author | Edouard Tisserant <edouard@beremiz.fr> |
Wed, 13 Nov 2024 14:42:34 +0100 | |
changeset 4049 | 80fc760d4a4a |
parent 3884 | 34da877021d5 |
permissions | -rw-r--r-- |
3750
f62625418bff
automated conversion using 2to3-3.9 tool
GP Orcullo <kinsamanka@gmail.com>
parents:
2542
diff
changeset
|
1 |
|
f62625418bff
automated conversion using 2to3-3.9 tool
GP Orcullo <kinsamanka@gmail.com>
parents:
2542
diff
changeset
|
2 |
|
2321
0a3103cd825d
Small cosmetic change to enhance readability and avoid confusion.
Edouard Tisserant
parents:
diff
changeset
|
3 |
import os |
3848
91da73c3df61
Addapt to Py3.11.5 in Stunnel.py
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
3750
diff
changeset
|
4 |
from binascii import b2a_base64 |
2339
48b4eba13064
IDManager : refactored a bit, moved some code into PSKManagement.py. Now captures URI and PSK on new PYRO(S) and propose them when editing URI. Import/export still to be implemented.
Edouard Tisserant
parents:
2328
diff
changeset
|
5 |
try: |
48b4eba13064
IDManager : refactored a bit, moved some code into PSKManagement.py. Now captures URI and PSK on new PYRO(S) and propose them when editing URI. Import/export still to be implemented.
Edouard Tisserant
parents:
2328
diff
changeset
|
6 |
from runtime.spawn_subprocess import call |
48b4eba13064
IDManager : refactored a bit, moved some code into PSKManagement.py. Now captures URI and PSK on new PYRO(S) and propose them when editing URI. Import/export still to be implemented.
Edouard Tisserant
parents:
2328
diff
changeset
|
7 |
except ImportError: |
48b4eba13064
IDManager : refactored a bit, moved some code into PSKManagement.py. Now captures URI and PSK on new PYRO(S) and propose them when editing URI. Import/export still to be implemented.
Edouard Tisserant
parents:
2328
diff
changeset
|
8 |
from subprocess import call |
2321
0a3103cd825d
Small cosmetic change to enhance readability and avoid confusion.
Edouard Tisserant
parents:
diff
changeset
|
9 |
|
2492
7dd551ac2fa0
check_sources.sh makes me become even less productive
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
2339
diff
changeset
|
10 |
restart_stunnel_cmdline = ["/etc/init.d/S50stunnel", "restart"] |
2321
0a3103cd825d
Small cosmetic change to enhance readability and avoid confusion.
Edouard Tisserant
parents:
diff
changeset
|
11 |
|
2324
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
12 |
_PSKpath = None |
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
13 |
|
2492
7dd551ac2fa0
check_sources.sh makes me become even less productive
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
2339
diff
changeset
|
14 |
|
2542
a3ec35ee94e7
Fix crash in runtime if PSK secret is missing
Andrey Skvortsov <andrej.skvortzov@gmail.com>
parents:
2492
diff
changeset
|
15 |
def restartStunnel(): |
a3ec35ee94e7
Fix crash in runtime if PSK secret is missing
Andrey Skvortsov <andrej.skvortzov@gmail.com>
parents:
2492
diff
changeset
|
16 |
""" |
a3ec35ee94e7
Fix crash in runtime if PSK secret is missing
Andrey Skvortsov <andrej.skvortzov@gmail.com>
parents:
2492
diff
changeset
|
17 |
Restart stunnel service using SysV init stript |
a3ec35ee94e7
Fix crash in runtime if PSK secret is missing
Andrey Skvortsov <andrej.skvortzov@gmail.com>
parents:
2492
diff
changeset
|
18 |
to apply new generated credentials |
a3ec35ee94e7
Fix crash in runtime if PSK secret is missing
Andrey Skvortsov <andrej.skvortzov@gmail.com>
parents:
2492
diff
changeset
|
19 |
""" |
a3ec35ee94e7
Fix crash in runtime if PSK secret is missing
Andrey Skvortsov <andrej.skvortzov@gmail.com>
parents:
2492
diff
changeset
|
20 |
try: |
a3ec35ee94e7
Fix crash in runtime if PSK secret is missing
Andrey Skvortsov <andrej.skvortzov@gmail.com>
parents:
2492
diff
changeset
|
21 |
call(restart_stunnel_cmdline) |
a3ec35ee94e7
Fix crash in runtime if PSK secret is missing
Andrey Skvortsov <andrej.skvortzov@gmail.com>
parents:
2492
diff
changeset
|
22 |
except OSError: |
a3ec35ee94e7
Fix crash in runtime if PSK secret is missing
Andrey Skvortsov <andrej.skvortzov@gmail.com>
parents:
2492
diff
changeset
|
23 |
print(_("Couldn't restart stunnel service")) |
a3ec35ee94e7
Fix crash in runtime if PSK secret is missing
Andrey Skvortsov <andrej.skvortzov@gmail.com>
parents:
2492
diff
changeset
|
24 |
|
a3ec35ee94e7
Fix crash in runtime if PSK secret is missing
Andrey Skvortsov <andrej.skvortzov@gmail.com>
parents:
2492
diff
changeset
|
25 |
|
2324
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
26 |
def PSKgen(ID, PSKpath): |
2323
33a0dbabccd3
Runtime : Ensure that a random PSK secret compatible with stunnel is generated if -s commandline switch is used. Stunnel service is restarted after generation, using spawn_subprocess. TODO : give stunnel restart command as a commandline parameter.
