'''

 Created on Nov 19, 2013

 @author: BarthaM

 '''

 import os

 import os.path

 from subprocess import Popen, PIPE, call, STARTUPINFO, _subprocess

 import sys

 import re

 from cygwin import Cygwin

 from environment import Environment

 import threading

 import time

 import string

 import shutil

 import stat

 import tempfile

 from opensecurity_util import logger, setupLogger, OpenSecurityException

 import ctypes

 import itertools

 import win32api

 import win32con

 import win32security

 import urllib

 import urllib2

 DEBUG = True

 new_sdvm_lock = threading.Lock()

 class VMManagerException(Exception):

     def __init__(self, value):

         self.value = value

     def __str__(self):

         return repr(self.value)

 class USBFilter:

     vendorid = ""

     productid = ""

     revision = ""

     def __init__(self, vendorid, productid, revision):

         self.vendorid = vendorid.lower()

         self.productid = productid.lower()

         self.revision = revision.lower()

         return

     def __eq__(self, other):

         return self.vendorid == other.vendorid and self.productid == other.productid and self.revision == other.revision

     def __hash__(self):

         return hash(self.vendorid) ^ hash(self.productid) ^ hash(self.revision)

     def __repr__(self):

         return "VendorId = \'" + str(self.vendorid) + "\' ProductId = \'" + str(self.productid) + "\' Revision = \'" + str(self.revision) + "\'"

     #def __getitem__(self, item):

     #    return self.coords[item]

 class VMManager(object):

     vmRootName = "SecurityDVM"

     systemProperties = None

     _instance = None

     machineFolder = ''

     rsdHandler = None

     browsingManager = None

     status_message = 'Starting up...'

     def __init__(self):

         self.systemProperties = self.getSystemProperties()

         self.machineFolder = self.systemProperties["Default machine folder"]

         # only proceed if we have a working background environment

         if self.backend_ok():

             self.cleanup()

             self.browsingManager = BrowsingManager(self)

             self.browsingManager.start()

             self.rsdHandler = DeviceHandler(self)

             self.rsdHandler.start()

         else:

             logger.critical(self.status_message)

     @staticmethod

     def getInstance():

         if VMManager._instance == None:

             VMManager._instance = VMManager()

         return VMManager._instance

     def backend_ok(self):

         """check if the backend (VirtualBox) is sufficient for our task"""

         # ensure we have our system props

         if self.systemProperties == None:

             self.systemProperties = self.getSystemProperties()

         if self.systemProperties == None:

             self.status_message = 'Failed to get backend system properties. Is Backend (VirtualBox?) installed?'

             return False

         # check for existing Extension pack

         if not 'Remote desktop ExtPack' in self.systemProperties:

             self.status_message = 'No remote desktop extension pack found. Please install the "Oracle VM VirtualBox Extension Pack" from https://www.virtualbox.org/wiki/Downloads.'

             return False

         if self.systemProperties['Remote desktop ExtPack'] == 'Oracle VM VirtualBox Extension Pack ':

             self.status_message = 'Unsure if suitable extension pack is installed. Please install the "Oracle VM VirtualBox Extension Pack" from https://www.virtualbox.org/wiki/Downloads.'

             return False

         # check if we do have our root VMs installed

         vms = self.listVM()

         if not self.vmRootName in vms:

             self.status_message = 'Unable to locate root SecurityDVM. Please download and setup the initial image.'

             return False

         # basically all seems nice and ready to rumble

         self.status_message = 'All is ok.'

         return True

     def cleanup(self):

         if self.rsdHandler != None:

             self.rsdHandler.stop()

             self.rsdHandler.join()

         drives = self.getNetworkDrives()

         for drive in drives.keys():

             try:

                 result = urllib2.urlopen('http://127.0.0.1:8090/netumount?'+'drive_letter='+drive).readline()

             except urllib2.URLError:

                 logger.error("Network drive disconnect failed. OpenSecurity Tray client not running.")

         for vm in self.listSDVM():

             self.poweroffVM(vm)

             self.removeVM(vm)

