1.1 --- a/OpenSecurity/bin/launch.pyw Wed Dec 11 14:34:19 2013 +0100
1.2 +++ b/OpenSecurity/bin/launch.pyw Wed Dec 11 14:49:34 2013 +0100
1.3 @@ -36,7 +36,6 @@
1.4 import os
1.5 import subprocess
1.6 import sys
1.7 -import urllib
1.8 import urllib2
1.9
1.10 from PyQt4 import QtCore
1.11 @@ -68,7 +67,8 @@
1.12 size = self.geometry()
1.13 self.move((screen.width() - size.width()) / 2, (screen.height() - size.height()) / 2)
1.14
1.15 - self._vms = [ { 'name': 'SecurityDVM0', 'ip': '192.168.56.101' } ]
1.16 + # TODO: THIS HERE IS HARD CODED
1.17 + self._vms = [ { 'name': 'SecurityDVM0' } ]
1.18 self._apps = [ { 'name': 'Browser', 'command': '/usr/bin/iceweasel' } ]
1.19
1.20 # add the VMs we know
1.21 @@ -186,11 +186,7 @@
1.22
1.23 def vm_get(self):
1.24 """The vm of choice."""
1.25 - v = str(self._cbVM.currentText())
1.26 - for vm in self._vms:
1.27 - if v == vm['name']:
1.28 - return vm['ip']
1.29 - return v
1.30 + return str(self._cbVM.currentText())
1.31
1.32 vm = property(vm_get)
1.33
1.34 @@ -227,43 +223,33 @@
1.35
1.36 # parse command line
1.37 parser = argparse.ArgumentParser(description = 'OpenSecurity Launcher: run application in VM')
1.38 - parser.add_argument('ip', metavar='IP', help='IP of Virtual Machine', nargs='?', type=str, default='')
1.39 + parser.add_argument('vm', metavar='VM', help='Name of Virtual Machine', nargs='?', type=str, default='')
1.40 parser.add_argument('command', metavar='COMMAND', help='Full path of command and arguments to start inside VM', nargs='?', type=str, default='')
1.41 args = parser.parse_args()
1.42
1.43 - # we must have at least all or none set
1.44 - set_ip = args.ip != ''
1.45 - set_command = args.command != ''
1.46 - set_ALL = set_ip and set_command
1.47 - set_NONE = (not set_ip) and (not set_command)
1.48 - if (not set_ALL) and (not set_NONE):
1.49 - sys.stderr.write("Please specify ip and command or none.\n")
1.50 - sys.stderr.write("Type '--help' for help.\n")
1.51 - sys.exit(1)
1.52 + # we must have all set
1.53 + if args.vm == "" or args.command == '':
1.54 + print('VM and/or COMMAND missing - invoking user dialog')
1.55 + args.vm, args.command = ask_user()
1.56
1.57 - # check if we need to ask the user
1.58 - if set_NONE:
1.59 - args.ip, args.command = ask_user()
1.60 -
1.61 - # still no IP? --> no chance, over and out!
1.62 - if args.ip == '':
1.63 + # still no VM? --> no chance, over and out!
1.64 + if args.vm == '':
1.65 sys.exit(0)
1.66
1.67 # ensure we have our X11 running
1.68 Cygwin.start_X11()
1.69
1.70 # call the OpenSecurity Admin to launch our progie =)
1.71 - url_vm = urllib.quote(args.ip)
1.72 - url_command = urllib.quote(args.command)
1.73 - QtGui.QMessageBox.information(None, 'OpenSecurity Launche', 'About to launch <br/><b>' + url_command + '</b><br/>at VM <br/><b>' + url_vm + '</b>')
1.74 + # TODO: hard coded PORT
1.75 + url = 'http://127.0.0.1:8080/sdvms/' + args.vm + '/application' + args.command
1.76 + print('Calling ' + url)
1.77 + try:
1.78 + result = urllib2.urlopen(url, None, 5)
1.79 + except urllib2.HTTPError as e:
1.80 + # Error, Fail, ... :(
1.81 + msg = 'Error received from OpenSecurity Subsystem\nError code: ' + str(e.code) + '\nReason: ' + e.reason
1.82 + QtGui.QMessageBox.critical(None, 'OpenSecurity Error', msg)
1.83
1.84 - # user_at_guest = args.user + '@' + args.ip
1.85 - # ssh = 'DISPLAY=:0 /usr/bin/ssh -Y ' + user_at_guest + ' ' + args.command
1.86 - # print(ssh)
1.87 -
1.88 - # # off we go!
