def on_wapt_trigger_update_status(self,message):
logger.info(u'trigger update status from server: %s' % message)
task = WaptUpdate()
task.force = False
task.notify_user = False
task.notify_server_on_finish = True
task.created_by = 'waptservice'
self.task_manager.add_task(task).as_dict()
def on_wapt_trigger_update_status(self,message):
logger.info(u'trigger update status from server: %s' % message)
task = WaptUpdate()
task.force = False
task.notify_user = False
task.notify_server_on_finish = True
task.created_by = 'waptservice'
self.task_manager.add_task(task).as_dict()
def on_trigger_host_action(self,args,result_callback=None):
try:
start_time = time.time()
actions = args
if not isinstance(actions,list):
actions =[actions]
logger.debug('Host actions "%s" triggered by SocketIO' % ",".join([action['action'] for action in actions]))
# check signatures
if not self.wapt:
raise Exception('Wapt not available')
verified_by = None
for action in actions:
name = action['action']
verified_by = None
signer_cert_chain = SSLCABundle().add_pem(action['signer_certificate']).certificates()
chain = self.wapt.cabundle.check_certificates_chain(signer_cert_chain)
if chain:
required_attributes = ['uuid','action']
if name in ['trigger_install_packages','trigger_remove_packages','trigger_forget_packages']:
required_attributes.append('packages')
if name in ['trigger_change_description']:
required_attributes.append('computer_description')
if name in waptservice_remote_actions:
required_attributes.extend(waptservice_remote_actions[name].required_attributes)
verified_by = chain[0].verify_claim(action,max_age_secs=waptconfig.signature_clockskew,
required_attributes=required_attributes)
if not verified_by:
raise SSLVerifyException('Bad signature for action %s, aborting' % action)
if verified_by:
verified_by = verified_by.get('verified_by',None)
result = []
for action in actions:
uuid = action['uuid']
if uuid != self.wapt.host_uuid:
raise Exception('Task is not targeted to this host. task''s uuid does not match host''uuid')
name = action['action']
if name in ['trigger_cancel_all_tasks']:
data = [t.as_dict() for t in self.task_manager.cancel_all_tasks()]
result.append(data)
elif name in ['trigger_host_update','trigger_host_register']:
if name == 'trigger_host_update':
task = WaptUpdate()
elif name == 'trigger_host_register':
task = WaptRegisterComputer(computer_description = action.get('computer_description',None))
task.force = action.get('force',False)
task.notify_user = action.get('notify_user',False)
task.notify_server_on_finish = action.get('notify_server',False)
task.created_by = verified_by
data = self.task_manager.add_task(task).as_dict()
result.append(data)
elif name in ['trigger_change_description']:
desc = action.get('computer_description',None)
if desc is not None:
setuphelpers.set_computer_description(desc)
msg = u'Computer description of %s changed to %s' % (setuphelpers.get_hostname(),setuphelpers.get_computer_description())
if not setuphelpers.get_computer_description() == desc:
raise Exception(u'Computer description has not been changed')
result.append(dict(success=True,
msg = msg,
result = msg,
))
if action.get('notify_server',False):
task = WaptUpdate(created_by=verified_by)
task.notify_server_on_finish = True
self.task_manager.add_task(task)
result.append(task.as_dict())
elif name == 'trigger_host_upgrade':
notify_user = action.get('notify_user',False)
notify_server_on_finish = action.get('notify_server',False)
force = action.get('force',False)
self.wapt.update(force=False)
upgrades = self.wapt.list_upgrade()
to_install = upgrades['upgrade']+upgrades['additional']+upgrades['install']
for req in to_install:
result.append(self.task_manager.add_task(WaptPackageInstall(req,force=force,notify_user=notify_user,created_by=verified_by)).as_dict())
self.task_manager.add_task(WaptAuditPackage(packagename=req,force=False,
notify_user=notify_user,
notify_server_on_finish=False,
priority=200,
created_by=verified_by)).as_dict()
result.append(self.task_manager.add_task(WaptUpgrade(notify_user=notify_user,created_by=verified_by,priority=200)).as_dict())
result.append(self.task_manager.add_task(WaptCleanup(notify_user=False,created_by=verified_by,priority=200)).as_dict())
elif name in ['trigger_install_packages','trigger_remove_packages','trigger_forget_packages']:
packagenames = ensure_list(action['packages'])
for packagename in packagenames:
if name == 'trigger_install_packages':
task = WaptPackageInstall(packagename=packagename)
elif name == 'trigger_remove_packages':
task = WaptPackageRemove(packagename=packagename)
elif name == 'trigger_forget_packages':