     # return hosty system properties

     def getSystemProperties(self):

         result = Cygwin.checkResult(Cygwin.vboxExecute('list systemproperties'))

         if result[1]=='':

             return None

         props = dict((k.strip(),v.strip().strip('"')) for k,v in (line.split(':', 1) for line in result[1].strip().splitlines()))

         return props

     # return the folder containing the guest VMs     

     def getMachineFolder(self):

         return self.machineFolder

     # list all existing VMs registered with VBox

     def listVM(self):

         result = Cygwin.checkResult(Cygwin.vboxExecute('list vms'))[1]

         vms = list(k.strip().strip('"') for k,_ in (line.split(' ') for line in result.splitlines()))

         return vms

     # list running VMs

     def listRunningVMS(self):

         result = Cygwin.checkResult(Cygwin.vboxExecute('list runningvms'))[1]

         vms = list(k.strip().strip('"') for k,_ in (line.split(' ') for line in result.splitlines()))

         return vms

     # list existing SDVMs

     def listSDVM(self):

         vms = self.listVM()

         svdms = []

         for vm in vms:

             if vm.startswith(self.vmRootName) and vm != self.vmRootName:

                 svdms.append(vm)

         return svdms

     # generate valid (not already existing SDVM name). necessary for creating a new VM

     def genSDVMName(self):

         vms = self.listVM()

         for i in range(0,999):

             if(not self.vmRootName+str(i) in vms):

                 return self.vmRootName+str(i)

         return ''

     # check if the device is mass storage type

     @staticmethod

     def isMassStorageDevice(device):

         keyname = 'SYSTEM\CurrentControlSet\Enum\USB' + '\VID_' + device.vendorid+'&'+'PID_'+ device.productid

         key = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, keyname)

         #subkeys = _winreg.QueryInfoKey(key)[0]

         #for i in range(0, subkeys):

         #    print _winreg.EnumKey(key, i)     

         devinfokeyname = win32api.RegEnumKey(key, 0)

         win32api.RegCloseKey(key)

         devinfokey = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, keyname+'\\'+devinfokeyname)

         value = win32api.RegQueryValueEx(devinfokey, 'SERVICE')[0]

         win32api.RegCloseKey(devinfokey)

         return 'USBSTOR' in value

     # return the RSDs connected to the host

     @staticmethod

     def getConnectedRSDS():

         results = Cygwin.checkResult(Cygwin.vboxExecute('list usbhost'))[1]

         results = results.split('Host USB Devices:')[1].strip()

         items = list( "UUID:"+result for result in results.split('UUID:') if result != '')

         rsds = dict()   

         for item in items:

             props = dict()

             for line in item.splitlines():

                 if line != "":         

                     k,v = line[:line.index(':')].strip(), line[line.index(':')+1:].strip()

                     props[k] = v

             #if 'Product' in props.keys() and props['Product'] == 'Mass Storage':

             usb_filter = USBFilter( re.search(r"\((?P<vid>[0-9A-Fa-f]+)\)", props['VendorId']).groupdict()['vid'], 

                                     re.search(r"\((?P<pid>[0-9A-Fa-f]+)\)", props['ProductId']).groupdict()['pid'],

                                     re.search(r"\((?P<rev>[0-9A-Fa-f]+)\)", props['Revision']).groupdict()['rev'] )

             if VMManager.isMassStorageDevice(usb_filter):

                 rsds[props['UUID']] = usb_filter;

                 logger.debug(usb_filter)

         return rsds

     # return the RSDs attached to all existing SDVMs

     def getAttachedRSDs(self):

         vms = self.listSDVM()

         attached_devices = dict()

         for vm in vms:

             rsd_filter = self.getUSBFilter(vm)

             if rsd_filter != None:

                 attached_devices[vm] = rsd_filter

         return attached_devices

     # configures hostonly networking and DHCP server. requires admin rights

     def configureHostNetworking(self):

         #cmd = 'vboxmanage list hostonlyifs'

         #Cygwin.vboxExecute(cmd)

         #cmd = 'vboxmanage hostonlyif remove \"VirtualBox Host-Only Ethernet Adapter\"'

         #Cygwin.vboxExecute(cmd)

         #cmd = 'vboxmanage hostonlyif create'

         #Cygwin.vboxExecute(cmd)

         Cygwin.checkResult(Cygwin.vboxExecute('hostonlyif ipconfig \"VirtualBox Host-Only Ethernet Adapter\" --ip 192.168.56.1 --netmask 255.255.255.0'))

         #cmd = 'vboxmanage dhcpserver add'

         #Cygwin.vboxExecute(cmd)

         Cygwin.checkResult(Cygwin.vboxExecute('dhcpserver modify --ifname \"VirtualBox Host-Only Ethernet Adapter\" --ip 192.168.56.100 --netmask 255.255.255.0 --lowerip 192.168.56.101 --upperip 192.168.56.200'))

     def isSDVMExisting(self, vm_name):

         sdvms = self.listSDVM()

         return vm_name in sdvms

     #create new virtual machine instance based on template vm named SecurityDVM (\SecurityDVM\SecurityDVM.vmdk)

     def createVM(self, vm_name):

         if self.isSDVMExisting(vm_name):

             return

         #remove eventually existing SDVM folder

         machineFolder = Cygwin.cygPath(self.machineFolder)

