1.1 --- a/OpenSecurity/bin/environment.py Wed Dec 11 14:49:34 2013 +0100
1.2 +++ b/OpenSecurity/bin/environment.py Thu Jan 09 10:44:42 2014 +0100
1.3 @@ -92,12 +92,12 @@
1.4 # test method
1.5 def test():
1.6
1.7 - """Test: class Environment"""
1.8 - e = Environment('My Application')
1.9 - print('prefix_path: "{0}"'.format(e.prefix_path))
1.10 - print(' data_path: "{0}"'.format(e.data_path))
1.11 -
1.12 -
1.13 + """Test: class Environment"""
1.14 + e = Environment('My Application')
1.15 + print('prefix_path: "{0}"'.format(e.prefix_path))
1.16 + print(' data_path: "{0}"'.format(e.data_path))
1.17 +
1.18 +
1.19 # test the module
1.20 if __name__ == '__main__':
1.21 - test()
1.22 + test()
2.1 --- a/OpenSecurity/bin/opensecurity_client_restful_server.py Wed Dec 11 14:49:34 2013 +0100
2.2 +++ b/OpenSecurity/bin/opensecurity_client_restful_server.py Thu Jan 09 10:44:42 2014 +0100
2.3 @@ -43,7 +43,6 @@
2.4 # local
2.5 from environment import Environment
2.6 from notification import Notification
2.7 -import opensecurity_server
2.8
2.9
2.10 # ------------------------------------------------------------
3.1 --- a/OpenSecurity/bin/opensecurityd.py Wed Dec 11 14:49:34 2013 +0100
3.2 +++ b/OpenSecurity/bin/opensecurityd.py Thu Jan 09 10:44:42 2014 +0100
3.3 @@ -81,10 +81,11 @@
3.4 """OpenSecurity '/device_change' handler"""
3.5
3.6 def GET(self):
3.7 - new_ip = gvm_mgr.handleDeviceChange()
3.8 - if new_ip != None:
3.9 - gvm_mgr.mapNetworkDrive('h:', '\\\\' + new_ip + '\\USB', None, None)
3.10 - return "os_device_change"
3.11 + try:
3.12 + new_ip = gvm_mgr.handleDeviceChange()
3.13 + return new_ip
3.14 + except:
3.15 + raise web.internalerror()
3.16
3.17
3.18 class os_browsing:
3.19 @@ -96,7 +97,6 @@
3.20 def GET(self):
3.21 try:
3.22 browsingVM = gvm_mgr.handleBrowsingRequest()
3.23 - gvm_mgr.startVM(browsingVM)
3.24 return browsingVM
3.25 except:
3.26 raise web.internalerror()
4.1 --- a/OpenSecurity/bin/vmmanager.py Wed Dec 11 14:49:34 2013 +0100
4.2 +++ b/OpenSecurity/bin/vmmanager.py Thu Jan 09 10:44:42 2014 +0100
4.3 @@ -17,6 +17,11 @@
4.4
4.5
4.6 DEBUG = True
4.7 +class VMManagerException(Exception):
4.8 + def __init__(self, value):
4.9 + self.value = value
4.10 + def __str__(self):
4.11 + return repr(self.value)
4.12
4.13 class USBFilter:
4.14 vendorid = ""
4.15 @@ -76,12 +81,14 @@
4.16 def isSDVMStarted(self, ip):
4.17 return self.startNotifications.contains(ip)
4.18
4.19 - def execute(self, cmd):
4.20 + def execute(self, cmd, wait_return=True ):
4.21 if DEBUG:
4.22 print('trying to launch: ' + cmd)
4.23 process = Popen(cmd, stdout=PIPE, stderr=PIPE) #shell = True
4.24 if DEBUG:
4.25 print('launched: ' + cmd)
4.26 + if not wait_return:
4.27 + return [0, 'working in background', '']
4.28 result = process.wait()
4.29 res_stdout = process.stdout.read();
4.30 res_stderr = process.stderr.read();
4.31 @@ -90,6 +97,8 @@
4.32 print res_stdout
4.33 if res_stderr != "":
4.34 print res_stderr
4.35 + if result !=0:
4.36 + raise VMManagerException(res_stderr)
