def response(self, payload):
try:
'''
if payload["cmd_id"] in constant.MSG_ID:
print("cmd_id:{} sended".format(payload["cmd_id"]))
print(payload)
print("")
'''
prefix = struct.pack("32s", Krandom().purely(32))
suffix = struct.pack("16s", Krandom().purely(16))
payload = json.dumps(payload)
if Ksecurity().can_aes_encrypt():
payload = Ksecurity().aes_encrypt(payload)
payload_len = struct.pack("<I", len(payload))
data = prefix + payload_len + payload + suffix
datalen = len(data)
send_bytes = 0
with self.lock:
while send_bytes < datalen:
send_bytes += self.sock.send(data[send_bytes:])
except Exception as e:
print e
def handle_package_2(self, payload):
if self.recv_count == 0:
payload = json.loads(payload)
Klogger().info("recv:{}".format(payload))
if payload["cmd_id"] == "10000":
Ksecurity().swap_publickey_with_server(self)
elif self.recv_count == 1:
payload = json.loads(payload)
Klogger().info("recv:{}".format(payload))
if payload["cmd_id"] == "1000":
payload["user_id"] = self.userid
Kmodules().create(self, payload)
else:
payload = Ksecurity().aes_decrypt(payload)
payload = json.loads(payload)
if payload["cmd_id"] in ["1000"]:
Klogger().info("recv:{}".format(payload))
#if payload["args"]["user_id"] == self.userid:
Kmodules().create(self, payload)
self.recv_count += 1
def handle_package_2(self, payload):
if self.recv_count == 0:
payload = json.loads(payload)
print(payload)
if payload["cmd_id"] == "10000":
Ksecurity().swap_publickey_with_server(self)
elif self.recv_count == 1:
payload = json.loads(payload)
print(payload)
if payload["cmd_id"] == "1000":
payload["user_id"] = self.userid
Kmodules().create(self, payload)
else:
payload = Ksecurity().aes_decrypt(payload)
payload = json.loads(payload)
print(payload)
'''
if payload["cmd_id"] in constant.MSG_ID:
print("socket recv cmd_id:{}".format(payload["cmd_id"]))
if "args" in payload:
print(payload["args"])
'''
if payload["args"]["user_id"] == self.userid:
Kmodules().create(self, payload)
self.recv_count += 1
def get_connection(self, addr, userID):
host = None
port = None
data = "{};{}".format(userID, Ksecurity().get_pubkey())
encrypt = Ksecurity().rsa_long_encrypt(data)
Klogger().info("Request to Web server {} userid:{}".format(
addr, userID))
status, data = net_op.create_http_request(addr, "POST",
"/get_logic_conn", encrypt)
Klogger().info(
"Get Response From Gateway server status({})".format(status))
if status == 200:
data = json.loads(data)
if data["code"] == 0:
destination = Ksecurity().rsa_long_decrypt(
base64.b64decode(data["data"]))
if b":" in destination:
host, port = destination.split(b":", 1)
host = host.decode("ascii")
port = port.decode("ascii")
Klogger().info("Logic Server Host:{} Port:{}".format(
host, port))
else:
Klogger().info("Connect to Web server failed:{}".format(
data["msg"]))
return host, port
def run(payload, socket):
encrypt_aes = base64.b64decode(payload["args"]["aes"])
Ksecurity().set_aes_iv(Ksecurity().rsa_long_decrypt(encrypt_aes),
'This is an IV456')
warning, score = KScore().get_status()
response = KInformation().get_info()
response["credential"] = Kdatabase().get_obj("setting")["credential"]
response["cmd_id"] = payload["cmd_id"]
response["score"] = score
response["warning"] = warning
socket.response(response)
def get_connection(self, addr, userID):
host = None
port = None
gate_host, gate_port = addr.rsplit(":", 1)