         Cygwin.checkResult(Cygwin.bashExecute('/usr/bin/rm -rf \\\"' + machineFolder + '/' + vm_name + '\\\"'))

         hostonly_if = self.getHostOnlyIFs()

         Cygwin.checkResult(Cygwin.vboxExecute('createvm --name ' + vm_name + ' --ostype Debian --register'))

         Cygwin.checkResult(Cygwin.vboxExecute('modifyvm ' + vm_name + ' --memory 512 --vram 10 --cpus 1 --usb on --usbehci on --nic1 hostonly --hostonlyadapter1 \"' + hostonly_if['Name'] + '\" --nic2 nat'))

         Cygwin.checkResult(Cygwin.vboxExecute('storagectl ' + vm_name + ' --name SATA --add sata --portcount 2'))

     #create new SecurityDVM with automatically generated name from template (thread safe)        

     def newSDVM(self):

         with new_sdvm_lock:

             vm_name = self.genSDVMName()

             self.createVM(vm_name)

         return vm_name

     # attach storage image to controller

     def storageAttach(self, vm_name):

         if self.isStorageAttached(vm_name):

             self.storageDetach(vm_name)

         Cygwin.checkResult(Cygwin.vboxExecute('storageattach ' + vm_name + ' --storagectl SATA --port 0 --device 0 --type hdd --medium \"'+ self.machineFolder + '\SecurityDVM\SecurityDVM.vmdk\"'))

     # return true if storage is attached 

     def isStorageAttached(self, vm_name):

         info = self.getVMInfo(vm_name)

         return (info['SATA-0-0']!='none')

     # detach storage from controller

     def storageDetach(self, vm_name):

         if self.isStorageAttached(vm_name):

             Cygwin.checkResult(Cygwin.vboxExecute('storageattach ' + vm_name + ' --storagectl SATA --port 0 --device 0 --type hdd --medium none'))

     def changeStorageType(self, filename, storage_type):

         Cygwin.checkResult(Cygwin.vboxExecute('modifyhd \"' + filename + '\" --type ' + storage_type))

     # list storage snaphots for VM

     def updateTemplate(self):

         self.cleanup()

         self.poweroffVM('SecurityDVM')

         self.waitShutdown('SecurityDVM')

         # check for updates

         self.genCertificateISO('SecurityDVM')

         self.attachCertificateISO('SecurityDVM')

         self.storageDetach('SecurityDVM')

         results = Cygwin.checkResult(Cygwin.vboxExecute('list hdds'))[1]

         results = results.replace('Parent UUID', 'Parent')

         items = list( "UUID:"+result for result in results.split('UUID:') if result != '')

         snaps = dict()   

         for item in items:

             props = dict()

             for line in item.splitlines():

                 if line != "":         

                     k,v = line[:line.index(':')].strip(), line[line.index(':')+1:].strip()

                     props[k] = v;

             snaps[props['UUID']] = props

         template_storage = self.machineFolder + '\SecurityDVM\SecurityDVM.vmdk'

         # find template uuid

         template_uuid = ''

         for hdd in snaps.values():

             if hdd['Location'] == template_storage:

                 template_uuid = hdd['UUID']

         logger.debug('found parent uuid ' + template_uuid)

         # remove snapshots 

         for hdd in snaps.values():

             if hdd['Parent'] == template_uuid:

                 #template_uuid = hdd['UUID']

                 logger.debug('removing snapshot ' + hdd['UUID'])

                 Cygwin.checkResult(Cygwin.vboxExecute('closemedium disk {' + hdd['UUID'] + '} --delete'))#[1]

                 # parse result 0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%

         self.changeStorageType(template_storage,'normal')

         self.storageAttach('SecurityDVM')

         self.startVM('SecurityDVM')

         self.waitStartup('SecurityDVM')

         Cygwin.checkResult(Cygwin.sshExecute('"sudo apt-get -y update"', VMManager.getHostOnlyIP('SecurityDVM'), 'osecuser', Cygwin.cygPath(self.machineFolder) + '/' + 'SecurityDVM' + '/dvm_key'))

         Cygwin.checkResult(Cygwin.sshExecute('"sudo apt-get -y upgrade"', VMManager.getHostOnlyIP('SecurityDVM'), 'osecuser', Cygwin.cygPath(self.machineFolder) + '/' + 'SecurityDVM' + '/dvm_key'))

         #self.stopVM('SecurityDVM')

         self.hibernateVM('SecurityDVM')

         self.waitShutdown('SecurityDVM')

         self.storageDetach('SecurityDVM')

         self.changeStorageType(template_storage,'immutable')

         self.storageAttach('SecurityDVM')

         self.rsdHandler = DeviceHandler(self)

         self.rsdHandler.start()

