Exemplo n.º 1
0
def moveKeys(db, crypt):
    try:
        if args.keys is None:
            logger.error("Must specify key file for key manipulation")
            return 1
        clientId = db.getConfigValue('ClientID')
        salt, vkey = db.getSrpValues()
        #(db, _) = getDB(crypt)
        if args.extract:
            (f, c) = db.getKeys()
            if not (f and c):
                raise Exception("Unable to retrieve keys from server.  Aborting.")
            Util.saveKeys(args.keys, clientId, f, c)
            if args.deleteKeys:
                db.setKeys(salt, vkey, None, None)
        elif args.insert:
            (f, c) = Util.loadKeys(args.keys, clientId)
            logger.info("Keys: F: %s C: %s", f, c)
            if not (f and c):
                raise Exception("Unable to retrieve keys from key database.  Aborting.")
            db.setKeys(salt, vkey, f, c)
            if args.deleteKeys:
                Util.saveKeys(args.keys, clientId, None, None)
        return 0
    except TardisDB.AuthenticationException as e:
        logger.error("Authentication failed.  Bad password")
        return 1
    except Exception as e:
        logger.error(e)
        exceptionLogger.log(e)
        return 1
Exemplo n.º 2
0
def changePassword(crypt, crypt2):
    try:
        (db, _) = getDB(crypt)
        # Load the keys, and insert them into the crypt object, to decyrpt them
        if args.keys:
            (f, c) = Util.loadKeys(args.keys, db.getConfigValue("ClientID"))
        else:
            (f, c) = db.getKeys()
        crypt.setKeys(f, c)

        # Grab the keys from one crypt object.
        # Need to do this because getKeys/setKeys assumes they're encrypted, and we need the raw
        # versions
        crypt2._filenameKey = crypt._filenameKey
        crypt2._contentKey = crypt._contentKey
        # Now get the encrypted versions
        (f, c) = crypt2.getKeys()
        if args.keys:
            db.beginTransaction()
            db.setToken(crypt2.createToken())
            Util.saveKeys(args.keys, db.getConfigValue("ClientID"), f, c)
            db.commit()
        else:
            db.setKeys(crypt2.createToken(), f, c)
        db.close()
        return 0
    except Exception as e:
        logger.error(e)
        return 1
Exemplo n.º 3
0
def moveKeys(db, crypt):
    try:
        if args.keys is None:
            logger.error("Must specify key file for key manipulation")
            return 1
        clientId = db.getConfigValue("ClientID")
        token = crypt.createToken()
        (db, _) = getDB(crypt)
        if args.extract:
            (f, c) = db.getKeys()
            if not (f and c):
                raise Exception("Unable to retrieve keys from server.  Aborting.")
            Util.saveKeys(args.keys, clientId, f, c)
            if args.deleteKeys:
                db.setKeys(token, None, None)
        elif args.insert:
            (f, c) = Util.loadKeys(args.keys, clientId)
            logger.info("Keys: F: %s C: %s", f, c)
            if not (f and c):
                raise Exception("Unable to retrieve keys from key database.  Aborting.")
            db.setKeys(token, f, c)
            if args.deleteKeys:
                Util.saveKeys(args.keys, clientId, None, None)
        return 0
    except Exception as e:
        logger.error(e)
        logger.exception(e)
        return 1
Exemplo n.º 4
0
def moveKeys(db, crypt):
    try:
        if args.keys is None:
            logger.error("Must specify key file for key manipulation")
            return 1
        clientId = db.getConfigValue('ClientID')
        token = crypt.createToken()
        #(db, _) = getDB(crypt)
        if args.extract:
            (f, c) = db.getKeys()
            if not (f and c):
                raise Exception(
                    "Unable to retrieve keys from server.  Aborting.")
            Util.saveKeys(args.keys, clientId, f, c)
            if args.deleteKeys:
                db.setKeys(token, None, None)
        elif args.insert:
            (f, c) = Util.loadKeys(args.keys, clientId)
            logger.info("Keys: F: %s C: %s", f, c)
            if not (f and c):
                raise Exception(
                    "Unable to retrieve keys from key database.  Aborting.")
            db.setKeys(token, f, c)
            if args.deleteKeys:
                Util.saveKeys(args.keys, clientId, None, None)
        return 0
    except Exception as e:
        logger.error(e)
        logger.exception(e)
        return 1
Exemplo n.º 5
0
def changePassword(crypt, crypt2):
    try:
        (db, _) = getDB(crypt)
        # Load the keys, and insert them into the crypt object, to decyrpt them
        if args.keys:
            (f, c) = Util.loadKeys(args.keys, db.getConfigValue('ClientID'))
        else:
            (f, c) = db.getKeys()
        crypt.setKeys(f, c)

