Пример #1
0
def smb4_restore_tdbfile(tdb_src, tdb_dst):
    try:
        db_r = tdb.open(tdb_src, flags=os.O_RDONLY)

    except Exception as e:
        print >> sys.stderr, "Unable to open %s: %s" % (tdb_src, e)
        return False

    try:
         db_w = tdb.open(tdb_dst, flags=os.O_RDWR)

    except Exception as e:
        print >> sys.stderr, "Unable to open %s: %s" % (tdb_dst, e)
        return False

    for key in db_r.iterkeys():
        try:
            db_w.transaction_start()

            db_w.lock_all()
            db_w[key] = db_r.get(key)
            db_w.unlock_all()

            db_w.transaction_prepare_commit()
            db_w.transaction_commit()

        except Exception as e: 
            print >> sys.stderr, "Transaction for key %s failed: %s" % (key, e)
            db_w.transaction_cancel()

    db_r.close()
    db_w.close()

    return True
Пример #2
0
    def readItem(self, lpath):
        t = None
        info = None
        #self.debug('readItem(%s)...' % (lpath,))

        try:
            fpath = self.fullPath(lpath)
            st = os.stat(fpath)
            if stat.S_ISDIR(st[stat.ST_MODE]): t = 'd'
        except:
            # it's a file
            t = 'f'
            #self.debug('readItem: stat(%s): %s %s' % (fpath, sys.exc_type, sys.exc_value))
            pass

        #self.debug('readItem: type for <%s> is %s' % (lpath, t))
        if t == 'f':
            try:
                db = tdb.open(self.dirIndexPath(self.parentPath(lpath)))
                str = db[self.fileName(lpath)]
            except:
                #self.debug('readItem: db key for %s not found' % (lpath,))
                return None, None
            info = VFSFileInfo(lpath, str)
            db.close()
        elif t == 'd':
            #print 'readItem: opening %s' % self.dirIndexPath(lpath)
            try:
                db = tdb.open(self.dirIndexPath(lpath))
                str = db[self.__DirInfoKey]
            except:
                return None, None
            info = VFSDirInfo(lpath, str)
            db.close()
        return t, info
Пример #3
0
def smb4_restore_tdbfile(tdb_src, tdb_dst):
    try:
        db_r = tdb.open(tdb_src, flags=os.O_RDONLY)

    except Exception as e:
        print >> sys.stderr, "Unable to open %s: %s" % (tdb_src, e)
        return False

    try:
        db_w = tdb.open(tdb_dst, flags=os.O_RDWR)

    except Exception as e:
        print >> sys.stderr, "Unable to open %s: %s" % (tdb_dst, e)
        return False

    for key in db_r.iterkeys():
        try:
            db_w.transaction_start()

            db_w.lock_all()
            db_w[key] = db_r.get(key)
            db_w.unlock_all()

            db_w.transaction_prepare_commit()
            db_w.transaction_commit()

        except Exception as e:
            print >> sys.stderr, "Transaction for key %s failed: %s" % (key, e)
            db_w.transaction_cancel()

    db_r.close()
    db_w.close()

    return True
Пример #4
0
 def writeItem(self, lpath, data):
     typ, info = data
     if info.Type == 'f':
         db = tdb.open(self.dirIndexPath(self.parentPath(lpath)), True)
         db[self.fileName(lpath)] = info.serialize()
         db.sync()
         db.close()
     else:  # assume 'd'
         db = tdb.open(self.dirIndexPath(lpath), True)
         db[self.__DirInfoKey] = info.serialize()
         db.sync()
         db.close()
Пример #5
0
def check_smb_passwd(username, passwd):
    passdb = tdb.open(smb_passdb)
    try:
        user_record = passdb.get("USER_%s\x00" % username.lower())
        if not user_record: return False
        return binascii.a2b_hex(smbpasswd.nthash(passwd)) in user_record
    finally:
        passdb.close()
Пример #6
0
def test_delete_user():
    copyfile(DB_ORIGIN, DB_FILE)
    pdb = PassDB(DB_FILE)
    del pdb["naota"]
    pdb.close()
    db = tdb.open(DB_FILE)
    assert "USER_naota\x00" not in db
    assert "RID_000003e8\x00" not in db
    db.close()
Пример #7
0
 def offline_tdb_copy(self, path):
     backup_path = path + self.backup_ext
     try:
         tdb_copy(path, backup_path, readonly=True)
     except CalledProcessError as copy_err:
         # If the copy didn't work, check if it was caused by an EINVAL
         # error on opening the DB.  If so, it's a mutex locked database,
         # which we can safely ignore.
         try:
             tdb.open(path)
         except Exception as e:
             if hasattr(e, 'errno') and e.errno == errno.EINVAL:
                 return
             raise e
         raise copy_err
     if not os.path.exists(backup_path):
         s = "tdbbackup said backup succeeded but {} not found"
         raise CommandError(s.format(backup_path))
Пример #8
0
    def open_tdb(self):
        secret_path = f'{SMBPath.PRIVATEDIR.platform()}/secrets.tdb'