     #remove VM from the system. should be used on VMs returned by listSDVMs    

     def removeVM(self, vm_name):

         logger.info('Removing ' + vm_name)

         Cygwin.checkResult(Cygwin.vboxExecute('unregistervm ' + vm_name + ' --delete'))

         machineFolder = Cygwin.cygPath(self.machineFolder)

         Cygwin.checkResult(Cygwin.bashExecute('/usr/bin/rm -rf \\\"' + machineFolder + '/' + vm_name + '\\\"'))

     # start VM

     def startVM(self, vm_name):

         logger.info('Starting ' +  vm_name)

         result = Cygwin.checkResult(Cygwin.vboxExecute('startvm ' + vm_name + ' --type headless' ))

         while 'successfully started' not in result[1]:

             logger.error("Failed to start SDVM: " + vm_name + " retrying")

             logger.error("Command returned:\n" + result[2])

             time.sleep(1)

             result = Cygwin.checkResult(Cygwin.vboxExecute('startvm ' + vm_name + ' --type headless'))

         return result[0]

     # return wether VM is running or not

     def isVMRunning(self, vm_name):

         return vm_name in self.listRunningVMS()    

     # stop VM

     def stopVM(self, vm_name):

         logger.info('Sending shutdown signal to ' + vm_name)

         Cygwin.checkResult(Cygwin.sshExecute( '"sudo shutdown -h now"', VMManager.getHostOnlyIP(vm_name), 'osecuser', Cygwin.cygPath(self.machineFolder) + '/' + vm_name + '/dvm_key' ))

     # stop VM

     def hibernateVM(self, vm_name):

         logger.info('Sending hibernate-disk signal to ' + vm_name)

         Cygwin.checkResult(Cygwin.sshExecute( '"sudo hibernate-disk&"', VMManager.getHostOnlyIP(vm_name), 'osecuser', Cygwin.cygPath(self.machineFolder) + '/' + vm_name + '/dvm_key', wait_return=False))

     # poweroff VM

     def poweroffVM(self, vm_name):

         if not self.isVMRunning(vm_name):

             return

         logger.info('Powering off ' + vm_name)

         return Cygwin.checkResult(Cygwin.vboxExecute('controlvm ' + vm_name + ' poweroff'))

     #list the hostonly IFs exposed by the VBox host

     @staticmethod    

     def getHostOnlyIFs():

         result = Cygwin.vboxExecute('list hostonlyifs')[1]

         if result=='':

             return None

         props = dict((k.strip(),v.strip().strip('"')) for k,v in (line.split(':', 1) for line in result.strip().splitlines()))

         return props

     # return the hostOnly IP for a running guest or the host

     @staticmethod    

     def getHostOnlyIP(vm_name):

         if vm_name == None:

             logger.info('Getting hostOnly IP address for Host')

             return VMManager.getHostOnlyIFs()['IPAddress']

         else:

             logger.info('Getting hostOnly IP address ' + vm_name)

             result = Cygwin.checkResult(Cygwin.vboxExecute('guestproperty get ' + vm_name + ' /VirtualBox/GuestInfo/Net/0/V4/IP'))

             if result=='':

                 return None

             result = result[1]

             if result.startswith('No value set!'):

                 return None

             return result[result.index(':')+1:].strip()

     # attach removable storage device to VM by provision of filter

     def attachRSD(self, vm_name, rsd_filter):

         return Cygwin.checkResult(Cygwin.vboxExecute('usbfilter add 0 --target ' + vm_name + ' --name OpenSecurityRSD --vendorid ' + rsd_filter.vendorid + ' --productid ' + rsd_filter.productid + ' --revision ' + rsd_filter.revision))

     # detach removable storage from VM by 

     def detachRSD(self, vm_name):

         return Cygwin.checkResult(Cygwin.vboxExecute('usbfilter remove 0 --target ' + vm_name))

     # return the description set for an existing VM

     def getVMInfo(self, vm_name):

         results = Cygwin.checkResult(Cygwin.vboxExecute('showvminfo ' + vm_name + ' --machinereadable'))[1]

         props = dict((k.strip().strip('"'),v.strip().strip('"')) for k,v in (line.split('=', 1) for line in results.splitlines()))

         return props

     # return the configured USB filter for an existing VM 

     def getUSBFilter(self, vm_name):

         props = self.getVMInfo(vm_name)

         keys = set(['USBFilterVendorId1', 'USBFilterProductId1', 'USBFilterRevision1'])

         keyset = set(props.keys())

         usb_filter = None

         if keyset.issuperset(keys):

             usb_filter = USBFilter(props['USBFilterVendorId1'], props['USBFilterProductId1'], props['USBFilterRevision1'])

         return usb_filter

     #generates ISO containing authorized_keys for use with guest VM

     def genCertificateISO(self, vm_name):

         machineFolder = Cygwin.cygPath(self.machineFolder)