1.89 - # Cygwin()(['/bin/bash', '--login', '-i', '-c', ssh], None, None, None)
1.90 -
1.91
1.92 # start
1.93 if __name__ == "__main__":
2.1 --- a/OpenSecurity/bin/opensecurity_tray.pyw Wed Dec 11 14:34:19 2013 +0100
2.2 +++ b/OpenSecurity/bin/opensecurity_tray.pyw Wed Dec 11 14:49:34 2013 +0100
2.3 @@ -36,6 +36,7 @@
2.4 import os
2.5 import subprocess
2.6 import sys
2.7 +import urllib2
2.8
2.9 from PyQt4 import QtCore
2.10 from PyQt4 import QtGui
2.11 @@ -49,6 +50,30 @@
2.12 # code
2.13
2.14
2.15 +class OpenSecurityWait(QtGui.QDialog):
2.16 +
2.17 + """OpenSecurity: please wait ..."""
2.18 +
2.19 + def __init__(self, parent = None, flags = QtCore.Qt.WindowFlags(0)):
2.20 + super(OpenSecurityWait, self).__init__(parent, flags)
2.21 + self.setWindowTitle('OpenSecurity')
2.22 + self.setup_ui()
2.23 +
2.24 +
2.25 + def setup_ui(self):
2.26 + """Create the widgets."""
2.27 +
2.28 + lyMain = QtGui.QVBoxLayout(self)
2.29 + lyMain.setContentsMargins(8, 8, 8, 8)
2.30 +
2.31 + # content area: left pixmap, right text
2.32 + lbTitle = QtGui.QLabel('Creating secure subsystem. Please stand by ...')
2.33 + lyMain.addWidget(lbTitle)
2.34 +
2.35 + self.setMinimumSize(400, 50)
2.36 + self.resize(lyMain.minimumSize())
2.37 +
2.38 +
2.39 class OpenSecurityTrayIcon(QtGui.QSystemTrayIcon):
2.40
2.41 """This is the OpenSecuirty Tray Icon"""
2.42 @@ -67,11 +92,31 @@
2.43
2.44 def clicked_browser(self):
2.45 """wish for safe internet browsing"""
2.46 - dlg_launch_image = os.path.join(sys.path[0], 'launch.pyw')
2.47 - process_command = [sys.executable, dlg_launch_image, '192.168.56.101', '/usr/bin/iceweasel']
2.48 - print(process_command)
2.49 - process = subprocess.Popen(process_command, shell = False)
2.50 - process.communicate()
2.51 +
2.52 + # TODO: HARDCODED ADDRESS OF OPENSECURITYD
2.53 +
2.54 + # tell the user to wait
2.55 + dlg = OpenSecurityWait()
2.56 + dlg.show()
2.57 + QtGui.QApplication.instance().processEvents()
2.58 +
2.59 + try:
2.60 +
2.61 + # get a proper browsing VM
2.62 + browsing_vm = urllib2.urlopen('http://127.0.0.1:8080/browsing').readline()
2.63 + dlg_launch_image = os.path.join(sys.path[0], 'launch.pyw')
2.64 + process_command = [sys.executable, dlg_launch_image, browsing_vm, '/usr/bin/iceweasel']
2.65 + print(process_command)
2.66 + process = subprocess.Popen(process_command, shell = False)
2.67 + process.communicate()
2.68 +
2.69 + except:
2.70 + dlg.hide()
2.71 + QtGui.QApplication.instance().processEvents()
2.72 + QtGui.QMessageBox.critical(None, 'Failed to invoke Safe Internet Browsing', 'OpenSecurity Error')
2.73 +
2.74 + dlg.hide()
2.75 + QtGui.QApplication.instance().processEvents()
2.76
2.77
2.78 def clicked_exit(self):
3.1 --- a/OpenSecurity/bin/opensecurityd.py Wed Dec 11 14:34:19 2013 +0100
3.2 +++ b/OpenSecurity/bin/opensecurityd.py Wed Dec 11 14:49:34 2013 +0100
3.3 @@ -81,8 +81,9 @@
3.4 """OpenSecurity '/device_change' handler"""
3.5
3.6 def GET(self):
3.7 - gvm_mgr.handleDeviceChange()
3.8 -
3.9 + new_ip = gvm_mgr.handleDeviceChange()
3.10 + if new_ip != None:
3.11 + gvm_mgr.mapNetworkDrive('h:', '\\\\' + new_ip + '\\USB', None, None)
3.12 return "os_device_change"
3.13
3.14
3.15 @@ -95,6 +96,7 @@
3.16 def GET(self):
3.17 try:
3.18 browsingVM = gvm_mgr.handleBrowsingRequest()
3.19 + gvm_mgr.startVM(browsingVM)
3.20 return browsingVM
3.21 except:
3.22 raise web.internalerror()
4.1 --- a/OpenSecurity/bin/vmmanager.py Wed Dec 11 14:34:19 2013 +0100
4.2 +++ b/OpenSecurity/bin/vmmanager.py Wed Dec 11 14:49:34 2013 +0100
4.3 @@ -16,7 +16,7 @@
4.4 import string
4.5
4.6
4.7 -DEBUG = False
4.8 +DEBUG = True
