OsDetector.Linux: 'linux', # OsDetector.Macintosh: 'macosx' }.get(m.os) if os is None: return super(self.__class__, self).getUDSTransportScript(userService, transport, ip, os, user, password, request) return self.getScript('scripts/{}/tunnel.py'.format(os)).format(m=m)
def getUDSTransportScript( # pylint: disable=too-many-locals self, userService: 'models.UserService', transport: 'models.Transport', ip: str, os: typing.Dict[str, str], user: '******', password: str, request: 'HttpRequest' ) -> typing.Tuple[str, str, typing.Dict[str, typing.Any]]: # We use helper to keep this clean # prefs = user.prefs('rdp') ci = self.getConnectionInfo(userService, user, password) username, password, domain = ci['username'], ci['password'], ci[ 'domain'] # width, height = CommonPrefs.getWidthHeight(prefs) # depth = CommonPrefs.getDepth(prefs) width, height = self.screenSize.value.split('x') depth = self.colorDepth.value tunpass = ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _i in range(12)) tunuser = TicketStore.create(tunpass) sshHost, sshPort = self.tunnelServer.value.split(':') logger.debug('Username generated: %s, password: %s', tunuser, tunpass) r = RDPFile(width == '-1' or height == '-1', width, height, depth, target=os['OS']) r.enablecredsspsupport = ci.get( 'sso') == 'True' or self.credssp.isTrue() r.address = '{address}' r.username = username r.password = password r.domain = domain r.redirectPrinters = self.allowPrinters.isTrue() r.redirectSmartcards = self.allowSmartcards.isTrue() r.redirectDrives = self.allowDrives.value r.redirectHome = self.redirectHome.isTrue() r.redirectSerials = self.allowSerials.isTrue() r.enableClipboard = self.allowClipboard.isTrue() r.redirectAudio = self.allowAudio.isTrue() r.showWallpaper = self.wallpaper.isTrue() r.multimon = self.multimon.isTrue() r.desktopComposition = self.aero.isTrue() r.smoothFonts = self.smooth.isTrue() r.enablecredsspsupport = self.credssp.isTrue() r.multimedia = self.multimedia.isTrue() r.alsa = self.alsa.isTrue() r.smartcardString = self.smartcardString.value r.printerString = self.printerString.value r.linuxCustomParameters = self.customParameters.value r.enforcedShares = self.enforceDrives.value osName = { OsDetector.Windows: 'windows', OsDetector.Linux: 'linux', OsDetector.Macintosh: 'macosx' }.get(os['OS']) if osName is None: return super().getUDSTransportScript(userService, transport, ip, os, user, password, request) sp = { 'tunUser': tunuser, 'tunPass': tunpass, 'tunHost': sshHost, 'tunPort': sshPort, 'tunWait': self.tunnelWait.num(), 'ip': ip, 'password': password, 'this_server': request.build_absolute_uri('/'), } if osName == 'windows': if password != '': r.password = '******' sp.update({ 'as_file': r.as_file, }) elif osName == 'linux': sp.update({ 'as_new_xfreerdp_params': r.as_new_xfreerdp_params, 'as_rdesktop_params': r.as_rdesktop_params, }) else: # Mac sp.update({ 'as_file': r.as_file, 'as_cord_url': r.as_cord_url, 'as_new_xfreerdp_params': r.as_new_xfreerdp_params, }) if domain != '': sp['usernameWithDomain'] = '{}\\\\{}'.format(domain, username) else: sp['usernameWithDomain'] = username return self.getScript('scripts/{}/tunnel.py', osName, sp)
def getUDSTransportScript( # pylint: disable=too-many-locals self, userService: 'models.UserService', transport: 'models.Transport', ip: str, os: typing.Dict[str, str], user: '******', password: str, request: 'HttpRequest' ) -> typing.Tuple[str, str, typing.Dict[str, typing.Any]]: ci = self.getConnectionInfo(userService, user, password) username = ci['username'] priv, pub = self.getAndPushKey(username, userService) width, height = self.getScreenSize() rootless = False desktop = self.desktopType.value if desktop == "UDSVAPP": desktop = "/usr/bin/udsvapp " + self.customCmd.value rootless = True xf = x2go_file.getTemplate(speed=self.speed.value, pack=self.pack.value, quality=self.quality.value, sound=self.sound.isTrue(), soundSystem=self.sound.value, windowManager=desktop, exports=self.exports.isTrue(), rootless=rootless, width=width, height=height, user=username) tunpass = ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _i in range(12)) tunuser = TicketStore.create(tunpass) sshHost, sshPort = self.tunnelServer.value.split(':') # data data = { 'os': os['OS'], 'ip': ip, 'port': 22, 'key': priv, 'width': width, 'height': height, 'printers': True, 'drives': self.exports.isTrue(), 'fullScreen': width == -1 or height == -1, 'this_server': request.build_absolute_uri('/'), 'xf': xf } m = tools.DictAsObj(data) osName = { OsDetector.Windows: 'windows', OsDetector.Linux: 'linux', # OsDetector.Macintosh: 'macosx' }.get(os['OS']) if osName is None: return super().getUDSTransportScript(userService, transport, ip, os, user, password, request) sp = { 'tunUser': tunuser, 'tunPass': tunpass, 'tunHost': sshHost, 'tunPort': sshPort, 'ip': ip, 'port': '22', 'key': priv, 'xf': xf } return self.getScript('scripts/{}/direct.py', osName, sp)
def getUDSTransportScript(self, userService, transport, ip, os, user, password, request): # We use helper to keep this clean # prefs = user.prefs('rdp') ci = self.getConnectionInfo(userService, user, password) username, password, domain = ci['username'], ci['password'], ci['domain'] # width, height = CommonPrefs.getWidthHeight(prefs) # depth = CommonPrefs.getDepth(prefs) width, height = self.screenSize.value.split('x') depth = self.colorDepth.value tunpass = ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _i in range(12)) tunuser = TicketStore.create(tunpass) sshHost, sshPort = self.tunnelServer.value.split(':') logger.debug('Username generated: {0}, password: {1}'.format(tunuser, tunpass)) r = RDPFile(width == '-1' or height == '-1', width, height, depth, target=os['OS']) r.enablecredsspsupport = ci.get('sso', self.credssp.isTrue()) r.address = '{address}' r.username = username r.password = password r.domain = domain r.redirectPrinters = self.allowPrinters.isTrue() r.redirectSmartcards = self.allowSmartcards.isTrue() r.redirectDrives = self.allowDrives.value r.redirectHome = self.redirectHome.isTrue() r.redirectSerials = self.allowSerials.isTrue() r.enableClipboard = self.allowClipboard.isTrue() r.redirectAudio = self.allowAudio.isTrue() r.showWallpaper = self.wallpaper.isTrue() r.multimon = self.multimon.isTrue() r.desktopComposition = self.aero.isTrue() r.smoothFonts = self.smooth.isTrue() r.enablecredsspsupport = self.credssp.isTrue() r.multimedia = self.multimedia.isTrue() r.alsa = self.alsa.isTrue() r.smartcardString = self.smartcardString.value r.printerString = self.printerString.value r.linuxCustomParameters = self.customParameters.value os = { OsDetector.Windows: 'windows', OsDetector.Linux: 'linux', OsDetector.Macintosh: 'macosx' }.get(os['OS']) if os is None: return super(self.__class__, self).getUDSTransportScript(userService, transport, ip, os, user, password, request) sp = { 'tunUser': tunuser, 'tunPass': tunpass, 'tunHost': sshHost, 'tunPort': sshPort, 'tunWait': self.tunnelWait.num(), 'ip': ip, 'password': password, 'this_server': request.build_absolute_uri('/'), } if os == 'windows': if password != '': r.password = '******' sp.update({ 'as_file': r.as_file, }) elif os == 'linux': sp.update({ 'as_new_xfreerdp_params': r.as_new_xfreerdp_params, 'as_rdesktop_params': r.as_rdesktop_params, }) else: # Mac sp.update({ 'as_file': r.as_file, 'as_cord_url': r.as_cord_url, 'as_new_xfreerdp_params': r.as_new_xfreerdp_params, }) if domain != '': sp['usernameWithDomain'] = '{}\\\\{}'.format(domain, username) else: sp['usernameWithDomain'] = username return self.getScript('scripts/{}/tunnel.py', os, sp)