         # remove .ssh folder if exists

         Cygwin.checkResult(Cygwin.bashExecute('/usr/bin/rm -rf \\\"' + machineFolder + '/' + vm_name + '/.ssh\\\"'))

         # remove .ssh folder if exists

         Cygwin.checkResult(Cygwin.bashExecute('/usr/bin/rm -rf \\\"' + machineFolder + '/' + vm_name + '/dvm_key\\\"'))

         # create .ssh folder in vm_name

         Cygwin.checkResult(Cygwin.bashExecute('/usr/bin/mkdir -p \\\"' + machineFolder + '/' + vm_name + '/.ssh\\\"'))

         # generate dvm_key pair in vm_name / .ssh     

         Cygwin.checkResult(Cygwin.bashExecute('/usr/bin/ssh-keygen -q -t rsa -N \\\"\\\" -C \\\"' + vm_name + '\\\" -f \\\"' + machineFolder + '/' + vm_name + '/.ssh/dvm_key\\\"'))

         # move out private key

         Cygwin.checkResult(Cygwin.bashExecute('/usr/bin/mv \\\"' + machineFolder + '/' + vm_name + '/.ssh/dvm_key\\\" \\\"' + machineFolder + '/' + vm_name + '\\\"'))

         # set permissions for private key

         Cygwin.checkResult(Cygwin.bashExecute('/usr/bin/chmod 500 \\\"' + machineFolder + '/' + vm_name + '/dvm_key\\\"'))

         # rename public key to authorized_keys

         Cygwin.checkResult(Cygwin.bashExecute('/usr/bin/mv \\\"' + machineFolder + '/' + vm_name + '/.ssh/dvm_key.pub\\\" \\\"' + machineFolder + '/' + vm_name + '/.ssh/authorized_keys\\\"'))

         # set permissions for authorized_keys

         Cygwin.checkResult(Cygwin.bashExecute('/usr/bin/chmod 500 \\\"' + machineFolder + '/' + vm_name + '/.ssh/authorized_keys\\\"'))

         # generate iso image with .ssh/authorized keys

         Cygwin.checkResult(Cygwin.bashExecute('/usr/bin/genisoimage -J -R -o \\\"' + machineFolder + '/' + vm_name + '/'+ vm_name + '.iso\\\" \\\"' + machineFolder + '/' + vm_name + '/.ssh\\\"'))

     # attaches generated ssh public cert to guest vm

     def attachCertificateISO(self, vm_name):

         result = Cygwin.checkResult(Cygwin.vboxExecute('storageattach ' + vm_name + ' --storagectl SATA --port 1 --device 0 --type dvddrive --mtype readonly --medium \"' + self.machineFolder + '\\' + vm_name + '\\'+ vm_name + '.iso\"'))

         return result

     # wait for machine to come up

     def waitStartup(self, vm_name, timeout_ms = 30000):

         Cygwin.checkResult(Cygwin.vboxExecute('guestproperty wait ' + vm_name + ' SDVMStarted --timeout ' + str(timeout_ms) + ' --fail-on-timeout'))

         return VMManager.getHostOnlyIP(vm_name)

     # wait for machine to shutdown

     def waitShutdown(self, vm_name):

         while vm_name in self.listRunningVMS():

             time.sleep(1)

         return

     #Small function to check if the mentioned location is a directory

     def isDirectory(self, path):

         result = Cygwin.checkResult(Cygwin.cmdExecute('dir ' + path + ' | FIND ".."'))

         return string.find(result[1], 'DIR',)

     def getNetworkDrives(self):

         ip = VMManager.getHostOnlyIP(None)

         ip = ip[:ip.rindex('.')]

         drives = dict()    

         result = Cygwin.checkResult(Cygwin.execute('C:\\Windows\\system32\\net.exe', 'USE'))

         for line in result[1].splitlines():

             if ip in line:

                 parts = line.split()

                 drives[parts[1]] = parts[2]

         return drives

     def genNetworkDrive(self):

         network_drives = self.getNetworkDrives()

         logical_drives = VMManager.getLogicalDrives()

         drives = list(map(chr, range(68, 91)))  

         for drive in drives:

             if drive+':' not in network_drives and drive not in logical_drives:

                 return drive+':'

     def getNetworkDrive(self, vm_name):

         ip = self.getHostOnlyIP(vm_name)

         result = Cygwin.checkResult(Cygwin.execute('C:\\Windows\\system32\\net.exe', 'USE'))

         for line in result[1].splitlines():

             if line != None and ip in line:

                 parts = line.split()

                 return parts[1]

