def extgetaccess(ip, targetname, username):
"""Create an external request to open a connection to a target"""
t = utils.get_target(targetname)
if not t:
msg = 'ERROR: No target "' + targetname + '" in the database '
app.logger.error(msg)
return utils.response(msg, 417)
#Date to stop access:
startdate = datetime.now()
stopdate = startdate + timedelta(hours=int(t.show_sessionduration()) / 60)
formatedstop = format(stopdate, '%Y%m%dT%H%M')
#Call the external script
process = Popen([
config.OPEN_ACCESS_PATH,
t.show_targettype(), formatedstop, ip,
t.show_hostname(),
str(t.show_port()), username,
t.show_name()
],
stdout=PIPE)
(output, err) = process.communicate()
exit_code = process.wait()
if exit_code != 0:
app.logger.error('External script return ' + str(exit_code))
app.logger.error('Output message was' + str(output))
return utils.response('ERROR: external script return ' + \
str(exit_code), 500)
if output:
# Transform the ouput on Dict
try:
output = eval(output)
except:
app.logger.error("Error on openaccess return: " + str(output))
return utils.response('Openaccess script is broken', 400)
if output["execution_status"] != "OK":
app.logger.error("Error on openaccess return: " + str(output))
return utils.response('ERROR: target seems unreachable.', 200)
# Create a exttarget object to log the connection
u = utils.get_user(username)
if not u:
return utils.response('ERROR: No user "' + username + \
'" in the database ', 417)
ta = exttargetaccess.Exttargetaccess(startdate=startdate,
stopdate=stopdate,
userip=ip,
proxy_ip=output["proxy_ip"],
proxy_pid=output["pid"],
proxy_port=output["proxy_port"])
ta.addtarget(t)
ta.adduser(u)
db.session.add(ta)
# Try to add the targetaccess on the database
try:
db.session.commit()
except exc.SQLAlchemyError as e:
app.logger.error('ERROR registering connection demand: ' + \
'exttargetaccess "' + str(output) + '" -> ' +
str(e))
# Create the output to print
response = "Connect via " + output["proxy_ip"] + " on port " + \
output["proxy_port"] + " until " + \
format(stopdate, '%H:%M')
else:
return utils.response("Openaccess script is broken", 400)
app.logger.info(response)
return utils.response(response, 200)
def extgetaccess(ip, targetname, username):
"""Create an external request to open a connection to a target"""
t = utils.get_target(targetname)
if not t:
return utils.response('ERROR: No target "' + targetname + \
'" in the database ', 417)
#Date to stop access:
startdate = datetime.now()
stopdate = startdate + timedelta(hours=4)
formatedstop = format(stopdate, '%Y%m%dT%H%M')
#Call the external script
process = Popen([
config.OPEN_ACCESS_PATH,
t.show_targettype(), formatedstop, ip,
t.show_hostname(),
str(t.show_port()), username,
t.show_name()
],
stdout=PIPE)
(output, err) = process.communicate()
exit_code = process.wait()
if exit_code != 0:
return utils.response('ERROR: external script return ' + \
str(exit_code), 500)
if output:
# Transform the ouput on Dict
output = eval(output)
if output["execution_status"] != "OK":
return utils.response('ERROR: external script execution status.',
500)
# Create a exttarget object to log the connection
u = utils.get_user(username)
if not u:
return utils.response('ERROR: No user "' + username + \
'" in the database ', 417)
ta = exttargetaccess.Exttargetaccess(startdate=startdate,
stopdate=stopdate,
userip=ip,
proxy_ip=output["proxy_ip"],
proxy_port=output["proxy_port"])
ta.addtarget(t)
ta.adduser(u)
db.session.add(ta)
# Try to add the targetaccess on the database
try:
db.session.commit()
except exc.SQLAlchemyError as e:
print('ERROR registering connection demand: exttargetaccess "' + \
str(output) + '" -> ' + str(e))
# Create the output to print
response = "Connect via " + output["proxy_ip"] + " on port " + \
output["proxy_port"] + " until " + \
format(stopdate, '%H:%M')
return utils.response(response, 200)