4.9
4.10 class USBFilter:
4.11 vendorid = ""
4.12 @@ -225,14 +225,7 @@
4.13 def startVM(self, vm_name):
4.14 print('starting ' + vm_name)
4.15 cmd = 'VBoxManage startvm ' + vm_name + ' --type headless'
4.16 - result = self.execute(cmd)
4.17 - while result[0] != 0:
4.18 - print "Failed to start SDVM: ", vm_name, " retrying"
4.19 - time.sleep(1)
4.20 - result = self.execute(cmd)
4.21 - #verify against (0, 'Waiting for VM "SecurityDVM0" to power on...\r\nVM "SecurityDVM0" has been successfully started.\r\n', '')
4.22 - return result[0]
4.23 -
4.24 + print self.execute(cmd) #verify against (0, 'Waiting for VM "SecurityDVM0" to power on...\r\nVM "SecurityDVM0" has been successfully started.\r\n', '')
4.25
4.26 # stop VM
4.27 def stopVM(self, vm_name):
4.28 @@ -326,37 +319,25 @@
4.29 new_sdvm = self.generateSDVMName()
4.30 self.createVM(new_sdvm)
4.31 self.attachRSD(new_sdvm, connected_device)
4.32 -
4.33 -
4.34 + #sleep like method
4.35 + self.listSDVM()
4.36 self.startVM(new_sdvm)
4.37 - # wait for machine to come up
4.38 +
4.39 while new_ip == None:
4.40 time.sleep(1)
4.41 new_ip = self.getHostOnlyIP(new_sdvm)
4.42 while new_ip not in self.startNotifications:
4.43 time.sleep(1)
4.44 - if new_ip != None:
4.45 - self.mapNetworkDrive('h:', '\\\\' + new_ip + '\\USB', None, None)
4.46 #TODO: cleanup notifications somwhere else (eg. machine shutdown)
4.47 self.startNotifications.remove(new_ip)
4.48 VMManager.handleDeviceChangeLock.release()
4.49 return new_ip
4.50
4.51 def handleBrowsingRequest(self):
4.52 - if VMManager.handleDeviceChangeLock.acquire(True):
4.53 - new_ip = None
4.54 - new_sdvm = self.generateSDVMName()
4.55 - self.createVM(new_sdvm)
4.56 - self.genCertificateISO(new_sdvm)
4.57 - self.attachCertificateISO(new_sdvm)
4.58 - self.startVM(new_sdvm)
4.59 - # wait for machine to come up
4.60 - while new_ip == None:
4.61 - time.sleep(1)
4.62 - new_ip = self.getHostOnlyIP(new_sdvm)
4.63 - while new_ip not in self.startNotifications:
4.64 - time.sleep(1)
4.65 - VMManager.handleDeviceChangeLock.release()
4.66 + new_sdvm = self.generateSDVMName()
4.67 + self.createVM(new_sdvm)
4.68 + self.genCertificateISO(new_sdvm)
4.69 + self.attachCertificateISO(new_sdvm)
4.70 return new_sdvm
4.71
4.72 # executes command over ssh on guest vm
4.73 @@ -369,7 +350,7 @@
4.74 return self.execute(cmd)
4.75
4.76 # executes command over ssh on guest vm with X forwarding
4.77 - def sshGuestX11Execute(self, vm_name, prog, user_name='osecuser'):
4.78 + def sshGuestX11Execute(self, vm_name, prog, user_name='opensec'):
4.79 #TODO: verify if X server is running on user account
4.80 #TODO: set DISPLAY accordingly
4.81 address = self.getHostOnlyIP(vm_name)
4.82 @@ -429,13 +410,13 @@
4.83 return -1
4.84 return 1
4.85
4.86 -#if __name__ == '__main__':
4.87 +if __name__ == '__main__':
4.88
4.89 - #man = VMManager.getInstance()
4.90 + man = VMManager.getInstance()
4.91 #man.removeVM('SecurityDVM0')
4.92 #man.netUse('192.168.56.134', 'USB\\')
4.93 - #ip = '192.168.56.139'
4.94 - #man.mapNetworkDrive('h:', '\\\\' + ip + '\USB', None, None)
4.95 + ip = '192.168.56.139'
4.96 + man.mapNetworkDrive('h:', '\\\\' + ip + '\USB', None, None)
4.97
4.98 #man.cygwin_path = 'c:\\cygwin64\\bin\\'
4.99 #man.handleDeviceChange()
5.1 --- a/OpenSecurity/test/create-security-vm.bat Wed Dec 11 14:34:19 2013 +0100
5.2 +++ b/OpenSecurity/test/create-security-vm.bat Wed Dec 11 14:49:34 2013 +0100
5.3 @@ -1,2 +1,2 @@
5.4 @echo off
5.5 -..\cygwin\bin\curl -X POST http://127.0.0.1:8080/sdvms
5.6 \ No newline at end of file
5.7 +..\cygwin\bin\curl -X POST http://127.0.0.1:8080/sdvms