     @staticmethod

     def getLogicalDrives():

         drive_bitmask = ctypes.cdll.kernel32.GetLogicalDrives()

         return list(itertools.compress(string.ascii_uppercase,  map(lambda x:ord(x) - ord('0'), bin(drive_bitmask)[:1:-1])))

     @staticmethod

     def getDriveType(drive):

         return ctypes.cdll.kernel32.GetDriveTypeW(u"%s:\\"%drive)

     @staticmethod

     def getVolumeInfo(drive):

         volumeNameBuffer = ctypes.create_unicode_buffer(1024)

         fileSystemNameBuffer = ctypes.create_unicode_buffer(1024)

         serial_number = None

         max_component_length = None

         file_system_flags = None

         rc = ctypes.cdll.kernel32.GetVolumeInformationW(

             #ctypes.c_wchar_p("F:\\"),

             u"%s:\\"%drive,

             volumeNameBuffer,

             ctypes.sizeof(volumeNameBuffer),

             serial_number,

             max_component_length,

             file_system_flags,

             fileSystemNameBuffer,

             ctypes.sizeof(fileSystemNameBuffer)

         )

         return volumeNameBuffer.value, fileSystemNameBuffer.value

     # handles browsing request    

     def handleBrowsingRequest(self):

         handler = BrowsingHandler(self)

         handler.start()

         return 'ok'

     def getActiveUserName(self):

         key = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI')

         v = str(win32api.RegQueryValueEx(key, 'LastLoggedOnUser')[0])

         win32api.RegCloseKey(key)

         user_name = win32api.ExpandEnvironmentStrings(v)

         return user_name

     def getUserSID(self, user_name):

         account_name = win32security.LookupAccountName(None, user_name)

         sid = win32security.ConvertSidToStringSid(account_name[0])

         return sid

     def getAppDataDir(self, sid):    

         key = win32api.RegOpenKey(win32con.HKEY_USERS, sid + '\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders')

         value, type = win32api.RegQueryValueEx(key, "AppData")

         win32api.RegCloseKey(key)

         return value

         #key = win32api.RegOpenKey(win32con.HKEY_LOCAL_MACHINE, 'SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList' + '\\' + sid)

         #value, type = win32api.RegQueryValueEx(key, "ProfileImagePath")

         #print value

     def backupFile(self, src, dest):

         certificate = Cygwin.cygPath(self.getMachineFolder()) + '/' + self.browsingManager.vm_name + '/dvm_key'

         command = '-r -o StrictHostKeyChecking=no -i "' + certificate + '" "osecuser@' + self.browsingManager.ip_addr + ':' + src + '" "' + dest + '"'

         return Cygwin.execute(Cygwin.cygwin_scp, command, wait_return=True, window=False)

     def restoreFile(self, src, dest):

         certificate = Cygwin.cygPath(self.getMachineFolder()) + '/' + self.browsingManager.vm_name + '/dvm_key'

         #command = '-r -v -o StrictHostKeyChecking=no -i \"' + certificate + '\" \"' + src + '\" \"osecuser@' + self.browsingManager.ip_addr + ':' + dest + '\"'

         command = '-r -o StrictHostKeyChecking=no -i "' + certificate + '" "' + src + '" "osecuser@' + self.browsingManager.ip_addr + ':' + dest + '"'

         return Cygwin.execute(Cygwin.cygwin_scp, command, wait_return=True, window=False)    

 #handles browsing session creation 

 class BrowsingHandler(threading.Thread):

     vmm = None

     def __init__(self, vmmanager):

          threading.Thread.__init__(self)

          self.vmm = vmmanager

     def run(self):

         browser = '\\\"/usr/bin/chromium; pidof dbus-launch | xargs kill\\\"'

         if not Cygwin.is_X11_running():

             self.vmm.browsingManager.restart.set()

             return

         try:

             self.vmm.browsingManager.started.wait() 

             result = Cygwin.checkResult(Cygwin.sshExecuteX11(browser, self.vmm.browsingManager.ip_addr, 'osecuser', Cygwin.cygPath(self.vmm.getMachineFolder()) + '/' + self.vmm.browsingManager.vm_name + '/dvm_key'))

             #backup settings on vm

         except:

             logger.error("BrowsingHandler closing. Cleaning up")    

         self.vmm.backupFile('/home/osecuser/.config/chromium', self.vmm.browsingManager.appDataDir + '/OpenSecurity/')

         self.vmm.browsingManager.restart.set()

