def pack(self, values): metric = { 'hostname': '', 'spoof': 0, 'units': '', 'slope': 'both', 'tmax': 60, 'dmax': 0 } metric.update(values) if metric.get('spoof', False): metric['spoof'] = 1 else: metric['spoof'] = 0 metric['slope'] = SLOPE[metric['slope']] for key in ('name', 'value', 'type'): if key not in metric: raise KeyError("Missing {0}".format(key)) if metric['type'] not in ('string', 'int8', 'uint8', 'int16', 'uint16', 'int32', 'uint32', 'float', 'double'): raise TypeError("Invalid metric type") convert = lambda v: v.encode() if isinstance(v, str) else v metric = {key: convert(value) for key, value in metric.items()} # Metadata meta = Packer() meta.pack_int(128) meta.pack_string(metric['hostname']) meta.pack_string(metric['name']) meta.pack_int(int(metric['spoof'])) meta.pack_string(metric['type']) meta.pack_string(metric['name']) meta.pack_string(metric['units']) meta.pack_int(metric['slope']) meta.pack_uint(int(metric['tmax'])) meta.pack_uint(int(metric['dmax'])) # Group support if 'group' in metric: meta.pack_int(1) meta.pack_string(b"GROUP") meta.pack_string(metric['group']) else: meta.pack_int(0) # Data data = Packer() data.pack_int(128 + 5) data.pack_string(metric['hostname']) data.pack_string(metric['name']) data.pack_int(int(metric['spoof'])) data.pack_string(b"%s") data.pack_string(bytes(metric['value'])) return meta.get_buffer(), data.get_buffer()
def secure_data(self, cred, data): log_gss.debug("secure_data(%r)" % cred) cred = cred.body if cred.service == rpc_gss_svc_none or \ cred.gss_proc in (RPCSEC_GSS_INIT, RPCSEC_GSS_CONTINUE_INIT): return data p = Packer() context = self._get_context(cred.handle) try: if cred.service == rpc_gss_svc_integrity: # data = opaque[gss_seq_num+data] + opaque[checksum] p.pack_uint(cred.seq_num) data = p.get_buffer() + data token = context.getMIC(data) # XXX BUG set qop p.reset() p.pack_opaque(data) p.pack_opaque(token) data = p.get_buffer() elif cred.service == rpc_gss_svc_privacy: # data = opaque[wrap([gss_seq_num+data])] p.pack_uint(cred.seq_num) data = p.get_buffer() + data token = context.wrap(data) # XXX BUG set qop p.reset() p.pack_opaque(token) data = p.get_buffer() else: # Can't get here, but doesn't hurt log_gss.error("Unknown service %i for RPCSEC_GSS" % cred.service) except gssapi.Error as e: # XXX What now? log_gss.warn("secure_data: gssapi call returned %s" % e.name) raise return data
def secure_data(self, cred, data): log_gss.debug("secure_data(%r)" % cred) cred = cred.body if cred.service == rpc_gss_svc_none or \ cred.gss_proc in (RPCSEC_GSS_INIT, RPCSEC_GSS_CONTINUE_INIT): return data p = Packer() context = self._get_context(cred.handle) try: if cred.service == rpc_gss_svc_integrity: # data = opaque[gss_seq_num+data] + opaque[checksum] p.pack_uint(cred.seq_num) data = p.get_buffer() + data token = context.getMIC(data) # XXX BUG set qop p.reset() p.pack_opaque(data) p.pack_opaque(token) data = p.get_buffer() elif cred.service == rpc_gss_svc_privacy: # data = opaque[wrap([gss_seq_num+data])] p.pack_uint(cred.seq_num) data = p.get_buffer() + data token = context.wrap(data) # XXX BUG set qop p.reset() p.pack_opaque(token) data = p.get_buffer() else: # Can't get here, but doesn't hurt log_gss.error("Unknown service %i for RPCSEC_GSS" % cred.service) except gssapi.Error as e: # XXX What now? log_gss.warn("secure_data: gssapi call returned %s" % e.name) raise return data
def pack(self, values): metric = { 'hostname': '', 'spoof': 0, 'units': '', 'slope': 'both', 'tmax': 60, 'dmax': 0 } metric.update(values) if metric.get('spoof', False): metric['spoof'] = 1 else: metric['spoof'] = 0 metric['slope'] = SLOPE[metric['slope']] for key in ('name', 'value', 'type'): if key not in metric: raise KeyError("Missing {0}".format(key)) if metric['type'] not in ('string', 'int8', 'uint8', 'int16', 'uint16', 'int32', 'uint32', 'float', 'double'): raise TypeError("Invalid metric type") convert = lambda v: v.encode() if isinstance(v, str) else v metric = {key: convert(value) for key, value in metric.items()} # Metadata meta = Packer() meta.pack_int(128) meta.pack_string(metric['hostname']) meta.pack_string(metric['name']) meta.pack_int(int(metric['spoof'])) meta.pack_string(metric['type']) meta.pack_string(metric['name']) meta.pack_string(metric['units']) meta.pack_int(metric['slope']) meta.pack_uint(int(metric['tmax'])) meta.pack_uint(int(metric['dmax'])) # Group support if 'group' in metric: meta.pack_int(1) meta.pack_string(b"GROUP") meta.pack_string(metric['group']) else: meta.pack_int(0) # Data data = Packer() data.pack_int(128 + 5) data.pack_string(metric['hostname']) data.pack_string(metric['name']) data.pack_int(int(metric['spoof'])) data.pack_string(b"%s") data.pack_string(bytes(metric['value'])) return meta.get_buffer(), data.get_buffer()