4.37 return result, res_stdout, res_stderr
4.38
4.39 def getVBoxManagePath(self):
4.40 @@ -207,8 +216,7 @@
4.41 self.execute(cmd)
4.42 cmd = 'VBoxManage storagectl ' + vm_name + ' --name contr1 --add sata --portcount 2'
4.43 self.execute(cmd)
4.44 - cmd = 'VBoxManage storageattach ' + vm_name + ' --storagectl contr1 --port 0 --device 0 --type hdd --medium \"'+ machineFolder + '\SecurityDVM\SecurityDVM.vmdk\"'
4.45 - #--mtype immutable
4.46 + cmd = 'VBoxManage storageattach ' + vm_name + ' --storagectl contr1 --port 0 --device 0 --type hdd --medium \"'+ machineFolder + '\SecurityDVM\SecurityDVM.vmdk\"' #--mtype immutable
4.47 self.execute(cmd)
4.48 return
4.49
4.50 @@ -225,13 +233,18 @@
4.51 def startVM(self, vm_name):
4.52 print('starting ' + vm_name)
4.53 cmd = 'VBoxManage startvm ' + vm_name + ' --type headless'
4.54 - print self.execute(cmd) #verify against (0, 'Waiting for VM "SecurityDVM0" to power on...\r\nVM "SecurityDVM0" has been successfully started.\r\n', '')
4.55 + result = self.execute(cmd)
4.56 + while not string.find(str(result), 'successfully started',):
4.57 + print "Failed to start SDVM: ", vm_name, " retrying"
4.58 + time.sleep(1)
4.59 + result = self.execute(cmd)
4.60 + return result[0]
4.61
4.62 # stop VM
4.63 def stopVM(self, vm_name):
4.64 print('stopping ' + vm_name)
4.65 cmd = 'VBoxManage controlvm ' + vm_name + ' poweroff'
4.66 - print self.execute(cmd)
4.67 + self.execute(cmd)
4.68
4.69 # return the hostOnly IP for a running guest
4.70 def getHostOnlyIP(self, vm_name):
4.71 @@ -273,23 +286,23 @@
4.72 machineFolder = self.getDefaultMachineFolder()
4.73 # create .ssh folder in vm_name
4.74 cmd = self.cygwin_path+'bash.exe --login -c \"mkdir -p \\\"' + machineFolder + '\\' + vm_name + '\\.ssh\\\"\"'
4.75 - result = self.execute(cmd)
4.76 + self.execute(cmd)
4.77 # generate dvm_key pair in vm_name / .ssh
4.78 cmd = self.cygwin_path+'bash.exe --login -c \"ssh-keygen -q -t rsa -N \\"\\" -C \\\"' + vm_name + '\\\" -f \\\"' + machineFolder + '\\' + vm_name + '\\.ssh\\dvm_key\\\"\"' #'echo -e "y\\n" |',
4.79 - result = self.execute(cmd)
4.80 + self.execute(cmd)
4.81 # set permissions for keys
4.82 #TODO: test without chmod
4.83 cmd = self.cygwin_path+'bash.exe --login -c \"chmod 500 \\\"' + machineFolder + '\\' + vm_name + '\\.ssh\\*\\\"\"'
4.84 - result = self.execute(cmd)
4.85 + self.execute(cmd)
4.86 # move out private key
4.87 cmd = self.cygwin_path+'bash.exe --login -c \"mv \\\"' + machineFolder + '\\' + vm_name + '\\.ssh\\dvm_key\\\" \\\"' + machineFolder + '\\' + vm_name + '\\\"'
4.88 - result = self.execute(cmd)
4.89 + self.execute(cmd)
4.90 # rename public key to authorized_keys
4.91 cmd = self.cygwin_path+'bash.exe --login -c \"mv \\\"' + machineFolder + '\\' + vm_name + '\\.ssh\\dvm_key.pub\\\" \\\"' + machineFolder + '\\' + vm_name + '\\.ssh\\authorized_keys\\\"'
4.92 - result = self.execute(cmd)
4.93 + self.execute(cmd)
4.94 # generate iso image with .ssh/authorized keys