task = WaptPackageForget(packagenames=packagename)
task.force = action.get('force',False)
task.notify_user = action.get('notify_user',False)
task.notify_server_on_finish = action.get('notify_server',False)
task.created_by=verified_by
result.append(self.task_manager.add_task(task).as_dict())
if name == 'trigger_install_packages':
self.task_manager.add_task(WaptAuditPackage(packagename=packagename,force=task.force,
notify_user=task.notify_user,
notify_server_on_finish=task.notify_server_on_finish,
priority=200)).as_dict()
elif name == 'trigger_waptservicerestart':
msg = setuphelpers.create_onetime_task('waptservicerestart','cmd.exe','/C net stop waptservice & net start waptservice')
result.append(dict(success=True,msg = msg,result = msg))
elif name in waptservice_remote_actions:
waptservice_remote_actions[name].trigger_action(self,action,verified_by)
else:
raise EWaptException('Unhandled remote action %s' % name)
#self.emit('trigger_update_result',{'result':data})
if result_callback:
result_callback(make_response(result,uuid=self.wapt.host_uuid,request_time=time.time()-start_time))
except BaseException as e:
logger.info('Exception for actions %s: %s' % (repr(args),repr(e)))
if result_callback:
result_callback(make_response_from_exception(e,uuid=self.wapt.host_uuid,request_time=time.time()-start_time))
def on_trigger_host_action(self,args,result_callback=None):
try:
start_time = time.time()
actions = args
if not isinstance(actions,list):
actions =[actions]
# check signatures
if not self.wapt:
raise Exception('Wapt not available')
verified_by = None
for action in actions:
logger.info('Host actions "%s" triggered by SocketIO by %s' % (action['action'],action['signer']))
name = action['action']
verified_by = None
# full cert chain provided with the signed action
if action.get('signer_certificate',None):
signer_cert_ca = SSLCABundle()
signer_cert_ca.add_certificates_from_pem(action['signer_certificate'])
signer_cert_chain = signer_cert_ca.certificates()
else:
# only sha256 fingerprint provided. (lighter). issuer must be in the authorized cabundle
signer_cert = self.wapt.cabundle.certificate(action['signer'])
if signer_cert:
signer_cert_chain = [signer_cert]
else:
signer_cert_chain = []
chain = self.wapt.cabundle.check_certificates_chain(signer_cert_chain)
if chain:
required_attributes = ['uuid','action']
if name in ['trigger_install_packages','trigger_remove_packages','trigger_forget_packages']:
required_attributes.append('packages')
if name in ['trigger_change_description']:
required_attributes.append('computer_description')
if name in waptservice_remote_actions:
required_attributes.extend(waptservice_remote_actions[name].required_attributes)
verified_by = chain[0].verify_claim(action,max_age_secs=waptconfig.signature_clockskew,
required_attributes=required_attributes)
else:
raise SSLVerifyException('Untrusted certificate %s for signed action %s, aborting' % (signer_cert_chain,action))
if not verified_by:
raise SSLVerifyException('Bad signature for action %s, aborting' % action)
if verified_by:
verified_by = verified_by.get('verified_by',None)
result = []
for action in actions:
uuid = action['uuid']
if uuid != self.wapt.host_uuid:
raise Exception('Task is not targeted to this host. task''s uuid does not match host''uuid')
name = action['action']
if name in ['trigger_cancel_all_tasks']:
data = [t.as_dict() for t in self.task_manager.cancel_all_tasks()]
result.append(data)
elif name in ['trigger_host_update','trigger_host_register']:
if name == 'trigger_host_update':
task = WaptUpdate()
elif name == 'trigger_host_register':
task = WaptRegisterComputer(computer_description = action.get('computer_description',None))
task.force = action.get('force',False)
task.notify_user = action.get('notify_user',False)
task.notify_server_on_finish = action.get('notify_server',False)
task.created_by = verified_by
data = self.task_manager.add_task(task).as_dict()
result.append(data)
elif name in ['trigger_change_description']:
desc = action.get('computer_description',None)
if desc is not None:
setuphelpers.set_computer_description(desc)
msg = u'Computer description of %s changed to %s' % (setuphelpers.get_hostname(),setuphelpers.get_computer_description())
if not setuphelpers.get_computer_description() == desc:
raise Exception(u'Computer description has not been changed')
result.append(dict(success=True,
msg = msg,
result = msg,
))
if action.get('notify_server',False):
task = WaptUpdate(created_by=verified_by)
task.notify_server_on_finish = True
self.task_manager.add_task(task)
result.append(task.as_dict())
elif name == 'trigger_host_upgrade':
notify_user = action.get('notify_user',False)