def __store_key(self, full_key): self.extres.db_env.nosyncerror_txn_checkpoint(MINS_BETWEEN_DB_CHECKPOINTS) trans = self.extres.db_env.txn_begin() try: key_id = sha(full_key).digest() if self.extres.counterparty_map.get(key_id, txn=trans, flags=db.DB_RMW) is not None : return id_in_rep = randsource.get(SIZE_OF_UNIQS) id_in = _mix_counterparties(self.__my_public_key_id, key_id, id_in_rep) id_out_rep = randsource.get(SIZE_OF_UNIQS) id_out = _mix_counterparties(self.__my_public_key_id, key_id, id_out_rep) key_seed = randsource.get(SIZE_OF_UNIQS) sr = HashRandom.SHARandom(_mix_counterparties(self.__my_public_key_id, key_id, key_seed)) symmetric_key = sr.get(SIZE_OF_SYMMETRIC_KEYS) iv = randsource.get(8) p = Packer() p.pack_fstring(SIZE_OF_UNIQS, key_id) x = MojoKey.makeRSAPublicKeyMVFromSexpString(full_key) padded = '\000' + cryptutil.oaep(symmetric_key, len(self.__key.get_modulus()) - 1) # The prepended 0 byte is to make modval happy. assert len(padded) == len(self.__key.get_modulus()) x.set_value_string(padded) x.encrypt() p.pack_string(x.get_value()) p.pack_fstring(8, iv) penc = Packer() penc.pack_string(self.__key.get_modulus()) penc.pack_fstring(SIZE_OF_UNIQS, id_out_rep) penc.pack_fstring(SIZE_OF_UNIQS, id_in_rep) penc.pack_fstring(SIZE_OF_UNIQS, key_seed) # debugprint("------ ------ ------ ------ hmachish(key=%s, message=%s)\n" % (`symmetric_key`, `penc.get_buffer()`)) hashie = cryptutil.hmacish(key=symmetric_key, message=penc.get_buffer()) paddedhashie = '\000' + cryptutil.oaep(hashie, len(self.__key.get_modulus()) - 1) # The prepended 0 byte is to make modval happy. assert len(paddedhashie) == len(self.__key.get_modulus()) self.__key.set_value_string(paddedhashie) self.__key.sign() signature = self.__key.get_value() penc.pack_fstring(len(signature), signature) encrypted = tripledescbc.new(symmetric_key).encrypt(iv, penc.get_buffer()) p.pack_string(encrypted) header = p.get_buffer() self.extres.counterparty_map.put(key_id, dumps([id_in, id_out, symmetric_key, header, full_key], 1), txn=trans) self.extres.session_map.put(id_in, full_key, txn=trans) trans.commit() trans = None finally: if trans is not None: trans.abort()
def test_AVP(self): a1 = AVP(1, b"user") a1.setMandatory(True) assert a1.isMandatory() a1.setMandatory(False) assert not a1.isMandatory() a1.setPrivate(True) assert a1.isPrivate() a1.setPrivate(False) assert not a1.isPrivate() a1 = AVP(1, b"user") e_sz1 = a1.encodeSize() p = Packer() e_sz2 = a1.encode(p) assert e_sz1 == 12 assert e_sz2 == 12 assert e_sz1 == e_sz2 u = Unpacker(p.get_buffer()) d_sz1 = AVP.decodeSize(u, e_sz2) assert d_sz1 == e_sz2 a2 = AVP() assert a2.decode(u, d_sz1) assert a1.code == a2.code assert a1.vendor_id == a2.vendor_id #same as above, but requires padding a1 = AVP(1, b"user") e_sz1 = a1.encodeSize() p = Packer() e_sz2 = a1.encode(p) assert e_sz1 == e_sz2 u = Unpacker(p.get_buffer()) d_sz1 = AVP.decodeSize(u, e_sz2) assert d_sz1 == e_sz2 a2 = AVP() assert a2.decode(u, d_sz1) assert a1.code == a2.code assert a1.vendor_id == a2.vendor_id
def __call__(self, arg): msg = rpc_msg(xid=self.xid, body=rpc_msg.body(mtype=msg_type.CALL, cbody=call_body(rpcvers=2, prog=self.prog, vers=self.vers, proc=self.procedure.procedure_id, cred=opaque_auth.NONE(), verf=opaque_auth.NONE()))) from xdrlib import Packer packer = Packer() msg.pack(packer) print("msg: %s" % packer.get_buffer()) arg.pack(packer) print("msg: %s" % packer.get_buffer())
def gmetric_meta(NAME, TYPE, UNITS, SLOPE, TMAX, DMAX, EXTRAS=None): """ Arguments are in all upper-case to match XML """ packer = Packer() packer.pack_int(128) # "gmetadata_full" packer.pack_string('nickg-macbook.local') packer.pack_string(NAME) packer.pack_bool(False) packer.pack_string(TYPE) packer.pack_string(NAME) packer.pack_string(UNITS) packer.pack_int(slope_str2int[SLOPE]) # map slope string to int packer.pack_uint(int(TMAX)) packer.pack_uint(int(DMAX)) if EXTRAS is None: packer.pack_uint(0) else: packer.pack_uint(len(EXTRAS)) for k, v in EXTRAS.iteritems(): packer.pack_string(k) packer.pack_string(v) return packer.get_buffer()
def gmetric_meta(NAME, TYPE, UNITS, SLOPE, TMAX, DMAX, EXTRAS=None): """ Arguments are in all upper-case to match XML """ packer = Packer() packer.pack_int(128) # "gmetadata_full" packer.pack_string('nickg-macbook.local') packer.pack_string(NAME) packer.pack_bool(False) packer.pack_string(TYPE) packer.pack_string(NAME) packer.pack_string(UNITS) packer.pack_int(slope_str2int[SLOPE]) # map slope string to int packer.pack_uint(int(TMAX)) packer.pack_uint(int(DMAX)) if EXTRAS is None: packer.pack_uint(0) else: packer.pack_uint(len(EXTRAS)) for k,v in EXTRAS.iteritems(): packer.pack_string(k) packer.pack_string(v) return packer.get_buffer()
def gmetric_write_meta(HOST, NAME, TYPE, UNITS, SLOPE, TMAX, DMAX, GROUP): """ Arguments are in all upper-case to match XML """ packer = Packer() """ ganglia message formats gmetadata_full = 128, gmetric_ushort = 129, gmetric_short = 130, gmetric_int = 131, gmetric_uint = 132, gmetric_string = 133, gmetric_float = 134, gmetric_double = 135 """ packer.pack_int(128) # type gmetadata_full packer.pack_string(HOST) packer.pack_string(NAME) packer.pack_int(0) packer.pack_string(TYPE) packer.pack_string(NAME) packer.pack_string(UNITS) packer.pack_int(slope_str2int[SLOPE]) # map slope string to int packer.pack_int(TMAX) packer.pack_int(DMAX) packer.pack_int(1) packer.pack_string("GROUP") packer.pack_string(GROUP) return packer.get_buffer()
def gmetric_write_meta(HOST, NAME, TYPE, UNITS, SLOPE, TMAX, DMAX, GROUP): """ Arguments are in all upper-case to match XML """ packer = Packer() """ ganglia message formats gmetadata_full = 128, gmetric_ushort = 129, gmetric_short = 130, gmetric_int = 131, gmetric_uint = 132, gmetric_string = 133, gmetric_float = 134, gmetric_double = 135 """ packer.pack_int(128) # type gmetadata_full packer.pack_string(HOST) packer.pack_string(NAME) packer.pack_int(0) packer.pack_string(TYPE) packer.pack_string(NAME) packer.pack_string(UNITS) packer.pack_int(slope_str2int[SLOPE]) # map slope string to int packer.pack_int(TMAX) packer.pack_int(DMAX) packer.pack_int(1) packer.pack_string("GROUP") packer.pack_string(GROUP) return packer.get_buffer()
