def generate(self, path_to_cert_pem, country, state, city, organization,
ou, email, cn, days):
# create arguments array
data = {
'country': country,
'province': state,
'city': city,
'organization': organization,
'organizational-unit': ou,
'common-name': cn,
'e-mail': email,
'lifetime': days,
'output': path_to_cert_pem
}
args = [self.exe, "--action=create-root-certificate"]
for key in data.keys():
args.append("--%s=%s" % (key, str(data[key])))
(exit_code, stdout, stderr) = Command().run(args)
if exit_code == 0:
return
# if we got here everything is bad
raise Exception(
"Command %s failed.\n\tExit Code: %d\n\tSTDOUT: %s\n\tSTDERR: %s" %
(" ".join(args), exit_code, stdout, stderr))
def get_str_unsafe(self, request):
arg_port = "-p"
# bad fix - need to base decision on squid version and not on the system
if System.name() == System.WS_FREEBSD:
arg_port = "-a"
args = [
self.exe, arg_port,
str(self.port), "-h", self.host,
"mgr:%s" % request
]
(exit_code, stdout, stderr) = Command().run(args)
if exit_code == 0:
pos = stdout.find("\r\n\r\n")
if pos != -1:
stdout = stdout[pos + 4:]
return stdout
# if we got here everything failed
raise Exception(
"Command %s failed.\n\tExit Code: %d\n\tSTDOUT: %s\n\tSTDERR: %s" %
(" ".join(args), exit_code, stdout, stderr))
def categorize(self, domain):
try:
name = "categories_checker"
if System.WS_WINDOWS == System.name():
name += ".exe"
exe = os.path.join(Paths.bin_dir(), name)
arg1 = "--definitions=%s" % (os.path.join(
Paths.var_dir(), "spool", "categories", "definitions.dat"))
arg2 = "--domain=%s" % domain
(exit_code, stdout, stderr) = Command().run([exe, arg1, arg2])
if 0 == exit_code:
data = stdout.strip()
data = data.strip("]")
data = data.strip("[")
data = data.strip()
if len(data) == 0:
return []
else:
return data.split(':')
except Exception as e:
pass
return []
def run_windows(self, server):
(exit_code, stdout,
stderr) = Command().run(["nslookup", "-type=SRV", server])
# first collect only interesting lines from output
name_re = re.compile(".*svr\s*hostname\s*=\s*(.*)$", re.IGNORECASE)
port_re = re.compile(".*port\s*=\s*(.*)$", re.IGNORECASE)
# interesting entries
entries = []
for line in stdout.split('\r\n'):
match = name_re.match(line)
if match:
entries.append(match.group(1).strip())
match = port_re.match(line)
if match:
entries.append(match.group(1).strip())
servers = []
# now make servers out of entries
if len(entries) > 1:
if len(entries) >= 4:
servers.append((entries[1], entries[0]))
servers.append((entries[3], entries[2]))
else:
servers.append((entries[1], entries[0]))
return servers
def dump_device(self, name):
try:
# construct args
args = []
if System.WS_LINUX == System.name():
args = ["ip", "addr", "show", name]
elif System.WS_FREEBSD == System.name():
args = ["ifconfig", name]
else:
raise Exception(
"NetDeviceDumper::dump_device - not implemented on system '%s'"
% System.name())
# and run them
(ret, stdout, stderr) = Command().run(args)
if ret != 0:
raise Exception("Invalid exit code: %d; (%s, %s)" %
(ret, stdout, stderr))
# if we got here then it is fine
return stdout
except Exception as e:
return "ERROR: %s\n%s" % (str(e), traceback.format_exc())
def run(self):
try:
(exit_code, stdout,
stderr) = Command().run([BinaryLdap.full_path(), "--test"])
return {'exit_code': exit_code, 'stdout': stdout, 'stderr': stderr}
except Exception as e:
return {'exit_code': 1, 'stdout': '', 'stderr': str(e)}
def delete_user(self, user):
if not os.path.exists(self.htpasswd):
return
# construct args
args = [self.exe, "-D", self.htpasswd, user]
# and run the command
return Command().run(args)
def run_freebsd(self, keytab_path):
args = [self.exe, "-v", "-k", keytab_path, "list"]
(exit_code, stdout, stderr) = Command().run(args)
if exit_code != 0:
raise Exception("Cannot run command %s, error:\n%s" %
(" ".join(args), stdout + stderr))
return stdout + "\n" + stderr
def run_freebsd(self, keytab_path, spn):
# now we should also call the actual kinit to see if it can connect to the domain
args = [self.exe, "-k", "-t", keytab_path, spn]