notify_server_on_finish = action.get('notify_server',False)
force = action.get('force',False)
only_priorities = action.get('only_priorities',None)
only_if_not_process_running = action.get('only_if_not_process_running',False)
update_packages = action.get('update',True)
if update_packages:
result.append(self.task_manager.add_task(WaptUpdate(force=force,notify_user=notify_user,
)).as_dict())
result.append(self.task_manager.add_task(WaptUpgrade(notify_user=notify_user,
created_by=verified_by,
only_priorities=only_priorities,
only_if_not_process_running=only_if_not_process_running,
force=force
)).as_dict())
result.append(self.task_manager.add_task(WaptCleanup(notify_user=False,created_by=verified_by,priority=200)).as_dict())
elif name in ['trigger_install_packages','trigger_remove_packages','trigger_forget_packages']:
packagenames = action['packages']
only_priorities = action.get('only_priorities',None)
only_if_not_process_running = action.get('only_if_not_process_running',False)
for packagename in packagenames:
if name == 'trigger_install_packages':
task = WaptPackageInstall(packagenames=packagename)
elif name == 'trigger_remove_packages':
task = WaptPackageRemove(packagenames=packagename)
elif name == 'trigger_forget_packages':
task = WaptPackageForget(packagenames=packagename)
task.force = action.get('force',False)
task.notify_user = action.get('notify_user',False)
task.notify_server_on_finish = action.get('notify_server',False)
task.created_by=verified_by
task.only_priorities=only_priorities
task.only_if_not_process_running=only_if_not_process_running
result.append(self.task_manager.add_task(task).as_dict())
if name == 'trigger_install_packages':
self.task_manager.add_task(WaptAuditPackage(packagenames=packagenames,
force=task.force,
notify_user=task.notify_user,
notify_server_on_finish=task.notify_server_on_finish,
priority=200)).as_dict()
elif name == 'trigger_waptservicerestart':
try:
msg = setuphelpers.create_onetime_task('waptservicerestart','cmd.exe','/C net stop waptservice & net start waptservice')
result.append(dict(success=True,msg = msg,result = msg))
except:
# restart by nssm
os._exit(10)
elif name == 'trigger_longtask':
task = WaptLongTask()
task.force = args.get('force',False)
task.notify_user = args.get('notify_user',False)
task.notify_server_on_finish = args.get('notify_server',False)
task.created_by=verified_by
result.append(self.task_manager.add_task(task).as_dict())
elif name in waptservice_remote_actions:
waptservice_remote_actions[name].trigger_action(self,action,verified_by)
else:
raise EWaptException('Unhandled remote action %s' % name)
#self.emit('trigger_update_result',{'result':data})
if result_callback:
result_callback(make_response(result,uuid=self.wapt.host_uuid,request_time=time.time()-start_time))
except BaseException as e:
logger.info('Exception for actions %s: %s' % (repr(args),repr(e)))
if result_callback:
result_callback(make_response_from_exception(e,uuid=self.wapt.host_uuid,request_time=time.time()-start_time))
def on_trigger_host_action(self,args,result_callback=None):
try:
start_time = time.time()
actions = args
if not isinstance(actions,list):
actions =[actions]
logger.debug('Host actions "%s" triggered by SocketIO' % ",".join([action['action'] for action in actions]))
# check signatures
if not self.wapt:
raise Exception('Wapt not available')
verified_by = None
for action in actions:
name = action['action']
verified_by = None
# full cert chain provided with the signed action
if action.get('signer_certificate',None):
signer_cert_chain = SSLCABundle().add_certificates_from_pem(action['signer_certificate']).certificates()
else:
# only sha256 fingerprint provided. (lighter). issuer must be in the authorized cabundle
signer_cert = self.wapt.cabundle.certificate(action['signer'])
if signer_cert:
signer_cert_chain = [signer_cert]
else:
signer_cert_chain = []
chain = self.wapt.cabundle.check_certificates_chain(signer_cert_chain)
if chain:
required_attributes = ['uuid','action']
if name in ['trigger_install_packages','trigger_remove_packages','trigger_forget_packages']:
required_attributes.append('packages')
if name in ['trigger_change_description']:
required_attributes.append('computer_description')
if name in waptservice_remote_actions:
required_attributes.extend(waptservice_remote_actions[name].required_attributes)
verified_by = chain[0].verify_claim(action,max_age_secs=waptconfig.signature_clockskew,
required_attributes=required_attributes)
else:
raise SSLVerifyException('Untrusted certificate %s for signed action %s, aborting' % (signer_cert_chain,action))
if not verified_by:
raise SSLVerifyException('Bad signature for action %s, aborting' % action)
if verified_by:
verified_by = verified_by.get('verified_by',None)
result = []
for action in actions:
uuid = action['uuid']
if uuid != self.wapt.host_uuid:
raise Exception('Task is not targeted to this host. task''s uuid does not match host''uuid')
name = action['action']
if name in ['trigger_cancel_all_tasks']:
data = [t.as_dict() for t in self.task_manager.cancel_all_tasks()]
result.append(data)
elif name in ['trigger_host_update','trigger_host_register']:
if name == 'trigger_host_update':
task = WaptUpdate()
elif name == 'trigger_host_register':
task = WaptRegisterComputer(computer_description = action.get('computer_description',None))
task.force = action.get('force',False)
task.notify_user = action.get('notify_user',False)
task.notify_server_on_finish = action.get('notify_server',False)
task.created_by = verified_by
data = self.task_manager.add_task(task).as_dict()
result.append(data)
elif name in ['trigger_change_description']:
desc = action.get('computer_description',None)
if desc is not None:
setuphelpers.set_computer_description(desc)
msg = u'Computer description of %s changed to %s' % (setuphelpers.get_hostname(),setuphelpers.get_computer_description())
if not setuphelpers.get_computer_description() == desc:
raise Exception(u'Computer description has not been changed')
result.append(dict(success=True,
msg = msg,
result = msg,
))
if action.get('notify_server',False):
task = WaptUpdate(created_by=verified_by)
task.notify_server_on_finish = True
self.task_manager.add_task(task)
result.append(task.as_dict())
elif name == 'trigger_host_upgrade':
notify_user = action.get('notify_user',False)
notify_server_on_finish = action.get('notify_server',False)
force = action.get('force',False)
only_priorities = action.get('only_priorities',None)
only_if_not_process_running = action.get('only_if_not_process_running',False)
update_packages = action.get('update',True)
if update_packages:
result.append(self.task_manager.add_task(WaptUpdate(force=force,notify_user=notify_user,
)).as_dict())
result.append(self.task_manager.add_task(WaptUpgrade(notify_user=notify_user,
created_by=verified_by,
only_priorities=only_priorities,
only_if_not_process_running=only_if_not_process_running,
force=force
)).as_dict())
result.append(self.task_manager.add_task(WaptCleanup(notify_user=False,created_by=verified_by,priority=200)).as_dict())
elif name in ['trigger_install_packages','trigger_remove_packages','trigger_forget_packages']:
packagenames = action['packages']
only_priorities = action.get('only_priorities',None)
only_if_not_process_running = action.get('only_if_not_process_running',False)
for packagename in packagenames:
if name == 'trigger_install_packages':
task = WaptPackageInstall(packagenames=packagename)
elif name == 'trigger_remove_packages':
task = WaptPackageRemove(packagenames=packagename)
elif name == 'trigger_forget_packages':
task = WaptPackageForget(packagenames=packagename)
task.force = action.get('force',False)
task.notify_user = action.get('notify_user',False)
task.notify_server_on_finish = action.get('notify_server',False)
task.created_by=verified_by
task.only_priorities=only_priorities
task.only_if_not_process_running=only_if_not_process_running
result.append(self.task_manager.add_task(task).as_dict())
if name == 'trigger_install_packages':
self.task_manager.add_task(WaptAuditPackage(packagenames=packagenames,
force=task.force,
notify_user=task.notify_user,
notify_server_on_finish=task.notify_server_on_finish,
priority=200)).as_dict()
elif name == 'trigger_waptservicerestart':
msg = setuphelpers.create_onetime_task('waptservicerestart','cmd.exe','/C net stop waptservice & net start waptservice')
result.append(dict(success=True,msg = msg,result = msg))
elif name == 'trigger_longtask':
task = WaptLongTask()
task.force = args.get('force',False)
task.notify_user = args.get('notify_user',False)
task.notify_server_on_finish = args.get('notify_server',False)
task.created_by=verified_by
result.append(self.task_manager.add_task(task).as_dict())
elif name in waptservice_remote_actions:
waptservice_remote_actions[name].trigger_action(self,action,verified_by)
else:
raise EWaptException('Unhandled remote action %s' % name)
#self.emit('trigger_update_result',{'result':data})
if result_callback:
result_callback(make_response(result,uuid=self.wapt.host_uuid,request_time=time.time()-start_time))
except BaseException as e:
logger.info('Exception for actions %s: %s' % (repr(args),repr(e)))
if result_callback:
result_callback(make_response_from_exception(e,uuid=self.wapt.host_uuid,request_time=time.time()-start_time))