def init_cred(self, call, target="nfs@jupiter", source=None, oid=None): # STUB - need intelligent way to set defaults good_major = [GSS_S_COMPLETE, GSS_S_CONTINUE_NEEDED] p = Packer() up = GSSUnpacker('') # Set target (of form nfs@SERVER) target = gssapi.Name(target, gssapi.NameType.hostbased_service) # Set source (of form USERNAME) if source is not None: source = gssapi.Name(source, gssapi.NT_USER_NAME) gss_cred = gssapi.Credential(gssapi.INITIATE, source.ptr) # XXX else: # Just use default cred gss_cred = None # RFC2203 5.2.2. Context Creation Requests # When GSS_Init_sec_context() is called, the parameters # replay_det_req_flag and sequence_req_flag must be turned off. # Note - by default, out_of_sequence_detection flag (sequence_req_flag) is used by gssapi.init_sec_context() # and we have 'An expected per-message token was not received' error (GSS_S_GAP_TOKEN). # To prevent this, we need to use default flags without out_of_sequence_detection bit. flags = gssapi.IntEnumFlagSet( gssapi.RequirementFlag, [gssapi.RequirementFlag.mutual_authentication]) context = gssapi.SecurityContext(name=target, creds=gss_cred, flags=flags) input_token = None handle = b'' proc = RPCSEC_GSS_INIT while not context.complete: # Call initSecContext. If it returns COMPLETE, we are done. # If it returns CONTINUE_NEEDED, we must send d['token'] # to the target, which will run it through acceptSecContext, # and give us back a token we need to send through initSecContext. # Repeat as necessary. output_token = context.step(input_token) if context.complete: # XXX if res.major == CONTINUE there is a bug in library code # STUB - now what? Just use context? # XXX need to use res.seq_window # XXX - what if handle still '' ? self._add_context(context, handle) break # Send token to target using protocol of RFC 2203 sect 5.2.2 credinfo = CredInfo(self, context=handle, gss_proc=proc) proc = RPCSEC_GSS_CONTINUE_INIT p.reset() p.pack_opaque(output_token) header, reply = call(p.get_buffer(), credinfo) up.reset(reply) res = up.unpack_rpc_gss_init_res() up.done() # res now holds relevent output from target's acceptSecContext call if res.gss_major not in good_major: raise GSSError(res.gss_major, res.gss_minor) handle = res.handle # Should not change between calls input_token = res.gss_token # This needs to be sent to SecurityContext.step() return CredInfo(self, context=handle)
def gmetric_write(NAME, VAL, TYPE, UNITS, SLOPE, TMAX, DMAX, GROUP, SPOOF): """ Arguments are in all upper-case to match XML """ packer = Packer() HOSTNAME = "test" if SPOOF == "": SPOOFENABLED = 0 else: SPOOFENABLED = 1 # Meta data about a metric packer.pack_int(128) if SPOOFENABLED == 1: packer.pack_string(SPOOF) else: packer.pack_string(HOSTNAME) packer.pack_string(NAME) packer.pack_int(SPOOFENABLED) packer.pack_string(TYPE) packer.pack_string(NAME) packer.pack_string(UNITS) packer.pack_int(slope_str2int[SLOPE]) # map slope string to int packer.pack_uint(int(TMAX)) packer.pack_uint(int(DMAX)) # Magic number. Indicates number of entries to follow. Put in 1 for GROUP if GROUP == "": packer.pack_int(0) else: packer.pack_int(1) packer.pack_string("GROUP") packer.pack_string(GROUP) # Actual data sent in a separate packet data = Packer() data.pack_int(128 + 5) if SPOOFENABLED == 1: data.pack_string(SPOOF) else: data.pack_string(HOSTNAME) data.pack_string(NAME) data.pack_int(SPOOFENABLED) data.pack_string("%s") data.pack_string(str(VAL)) return (packer.get_buffer(), data.get_buffer())
def gmetric_write(NAME, VAL, TYPE, UNITS, SLOPE, TMAX, DMAX, GROUP, SPOOF): """ Arguments are in all upper-case to match XML """ packer = Packer() HOSTNAME="test" if SPOOF == "": SPOOFENABLED=0 else : SPOOFENABLED=1 # Meta data about a metric packer.pack_int(128) if SPOOFENABLED == 1: packer.pack_string(SPOOF) else: packer.pack_string(HOSTNAME) packer.pack_string(NAME) packer.pack_int(SPOOFENABLED) packer.pack_string(TYPE) packer.pack_string(NAME) packer.pack_string(UNITS) packer.pack_int(slope_str2int[SLOPE]) # map slope string to int packer.pack_uint(int(TMAX)) packer.pack_uint(int(DMAX)) # Magic number. Indicates number of entries to follow. Put in 1 for GROUP if GROUP == "": packer.pack_int(0) else: packer.pack_int(1) packer.pack_string("GROUP") packer.pack_string(GROUP) # Actual data sent in a separate packet data = Packer() data.pack_int(128+5) if SPOOFENABLED == 1: data.pack_string(SPOOF) else: data.pack_string(HOSTNAME) data.pack_string(NAME) data.pack_int(SPOOFENABLED) data.pack_string("%s") data.pack_string(str(VAL)) return ( packer.get_buffer() , data.get_buffer() )
def gmetric_value(NAME, VAL): packer = Packer() packer.pack_int(128 + 5) # string packer.pack_string('nickg-macbook.local') packer.pack_string(NAME) packer.pack_bool(False) packer.pack_string('%s') packer.pack_string(VAL) return packer.get_buffer()
def _mix_counterparties(cp1, cp2, data): assert type(cp1) == type('') assert type(cp2) == type('') assert type(data) == type('') p = Packer() p.pack_string(cp1) p.pack_string(cp2) p.pack_string(data) return sha(p.get_buffer()).digest()