4.95 cmd = self.cygwin_path+'bash.exe --login -c \"/usr/bin/genisoimage -J -R -o \\\"' + machineFolder + '\\' + vm_name + '\\'+ vm_name + '.iso\\\" \\\"' + machineFolder + '\\' + vm_name + '\\.ssh\\\"\"'
4.96 - result = self.execute(cmd)
4.97 + self.execute(cmd)
4.98
4.99 # attaches generated ssh public cert to guest vm
4.100 def attachCertificateISO(self, vm_name):
4.101 @@ -319,29 +332,45 @@
4.102 new_sdvm = self.generateSDVMName()
4.103 self.createVM(new_sdvm)
4.104 self.attachRSD(new_sdvm, connected_device)
4.105 - #sleep like method
4.106 - self.listSDVM()
4.107 +
4.108 +
4.109 self.startVM(new_sdvm)
4.110 -
4.111 + # wait for machine to come up
4.112 while new_ip == None:
4.113 time.sleep(1)
4.114 new_ip = self.getHostOnlyIP(new_sdvm)
4.115 while new_ip not in self.startNotifications:
4.116 time.sleep(1)
4.117 + if new_ip != None:
4.118 + self.mapNetworkDrive('h:', '\\\\' + new_ip + '\\USB', None, None)
4.119 #TODO: cleanup notifications somwhere else (eg. machine shutdown)
4.120 self.startNotifications.remove(new_ip)
4.121 VMManager.handleDeviceChangeLock.release()
4.122 return new_ip
4.123
4.124 def handleBrowsingRequest(self):
4.125 - new_sdvm = self.generateSDVMName()
4.126 - self.createVM(new_sdvm)
4.127 - self.genCertificateISO(new_sdvm)
4.128 - self.attachCertificateISO(new_sdvm)
4.129 + if VMManager.handleDeviceChangeLock.acquire(True):
4.130 + new_ip = None
4.131 + new_sdvm = self.generateSDVMName()
4.132 + self.createVM(new_sdvm)
4.133 + self.genCertificateISO(new_sdvm)
4.134 + self.attachCertificateISO(new_sdvm)
4.135 + self.startVM(new_sdvm)
4.136 + # wait for machine to come up
4.137 + while new_ip == None:
4.138 + time.sleep(1)
4.139 + new_ip = self.getHostOnlyIP(new_sdvm)
4.140 + while new_ip not in self.startNotifications:
4.141 + time.sleep(1)
4.142 + if new_ip != None:
4.143 + self.mapNetworkDrive('g:', '\\\\' + new_ip + '\\Download', None, None)
4.144 + #TODO: cleanup notifications somwhere else (eg. machine shutdown)
4.145 + self.startNotifications.remove(new_ip)
4.146 + VMManager.handleDeviceChangeLock.release()
4.147 return new_sdvm
4.148
4.149 # executes command over ssh on guest vm
4.150 - def sshGuestExecute(self, vm_name, prog, user_name='opensec'):
4.151 + def sshGuestExecute(self, vm_name, prog, user_name='osecuser'):
4.152 # get vm ip
4.153 address = self.getHostOnlyIP(vm_name)
4.154 machineFolder = self.getDefaultMachineFolder()
4.155 @@ -350,14 +379,22 @@
4.156 return self.execute(cmd)
4.157
4.158 # executes command over ssh on guest vm with X forwarding
4.159 - def sshGuestX11Execute(self, vm_name, prog, user_name='opensec'):
4.160 + def sshGuestX11Execute(self, vm_name, prog, user_name='osecuser'):
4.161 #TODO: verify if X server is running on user account
4.162 #TODO: set DISPLAY accordingly
4.163 address = self.getHostOnlyIP(vm_name)
4.164 machineFolder = self.getDefaultMachineFolder()
4.165 # run command
4.166 - cmd = self.cygwin_path+'bash.exe --login -c \"DISPLAY=:0 ssh -Y -i \\\"' + machineFolder + '\\' + vm_name + '\\dvm_key\\\" ' + user_name + '@' + address + ' ' + prog + '\"'