        # Grab the keys from one crypt object.
        # Need to do this because getKeys/setKeys assumes they're encrypted, and we need the raw
        # versions
        crypt2._filenameKey = crypt._filenameKey
        crypt2._contentKey = crypt._contentKey
        # Now get the encrypted versions
        (f, c) = crypt2.getKeys()
        if args.keys:
            db.beginTransaction()
            db.setToken(crypt2.createToken())
            Util.saveKeys(args.keys, db.getConfigValue('ClientID'), f, c)
            db.commit()
        else:
            db.setKeys(crypt2.createToken(), f, c)
        return 0
    except Exception as e:
        logger.error(e)
        return 1
Exemplo n.º 6
0
def moveKeys(db, crypt):
    try:
        if args.keys is None:
            logger.error("Must specify key file for key manipulation")
            return 1
        clientId = db.getConfigValue('ClientID')
        salt, vkey = db.getSrpValues()
        #(db, _) = getDB(crypt)
        if args.extract:
            (f, c) = db.getKeys()
            if not (f and c):
                raise Exception("Unable to retrieve keys from server.  Aborting.")
            Util.saveKeys(args.keys, clientId, f, c)
            if args.deleteKeys:
                db.setKeys(salt, vkey, None, None)
        elif args.insert:
            (f, c) = Util.loadKeys(args.keys, clientId)
            logger.info("Keys: F: %s C: %s", f, c)
            if not (f and c):
                raise Exception("Unable to retrieve keys from key database.  Aborting.")
            db.setKeys(salt, vkey, f, c)
            if args.deleteKeys:
                Util.saveKeys(args.keys, clientId, None, None)
        return 0
    except TardisDB.AuthenticationException as e:
        logger.error("Authentication failed.  Bad password")
        return 1
    except Exception as e:
        logger.error(e)
        if args.exceptions:
            logger.exception(e)
        return 1
Exemplo n.º 7
0
def changePassword(crypt, oldpw):
    try:
        (db, _, crypt) = getDB(oldpw)

        # Get the new password
        try:
            newpw = Util.getPassword(args.newpw,
                                     args.newpwf,
                                     args.newpwp,
                                     prompt="New Password for %s: " %
                                     (args.client),
                                     allowNone=False,
                                     confirm=True,
                                     strength=True)
        except Exception as e:
            logger.critical(str(e))
            if args.exceptions:
                logger.exception(e)
            return -1

        scheme = db.getConfigValue('CryptoScheme', 1)
        crypt2 = TardisCrypto.getCrypto(scheme, newpw, args.client)

        # Load the keys, and insert them into the crypt object, to decyrpt them
        if args.keys:
            (f, c) = Util.loadKeys(args.keys, db.getConfigValue('ClientID'))
            # No need to check here, loadKeys() throws exception if nothing set.
        else:
            (f, c) = db.getKeys()
            if f is None or c is None:
                logger.critical(
                    "No keys loaded from database.  Please specify --keys as appropriate"
                )
                raise Exception("No keys loaded")
        crypt.setKeys(f, c)