def gmetric_value(NAME, VAL): packer = Packer() packer.pack_int(128+5) # string packer.pack_string('nickg-macbook.local') packer.pack_string(NAME) packer.pack_bool(False) packer.pack_string('%s') packer.pack_string(VAL) return packer.get_buffer()
def _unittest(): mh = MessageHeader() assert mh.version == 1 mh.setRequest(True) assert mh.isRequest() mh.setRequest(False) assert not mh.isRequest() mh.setProxiable(True) assert mh.isProxiable() mh.setProxiable(False) assert not mh.isProxiable() mh.setError(True) assert mh.isError() mh.setError(False) assert not mh.isError() mh.setRetransmit(True) assert mh.isRetransmit() mh.setRetransmit(False) assert not mh.isRetransmit() mh.setRequest(True) mh.setProxiable(True) mh.setRetransmit(True) mh.command_code = 42 mh.hop_by_hop_identifier = 17 mh.end_to_end_identifier = 117 mh2 = MessageHeader() mh2.prepareResponse(mh) assert not mh2.isRequest() assert mh2.isProxiable() assert not mh2.isRetransmit() assert mh2.command_code == mh.command_code assert mh2.hop_by_hop_identifier == mh.hop_by_hop_identifier assert mh2.end_to_end_identifier == mh.end_to_end_identifier p = Packer() ml = mh.encodeSize() mh.encode(p, ml) mh3 = MessageHeader() u = Unpacker(p.get_buffer()) #u.reset(p.get_buffer()) mh3.decode(u) assert mh3.version == 1 assert mh3.version == mh.version assert mh3.command_flags == mh.command_flags assert mh3.command_code == mh.command_code assert mh3.hop_by_hop_identifier == mh.hop_by_hop_identifier assert mh3.end_to_end_identifier == mh.end_to_end_identifier
def send_metareq(self, values, address): packer = Packer() packer.pack_int(136) if not values['spoof']: packer.pack_string(address[0]) else: packer.pack_string(":".join((address[0], values['hostname']))) packer.pack_string(values['metricname']) packer.pack_bool(values['spoof']) self.transport.write(packer.get_buffer(),address) return
def send(self): ''' packs the Header vars into a buffer ''' unp = Packer() unp.pack_uint(self.magic) unp.pack_uint(self.version) unp.pack_uint(self.msgid) unp.pack_uint(self.msglen) unp.pack_uint(0) # reply_addr y reply_port unp.pack_uint(0) # reply_addr y reply_port unp.pack_fstring(8, self.callsign.encode()) return unp.get_buffer()
def gmetric_write(NAME, VAL, TYPE, UNITS, SLOPE, TMAX, DMAX, GROUP, SPOOF): """ Arguments are in all upper-case to match XML """ packer = Packer() HOSTNAME = 'test' if SPOOF == '': SPOOFENABLED = 0 else: SPOOFENABLED = 1 packer.pack_int(128) if SPOOFENABLED == 1: packer.pack_string(SPOOF) else: packer.pack_string(HOSTNAME) packer.pack_string(NAME) packer.pack_int(SPOOFENABLED) packer.pack_string(TYPE) packer.pack_string(NAME) packer.pack_string(UNITS) packer.pack_int(slope_str2int[SLOPE]) packer.pack_uint(int(TMAX)) packer.pack_uint(int(DMAX)) if GROUP == '': packer.pack_int(0) else: packer.pack_int(1) packer.pack_string('GROUP') packer.pack_string(GROUP) data = Packer() data.pack_int(133) if SPOOFENABLED == 1: data.pack_string(SPOOF) else: data.pack_string(HOSTNAME) data.pack_string(NAME) data.pack_int(SPOOFENABLED) data.pack_string('%s') data.pack_string(str(VAL)) return (packer.get_buffer(), data.get_buffer())
def sendV3Data(self, sock, address, value): if time.time() - self.lastMetadataSendTime >= self.metadataInterval: self.sendMetadata(sock, address) packer = Packer() packer.pack_enum(self.formatIDs[self.type]) packer.pack_string(self.hostname) packer.pack_string(self.name) packer.pack_bool(False) # spoof = false packer.pack_string(self.format) self.packValue(packer, value) sock.sendto(packer.get_buffer(), address)
def gmetric_write(ID, HOST, NAME, VAL): """ Arguments are in all upper-case to match XML """ packer = Packer() packer.pack_int(133) packer.pack_string(HOST) packer.pack_string(NAME) packer.pack_int(0) packer.pack_string("%s") packer.pack_string(str(VAL)) return packer.get_buffer()
def gmetric_write(ID, HOST, NAME, VAL): """ Arguments are in all upper-case to match XML """ packer = Packer() packer.pack_int(133) packer.pack_string(HOST) packer.pack_string(NAME) packer.pack_int(0) packer.pack_string("%s") packer.pack_string(str(VAL)) return packer.get_buffer()
def _bytes_from_length(len, closing): """ The RPC standard calls for the length of a message to be sent as the least significant 31 bits of an XDR encoded unsigned integer. The most significant bit encodes a True/False bit which indicates that this message will be the last. """ assert 0 <= len < 2**31 from xdrlib import Packer if closing: len += 2**31 packer = Packer() packer.pack_uint(len) return packer.get_buffer()
def gmetric_write(NAME, VAL, TYPE, UNITS, SLOPE, TMAX, DMAX): """ Arguments are in all upper-case to match XML """ packer = Packer() packer.pack_int(0) # type gmetric packer.pack_string(TYPE) packer.pack_string(NAME) packer.pack_string(str(VAL)) packer.pack_string(UNITS) packer.pack_int(slope_str2int[SLOPE]) # map slope string to int packer.pack_uint(int(TMAX)) packer.pack_uint(int(DMAX)) return packer.get_buffer()
def gmetric_write(NAME, VAL, TYPE, UNITS, SLOPE, TMAX, DMAX, GROUP, SPOOF): packer = Packer() HOSTNAME = 'test' if SPOOF == '': SPOOFENABLED = 0 else: SPOOFENABLED = 1 packer.pack_int(128) if SPOOFENABLED == 1: packer.pack_string(SPOOF) else: packer.pack_string(HOSTNAME) packer.pack_string(NAME) packer.pack_int(SPOOFENABLED) packer.pack_string(TYPE) packer.pack_string(NAME) packer.pack_string(UNITS) packer.pack_int(slope_str2int[SLOPE]) packer.pack_uint(int(TMAX)) packer.pack_uint(int(DMAX)) if GROUP == '': packer.pack_int(0) else: packer.pack_int(1) packer.pack_string('GROUP') packer.pack_string(GROUP) data = Packer() data.pack_int(133) if SPOOFENABLED == 1: data.pack_string(SPOOF) else: data.pack_string(HOSTNAME) data.pack_string(NAME) data.pack_int(SPOOFENABLED) data.pack_string('%s') data.pack_string(str(VAL)) return (packer.get_buffer(), data.get_buffer())