        if os.path.isfile(secret_path):
            self.tdb = tdb.open(secret_path, self.flags)
        else:
            self.tdb = tdb.Tdb(secret_path, 0, tdb.DEFAULT,
                               os.O_CREAT | os.O_RDWR)
        self.is_open = True
Пример #9
0
def test_append_user():
    copyfile(DB_ORIGIN, DB_FILE)
    pdb = PassDB(DB_FILE)
    pdb.append(User("foo"))
    pdb.close()
    db = tdb.open(DB_FILE)
    assert "USER_foo\x00" in db
    assert db["RID_000003e9\x00"] == "foo\x00"
    assert db["NEXT_RID\x00"] == "\xea\x03\x00\x00"
    db.close()
Пример #10
0
def test_change_password():
    copyfile(DB_ORIGIN, DB_FILE)
    pdb = PassDB(DB_FILE)
    user = pdb["naota"]
    user.set_password("hogefuga")
    pdb["naota"] = user
    pdb.close()
    db = tdb.open(DB_FILE)
    assert unpack_user(db["USER_naota\x00"]).nt_pw == \
        nthash("hogefuga").decode("hex")
    db.close()
Пример #11
0
def smb4_backup_tdbfile(tdb_src, tdb_dst):
    try:
        db_r = tdb.open(tdb_src, flags=os.O_RDONLY)

    except Exception as e:
        print >> sys.stderr, "Unable to open %s: %s" % (tdb_src, e)
        log.error("Unable to open {0}: {1}".format(tdb_src, e))
        log_traceback(log=log)
        return False

    try:
        db_w = tdb.open(tdb_dst, flags=os.O_RDWR | os.O_CREAT, mode=0600)

    except Exception as e:
        print >> sys.stderr, "Unable to open %s: %s" % (tdb_dst, e)
        log.error("Unable to open {0}: {1}".format(tdb_dst, e))
        log_traceback(log=log)
        return False

    for key in db_r.iterkeys():
        try:
            db_w.transaction_start()
            db_w[key] = db_r.get(key)
            db_w.transaction_prepare_commit()
            db_w.transaction_commit()

        except Exception as e:
            print >> sys.stderr, "Transaction for key %s failed: %s" % (key, e)
            log.error("Transaction for key {0} failed: {1}".format(key, e))
            log_traceback(log=log)
            db_w.transaction_cancel()

    db_r.close()
    db_w.close()

    return True
Пример #12
0
 def rmfile(self, lpath):
     if not self.exists(lpath):
         return 1, 'Already deleted'
     if not self.isFile(lpath):
         return 0, 'Is not a file'
     info = self.getFileInfo(lpath)
     try:
         db = tdb.open(self.dirIndexPath(self.parentPath(lpath)))
         del db[self.fileName(lpath)]
         db.sync()
         db.close()
     except:
         return 0, 'Error: %s %s' % (sys.exc_info()[0], sys.exc_info()[1])
     vfssrv_global.G_CellIF.delFile(lpath, info.Servers)
     del self.Cache[lpath]
     return 1, 'OK'
Пример #13
0
    def validate_groupmap_hwm(self, low_range):
        """
        Middleware forces allocation of GIDs for Users, Groups, and Administrators
        to be deterministic with the default idmap backend. Bump up the idmap_tdb
        high-water mark to avoid conflicts with these and remove any mappings that
        conflict. Winbindd will regenerate the removed ones as-needed.
        """
        must_reload = False

        try:
            tdb_handle = tdb.open(
                f"{SMBPath.STATEDIR.platform()}/winbindd_idmap.tdb")
        except FileNotFoundError:
            return must_reload

        try:
            group_hwm_bytes = tdb_handle.get(b'GROUP HWM\00')
            hwm = struct.unpack("<L", group_hwm_bytes)[0]
            if hwm < low_range + 2:
                tdb_handle.transaction_start()
                new_hwm_bytes = struct.pack("<L", group_hwm_bytes)
                tdb_handle.store(b'GROUP HWM\00', new_hwm_bytes)
                tdb_handle.transaction_commit()
                self.middleware.call_sync('idmap.snapshot_samba4_dataset')
                must_reload = True

            for key in tdb_handle.keys():
                if key[:3] == b'GID' and int(
                        key.decode()[4:-3]) < (low_range + 2):
                    reverse = tdb_handle.get(key)
                    tdb_handle.transaction_start()
                    tdb_handle.delete(key)
                    tdb_handle.delete(reverse)
                    tdb_handle.transaction_commit()
                    if not must_reload:
                        self.middleware.call_sync(
                            'idmap.snapshot_samba4_dataset')
                    must_reload = True