4.167 - return self.execute(cmd)
4.168 + #--login
4.169 + #cmd = self.cygwin_path+'bash.exe --login -c \"DISPLAY=:0 ssh -v -Y -i \\\"' + machineFolder + '\\' + vm_name + '\\dvm_key\\\" ' + user_name + '@' + address + ' ' + prog + '\"'
4.170 + cmd = self.cygwin_path+'mintty.exe -e /bin/env DISPLAY=:0 /usr/bin/ssh -v -Y -i \"' + machineFolder + '\\' + vm_name + '\\dvm_key\" ' + user_name + '@' + address + ' ' + prog + ''
4.171 + #cmd = self.cygwin_path+'mintty.exe -e /bin/bash --login -c \"DISPLAY=:0 /usr/bin/ssh -v -Y -i \\\"' + machineFolder + '\\' + vm_name + '\\dvm_key\\\" ' + user_name + '@' + address + ' ' + prog + '\"'
4.172 + if DEBUG:
4.173 + print('trying to launch: ' + cmd)
4.174 + process = Popen(cmd)
4.175 + if DEBUG:
4.176 + print('launched: ' + cmd)
4.177 + return
4.178
4.179 #Small function to check the availability of network resource.
4.180 def isAvailable(self, path):
4.181 @@ -411,13 +448,11 @@
4.182 return 1
4.183
4.184 if __name__ == '__main__':
4.185 -
4.186 man = VMManager.getInstance()
4.187 #man.removeVM('SecurityDVM0')
4.188 #man.netUse('192.168.56.134', 'USB\\')
4.189 - ip = '192.168.56.139'
4.190 - man.mapNetworkDrive('h:', '\\\\' + ip + '\USB', None, None)
4.191 -
4.192 + #ip = '192.168.56.139'
4.193 + #man.mapNetworkDrive('h:', '\\\\' + ip + '\USB', None, None)
4.194 #man.cygwin_path = 'c:\\cygwin64\\bin\\'
4.195 #man.handleDeviceChange()
4.196 #print man.listSDVM()
4.197 @@ -429,7 +464,8 @@
4.198
4.199 #man.attachCertificateISO(vm_name)
4.200 #man.sshGuestExecute(vm_name, "ls")
4.201 - #man.sshGuestX11Execute(vm_name, "iceweasel")
4.202 + man.sshGuestX11Execute('SecurityDVM1', '/usr/bin/iceweasel')
4.203 + time.sleep(60)
4.204 #cmd = "c:\\cygwin64\\bin\\bash.exe --login -c \"/bin/ls\""
4.205 #man.execute(cmd)
4.206
4.207 \ No newline at end of file
5.1 Binary file OpenSecurity/install/web.py-0.37/web/__init__.pyc has changed
6.1 Binary file OpenSecurity/install/web.py-0.37/web/application.pyc has changed
7.1 Binary file OpenSecurity/install/web.py-0.37/web/browser.pyc has changed
8.1 Binary file OpenSecurity/install/web.py-0.37/web/db.pyc has changed
9.1 Binary file OpenSecurity/install/web.py-0.37/web/debugerror.pyc has changed
10.1 Binary file OpenSecurity/install/web.py-0.37/web/form.pyc has changed
11.1 Binary file OpenSecurity/install/web.py-0.37/web/http.pyc has changed
12.1 Binary file OpenSecurity/install/web.py-0.37/web/httpserver.pyc has changed
13.1 Binary file OpenSecurity/install/web.py-0.37/web/net.pyc has changed
14.1 Binary file OpenSecurity/install/web.py-0.37/web/session.pyc has changed
15.1 Binary file OpenSecurity/install/web.py-0.37/web/template.pyc has changed
16.1 Binary file OpenSecurity/install/web.py-0.37/web/utils.pyc has changed
17.1 Binary file OpenSecurity/install/web.py-0.37/web/webapi.pyc has changed
18.1 Binary file OpenSecurity/install/web.py-0.37/web/webopenid.pyc has changed
19.1 Binary file OpenSecurity/install/web.py-0.37/web/wsgi.pyc has changed