def __init__(self, stamp, machinename, uid, gid, gids): if len(machinename) > 255: raise SecError("machinename %s is too long" % machinename) if len(gids) > 16: raise SecError("gid array too long: %s" % str(gids)) try: p = Packer() p.pack_int(stamp) p.pack_string(machinename) p.pack_uint(uid) p.pack_uint(gid) p.pack_array(gids, p.pack_uint) self.cred = p.get_buffer() except Error, e: raise SecError("Packing error: %s", str(e))
def generate_message(self, recipient_id, message): connect_info = self._session_keeper.get_connect_info(recipient_id) symmetric_key = connect_info['symmetric_key'] p = Packer() if connect_info.has_key('session_id_out'): p.pack_fstring(4, '\000\000\000\001') p.pack_fstring(SIZE_OF_UNIQS, connect_info['session_id_out']) else: #debugprint('including full header on message to %s\n', args=(recipient_id,), vs='mesgen') # XXX verbose p.pack_fstring(4, '\000\000\000\000') p.pack_string(connect_info['header']) iv = randsource.get(8) p.pack_fstring(8, iv) pdec = Packer() pdec.pack_string(message) # debugprint("------ ------ ------ ------ hmachish(key=%s, message=%s)\n" % (`symmetric_key`, `message`)) mac = cryptutil.hmacish(key=symmetric_key, message=message) pdec.pack_fstring(SIZE_OF_UNIQS, mac) encrypted = tripledescbc.new(symmetric_key).encrypt(iv, pdec.get_buffer()) p.pack_string(encrypted) return p.get_buffer()
def __init__(self, stamp, machinename, uid, gid, gids): if len(machinename) > 255: raise SecError("machinename %s is too long" % machinename) if len(gids) > 16: raise SecError("gid array too long: %s" % str(gids)) try: p = Packer() p.pack_int(stamp) p.pack_string(machinename) p.pack_uint(uid) p.pack_uint(gid) p.pack_array(gids, p.pack_uint) self.cred = p.get_buffer() except Error, e: raise SecError("Packing error: %s", str(e))
def init_cred(self, call, target="nfs@jupiter", source=None, oid=None): # STUB - need intelligent way to set defaults good_major = [gssapi.GSS_S_COMPLETE, gssapi.GSS_S_CONTINUE_NEEDED] p = Packer() up = GSSUnpacker('') # Set target (of form nfs@SERVER) target = gssapi.Name(target, gssapi.NT_HOSTBASED_SERVICE) # Set source (of form USERNAME) if source is not None: source = gssapi.Name(source, gssapi.NT_USER_NAME) gss_cred = gssapi.Credential(gssapi.INITIATE, source.ptr) # XXX else: # Just use default cred gss_cred = None context = gssapi.Context() token = None handle = '' proc = RPCSEC_GSS_INIT while True: # Call initSecContext. If it returns COMPLETE, we are done. # If it returns CONTINUE_NEEDED, we must send d['token'] # to the target, which will run it through acceptSecContext, # and give us back a token we need to send through initSecContext. # Repeat as necessary. token = context.init(target, token, gss_cred) if context.open: # XXX if res.major == CONTINUE there is a bug in library code # STUB - now what? Just use context? # XXX need to use res.seq_window # XXX - what if handle still '' ? self._add_context(context, handle) break # Send token to target using protocol of RFC 2203 sect 5.2.2 credinfo = CredInfo(self, context=handle, gss_proc=proc) proc = RPCSEC_GSS_CONTINUE_INIT p.reset() p.pack_opaque(token) header, reply = call(p.get_buffer(), credinfo) up.reset(reply) res = up.unpack_rpc_gss_init_res() up.done() # res now holds relevent output from target's acceptSecContext call if res.gss_major not in good_major: raise gssapi.Error(res.gss_major, res.gss_minor) handle = res.handle # Should not change between calls token = res.gss_token # This needs to be sent to initSecContext return CredInfo(self, context=handle)
def sendV2Data(self, sock, address, value): packer = Packer() packer.pack_enum(0) # metric_user_defined packer.pack_string(self.type) packer.pack_string(self.name) packer.pack_string(str(value)) packer.pack_string(self.units) if self.slope == 'zero': slope = 0 else: slope = 3 # both packer.pack_uint(slope) packer.pack_uint(self.tmax) packer.pack_uint(self.dmax) sock.sendto(packer.get_buffer(), address)
def init_cred(self, call, target="nfs@jupiter", source=None, oid=None): # STUB - need intelligent way to set defaults good_major = [gssapi.GSS_S_COMPLETE, gssapi.GSS_S_CONTINUE_NEEDED] p = Packer() up = GSSUnpacker('') # Set target (of form nfs@SERVER) target = gssapi.Name(target, gssapi.NT_HOSTBASED_SERVICE) # Set source (of form USERNAME) if source is not None: source = gssapi.Name(source, gssapi.NT_USER_NAME) gss_cred = gssapi.Credential(gssapi.INITIATE, source.ptr) # XXX else: # Just use default cred gss_cred = None context = gssapi.Context() token = None handle = '' proc = RPCSEC_GSS_INIT while True: # Call initSecContext. If it returns COMPLETE, we are done. # If it returns CONTINUE_NEEDED, we must send d['token'] # to the target, which will run it through acceptSecContext, # and give us back a token we need to send through initSecContext. # Repeat as necessary. token = context.init(target, token, gss_cred) if context.open: # XXX if res.major == CONTINUE there is a bug in library code # STUB - now what? Just use context? # XXX need to use res.seq_window # XXX - what if handle still '' ? self._add_context(context, handle) break # Send token to target using protocol of RFC 2203 sect 5.2.2 credinfo = CredInfo(self, context=handle, gss_proc=proc) proc = RPCSEC_GSS_CONTINUE_INIT p.reset() p.pack_opaque(token) header, reply = call(p.get_buffer(), credinfo) up.reset(reply) res = up.unpack_rpc_gss_init_res() up.done() # res now holds relevent output from target's acceptSecContext call if res.gss_major not in good_major: raise gssapi.Error(res.gss_major, res.gss_minor) handle = res.handle # Should not change between calls token = res.gss_token # This needs to be sent to initSecContext return CredInfo(self, context=handle)
