diff --git a/apps/assets/migrations/__init__.py b/apps/assets/migrations/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/apps/common/utils.py b/apps/common/utils.py index 3546f610f..da83cfca7 100644 --- a/apps/common/utils.py +++ b/apps/common/utils.py @@ -30,11 +30,17 @@ def get_object_or_none(model, **kwargs): def encrypt(*args, **kwargs): - return signing.dumps(*args, **kwargs) + try: + return signing.dumps(*args, **kwargs) + except signing.BadSignature: + return '' def decrypt(*args, **kwargs): - return signing.loads(*args, **kwargs) + try: + return signing.loads(*args, **kwargs) + except signing.BadSignature: + return '' def date_expired_default(): diff --git a/apps/perms/migrations/__init__.py b/apps/perms/migrations/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/apps/users/migrations/__init__.py b/apps/users/migrations/__init__.py deleted file mode 100644 index e69de29bb..000000000 diff --git a/connect.py b/connect.py deleted file mode 100644 index 51020d8f1..000000000 --- a/connect.py +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/env python -# -*- coding: utf-8 -*- -# - -import sys -import os - -# reload(sys) -# sys.setdefaultencoding('utf8') - -BASE_DIR = os.path.dirname(os.path.abspath(__file__)) -sys.path.append(os.path.join(BASE_DIR, 'apps')) - -import re -import time -import datetime -import textwrap -import getpass -import readline -import django -import paramiko -import errno -import pyte -import operator -import struct, fcntl, signal, socket, select -from io import open as copen -import uuid - - -os.environ['DJANGO_SETTINGS_MODULE'] = 'jumpserver.settings' - - diff --git a/requirements.txt b/requirements.txt index 311786d8d..4bac3860e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -20,3 +20,4 @@ django-simple-captcha==0.5.2 django-formtools==1.0 sshpubkeys==2.2.0 djangorestframework-bulk==0.2.1 +python-gssapi==0.6.4 diff --git a/terminal/ssh_server.py b/terminal/ssh_server.py index e8e8f60c8..36b0f9afd 100644 --- a/terminal/ssh_server.py +++ b/terminal/ssh_server.py @@ -41,6 +41,8 @@ from utils import get_logger, SSHServerException, control_char logger = get_logger(__name__) +paramiko.util.log_to_file(os.path.join(BASE_DIR, 'logs', 'paramiko.log')) + class SSHServer(paramiko.ServerInterface): host_key_path = os.path.join(BASE_DIR, 'host_rsa_key') @@ -79,6 +81,27 @@ class SSHServer(paramiko.ServerInterface): return paramiko.OPEN_SUCCEEDED return paramiko.OPEN_FAILED_ADMINISTRATIVELY_PROHIBITED + def check_auth_gssapi_with_mic(self, username, + gss_authenticated=paramiko.AUTH_FAILED, + cc_file=None): + + if gss_authenticated == paramiko.AUTH_SUCCESSFUL: + return paramiko.AUTH_SUCCESSFUL + return paramiko.AUTH_FAILED + + def check_auth_gssapi_keyex(self, username, + gss_authenticated=paramiko.AUTH_FAILED, + cc_file=None): + + if gss_authenticated == paramiko.AUTH_SUCCESSFUL: + return paramiko.AUTH_SUCCESSFUL + return paramiko.AUTH_FAILED + + def enable_auth_gssapi(self): + UseGSSAPI = True + GSSAPICleanupCredentials = False + return UseGSSAPI + def check_auth_password(self, username, password): self.user = user = check_user_is_valid(username=username, password=password) self.username = username = user.username @@ -99,9 +122,9 @@ class SSHServer(paramiko.ServerInterface): def check_auth_publickey(self, username, public_key): self.user = user = check_user_is_valid(username=username, public_key=public_key) - self.username = username = user.username if self.user: + self.username = username = user.username logger.info('Accepted public key for %(username)s from %(host)s port %(port)s ' % { 'username': username, 'host': self.addr[0], diff --git a/test_rsa.key b/test_rsa.key deleted file mode 100644 index f50e9c538..000000000 --- a/test_rsa.key +++ /dev/null @@ -1,15 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIICWgIBAAKBgQDTj1bqB4WmayWNPB+8jVSYpZYk80Ujvj680pOTh2bORBjbIAyz -oWGW+GUjzKxTiiPvVmxFgx5wdsFvF03v34lEVVhMpouqPAYQ15N37K/ir5XY+9m/ -d8ufMCkjeXsQkKqFbAlQcnWMCRnOoPHS3I4vi6hmnDDeeYTSRvfLbW0fhwIBIwKB -gBIiOqZYaoqbeD9OS9z2K9KR2atlTxGxOJPXiP4ESqP3NVScWNwyZ3NXHpyrJLa0 -EbVtzsQhLn6rF+TzXnOlcipFvjsem3iYzCpuChfGQ6SovTcOjHV9z+hnpXvQ/fon -soVRZY65wKnF7IAoUwTmJS9opqgrN6kRgCd3DASAMd1bAkEA96SBVWFt/fJBNJ9H -tYnBKZGw0VeHOYmVYbvMSstssn8un+pQpUm9vlG/bp7Oxd/m+b9KWEh2xPfv6zqU -avNwHwJBANqzGZa/EpzF4J8pGti7oIAPUIDGMtfIcmqNXVMckrmzQ2vTfqtkEZsA -4rE1IERRyiJQx6EJsz21wJmGV9WJQ5kCQQDwkS0uXqVdFzgHO6S++tjmjYcxwr3g -H0CoFYSgbddOT6miqRskOQF3DZVkJT3kyuBgU2zKygz52ukQZMqxCb1fAkASvuTv -qfpH87Qq5kQhNKdbbwbmd2NxlNabazPijWuphGTdW0VfJdWfklyS2Kr+iqrs/5wV -HhathJt636Eg7oIjAkA8ht3MQ+XSl9yIJIS8gVpbPxSw5OMfw0PjVE7tBdQruiSc -nvuQES5C9BMHjF39LZiGH1iLQy7FgdHyoP+eodI7 ------END RSA PRIVATE KEY----- diff --git a/test_server.py b/test_server.py deleted file mode 100644 index b6314f2bc..000000000 --- a/test_server.py +++ /dev/null @@ -1,44 +0,0 @@ -#!/usr/bin/env python -# -*- coding: utf-8 -*- -# - -import socket -import sys -import threading - - -class ThreadSocket: - def __init__(self, host, port): - self.host = host - self.port = port - self.sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) - self.sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) - self.sock.bind((self.host, self.port)) - - def listen(self): - self.sock.listen(5) - while True: - client, address = self.sock.accept() - client.settimeout(60) - threading.Thread(target=self.handle_client_request, args=(client, address)).start() - - def handle_client_request(self, client, address): - print("Get client: %s" % str(address)) - while True: - try: - data = client.recv(1024) - print("sleep : %s" % str(address)) - if data: - client.send(data) - else: - raise IndexError('Client has disconnected') - except: - client.close() - - -if __name__ == '__main__': - server = ThreadSocket('', 9000) - try: - server.listen() - except KeyboardInterrupt: - sys.exit(1)