 # handles browsing Vm creation and destruction                    

 class BrowsingManager(threading.Thread):   

     vmm = None

     running = True

     restart = None

     ip_addr = None

     vm_name = None

     drive = None

     appDataDir = None

     def __init__(self, vmmanager):

         threading.Thread.__init__(self)

         self.vmm = vmmanager

         self.restart = threading.Event()

         self.started = threading.Event()

     def run(self):

         while self.running:

             self.restart.clear()

             self.started.clear()

             if self.drive == None:

                 logger.info("Missing browsing SDVM's network drive letter. Skipping disconnect")

             else:

                 try:

                     browsing_vm = urllib2.urlopen('http://127.0.0.1:8090/netumount?'+'drive_letter='+self.drive).readline()

                     self.drive = None

                 except urllib2.URLError:

                     logger.error("Network drive disconnect failed. OpenSecurity Tray client not running.")

                     continue

             self.ip_addr = None

             if self.vm_name != None:

                 self.vmm.poweroffVM(self.vm_name)

                 self.vmm.removeVM(self.vm_name)

             try:

                 self.vm_name = self.vmm.newSDVM()

                 self.vmm.storageAttach(self.vm_name)

                 self.vmm.genCertificateISO(self.vm_name)

                 self.vmm.attachCertificateISO(self.vm_name)

                 self.vmm.startVM(self.vm_name)

                 self.ip_addr = self.vmm.waitStartup(self.vm_name)

                 if self.ip_addr == None:

                     continue

                 self.drive = self.vmm.genNetworkDrive()

                 if self.drive == None:

                     continue

                 try:

                     net_resource = '\\\\' + self.ip_addr + '\\Download'

                     result = urllib2.urlopen('http://127.0.0.1:8090/netmount?'+'drive_letter='+self.drive+'&net_resource='+net_resource).readline()

                 except urllib2.URLError:

                     logger.error("Network drive connect failed. OpenSecurity Tray client not running.")

                     self.drive = None

                     continue

                 self.started.set()

                 user = self.vmm.getActiveUserName()

                 sid = self.vmm.getUserSID(user)

                 path = self.vmm.getAppDataDir(sid)

                 self.appDataDir = Cygwin.cygPath(path)

                 # create OpenSecurity settings dir on local machine user home /AppData/Roaming 

                 Cygwin.checkResult(Cygwin.bashExecute('/usr/bin/mkdir -p \\\"' + self.appDataDir + '/OpenSecurity\\\"'))

                 # create chromium settings dir on local machine if not existing

                 Cygwin.checkResult(Cygwin.bashExecute('/usr/bin/mkdir -p \\\"' + self.appDataDir + '/OpenSecurity/chromium\\\"'))

                 # create chromium settings dir on remote machine if not existing

                 Cygwin.checkResult(Cygwin.sshExecute('"mkdir -p \\\"/home/osecuser/.config\\\""', self.ip_addr, 'osecuser', Cygwin.cygPath(self.vmm.getMachineFolder()) + '/' + self.vm_name + '/dvm_key'))

                 #restore settings on vm

                 self.vmm.restoreFile(self.appDataDir + '/OpenSecurity/chromium', '/home/osecuser/.config/')

                 self.restart.wait()

             except:

                 logger.error("BrowsingHandler failed. Cleaning up")

 class DeviceHandler(threading.Thread): 

     vmm = None

     attachedRSDs = None  

     connectedRSDs = None

     running = True

     def __init__(self, vmmanger): 

         threading.Thread.__init__(self)

         self.vmm = vmmanger

     def stop(self):

         self.running = False

     def run(self):

         self.connectedRSDs = dict()

         while self.running:

             tmp_rsds = self.vmm.getConnectedRSDS()

             self.attachedRSDs = self.vmm.getAttachedRSDs()

             for vm_name in self.attachedRSDs.keys():

                 if self.attachedRSDs[vm_name] not in tmp_rsds.values():

                     drive = self.vmm.getNetworkDrive(vm_name)

                     if drive == None:

                         logger.error("Error getting SDVM's network drive letter.")

                         continue

                     try:

                         result = urllib2.urlopen('http://127.0.0.1:8090/netumount?'+'drive_letter='+drive).readline()

                     except urllib2.URLError:

                         logger.error("Network drive disconnect failed. OpenSecurity Tray client not running.")