def signature_base(self) -> bytes: """Get the signature base of this transaction envelope. Return the "signature base" of this transaction, which is the value that, when hashed, should be signed to create a signature that validators on the Stellar Network will accept. It is composed of a 4 prefix bytes followed by the xdr-encoded form of this transaction. :return: The signature base of this transaction envelope. """ network_id = self._network_id packer = Packer() stellar_xdr.EnvelopeType.ENVELOPE_TYPE_TX_FEE_BUMP.pack(packer) self.transaction.to_xdr_object().pack(packer) return network_id + packer.get_buffer()
def make_reply_verf(self, cred, stat): log_gss.debug("CALL:make_reply_verf(%r, %i)" % (cred, stat)) cred = cred.body if stat: # Return trivial verf on error # NOTE this relies on GSS_S_COMPLETE == rpc.SUCCESS == 0 return rpclib.NULL_CRED elif cred.gss_proc in (RPCSEC_GSS_INIT, RPCSEC_GSS_CONTINUE_INIT): # init requires getMIC(seq_window) i = WINDOWSIZE else: # Else return getMIC(cred.seq_num) i = cred.seq_num p = Packer() p.pack_uint(i) # XXX BUG - need to set qop token = self._get_context(cred.handle).getMIC(p.get_buffer()) return opaque_auth(RPCSEC_GSS, token)
def make_reply_verf(self, cred, stat): log_gss.debug("CALL:make_reply_verf(%r, %i)" % (cred, stat)) cred = cred.body if stat: # Return trivial verf on error # NOTE this relies on GSS_S_COMPLETE == rpc.SUCCESS == 0 return rpclib.NULL_CRED elif cred.gss_proc in (RPCSEC_GSS_INIT, RPCSEC_GSS_CONTINUE_INIT): # init requires getMIC(seq_window) i = WINDOWSIZE else: # Else return getMIC(cred.seq_num) i = cred.seq_num p = Packer() p.pack_uint(i) # XXX BUG - need to set qop token = self._get_context(cred.handle).getMIC(p.get_buffer()) return opaque_auth(RPCSEC_GSS, token)
def _rpcPacket(): #Build RPC portmap call data = Packer() data.pack_uint(int(random() * 0xffffffff)) # Transaction Identifier (xid) data.pack_enum(CALL) # Message Type data.pack_uint(2) # RPC version data.pack_enum(PORTMAP) # Program data.pack_uint(2) # Program Version data.pack_enum(GETPORT) # Process data.pack_enum(AUTH_NULL) # Credentials data.pack_uint(0) # Credentials length data.pack_enum(AUTH_NULL) # Verifier data.pack_uint(0) # Verifier Length data.pack_enum(VXI11_CORE) # Called Program data.pack_uint(1) # Program Version data.pack_enum(TCP) # Program Protocol data.pack_uint(0) # Port return data.get_buffer()
def make_fxp_chunk(self, patch: Series) -> bytes: """Generates Synth1 chunk data from a patch.""" ver = int(patch['ver']) params = patch[self.params].to_numpy(dtype=int) if len(params) != 99: raise ValueError('Expected 99 parameters, got %i' % len(params)) # Ignore the non-conforming parameters parms = np.delete( params, tuple(self.params.index(s) for s in S1_IGNORE_PARAMS)) pak = Packer() # Pack parameters into xdr list. pak.pack_list(parms, pak.pack_int) # cast buffer to bytearray for some tweaking. list_buf = bytearray(pak.get_buffer()) # Exhibit B: Synth1 uses its own magic value for start of list (but not end) # So get rid of initial 0x0001 flag from packer; the actual magic value is in the header, which # is packed before this in the final chunk. del list_buf[0x0:0x4] # FWIW, when reading a chunk, this is what you pass into xdrlib.Unpacker: # pack('>L', 1) + fxp.chunk[0x239:0x4e5] + fxp.chunk[0x505:] # insert filler bytes into the bytearray at offset list_buf[S1_IGNORED_OFFSET:S1_IGNORED_OFFSET] = S1_IGNORED_FILLER # Exhibit C: For some reason, the key shift is little endian... unlike the rest of the parameters! # Swap these 7 bytes. list_buf[0x48:0x4F] = list_buf[0x4E:0x47:-1] chunk = BytesIO() chunk.write(pack(*s1_chunk_header(ver))) chunk.write(list_buf) chunk.write(pack(*s1_chunk_footer(ver))) byts = chunk.getvalue() chunk.close() return byts
def __init__(self, stamp=0, machinename='', uid=0, gid=0, gids=[]): if len(machinename) > 255: raise SecError("machinename %s is too long" % machinename) if len(gids) > 16: raise SecError("gid array too long: %s" % str(gids)) try: p = Packer() p.pack_int(stamp) try: # for python2 p.pack_string(machinename) except: # for python3 p.pack_string(bytes(machinename, 'utf-8')) p.pack_uint(uid) p.pack_uint(gid) p.pack_array(gids, p.pack_uint) self.cred = p.get_buffer() except Error as e: raise SecError("Packing error: %s", str(e)) self.uid = uid self.gid = gid
def signature_base(self) -> bytes: """Get the signature base of this transaction envelope. Return the "signature base" of this transaction, which is the value that, when hashed, should be signed to create a signature that validators on the Stellar Network will accept. It is composed of a 4 prefix bytes followed by the xdr-encoded form of this transaction. :return: The signature base of this transaction envelope. """ network_id = self._network_id tx = self.transaction if isinstance(self.transaction, Transaction) and not self.transaction.v1: tx = Transaction.from_xdr_object(self.transaction.to_xdr_object(), v1=False) tx.v1 = True packer = Packer() stellar_xdr.EnvelopeType.ENVELOPE_TYPE_TX.pack(packer) tx.to_xdr_object().pack(packer) return network_id + packer.get_buffer()