        # Grab the keys from one crypt object.
        # Need to do this because getKeys/setKeys assumes they're encrypted, and we need the raw
        # versions
        crypt2._filenameKey = crypt._filenameKey
        crypt2._contentKey = crypt._contentKey
        # Now get the encrypted versions
        (f, c) = crypt2.getKeys()

        (salt, vkey) = srp.create_salted_verification_key(args.client, newpw)

        if args.keys:
            db.beginTransaction()
            db.setSrpValues(salt, vkey)
            Util.saveKeys(args.keys, db.getConfigValue('ClientID'), f, c)
            db.commit()
        else:
            db.setKeys(salt, vkey, f, c)
        return 0
    except Exception as e:
        logger.error(str(e))
        if args.exceptions:
            logger.exception(e)
        return 1
Exemplo n.º 8
0
def changePassword(crypt, oldpw) :
    try:
        (db, _, crypt) = getDB(crypt, oldpw)

        # Get the new password
        try:
            newpw = Util.getPassword(args.newpw, args.newpwf, args.newpwp, prompt="New Password for %s: " % (args.client),
                                     allowNone=False, confirm=True, strength=True)
        except Exception as e:
            logger.critical(str(e))
            if args.exceptions:
                logger.exception(e)
            return -1

        crypt2 = TardisCrypto.TardisCrypto(newpw, args.client)

        # Load the keys, and insert them into the crypt object, to decyrpt them
        if args.keys:
            (f, c) = Util.loadKeys(args.keys, db.getConfigValue('ClientID'))
            # No need to check here, loadKeys() throws exception if nothing set.
        else:
            (f, c) = db.getKeys()
            if f is None or c is None:
                logger.critical("No keys loaded from database.  Please specify --keys as appropriate")
                raise Exception("No keys loaded")
        crypt.setKeys(f, c)

        # Grab the keys from one crypt object.
        # Need to do this because getKeys/setKeys assumes they're encrypted, and we need the raw
        # versions
        crypt2._filenameKey = crypt._filenameKey
        crypt2._contentKey  = crypt._contentKey
        # Now get the encrypted versions
        (f, c) = crypt2.getKeys()

        (salt, vkey) = srp.create_salted_verification_key(args.client, newpw)

        if args.keys:
            db.beginTransaction()
            db.setSrpValues(salt, vkey)
            Util.saveKeys(args.keys, db.getConfigValue('ClientID'), f, c)
            db.commit()
        else:
            db.setKeys(salt, vkey, f, c)
        return 0
    except Exception as e:
        logger.error(str(e))
        if args.exceptions:
            logger.exception(e)
        return 1
Exemplo n.º 9
0
def main():
    global logger, exceptionLogger, args
    parseArgs()
    logger = Util.setupLogging(args.verbose)
    exceptionLogger = Util.ExceptionLogger(logger, args.exceptions)

    # Commands which cannot be executed on remote databases
    allowRemote = args.command not in ['create', 'upgrade']

    db      = None
    crypt   = None
    cache   = None
    try:
        confirm = args.command in ['setpass', 'create']
        allowNone = args.command not in ['setpass', 'chpass']
        try:
            password = Util.getPassword(args.password, args.passwordfile, args.passwordprog, prompt="Password for %s: " % (args.client), allowNone=allowNone, confirm=confirm)
        except Exception as e:
            logger.critical(str(e))
            exceptionLogger.log(e)
            return -1
            
        if password:
            crypt = TardisCrypto.TardisCrypto(password, args.client)
            args.password = None

        if args.command == 'create':
            return createClient(crypt, password)

        if args.command == 'setpass':
            if not Util.checkPasswordStrength(password):
                return -1

            if not crypt:
                logger.error("No password specified")
                return -1
            return setPassword(crypt, password)

        if args.command == 'chpass':
            return changePassword(crypt, password)

        upgrade = (args.command == 'upgrade')