        except Exception as e:
            self.logger.warning("TDB maintenace failed: %s", e)

        finally:
            tdb_handle.close()

        return must_reload
Пример #14
0
 def listDir(self, dir, ptrn='*'):
     # always returns list of relative paths
     dir = VFSCanonicPath(dir)
     lst1 = []
     db = tdb.open(self.dirIndexPath(dir))
     for fn in self.glob1(dir, ptrn):
         lpath = dir + '/' + fn
         typ = self.getType(lpath)
         info = None
         if typ == 'f':
             info = VFSFileInfo(lpath, db[fn])
         elif typ == 'd':
             info = self.getDirInfo(lpath)
         # remove dir from fn
         lst1.append((fn, typ, info))
     #print 'listDir(%s, %s): lst1(%d): %s' % (dir, ptrn, len(lst1), lst1[:5])
     db.close()
     return lst1
Пример #15
0
 def glob1(self, dirp, ptrn):
     # returns unsorted list of items in the directory matching the pattern
     db = tdb.open(self.dirIndexPath(dirp))
     lst = list(db.keys())
     db.close()
     #print 'glob1: lst1(%d): %s...' % (len(lst), lst[:5])
     lst = list(
         filter(lambda fn, pt=ptrn, s=self: fn != s.__DirInfoKey and fnmatch
                .fnmatch(fn, pt),
                lst))
     #print 'glob1: lst2(%d): %s...' % (len(lst), lst[:5])
     fullp = self.fullPath(dirp)
     for fn in glob.glob1(fullp, '*'):
         if not fn or fn[0] == '.': continue
         st = os.stat(fullp + '/' + fn)
         if stat.S_ISDIR(st[stat.ST_MODE]):
             lst.append(fn)
     #print 'glob1: lst3(%d): ...%s' % (len(lst), lst[-5:])
     return lst
Пример #16
0
 def glob2(self, dirp, ptrn='*'):
     #print 'glob2: opening %s' % dirp
     db = tdb.open(self.dirIndexPath(dirp))
     files = list(
         filter(lambda fn, pt=ptrn, s=self: fn != s.__DirInfoKey and fnmatch
                .fnmatch(fn, pt),
                list(db.keys())))
     lst = []
     for fn in files:
         info = VFSFileInfo(dirp + '/' + fn, db[fn])
         lst.append((fn, 'f', info))
     db.close()
     fullp = self.fullPath(dirp)
     for fn in glob.glob1(fullp, '*'):
         if not fn or fn[0] == '.': continue
         st = os.stat(fullp + '/' + fn)
         if stat.S_ISDIR(st[stat.ST_MODE]):
             lp = dirp + '/' + fn
             info = self.getDirInfo(lp)
             if info != None:
                 lst.append((fn, 'd', info))
     return lst
Пример #17
0
def decrypt_database(args):
    """Decrypt KCM Databases"""
    _LOGGER.debug("[*] Opening TDB database...")
    tdb_db = tdb.open(args.database[0])
    _LOGGER.debug("[*] Loading master key...")
    with open(args.key[0], 'rb') as f:
        tdb_db_key = f.read()
    _LOGGER.debug("[*] Printing TDB key values...")
    lookup_table = list()
    for key in tdb_db.keys():
        if key.decode('ascii', errors='ignore').startswith(
            ('DN=CN=DEFAULT', 'DN=@BASEINFO', 'DN=CN=CCACHE')) is False:
            _LOGGER.debug(key)
            lookup_table.append(key)
    for key in lookup_table:
        _LOGGER.debug("[*] Currently processing key: %s", str(key))
        raw_key = tdb_db.get(key)
        secret = raw_key.decode('utf-8',
                                errors='ignore').split('secret')[1].rsplit(
                                    '\x00', 1)[0].rsplit('\x00', 1)[1]
        _LOGGER.debug("Stripped base64 payload: %s", secret)
        encrypted_secret = base64.b64decode(secret)
        signature = encrypted_secret[-HMAC_LENGTH:]
        hmac_input = encrypted_secret[:-HMAC_LENGTH]
        if hmac.new(tdb_db_key, hmac_input,
                    hashlib.sha256).digest() != signature:
            _LOGGER.debug("HMAC Authentication Failed")
        else:
            _LOGGER.debug("HMAC Authentication Succeeded")
        iv_bytes = encrypted_secret[:AES_BLOCK_SIZE]
        encrypted_secret = encrypted_secret[AES_BLOCK_SIZE:]
        cipher_op = AES.new(tdb_db_key, AES.MODE_CBC, iv_bytes)
        decrypted_secret = cipher_op.decrypt(encrypted_secret)
        # This strips out characters that are not needed
        strip_length = len(decrypted_secret) - 33
        b64_kerberos_ticket = decrypted_secret[:strip_length]
        kerberos_ticket_json = base64.b64decode(b64_kerberos_ticket)
        print(kerberos_ticket_json.decode('utf-8'))
Пример #18
0
            open(fname, 'w').write(conn.loadfile(rname))
            os.utime(fname, (time(), f['mtime']))