def sendMetadata(self, sock, address): self.lastMetadataSendTime = time.time() packer = Packer() packer.pack_enum(self.formatIDs['full']) packer.pack_string(self.hostname) packer.pack_string(self.name) packer.pack_bool(False) # spoof = false packer.pack_string(self.type) packer.pack_string(self.name) packer.pack_string(self.units) if self.slope == 'zero': slope = 0 else: slope = 3 packer.pack_uint(slope) packer.pack_uint(self.tmax) packer.pack_uint(self.dmax) packer.pack_uint(len(self.meta)) # array length for name, value in self.meta.items(): packer.pack_string(name) packer.pack_string(value) sock.sendto(packer.get_buffer(), address)
def send(self): try: unp = Packer() unp.pack_fstring(96, self.model.encode()) unp.pack_double(self.time) unp.pack_double(self.lag) unp.pack_farray(3, self.position, unp.pack_double) unp.pack_farray(3, self.orientation, unp.pack_float) unp.pack_farray(3, self.linear_vel, unp.pack_float) unp.pack_farray(3, self.angular_vel, unp.pack_float) unp.pack_farray(3, self.linear_accel, unp.pack_float) unp.pack_farray(3, self.angular_accel, unp.pack_float) unp.pack_uint(0) self.properties.send(unp) msgbuf = unp.get_buffer() headbuf = self.header.send() self.header.msglen = len(headbuf + msgbuf) #print("setting len=",self.header.msglen, len(headbuf + msgbuf)) headbuf = self.header.send() #print("len2=",self.header.msglen, len(headbuf+msgbuf)) return headbuf + msgbuf except: llogger.exception("ERROR creating msg") print(self.model)
def to_xdr_bytes(self) -> bytes: packer = Packer() self.pack(packer) return packer.get_buffer()
def handle_message(self, opaque_bytes, client_id): """ Handles a message, start to finish. Takes the opaque bytes representing the XDR encoded RPC message. Produces an RPC reply, also encoded as opaque bytes. """ from xdrlib import Unpacker, Packer unpacker = Unpacker(opaque_bytes) msg = rpc_msg.unpack(unpacker) print(msg.body.mtype.value) if msg.body.mtype != msg_type.CALL: print("No reply!") return None # do not reply to such a bad message. #response = self.handle_message(msg, # opaque_bytes[unpacker.get_position():]) print("Well-formed message!") print("rpc version: %d" % msg.body.cbody.rpcvers) print("program id: %d" % msg.body.cbody.prog) print("version id: %d" % msg.body.cbody.vers) print("procedure id: %d" % msg.body.cbody.proc) print("cred flavor: %d" % msg.body.cbody.cred.flavor) print("verf flavor: %d" % msg.body.cbody.verf.flavor) print("remaining bytes: %s" % opaque_bytes[unpacker.get_position():]) if msg.body.cbody.cred.flavor == auth_flavor.AUTH_SYS: print("using system auth") unpacker2 = Unpacker(msg.body.cbody.cred.body.bytes) params = authsys_parms.unpack(unpacker2) print(params) id = self.next_short_id self.next_short_id += 1 self.system_auth[id] = params packer = Packer() packer.pack_uint(id) verf = opaque_auth(flavor=auth_flavor.AUTH_SHORT, body=packer.get_buffer()) else: verf = opaque_auth.NONE() def _pack(reply): packer = Packer() reply.pack(packer) return packer.get_buffer() _body = rpc_msg.body _rbody = reply_body _rreply = rejected_reply _areply = accepted_reply _rdata = accepted_reply.reply_data if msg.body.cbody.rpcvers != 2: reply = rpc_msg(xid=msg.xid, body=_body(mtype=msg_type.REPLY, rbody=_rbody(stat=reply_stat.MSG_DENIED, rreply=_rreply(stat=reject_stat.RPC_MISMATCH, mismatch_info=mismatch_info(low=2, high=2))))) return _pack(reply) if msg.body.cbody.prog not in self.programs: print("no such program!") reply = rpc_msg(xid=msg.xid, body=_body(mtype=msg_type.REPLY, rbody=_rbody(stat=reply_stat.MSG_ACCEPTED, areply=_areply(verf=verf, reply_data=_rdata(stat=accept_stat.PROG_UNAVAIL))))) return _pack(reply) program = self.programs[msg.body.cbody.prog] print("program: %s" % str(program)) version = program.get_version_impl(msg.body.cbody.vers) print("version: %s" % str(version)) procedure = version.get_procedure_by_id(msg.body.cbody.proc) print("procedure: %s" % str(procedure)) print("procedure.arg_type: %s" % str(procedure.argument_type)) args = procedure.argument_type.unpack(unpacker) print("args: %s" % str(args)) response = procedure(version, msg, args) print("response: %s" % str(response)) reply = rpc_msg(xid=msg.xid, body=_body(mtype=msg_type.REPLY, rbody=_rbody(stat=reply_stat.MSG_ACCEPTED, areply=_areply(verf=verf, reply_data=_rdata(stat=accept_stat.SUCCESS))))) print("reply: %s" % str(reply)) packer = Packer() reply.pack(packer) response.pack(packer) print("bytes: %s" % str(packer.get_buffer())) return packer.get_buffer()
def _pack(reply): packer = Packer() reply.pack(packer) return packer.get_buffer()
import socket from xdrlib import Packer host = 'localhost' port = 8000 s = socket.socket(socket.AF_INET,socket.SOCK_STREAM) s.connect((host, port)) p = Packer() p.pack_int(1) s.send(p.get_buffer()) data = s.recv(1024) s.close() print 'recibido', repr(data)
async def _send_xdr(self, packer: xdrlib.Packer) -> None: await self.send_bytes(packer.get_buffer())
async def send_message(self, xdr: xdrlib.Packer) -> None: await self.send_bytes(self.server_cipher.encrypt(xdr.get_buffer()))
