fix: 锁定依赖包版本 pyOpenSSL==22.0.0

fix: 修改解密异常抛出范围
fix: 修复空字符串加密报错的问题
2025-12-16 00:52:41 +00:00 · 2022-09-27 15:47:47 +08:00 · 2022-09-27 15:47:03 +08:00 · 2022-09-27 11:28:31 +08:00 · 2022-09-26 15:29:28 +08:00 · 2022-09-26 14:39:53 +08:00
6 changed files with 17 additions and 10 deletions
--- a/apps/common/management/commands/services/services/celery_base.py
+++ b/apps/common/management/commands/services/services/celery_base.py
@@ -30,7 +30,9 @@ class CeleryBaseService(BaseService):
            '-l', 'INFO',
            '-c', str(self.num),
            '-Q', self.queue,
-            '-n', f'{self.queue}@{server_hostname}'
+            '--heartbeat-interval', '10',
            '-n', f'{self.queue}@{server_hostname}',
            '--without-mingle',
        ]
        return cmd
--- a/apps/common/sdk/gm/piico/cipher.py
+++ b/apps/common/sdk/gm/piico/cipher.py
@@ -33,7 +33,7 @@ class EBCCipher:
    def __padding(val):
        # padding
        val = bytes(val)
-        while len(val) % 16 != 0:
+        while len(val) == 0 or len(val) % 16 != 0:
            val += b'\0'
        return val
--- a/apps/common/utils/crypto.py
+++ b/apps/common/utils/crypto.py
@@ -82,7 +82,8 @@ class PiicoSM4EcbCrypto(BaseCrypto):
        return self.cipher.encrypt(self.to_16(data))
    def _decrypt(self, data: bytes) -> bytes:
-        return self.cipher.decrypt(data)
+        bs = self.cipher.decrypt(data)
        return bs.rstrip(b'\0')
 class AESCrypto:
@@ -232,6 +233,8 @@ class Crypto:
        return self.cryptos[0]
    def encrypt(self, text):
        if text is None:
            return text
        return self.encryptor.encrypt(text)
    def decrypt(self, text):
@@ -241,7 +244,7 @@ class Crypto:
                if origin_text:
                    # 有时不同算法解密不报错，但是返回空字符串
                    return origin_text
-            except (TypeError, ValueError, UnicodeDecodeError, IndexError):
+            except Exception:
                continue
--- a/apps/jumpserver/settings/libs.py
+++ b/apps/jumpserver/settings/libs.py
@@ -9,7 +9,6 @@ from .base import (
 )
 from ..const import CONFIG, PROJECT_DIR
 REST_FRAMEWORK = {
    # Use Django's standard `django.contrib.auth` permissions,
    # or allow read-only access for unauthenticated users.
@@ -64,7 +63,6 @@ SWAGGER_SETTINGS = {
    'DEFAULT_INFO': 'jumpserver.views.swagger.api_info',
 }
 # Captcha settings, more see https://django-simple-captcha.readthedocs.io/en/latest/advanced.html
 CAPTCHA_IMAGE_SIZE = (180, 38)
 CAPTCHA_FOREGROUND_COLOR = '#001100'
@@ -81,7 +79,6 @@ BOOTSTRAP3 = {
    'required_css_class': 'required',
 }
 # Django channels support websocket
 if not REDIS_USE_SSL:
    redis_ssl = None
@@ -108,7 +105,6 @@ CHANNEL_LAYERS = {
 }
 ASGI_APPLICATION = 'jumpserver.routing.application'
 # Dump all celery log to here
 CELERY_LOG_DIR = os.path.join(PROJECT_DIR, 'data', 'celery')
@@ -131,6 +127,7 @@ CELERY_TASK_EAGER_PROPAGATES = True
 CELERY_WORKER_REDIRECT_STDOUTS = True
 CELERY_WORKER_REDIRECT_STDOUTS_LEVEL = "INFO"
 CELERY_TASK_SOFT_TIME_LIMIT = 3600
 CELERY_WORKER_CANCEL_LONG_RUNNING_TASKS_ON_CONNECTION_LOSS = True
 if REDIS_USE_SSL:
    CELERY_BROKER_USE_SSL = CELERY_REDIS_BACKEND_USE_SSL = {
@@ -148,3 +145,7 @@ REDIS_PORT = CONFIG.REDIS_PORT
 REDIS_PASSWORD = CONFIG.REDIS_PASSWORD
 DJANGO_REDIS_SCAN_ITERSIZE = 1000
 # GM DEVICE
 PIICO_DEVICE_ENABLE = CONFIG.PIICO_DEVICE_ENABLE
 PIICO_DRIVER_PATH = CONFIG.PIICO_DRIVER_PATH
--- a/apps/users/notifications.py
+++ b/apps/users/notifications.py
@@ -191,7 +191,7 @@ class UserExpirationReminderMsg(UserMessage):
 class ResetSSHKeyMsg(UserMessage):
    def get_html_msg(self) -> dict:
        subject = _('Reset SSH Key')
-        update_url = urljoin(settings.SITE_URL, '/ui/#/users/profile/?activeTab=SSHUpdate')
+        update_url = urljoin(settings.SITE_URL, '/ui/#/profile/setting/?activeTab=SSHUpdate')
        context = {
            'name': self.user.name,
            'url': update_url,
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@@ -133,6 +133,7 @@ pymssql==2.1.5
 django-mysql==3.9.0
 django-redis==5.2.0
 python-redis-lock==3.7.0
 pyOpenSSL==22.0.0
 redis==4.3.3
 pymongo==4.2.0
 # Debug
Author	SHA1	Message	Date
Jiangjie.Bai	ca3c56320e	fix: 锁定依赖包版本 pyOpenSSL==22.0.0	2022-09-27 15:47:47 +08:00
Aaron3S	2ed2c16ff5	fix: 修改解密异常抛出范围	2022-09-27 15:47:03 +08:00
Aaron3S	3069bb5b0c	fix: 修复空字符串加密报错的问题	2022-09-27 11:28:31 +08:00
Aaron3S	b0650b0047	perf: 优化去除结尾空字节的写法	2022-09-26 15:29:28 +08:00
Aaron3S	7e133bb0c4	feat: 增加PIICO设备配置项	2022-09-26 14:39:53 +08:00
Aaron3S	bd854cfd0f	feat: 增加国密配置项	2022-09-26 14:39:53 +08:00
Aaron3S	f458eff527	fix: 修复密码后空格的问题	2022-09-26 14:38:45 +08:00
feng626	97b37bfb5d	fix: reset ssh url problem	2022-09-21 18:34:47 +08:00
吴小白	4d7ff0828b	fix: 修复 redis 异常后 celery 旧任务不执行的问题	2022-09-21 18:34:00 +08:00
ibuler	7db3d63e64	fix: 修复 celery 丢失心跳不会重连的问题	2022-09-21 18:34:00 +08:00