def getUDSTransportScript( # pylint: disable=too-many-locals self, userService: 'models.UserService', transport: 'models.Transport', ip: str, os: typing.Dict[str, str], user: '******', password: str, request: 'HttpRequest' ) -> typing.Tuple[str, str, typing.Dict[str, typing.Any]]: prefs = self.screenSize.value username = user.getUsernameForAuth() proc = username.split('@') username = proc[0] if self._fixedName is not '': username = self._fixedName if self._fixedPassword is not '': password = self._fixedPassword if self._useEmptyCreds is True: usernamsizerd = '', '' tunpass = ''.join(random.SystemRandom().choice(string.ascii_letters + string.digits) for _i in range(12)) tunuser = TicketStore.create(tunpass) sshServer = self._tunnelServer if ':' not in sshServer: sshServer += ':443' sshHost, sshPort = sshServer.split(':') logger.debug('Username generated: %s, password: %s', tunuser, tunpass) width, height = CommonPrefs.getWidthHeight(prefs) # Fix username/password acording to os manager username, password = userService.processUserPassword( username, password) r = NXFile(username=username, password=password, width=width, height=height) r.host = '{address}' r.port = '{port}' r.linkSpeed = self._connection r.desktop = self._session r.cachedisk = self._cacheDisk r.cachemem = self._cacheMem osName = { OsDetector.Windows: 'windows', OsDetector.Linux: 'linux', OsDetector.Macintosh: 'macosx' }.get(os['OS']) if osName is None: return super().getUDSTransportScript(userService, transport, ip, os, user, password, request) sp = { 'ip': ip, 'tunUser': tunuser, 'tunPass': tunpass, 'tunHost': sshHost, 'tunPort': sshPort, 'port': self._listenPort, 'as_file_for_format': r.as_file_for_format } return self.getScript('scripts/{}/direct.py', osName, sp)
def getUDSTransportScript(self, userService, transport, ip, os, user, password, request): # We use helper to keep this clean prefs = user.prefs('rdp') ci = self.getConnectionInfo(userService, user, password) username, password, domain = ci['username'], ci['password'], ci['domain'] width, height = CommonPrefs.getWidthHeight(prefs) depth = CommonPrefs.getDepth(prefs) tunpass = ''.join(random.choice(string.letters + string.digits) for _i in range(12)) tunuser = TicketStore.create(tunpass) sshHost, sshPort = self.tunnelServer.value.split(':') logger.debug('Username generated: {0}, password: {1}'.format(tunuser, tunpass)) r = RDPFile(width == -1 or height == -1, width, height, depth, target=os['OS']) r.address = '{address}' r.username = username r.password = password r.domain = domain r.redirectPrinters = self.allowPrinters.isTrue() r.redirectSmartcards = self.allowSmartcards.isTrue() r.redirectDrives = self.allowDrives.isTrue() r.redirectSerials = self.allowSerials.isTrue() r.showWallpaper = self.wallpaper.isTrue() r.multimon = self.multimon.isTrue() # data data = { 'os': os['OS'], 'ip': ip, 'tunUser': tunuser, 'tunPass': tunpass, 'tunHost': sshHost, 'tunPort': sshPort, 'username': username, 'password': password, 'hasCredentials': username != '' and password != '', 'domain': domain, 'width': width, 'height': height, 'depth': depth, 'printers': self.allowPrinters.isTrue(), 'smartcards': self.allowSmartcards.isTrue(), 'drives': self.allowDrives.isTrue(), 'serials': self.allowSerials.isTrue(), 'compression': True, 'wallpaper': self.wallpaper.isTrue(), 'multimon': self.multimon.isTrue(), 'fullScreen': width == -1 or height == -1, 'this_server': request.build_absolute_uri('/'), 'r': r, } m = tools.DictAsObj(data) if m.domain != '': m.usernameWithDomain = '{}\\\\{}'.format(m.domain, m.username) else: m.usernameWithDomain = m.username if m.os == OsDetector.Windows: r.password = '******' os = { OsDetector.Windows: 'windows', OsDetector.Linux: 'linux', OsDetector.Macintosh: 'macosx' }.get(m.os) if os is None: return super(TSRDPTransport, self).getUDSTransportScript(self, userService, transport, ip, os, user, password, request) return self.getScript('scripts/{}/tunnel.py'.format(os)).format(m=m)