def _pack(avps): p = Packer() for a in avps: a.encode(p) return p.get_buffer()
def _gmetric(self, name, val, metric_type, units, slope, tmax, dmax, group, title, description, spoof): meta = Packer() HOSTNAME = socket.gethostname() if spoof: SPOOF_ENABLED = 1 else: SPOOF_ENABLED = 0 # Meta data about a metric packet_type = 128 meta.pack_int(packet_type) if SPOOF_ENABLED == 1: meta.pack_string(spoof) else: meta.pack_string(HOSTNAME) meta.pack_string(name) meta.pack_int(SPOOF_ENABLED) meta.pack_string(metric_type) meta.pack_string(name) meta.pack_string(units) meta.pack_int(METRIC_SLOPES[slope]) # map slope string to int meta.pack_uint(int(tmax)) meta.pack_uint(int(dmax)) extra_data = 0 if group: extra_data += 1 if title: extra_data += 1 if description: extra_data += 1 meta.pack_int(extra_data) if group: for g in group.split(','): meta.pack_string("GROUP") meta.pack_string(g) if title: meta.pack_string("TITLE") meta.pack_string(title) if description: meta.pack_string("DESC") meta.pack_string(description) # Actual data sent in a separate packet data = Packer() packet_type = METRIC_TYPES[metric_type] data.pack_int(packet_type) if SPOOF_ENABLED == 1: data.pack_string(spoof) else: data.pack_string(HOSTNAME) data.pack_string(name) data.pack_int(SPOOF_ENABLED) if metric_type in ['int8', 'uint8', 'int16', 'uint16', 'int32']: data.pack_string("%d") data.pack_int(int(val)) if metric_type == 'uint32': data.pack_string("%u") data.pack_uint(long(val)) if metric_type == 'string': data.pack_string("%s") data.pack_string(str(val)) if metric_type == 'float': data.pack_string("%f") data.pack_float(float(val)) if metric_type == 'double': data.pack_string("%f") data.pack_double(float(val)) # XXX - double or float? return meta.get_buffer(), data.get_buffer()
def compute_tlv(tag, message): packer = Packer() packer.pack_uint(tag) packer.pack_string(message) return packer.get_buffer()
def encode(self): '''Return the serialized bytes for the object.''' with _convert_exceptions(): xdr = Packer() self.encode_xdr(xdr) return xdr.get_buffer()
def _gmetric(self, name, val, type, units, slope, tmax, dmax, group, title, description, spoof): """ Arguments are in all upper-case to match XML """ meta = Packer() HOSTNAME=socket.gethostname() if spoof == "": SPOOFENABLED=0 else : SPOOFENABLED=1 # Meta data about a metric packet_type = 128 meta.pack_int(packet_type) if SPOOFENABLED == 1: meta.pack_string(spoof) else: meta.pack_string(HOSTNAME) meta.pack_string(name) meta.pack_int(SPOOFENABLED) meta.pack_string(type) meta.pack_string(name) meta.pack_string(units) meta.pack_int(SLOPES[slope]) # map slope string to int meta.pack_uint(int(tmax)) meta.pack_uint(int(dmax)) extra_data = 0 if group != "": extra_data += 1 if title != "": extra_data += 1 if description != "": extra_data += 1 meta.pack_int(extra_data) if group != "": meta.pack_string("GROUP") meta.pack_string(group) if title != "": meta.pack_string("TITLE") meta.pack_string(title) if description != "": meta.pack_string("DESC") meta.pack_string(description) # Actual data sent in a separate packet data = Packer() packet_type = TYPES[type] data.pack_int(packet_type) if SPOOFENABLED == 1: data.pack_string(spoof) else: data.pack_string(HOSTNAME) data.pack_string(name) data.pack_int(SPOOFENABLED) if type in ['int8','uint8','int16','uint16','int32']: data.pack_string("%d") data.pack_int(int(val)) if type == 'uint32': data.pack_string("%u") data.pack_uint(long(val)) if type == 'string': data.pack_string("%s") data.pack_string(str(val)) if type == 'float': data.pack_string("%f") data.pack_float(float(val)) if type == 'double': data.pack_string("%f") data.pack_double(float(val)) # XXX - double or float? return (meta.get_buffer(), data.get_buffer())
def _gmetric(self, name, val, metric_type, units, slope, tmax, dmax, group, title, description, spoof): meta = Packer() HOSTNAME = socket.gethostname() if spoof: SPOOF_ENABLED = 1 else: SPOOF_ENABLED = 0 # Meta data about a metric packet_type = 128 meta.pack_int(packet_type) if SPOOF_ENABLED == 1: meta.pack_string(spoof) else: meta.pack_string(HOSTNAME) meta.pack_string(name) meta.pack_int(SPOOF_ENABLED) meta.pack_string(metric_type) meta.pack_string(name) meta.pack_string(units) meta.pack_int(METRIC_SLOPES[slope]) # map slope string to int meta.pack_uint(int(tmax)) meta.pack_uint(int(dmax)) extra_data = 0 if group: extra_data += 1 if title: extra_data += 1 if description: extra_data += 1 meta.pack_int(extra_data) if group: for g in group.split(','): meta.pack_string("GROUP") meta.pack_string(g) if title: meta.pack_string("TITLE") meta.pack_string(title) if description: meta.pack_string("DESC") meta.pack_string(description) # Actual data sent in a separate packet data = Packer() packet_type = METRIC_TYPES[metric_type] data.pack_int(packet_type) if SPOOF_ENABLED == 1: data.pack_string(spoof) else: data.pack_string(HOSTNAME) data.pack_string(name) data.pack_int(SPOOF_ENABLED) if metric_type in ['int8', 'uint8', 'int16', 'uint16', 'int32']: data.pack_string("%d") data.pack_int(int(val)) if metric_type == 'uint32': data.pack_string("%u") data.pack_uint(long(val)) if metric_type == 'string': data.pack_string("%s") data.pack_string(str(val)) if metric_type == 'float': data.pack_string("%f") data.pack_float(float(val)) if metric_type == 'double': data.pack_string("%f") data.pack_double(float(val)) # XXX - double or float? return meta.get_buffer(), data.get_buffer()