        try:
            (db, cache) = getDB(crypt, password, allowRemote=allowRemote, allowUpgrade=upgrade)

            if crypt and args.command != 'keys':
                if args.keys:
                    (f, c) = Util.loadKeys(args.keys, db.getConfigValue('ClientID'))
                else:
                    (f, c) = db.getKeys()
                crypt.setKeys(f, c)
        except TardisDB.AuthenticationException as e:
            logger.error("Authentication failed.  Bad password")
            exceptionLogger.log(e)
            sys.exit(1)
        except Exception as e:
            logger.critical("Unable to connect to database: %s", e)
            exceptionLogger.log(e)
            sys.exit(1)

        if args.command == 'keys':
            return moveKeys(db, crypt)
        elif args.command == 'list':
            return listBSets(db, crypt, cache)
        elif args.command == 'files':
            return listFiles(db, crypt)
        elif args.command == 'info':
            return bsetInfo(db)
        elif args.command == 'purge':
            return purge(db, cache)
        elif args.command == 'delete':
            return deleteBsets(db, cache)
        elif args.command == 'priority':
            return setPriority(db)
        elif args.command == 'rename':
            return renameSet(db)
        elif args.command == 'getconfig':
            return getConfig(db)
        elif args.command == 'setconfig':
            return setConfig(db)
        elif args.command == 'orphans':
            return removeOrphans(db, cache)
        elif args.command == 'upgrade':
            return
    except KeyboardInterrupt:
        pass
    except TardisDB.AuthenticationException as e:
        logger.error("Authentication failed.  Bad password")
        sys.exit(1)
    except Exception as e:
        logger.error("Caught exception: %s", str(e))
        exceptionLogger.log(e)
    finally:
        if db:
            db.close()
Exemplo n.º 10
0
def main():
    global logger
    parseArgs()
    logger = Util.setupLogging(args.verbose)

    # Commands which cannot be executed on remote databases
    allowRemote = args.command not in ['create']

    db = None
    crypt = None
    cache = None
    try:
        password = Util.getPassword(args.password,
                                    args.passwordfile,
                                    args.passwordprog,
                                    prompt="Password for %s: " % (args.client),
                                    allowNone=(args.command != 'setPass'))
        if args.command in ['setpass', 'create']:
            if password and not checkPasswordStrength(password):
                return -1

            if args.password:
                pw2 = Util.getPassword(args.password,
                                       args.passwordfile,
                                       args.passwordprog,
                                       prompt='Confirm Password: '******'t match")
                    return -1
                pw2 = None

        if password:
            crypt = TardisCrypto.TardisCrypto(password, args.client)
            password = None
            args.password = None

        if args.command == 'create':
            return createClient(crypt)

        if args.command == 'setpass':
            if not crypt:
                logger.error("No password specified")
                return -1
            return setToken(crypt)

        if args.command == 'chpass':
            newpw = Util.getPassword(args.newpw,
                                     args.newpwf,
                                     args.newpwp,
                                     prompt="New Password for %s: " %
                                     (args.client),
                                     allowNone=False)
            if not checkPasswordStrength(newpw):
                return -1

            if args.newpw is True:
                newpw2 = Util.getPassword(args.newpw,
                                          args.newpwf,
                                          args.newpwp,
                                          prompt="New Password for %s: " %
                                          (args.client),
                                          allowNone=False)
                if newpw2 != newpw:
                    logger.error("Passwords don't match")
                    return -1
                newpw2 = None

            crypt2 = TardisCrypto.TardisCrypto(newpw, args.client)
            newpw = None
            args.newpw = None
            return changePassword(crypt, crypt2)

        try:
            (db, cache) = getDB(crypt, allowRemote=allowRemote)
            if crypt:
                if args.keys:
                    (f, c) = Util.loadKeys(args.keys,
                                           db.getConfigValue('ClientID'))
                else:
                    (f, c) = db.getKeys()
                crypt.setKeys(f, c)
        except Exception as e:
            logger.critical("Unable to connect to database: %s", e)
            sys.exit(1)