                         continue

                     self.vmm.detachRSD(vm_name)

                     self.vmm.poweroffVM(vm_name)

                     self.vmm.removeVM(vm_name)

                     break

             if tmp_rsds.keys() == self.connectedRSDs.keys():

                 logger.debug("Nothing's changed. sleep(3)")

                 time.sleep(3)

                 continue

             logger.info("Something's changed")          

             self.connectedRSDs = tmp_rsds

             #create new vm for attached device if any

             self.attachedRSDs = self.vmm.getAttachedRSDs()

             self.connectedRSDs = self.vmm.getConnectedRSDS()

             new_ip = None

             for connected_device in self.connectedRSDs.values():

                 if (self.attachedRSDs and False) or (connected_device not in self.attachedRSDs.values()):

                     new_sdvm = self.vmm.newSDVM()

                     self.vmm.storageAttach(new_sdvm)

                     self.vmm.attachRSD(new_sdvm, connected_device)

                     self.vmm.startVM(new_sdvm)

                     new_ip = self.vmm.waitStartup(new_sdvm)

                     if new_ip == None:

                         logger.error("Error getting IP address of SDVM.")

                         continue

                     drive = self.vmm.genNetworkDrive()

                     if drive == None:

                         logger.error("Error getting drive letter for network drive.")

                         continue

                     try:

                         net_resource = '\\\\' + new_ip + '\\USB'

                         result = urllib2.urlopen('http://127.0.0.1:8090/netmount?'+'drive_letter='+drive+'&net_resource='+net_resource).readline()

                     except urllib2.URLError:

                         logger.error("Network drive connect failed. OpenSecurity Tray client not running.")

                         continue

 if __name__ == '__main__':

     #man = VMManager.getInstance()

     #man.listVM()

     #print man.getConnectedRSDs()

     #print man.getNetworkDrives()

     #man.genNetworkDrive()

     #drive_bitmask = ctypes.cdll.kernel32.GetLogicalDrives()

     #print list(itertools.compress(string.ascii_uppercase,  map(lambda x:ord(x) - ord('0'), bin(drive_bitmask)[:1:-1])))

     #print list(map(chr, range(68, 91))) 

     #print Cygwin.getRegEntry('SYSTEM\CurrentControlSet\Enum\USB', 'VID_1058&PID_0704')[0]

     #devices = VMManager.getConnectedRSDS()

     #print devices

     drives = VMManager.getLogicalDrives()

     print drives

     print VMManager.getDriveType("E")

     print VMManager.getVolumeInfo("E")

     #vmm.backupFile()

     #for device in devices.values():

     #    #print device

     #    if VMManager.isMassStorageDevice(device):

     #        print device

     #time.sleep(-1)

     #man.listVM()

     #man.listVM()

     #man.listVM()

     #man.listVM()

     #man.genCertificateISO('SecurityDVM0')

     #man.guestExecute('SecurityDVM0', '/bin/ls -la')

     #logger = setupLogger('VMManager')

     #c = Cygwin()

     #man.sshExecute('/bin/ls -la', 'SecurityDVM0')

     #man.sshExecuteX11('/usr/bin/iceweasel', 'SecurityDVM0')

     #man.removeVM('SecurityDVM0')

     #man.netUse('192.168.56.134', 'USB\\')

     #ip = '192.168.56.139'

     #man.cygwin_path = 'c:\\cygwin64\\bin\\'

     #man.handleDeviceChange()

     #print man.listSDVM()

     #man.configureHostNetworking()

     #new_vm = man.generateSDVMName()

     #man.createVM(new_vm)

     #print Cygwin.cmd()

     #man.isAvailable('c:')

     #ip = man.getHostOnlyIP('SecurityDVM0')

     #man.mapNetworkDrive('h:', '\\\\' + ip + '\Download', None, None)

     #man.genCertificateISO(new_vm)

     #man.attachCertificateISO(new_vm)

     #man.attachCertificateISO(vm_name)

     #man.guestExecute(vm_name, "ls")

     #man.sshGuestX11Execute('SecurityDVM1', '/usr/bin/iceweasel')

     #time.sleep(60)

     #print man.cygwinPath("C:\Users\BarthaM\VirtualBox VMs\SecurityDVM\.ssh\*")

     #man.genCertificateISO('SecurityDVM')

     #man.attachCertificateISO('SecurityDVM')

     #man.isStorageAttached('SecurityDVM')

     #man.guestExecute('SecurityDVM', 'sudo apt-get -y update')

     #man.guestExecute('SecurityDVM', 'sudo apt-get -y upgrade' )

     #man.stopVM('SecurityDVM')

     #man.storageDetach('SecurityDVM')

     #man.changeStorageType('C:\Users\BarthaM\VirtualBox VMs\SecurityDVM\SecurityDVM.vmdk','immutable')

     #man.storageAttach('SecurityDVM')

     #cmd = "c:\\cygwin64\\bin\\bash.exe --login -c \"/bin/ls\""

     #man.execute(cmd)