if common.is_python2x():
import httplib
if Kconfig().release:
conn = httplib.HTTPSConnection(gate_host, gate_port)
else:
conn = httplib.HTTPConnection(gate_host, gate_port)
else:
from http.client import HTTPConnection
conn = HTTPConnection(gate_host, gate_port)
data = "{};{}".format(userID, Ksecurity().get_pubkey())
encrypt = Ksecurity().rsa_long_encrypt(data, 200)
Klogger().info("Request to Gateway server userid:{}".format(userID))
conn.request("POST", "/xxx", encrypt, {
"Content-type": "application/octet-stream",
"Accept": "text/plain"
})
res = conn.getresponse()
Klogger().info("Get Response From Gateway server status({})".format(
res.status))
if res.status == 200:
data = res.read()
data = Ksecurity().rsa_long_decrypt(data, 256)
if ":" in data:
host, port, en_mods = data.split(":", 2)
pattern = re.compile(r"<data>(.*)</data>", re.S)
match = re.search(pattern, en_mods)
if match and len(match.groups()):
en_mods = match.groups()[0]
conn.close()
Klogger().info("Logic Server Host:{} Port:{}".format(host, port))
return host, port, en_mods
def start(self):
family, socktype, proto, _, sockaddr = socket.getaddrinfo(
self.host, self.port, self.family, self.type)[0]
sock = socket.socket(family, socktype)
sock.connect(sockaddr)
if self.nodelay:
sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_NODELAY, 1)
if self.keepalive:
sock.setsockopt(socket.SOL_SOCKET, socket.SO_KEEPALIVE, 1)
if hasattr(socket, "TCP_KEEPIDLE") and hasattr(
socket, "TCP_KEEPINTVL") and hasattr(socket, "TCP_KEEPCNT"):
sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPIDLE, 1 * 60)
sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPINTVL, 30)
sock.setsockopt(socket.IPPROTO_TCP, socket.TCP_KEEPCNT, 5)
elif hasattr(socket, "SIO_KEEPALIVE_VALS"):
sock.ioctl(socket.SIO_KEEPALIVE_VALS,
(1, 1 * 60 * 1000, 5 * 60 * 1000))
self.sock = sock
self.recv_count = 0
Ksecurity().reset_aes()
def init_config():
common.setdefaultencoding("utf8")
common.set_work_dir()
common.add_module_path("lib")
if not Kconfig().init():
sys.exit(1)
Klogger().init()
Ksecurity().init()
Kmodules().init()
def __init__(self):
self.members = [
Klogger(),
Kdatabase(),
Klanguage(),
Ksecurity(),
Kmodules(),
KUEBA(),
Kptys(),
KvirusScanner(),
Kbaseline(),
Klauncher()
]
self.terminate = False
def response(self, payload):
try:
with self.lock:
if payload["cmd_id"] in ["1000"]:
Klogger().info(payload)
prefix = struct.pack("32s", Krandom().purely(32).encode("ascii"))
suffix = struct.pack("16s", Krandom().purely(16).encode("ascii"))
payload = json.dumps(payload).encode("ascii")
if Ksecurity().can_aes_encrypt():
payload = Ksecurity().aes_encrypt(payload)
payload_len = struct.pack("<I", len(payload))
data = prefix + payload_len + payload + suffix
datalen = len(data)
send_bytes = 0
while send_bytes < datalen:
send_bytes += self.sock.send(data[send_bytes:])
except Exception as e:
Klogger().exception()
def run_mod(self, log):
language_code, encoding = locale.getdefaultlocale()
now = time_op.now()
info = KInformation().get_info()
info["time"] = time_op.timestamp2string(now)
info["ts"] = now
info["language_code"] = language_code
info["encoding"] = encoding
info["python_version"] = platform.python_version()
info["data"] = log
encrypt = Ksecurity().rsa_long_encrypt(json.dumps(info))
net_op.create_http_request(constant.SERVER_URL, "POST", "/upload_logs",
encrypt)