        if args.command == 'keys':
            return moveKeys(db, crypt)
        elif args.command == 'list':
            return listBSets(db)
        elif args.command == 'files':
            return listFiles(db, crypt)
        elif args.command == 'info':
            return bsetInfo(db)
        elif args.command == 'purge':
            return purge(db, cache)
        elif args.command == 'delete':
            return deleteBsets(db, cache)
        elif args.command == 'getconfig':
            return getConfig(db)
        elif args.command == 'setconfig':
            return setConfig(db)
        elif args.command == 'orphans':
            return removeOrphans(db, cache)
    except KeyboardInterrupt:
        pass
    except Exception as e:
        logger.error("Caught exception: %s", str(e))
        logger.exception(e)
    finally:
        if db:
            db.close()
Exemplo n.º 11
0
def main():
    global logger
    parseArgs()
    logger = Util.setupLogging(args.verbose)

    # Commands which cannot be executed on remote databases
    allowRemote = args.command not in ['create', 'upgrade']

    db      = None
    crypt   = None
    cache   = None
    try:
        confirm = args.command in ['setpass', 'create']
        allowNone = args.command not in ['setpass', 'chpass']
        try:
            password = Util.getPassword(args.password, args.passwordfile, args.passwordprog, prompt="Password for %s: " % (args.client), allowNone=allowNone, confirm=confirm)
        except Exception as e:
            logger.critical(str(e))
            if args.exceptions:
                logger.exception(e)
            return -1
            
        if password:
            crypt = TardisCrypto.TardisCrypto(password, args.client)
            args.password = None

        if args.command == 'create':
            return createClient(crypt, password)

        if args.command == 'setpass':
            if not Util.checkPasswordStrength(password):
                return -1

            if not crypt:
                logger.error("No password specified")
                return -1
            return setPassword(crypt, password)

        if args.command == 'chpass':
            return changePassword(crypt, password)

        upgrade = (args.command == 'upgrade')

        try:
            (db, cache, crypt) = getDB(crypt, password, allowRemote=allowRemote, allowUpgrade=upgrade)

            if crypt and args.command != 'keys':
                if args.keys:
                    (f, c) = Util.loadKeys(args.keys, db.getConfigValue('ClientID'))
                else:
                    (f, c) = db.getKeys()
                crypt.setKeys(f, c)
        except TardisDB.AuthenticationException as e:
            logger.error("Authentication failed.  Bad password")
            if args.exceptions:
                logger.exception(e)
            sys.exit(1)
        except Exception as e:
            logger.critical("Unable to connect to database: %s", e)
            if args.exceptions:
                logger.exception(e)
            sys.exit(1)

        if args.command == 'keys':
            return moveKeys(db, crypt)
        elif args.command == 'list':
            return listBSets(db, crypt, cache)
        elif args.command == 'files':
            return listFiles(db, crypt)
        elif args.command == 'info':
            return bsetInfo(db)
        elif args.command == 'purge':
            return purge(db, cache)
        elif args.command == 'delete':
            return deleteBsets(db, cache)
        elif args.command == 'priority':
            return setPriority(db)
        elif args.command == 'rename':
            return renameSet(db)
        elif args.command == 'getconfig':
            return getConfig(db)
        elif args.command == 'setconfig':
            return setConfig(db)
        elif args.command == 'orphans':
            return removeOrphans(db, cache)
        elif args.command == 'upgrade':
            return
    except KeyboardInterrupt:
        pass
    except TardisDB.AuthenticationException as e:
        logger.error("Authentication failed.  Bad password")
        sys.exit(1)
    except Exception as e:
        logger.error("Caught exception: %s", str(e))
        if args.exceptions:
            logger.exception(e)
    finally:
        if db:
            db.close()