1.1 --- a/src/OsecFS.py Wed Apr 09 10:27:19 2014 +0200
1.2 +++ b/src/OsecFS.py Thu May 15 12:21:34 2014 +0200
1.3 @@ -18,9 +18,9 @@
1.4 import subprocess
1.5
1.6 import urllib3
1.7 -import urllib
1.8 import netifaces
1.9 import netaddr
1.10 +import hashlib
1.11
1.12
1.13 sys.stderr = open('/var/log/osecfs_error.log', 'a+')
1.14 @@ -161,34 +161,56 @@
1.15
1.16 return whitelisted
1.17
1.18 -def sendNotification (type, message):
1.19 +def sendDataToRest (urlpath, data):
1.20 netifaces.ifaddresses("eth0")[2][0]["addr"]
1.21
1.22 # Get first address in network (0 = network ip -> 192.168.0.0)
1.23 remote_ip = netaddr.IPNetwork("%s/%s" %(netifaces.ifaddresses("eth0")[2][0]["addr"], netifaces.ifaddresses("eth0")[2][0]["netmask"]))[1]
1.24
1.25 - url_options = {"type" : type, "message" : message }
1.26 -
1.27 - # BUG in urllib3. Starting / is missing -> workarround use 2 of them -.-
1.28 - url = ("http://%s:8090//notification?%s" %(remote_ip, urllib.urlencode(url_options)))
1.29 -
1.30 - LOG.debug ("Send notification to \"%s\"" %(url, ))
1.31 + url = ("http://%s:8090//%s" %(remote_ip, urlpath))
1.32 +
1.33 + LOG.debug ("Send data to \"%s\"" %(url, ))
1.34 + LOG.debug ("Data: %s" %(data, ))
1.35
1.36 try:
1.37 - #response = httpPool.request_encode_body('GET', url, retries = 0)
1.38 - response = httpPool.request("GET", url, retries = 0)
1.39 + response = httpPool.request_encode_body("POST", url, fields=data, retries=0)
1.40 except:
1.41 LOG.error("Remote host not reachable")
1.42 LOG.error ("Exception: %s" %(sys.exc_info()[0]))
1.43 return
1.44
1.45 if response.status == STATUS_CODE_OK:
1.46 - LOG.info("Notification sent successfully")
1.47 + LOG.info("Data sent successfully to rest server")
1.48 + return True
1.49 else:
1.50 LOG.error("Server returned errorcode: %s" %(response.status,))
1.51 + return False
1.52 +
1.53 +
1.54 +def sendNotification (type, message):
1.55 + data = {"type" : type, "message" : message}
1.56 + sendDataToRest ("notification", data)
1.57
1.58 def sendReadOnlyNotification():
1.59 sendNotification("critical", "Filesystem is in read only mode. If you want to export files please initialize an encrypted filesystem.")
1.60 +
1.61 +def sendLogNotPossibleNotification():
1.62 + sendNotification ("critical", "Send log entry to opensecurity rest server failed.")
1.63 +
1.64 +def sendFileLog(filename, filesize, filehash, hashtype):
1.65 + data = {"filename" : filename, "filesize" : filesize, "filehash" : filehash, "hashtype" : hashtype}
1.66 + retval = sendDataToRest ("log", data)
1.67 + if (retval == False):
1.68 + sendLogNotPossibleNotification()
1.69 +
1.70 +def calcMD5 (path, block_size=256*128, hr=True):
1.71 + md5 = hashlib.md5()
1.72 + with open(path,'rb') as f:
1.73 + for chunk in iter(lambda: f.read(block_size), b''):
1.74 + md5.update(chunk)
1.75 + if hr:
1.76 + return md5.hexdigest()
1.77 + return md5.digest()
1.78
1.79 class OsecFS (Fuse):
1.80
1.81 @@ -257,6 +279,7 @@
1.82 def open (self, path, flags):
1.83 LOG.debug ("*** open %s %s" % (path, oct (flags)))
1.84 self.file = os.fdopen (os.open (fixPath (path), flags), flag2mode (flags))
1.85 + self.written = False
1.86 self.fd = self.file.fileno ()
1.87
1.88 LOG.debug(self.__rootpath)
1.89 @@ -301,6 +324,12 @@
1.90 def release (self, path, flags):
1.91 LOG.debug ("*** release %s %s" % (path, oct (flags)))
1.92 self.file.close ()
1.93 +
1.94 + if (self.written == True):
1.95 + hashsum = calcMD5(fixPath(path))
1.96 + filesize = os.path.getsize(fixPath(path))
1.97 + sendFileLog(path, filesize, hashsum, "md5")
1.98 +
1.99
1.100 def rename (self, oldPath, newPath):
1.101 LOG.debug ("*** rename %s %s %s" % (oldPath, newPath, config.get("Main", "ReadOnly")))
1.102 @@ -348,13 +377,15 @@
1.103 os.utime (fixPath (path), times)
1.104
1.105 def write (self, path, buf, offset):
1.106 - LOG.debug ("*** write %s %s %s %s" % (path, buf, offset, config.get("Main", "ReadOnly")))
1.107 + #LOG.debug ("*** write %s %s %s %s" % (path, buf, offset, config.get("Main", "ReadOnly")))
1.108 + LOG.debug ("*** write %s %s %s %s" % (path, "filecontent", offset, config.get("Main", "ReadOnly")))
1.109 if (config.get("Main", "ReadOnly") == "true"):
1.110 self.file.close()
1.111 sendReadOnlyNotification()
1.112 return -errno.EACCES
1.113 self.file.seek (offset)
1.114 self.file.write (buf)
1.115 + self.written = True
1.116 return len (buf)
1.117
1.118 def access (self, path, mode):
1.119 @@ -367,9 +398,9 @@
1.120 if (config.get("Main", "ReadOnly") == "true"):
1.121 sendReadOnlyNotification()
1.122 return -errno.EACCES
1.123 - #self.file = os.fdopen (os.open (fixPath (path), flags, mode), flag2mode (flags))
1.124 - # fix strange Windows behaviour
1.125 - self.file = os.fdopen (os.open (fixPath (path), flags, mode), "w+")
1.126 +
1.127 + self.file = os.fdopen (os.open (fixPath (path), flags), flag2mode(flags))
1.128 + self.written = True
1.129 self.fd = self.file.fileno ()
1.130
1.131