Edouard Tisserant
parents:
2321
diff
changeset
|
27 |
|
3848
91da73c3df61
Addapt to Py3.11.5 in Stunnel.py
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
3750
diff
changeset
|
28 |
# secret string length is 256 |
91da73c3df61
Addapt to Py3.11.5 in Stunnel.py
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
3750
diff
changeset
|
29 |
# b2a_base64 output len is 4/3 input len |
2492
7dd551ac2fa0
check_sources.sh makes me become even less productive
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
2339
diff
changeset
|
30 |
secret = os.urandom(192) # int(256/1.3333) |
3848
91da73c3df61
Addapt to Py3.11.5 in Stunnel.py
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
3750
diff
changeset
|
31 |
secretstring = b2a_base64(secret) |
2323
33a0dbabccd3
Runtime : Ensure that a random PSK secret compatible with stunnel is generated if -s commandline switch is used. Stunnel service is restarted after generation, using spawn_subprocess. TODO : give stunnel restart command as a commandline parameter.
Edouard Tisserant
parents:
2321
diff
changeset
|
32 |
|
2324
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
33 |
PSKstring = ID+":"+secretstring |
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
34 |
with open(PSKpath, 'w') as f: |
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
35 |
f.write(PSKstring) |
2542
a3ec35ee94e7
Fix crash in runtime if PSK secret is missing
Andrey Skvortsov <andrej.skvortzov@gmail.com>
parents:
2492
diff
changeset
|
36 |
restartStunnel() |
2321
0a3103cd825d
Small cosmetic change to enhance readability and avoid confusion.
Edouard Tisserant
parents:
diff
changeset
|
37 |
|
2492
7dd551ac2fa0
check_sources.sh makes me become even less productive
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
2339
diff
changeset
|
38 |
|
2324
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
39 |
def ensurePSK(ID, PSKpath): |
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
40 |
global _PSKpath |
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
41 |
_PSKpath = PSKpath |
2321
0a3103cd825d
Small cosmetic change to enhance readability and avoid confusion.
Edouard Tisserant
parents:
diff
changeset
|
42 |
# check if already there |
2324
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
43 |
if not os.path.exists(PSKpath): |
2321
0a3103cd825d
Small cosmetic change to enhance readability and avoid confusion.
Edouard Tisserant
parents:
diff
changeset
|
44 |
# create if needed |
2324
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
45 |
PSKgen(ID, PSKpath) |
2321
0a3103cd825d
Small cosmetic change to enhance readability and avoid confusion.
Edouard Tisserant
parents:
diff
changeset
|
46 |
|
2492
7dd551ac2fa0
check_sources.sh makes me become even less productive
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
2339
diff
changeset
|
47 |
|
7dd551ac2fa0
check_sources.sh makes me become even less productive
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
2339
diff
changeset
|
48 |
def getPSKID(errorlog): |
7dd551ac2fa0
check_sources.sh makes me become even less productive
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
2339
diff
changeset
|
49 |
if _PSKpath is not None: |
2324
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
50 |
if not os.path.exists(_PSKpath): |
2492
7dd551ac2fa0
check_sources.sh makes me become even less productive
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
2339
diff
changeset
|
51 |
errorlog( |
2324
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
52 |
'Error: Pre-Shared-Key Secret in %s is missing!\n' % _PSKpath) |
3884
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
3848
diff
changeset
|
53 |
return ("","") |
2492
7dd551ac2fa0
check_sources.sh makes me become even less productive
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
2339
diff
changeset
|
54 |
ID, _sep, PSK = open(_PSKpath).read().partition(':') |
2324
1cf3768ebf85
Automatically get PSK and ID when connecting to PYRO[S], so that future connection through PYROS can use that same key. Also fixed case to UPPER for *PSK.
Edouard Tisserant
parents:
2323
diff
changeset
|
55 |
PSK = PSK.rstrip('\n\r') |
2492
7dd551ac2fa0
check_sources.sh makes me become even less productive
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
2339
diff
changeset
|
56 |
return (ID, PSK) |
3884
34da877021d5
Replace PYRO with ERPC. Work In Progress.
Edouard Tisserant <edouard.tisserant@gmail.com>
parents:
3848
diff
changeset
|
57 |
return ("","") |