if __name__ == '__main__':
    parse = argparse.ArgumentParser(description='Sysvol replication tool')
    parse.add_argument('server', help='FQDN of server to replicate sysvol from')
    args = parse.parse_args()

    parser = optparse.OptionParser()
    lp = getopt.SambaOptions(parser).get_loadparm()
    creds = getopt.CredentialsOptions(parser).get_credentials(lp, fallback_machine=True)
    conn = smb.SMB(args.server, 'sysvol', lp=lp, creds=creds)

    gpo_versions = '%s/%s' % (lp.get('path', 'sysvol'), 'versions.tdb')
    if os.path.isfile(gpo_versions):
        vers_f = tdb.open(gpo_versions)
    else:
        vers_f = tdb.Tdb(gpo_versions, 0, tdb.DEFAULT, os.O_CREAT|os.O_RDWR)

    gpo_path = win_path_join(lp.get('realm').lower(), 'Policies')
    gpos = [x['name'] for x in conn.list(gpo_path)]
    for gpo in gpos:
        s_gpo_path = win_path_join(gpo_path, gpo)
        # Check if the version has changed
        fname = win_path_join(s_gpo_path, 'GPT.INI')
        data = conn.loadfile(fname)
        gpt_ini = ConfigParser()
        gpt_ini.readfp(StringIO(data))
        new_vers = gpt_ini.get('General', 'Version')
        old_vers = vers_f.get(gpo)
        if (old_vers and old_vers != new_vers) or not old_vers:
Пример #19
0
 def __init__(self, log_file):
     if os.path.isfile(log_file):
         self.log = tdb.open(log_file)
     else:
         self.log = tdb.Tdb(log_file, 0, tdb.DEFAULT,
                            os.O_CREAT | os.O_RDWR)
Пример #20
0
# What can be done instead is manipulate the TDB directly
# interpreting the format manually
# Structure: https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/blob/master/src/modules/module-device-restore.c#L363
# The list of tags is found here:
# https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/blob/master/src/pulsecore/tagstruct.h
# Helper methods:
# https://gitlab.freedesktop.org/pulseaudio/pulseaudio/-/blob/master/src/pulsecore/tagstruct.c
machine_id = open('/etc/machine-id', 'r').read().rstrip()
device_volumes_db = os.environ[
    'HOME'] + '/.config/pulse/' + machine_id + '-device-volumes.tdb'
default_sink = open(os.environ['HOME'] + '/.config/pulse/' + machine_id +
                    '-default-sink').read().rstrip()
default_source = open(os.environ['HOME'] + '/.config/pulse/' + machine_id +
                      '-default-source').read().rstrip()

db = tdb.open(device_volumes_db)

# Examples:
# version 1 - volume not valid (skip rest)
# 42 01 30 4e
#  x = db.get(b'sink:alsa_output.usb-C-Media_Electronics_Inc._Microsoft_LifeChat_LX-3000-00.iec958-stereo:iec958-stereo-output')
# bytes(x).hex()
# version 1 - volume valid yes - channel map 'm' - volume 'v' - muted valid yes - muted no - number of format 1
# format: tag format 'f' - encoding 01 - proplist 'P' - value
# '4201 31 6d020102 760200004a3d00004a3d 31 30 4201
# 66 4201 504e'
# mapping of device with port
# '4201 31 746d756c74696368616e6e656c2d696e70757400')


class per_port_entry(dict):
Пример #21
0
 def __init__(self, name, hash_size=0):
     self.db = tdb.open(name, hash_size)
Пример #22
0
 def __init__(self, path):
     write = not os.path.exists(path) or os.access(path, os.W_OK)
     mode = os.O_RDWR | os.O_CREAT if write else os.O_RDONLY
     self.db = tdb.open(path, flags=mode)
Пример #23
0
 def __init__(self, filename):
     self.filename = filename
     self.context = tdb.open(utils.SmartStr(filename),
                             flags=os.O_CREAT | os.O_RDWR)
     self.lock = threading.RLock()
Пример #24
0
 def __init__(self, filename):
   self.filename = filename
   self.context = tdb.open(utils.SmartStr(filename),
                           flags=os.O_CREAT | os.O_RDWR)
   self.lock = threading.RLock()
Пример #25
0
 def __init__(self, name, hash_size=0):
     self.db = tdb.open(name, hash_size)