(exit_code, stdout, stderr) = Command().run(args)
if exit_code != 0:
raise Exception("Cannot run command %s, error:\n%s" %
(" ".join(args), stdout + stderr))
return stdout + "\n" + stderr
def create_user(self, user, pasw):
# construct args
args = [self.exe, "-b"]
if not os.path.exists(self.htpasswd):
args.append("-c")
args.append(self.htpasswd)
args.append(user)
args.append(pasw)
# and run
return Command().run(args)
def as_json(self, pem):
arg1 = "--action=verify-root-certificate"
arg2 = "--input=" + pem
args = [self.exe, arg1, arg2]
# get the certificate info
(exit_code, stdout, stderr) = Command().run(args)
if exit_code == 0:
return json.loads(stdout)
# if we got here everything is bad
raise Exception(
"Command %s failed.\n\tExit Code: %d\n\tSTDOUT: %s\n\tSTDERR: %s" %
(" ".join(args), exit_code, stdout, stderr))
def dump(self, cacert):
cacert_path = os.path.join(Paths.etc_dir(), cacert)
if not os.path.isfile(cacert_path):
raise Exception("File %s does not exist or is not accessible!" %
cacert_path)
args = [self.exe, "x509", "-in", cacert_path, "-text"]
(exit_code, stdout, stderr) = Command().run(args)
if exit_code != 0:
raise Exception("Cannot run command %s, error:\n%s" %
(" ".join(args), stdout + stderr))
# if everything is fine - return the cert contents
return "%s\n%s" % (stdout, stderr)
def to_der(self, pem, der):
# run the certificate convert tool
arg1 = "--action=convert-root-certificate"
arg2 = "--input=" + pem
arg3 = "--output=" + der
args = [self.exe, arg1, arg2, arg3]
(exit_code, stdout, stderr) = Command().run(args)
if exit_code == 0:
return
# if we got here everything is bad
raise Exception(
"Command %s failed.\n\tExit Code: %d\n\tSTDOUT: %s\n\tSTDERR: %s" %
(" ".join(args), exit_code, stdout, stderr))
def get_str(self):
result = ""
try:
(exit_code, stdout, stderr) = Command().run(self.args)
if exit_code == 0:
result = stdout + stderr
else:
raise Exception(
"Command %s failed.\n\tExit Code: %d\n\tSTDOUT: %s\n\tSTDERR: %s" % (" ".join(self.args), exit_code, stdout, stderr)
)
except Exception as e:
result = str(e)
result += "\n%s\n" % traceback.format_exc()
return result
def run_linux(self, server):
(exit_code, stdout,
stderr) = Command().run(["dig", "srv", server, "+short"])
servers = []
for line in stdout.split('\n'):
output = line.split(' ')
if len(output) != 4:
continue
servers.append((output[3].strip().strip('.'), output[2]))
# we only take first two
if len(servers) >= 2:
break
return servers
def dump(self):
args = [
sys.executable, self.exe, "--server1", self.server1, "--port1",
self.port1, "--dump"
]
if self.server2:
args.extend(["--server2", self.server2, "--port2", self.port2])
if self.token:
args.extend(["--token", self.token])
(exit_code, stdout, stderr) = Command().run(args)
if exit_code == 0:
return json.loads(stdout)
# if we got here everything failed
raise Exception(
"Command %s failed.\n\tExit Code: %d\n\tSTDOUT: %s\n\tSTDERR: %s" %
(" ".join(args), exit_code, stdout, stderr))
def running_tz_str(self):
# for debug only
if System.WS_WINDOWS == System.name():
return "Europe/London"
# this is the value to return
value = ""
if System.name() == System.WS_LINUX:
# on linux we call timedatectl
args = ["timedatectl", "status", "--no-pager"]
(exit_code, stdout, stderr) = Command().run(args)
if exit_code != 0:
raise Exception("Cannot run command %s, exit code: %d, error message:\n%s" % (" ".join(args), exit_code, stdout + stderr))
for line in stdout.split('\n'):
pos = line.find(":")
if pos == -1:
continue
left = line[:pos].strip()
right = line[pos + 1:].strip()
match = re.match( r'.*time.*zone.*', line, re.M|re.I)
if match:
value = right
if System.name() == System.WS_FREEBSD:
# TODO
# on freebsd it is a little different; the /etc/localtime can be either a symlink or a copy of any file
# including one in subdirectories of /usr/share/zoneinfo. We need to first find that file and then
# parse out the zone information as folder/subfolder starting from /usr/share/zoneinfo as root, complex!
raise Exception("NOT_IMPL of FreeBSD")
return value